lil_jim

Hi. My computer was recently attacked by some sort of malware. I saw a popup notification on my AV software when I was in my browser, however my computer just restarted itself automatically. I went to safe mode and ran MBAM where I got the following result Registry Values Detected: 1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|syshost32 (Backdoor.Agent) -> Data: C:\Windows\Installer\{90566282-8F22-CC85-6006-A1DD3FD9EAD6}\syshost.exe -> Quarantined and deleted successfully. However, on starting my computer now, I get the notification 'Driver has failed to load. This program will not continue', and all my AV software is disabled and I am unable to turn it on manually or even update it, so I still feel there must be some sort of malware / virus still in my computer system. Here are the following DDS and Attach logs . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.6.2 Run by Administrator at 23:47:01 on 2012-08-31 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.10230.8206 [GMT 1:00] . AV: ESET Smart Security 4.0 *Enabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5} SP: ESET Smart Security 4.0 *Enabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: ESET Personal firewall *Enabled* {F3340042-195E-BB41-42D1-CDB495BB46DE} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\atieclxx.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner.exe C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe C:\Users\Administrator\AppData\Local\Akamai\netsession_win.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\lxbccoms.exe C:\Windows\system32\lxdvcoms.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\system32\WUDFHost.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\System32\mobsync.exe C:\Users\Administrator\AppData\Local\Akamai\netsession_win.exe C:\Windows\system32\taskeng.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_268.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_268.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\conime.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uInternet Settings,ProxyOverride = *.local;<local> BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll TB: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No File TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File uRun: [Google Update] "C:\Users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe" /c uRun: [spotify Web Helper] "C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe" uRun: [Akamai NetSession Interface] "C:\Users\Administrator\AppData\Local\Akamai\netsession_win.exe" uRun: [AdobeBridge] mRun: [NPSStartup] mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [switchBoard] "C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL Trusted Zone: kuaiche.com\software DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: DhcpNameServer = 192.168.1.254 TCP: Interfaces\{A9441A29-21BA-4127-8E6F-996D74C7079E} : DhcpNameServer = 192.168.1.254 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll TB-X64: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No File TB-X64: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File mRun-x64: [NPSStartup] mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [switchBoard] "C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" mRun-x64: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui Hosts: 127.0.0.1 www.spywareinfo.com . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\lr4s71y5.Home\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll FF - plugin: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll FF - plugin: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll FF - plugin: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll FF - plugin: C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll FF - plugin: C:\Users\Administrator\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll FF - plugin: C:\Users\Administrator\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll . ============= SERVICES / DRIVERS =============== . R0 mv61xx;mv61xx;C:\Windows\system32\DRIVERS\mv61xx.sys --> C:\Windows\system32\DRIVERS\mv61xx.sys [?] R0 mv64xx;mv64xx;C:\Windows\system32\DRIVERS\mv64xx.sys --> C:\Windows\system32\DRIVERS\mv64xx.sys [?] R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928] R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-7-27 63960] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?] R2 FontCache;Windows Font Cache Service;C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504] R2 lxbc_device;lxbc_device;C:\Windows\system32\lxbccoms.exe -service --> C:\Windows\system32\lxbccoms.exe -service [?] R2 lxdv_device;lxdv_device;C:\Windows\system32\lxdvcoms.exe -service --> C:\Windows\system32\lxdvcoms.exe -service [?] R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?] R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?] R3 RivaTuner64;RivaTuner64;C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys [2009-8-22 19952] R3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x64.sys --> C:\Windows\system32\DRIVERS\yk60x64.sys [?] S1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?] S1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?] S2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?] S2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?] S2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-8-30 44808] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 hsjxrndqv;Windows Universal;C:\Windows\system32\svchost.exe -k netsvcs [2008-1-21 21504] S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2010-2-17 655944] S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-8-26 1432400] S3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-4-24 114144] S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-21 19968] S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096] S3 TFsExDisk;TFsExDisk;C:\Windows\System32\drivers\TFsExDisk.Sys [2010-2-28 16392] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768] S4 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2011-7-19 140672] S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-9-11 89920] S4 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-3-8 136176] S4 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-3-8 136176] S4 lxdvCATSCustConnectService;lxdvCATSCustConnectService;C:\Windows\System32\spool\drivers\x64\3\lxdvserv.exe [2007-10-18 33448] S4 PS3 Media Server;PS3 Media Server;C:\Program Files (x86)\PS3 Media Server\win32\service\wrapper.exe [2008-8-17 217088] S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-2-29 158856] S4 TomTomHOMEService;TomTomHOMEService;C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2009-8-27 92008] . =============== File Associations =============== . JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %* . =============== Created Last 30 ================ . 2012-08-30 10:37:23 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy 2012-08-30 10:37:23 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2012-08-30 07:43:12 969200 ----a-w- C:\Windows\System32\drivers\aswSnx.sys 2012-08-30 07:43:11 71600 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys 2012-08-30 07:42:58 41224 ----a-w- C:\Windows\avastSS.scr 2012-08-30 07:42:47 -------- d-----w- C:\ProgramData\AVAST Software 2012-08-30 07:42:47 -------- d-----w- C:\Program Files\AVAST Software 2012-08-30 07:26:59 -------- d-----w- C:\c2a434b5512df75af25a19 2012-08-29 16:59:20 60864 ----a-w- C:\Users\Administrator\g2mdlhlpx.exe 2012-08-29 16:58:33 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2012-08-29 16:58:25 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2012-08-29 16:56:50 -------- d-----w- C:\Program Files (x86)\Citrix 2012-08-28 23:48:14 9310152 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5F0D4658-387A-484B-AAFC-BE0ABB45CCF3}\mpengine.dll 2012-08-28 21:26:31 73696 ----a-w- C:\Program Files (x86)\Mozilla Firefox\breakpadinjector.dll 2012-08-27 13:29:27 -------- d-----w- C:\Users\Administrator\AppData\Roaming\PDAppFlex 2012-08-27 11:22:25 -------- d-----w- C:\Users\Administrator\AppData\Local\Autodesk 2012-08-26 22:55:54 -------- d-----w- C:\Program Files (x86)\Autodesk 2012-08-26 22:53:23 -------- d-----w- C:\Program Files\Common Files\Macrovision Shared 2012-08-26 22:49:34 -------- d-----w- C:\Program Files\Common Files\Autodesk Shared 2012-08-26 22:49:34 -------- d-----w- C:\Program Files\Autodesk 2012-08-26 22:37:21 -------- d-----w- C:\Users\Administrator\AppData\Roaming\Autodesk 2012-08-26 22:33:35 -------- d-----w- C:\Autodesk 2012-08-26 22:30:39 -------- d-----w- C:\Users\Administrator\.nuke 2012-08-26 22:30:37 -------- d-----w- C:\Users\Administrator\AppData\Local\cache 2012-08-26 22:28:27 -------- d-----w- C:\Program Files\The Foundry 2012-08-26 22:28:27 -------- d-----w- C:\Program Files\Nuke6.3v8 2012-08-26 22:25:57 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe 2012-08-26 20:57:27 -------- d-----w- C:\Users\Administrator\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant 2012-08-26 20:57:15 -------- d-----w- C:\Program Files (x86)\Adobe Download Assistant 2012-08-26 15:44:39 -------- d-----w- C:\Users\Administrator\AppData\Local\Akamai 2012-08-14 22:27:11 2769408 ----a-w- C:\Windows\System32\win32k.sys 2012-08-14 22:22:40 788480 ----a-w- C:\Windows\System32\localspl.dll 2012-08-14 22:22:39 623616 ----a-w- C:\Windows\SysWow64\localspl.dll . ==================== Find3M ==================== . 2012-08-29 16:57:53 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2012-08-01 23:45:41 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-08-01 23:45:41 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-07-03 12:46:44 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-06-28 03:28:35 2312704 ----a-w- C:\Windows\System32\jscript9.dll 2012-06-28 03:21:17 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-06-28 03:20:41 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-06-28 03:16:25 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-06-28 03:12:35 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-06-28 00:27:12 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-06-28 00:19:52 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-06-28 00:18:16 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-06-28 00:12:08 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-06-28 00:07:44 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-06-06 19:59:42 1070152 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX 2012-06-05 16:47:28 1401856 ----a-w- C:\Windows\SysWow64\msxml6.dll 2012-06-05 16:47:27 1248768 ----a-w- C:\Windows\SysWow64\msxml3.dll 2012-06-05 16:22:47 1797120 ----a-w- C:\Windows\System32\msxml6.dll 2012-06-05 16:22:46 1869824 ----a-w- C:\Windows\System32\msxml3.dll 2012-06-04 15:29:59 516480 ----a-w- C:\Windows\System32\drivers\ksecdd.sys . ============= FINISH: 23:47:45.09 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft® Windows Vista™ Home Premium Boot Device: \Device\HarddiskVolume5 Install Date: 19/01/2009 17:20:17 System Uptime: 31/08/2012 23:33:32 (0 hours ago) . Motherboard: ASUSTeK Computer INC. | | P6T DELUXE Processor: Intel® Core™ i7 CPU 920 @ 2.67GHz | LGA1366 | 2668/133mhz . ==== Disk Partitions ========================= . A: is Removable C: is FIXED (NTFS) - 466 GiB total, 282.029 GiB free. D: is CDROM () E: is Removable F: is CDROM () H: is Removable I: is Removable J: is Removable K: is FIXED (NTFS) - 931 GiB total, 50.992 GiB free. L: is Removable M: is FIXED (NTFS) - 931 GiB total, 87.767 GiB free. N: is Removable . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) Acrobat.com Adobe AIR Adobe Download Assistant Adobe Flash Player 11 Plugin Adobe Photoshop CS6 Adobe Reader X (10.1.4) Adobe Shockwave Player 11.6 Advertising Center Akamai NetSession Interface Apple Application Support Applian FLV Player Application Profiles Autodesk Backburner 2013.0.0 avast! Free Antivirus BulletStorm Camtasia Studio 7 Catalyst Control Center Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish Dead Island Diablo III DivX Setup DolbyFiles Everything 1.2.1.371 Express Gate Updater Facebook Plug-In FormatFactory 2.70 GameFly Google Chrome Google Talk (remove only) Google Update Helper HijackThis 2.0.2 Host OpenAL (ADI) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Java 7 Update 6 Java Auto Updater Java™ 6 Update 29 L.A. Noire Left 4 Dead 2 Left 4 Dead 2 Add-on Support Malwarebytes Anti-Malware version 1.62.0.1300 marvell 61xx Marvell Miniport Driver Microsoft Games for Windows - LIVE Microsoft Games for Windows - LIVE Redistributable Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Silverlight Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft_VC80_CRT_x86 Microsoft_VC90_CRT_x86 Mozilla Firefox 15.0 (x86 en-GB) Mozilla Maintenance Service Nero ControlCenter Nero Installer NVIDIA PhysX Orcs Must Die! Orcs Must Die! 2 PAYDAY: The Heist PDF Settings CS6 QuickTime Rockstar Games Social Club Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596666) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition Skype™ 5.8 SoundMAX Spotify Spybot - Search & Destroy Steam swMSM The Walking Dead © 3 version 1 TomTom HOME 2.7.2.1825 TomTom HOME Visual Studio Merge Modules Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office Infopath 2007 Help (KB963662) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687400) 32-Bit Edition Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) USB PC Camera-268 VC80CRTRedist - 8.0.50727.4053 VirtualCloneDrive VLC media player 2.0.2 WinRAR archiver . ==== Event Viewer Messages From Past Week ======== . 31/08/2012 23:37:27, Error: Service Control Manager [7001] - The MBAMService service depends on the MBAMProtector service which failed to start because of the following error: A device attached to the system is not functioning. 31/08/2012 23:37:27, Error: Service Control Manager [7000] - The MBAMProtector service failed to start due to the following error: A device attached to the system is not functioning. 31/08/2012 23:35:55, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AswRdr aswSnx aswSP aswTdi 31/08/2012 23:35:55, Error: Service Control Manager [7001] - The avast! Antivirus service depends on the aswMonFlt service which failed to start because of the following error: A device attached to the system is not functioning. 31/08/2012 23:35:55, Error: Service Control Manager [7000] - The aswMonFlt service failed to start due to the following error: A device attached to the system is not functioning. 31/08/2012 23:35:55, Error: Service Control Manager [7000] - The aswFsBlk service failed to start due to the following error: A device attached to the system is not functioning. 31/08/2012 23:35:55, Error: Service Control Manager [7000] - The ALSysIO service failed to start due to the following error: A device attached to the system is not functioning. 31/08/2012 18:20:43, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AswRdr aswSnx aswSP aswTdi MpFilter 31/08/2012 18:19:13, Error: Microsoft Antimalware [3002] - 31/08/2012 18:15:26, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AswRdr aswSnx aswSP aswTdi ElbyCDIO MpFilter SASDIFSV SASKUTIL spldr Wanarpv6 31/08/2012 18:15:26, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 31/08/2012 18:14:39, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF} 31/08/2012 18:14:33, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 31/08/2012 18:14:25, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 31/08/2012 13:33:16, Error: Service Control Manager [7034] - The PnkBstrA service terminated unexpectedly. It has done this 1 time(s). 31/08/2012 13:33:11, Error: Service Control Manager [7031] - The Windows Live ID Sign-in Assistant service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 30/08/2012 19:05:41, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AswRdr aswSnx aswSP aswTdi DfsC ElbyCDIO MpFilter NetBIOS netbt nsiproxy PSched RasAcd rdbss SASDIFSV SASKUTIL Smb spldr tdx Wanarpv6 30/08/2012 19:05:41, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 30/08/2012 19:05:41, Error: Service Control Manager [7001] - The WebDav Client Redirector Driver service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning. 30/08/2012 19:05:41, Error: Service Control Manager [7001] - The WebClient service depends on the WebDav Client Redirector Driver service which failed to start because of the following error: The dependency service or group failed to start. 30/08/2012 19:05:41, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancilliary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 30/08/2012 19:05:41, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning. 30/08/2012 19:05:41, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 30/08/2012 19:05:41, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 30/08/2012 19:05:41, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service service which failed to start because of the following error: A device attached to the system is not functioning. 30/08/2012 19:05:41, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 30/08/2012 19:05:41, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 30/08/2012 19:05:41, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning. 30/08/2012 19:05:41, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancilliary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 30/08/2012 19:04:44, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89} 30/08/2012 19:04:44, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E} 30/08/2012 18:50:35, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AswRdr aswSnx aswSP aswTdi ehdrv MpFilter 30/08/2012 18:50:35, Error: Service Control Manager [7000] - The epfwwfp service failed to start due to the following error: A device attached to the system is not functioning. 30/08/2012 18:50:35, Error: Service Control Manager [7000] - The epfw service failed to start due to the following error: A device attached to the system is not functioning. 30/08/2012 18:50:35, Error: Service Control Manager [7000] - The eamon service failed to start due to the following error: A device attached to the system is not functioning. 30/08/2012 08:43:06, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046} 30/08/2012 08:41:12, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: ehdrv ElbyCDIO MpFilter SASDIFSV SASKUTIL spldr Wanarpv6 30/08/2012 08:29:06, Error: Service Control Manager [7034] - The Adobe Acrobat Update Service service terminated unexpectedly. It has done this 1 time(s). 30/08/2012 08:24:09, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: ehdrv 30/08/2012 01:31:38, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC ehdrv ElbyCDIO NetBIOS netbt nsiproxy PSched RasAcd rdbss SASDIFSV SASKUTIL Smb spldr tdx Wanarpv6 29/08/2012 22:28:50, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for Start with the following error: Access is denied. 29/08/2012 22:21:09, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the syshost32 service to connect. 25/08/2012 01:04:50, Error: bowser [8003] - The master browser has received a server announcement from the computer SOON-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{A9441A29-21BA-4127-8E6F-996D74C7079E}. The master browser is stopping or an election is being forced. . ==== End Of File ===========================