SagansTurtleneck

Members

View Profile See their activity

Posts
8
Joined
October 15, 2012
Last visited
October 19, 2012

Content Type

All Activity

Events

Profiles

Forums

Topics
Posts

Everything posted by SagansTurtleneck

Post-virus (?) clean up - no start menu, can't bookmark things, etc.

SagansTurtleneck replied to SagansTurtleneck's topic in Resolved Malware Removal Logs

Alright! I updated the AI Burner from ASUS and burned the recovery DVDs. What would you like me to do next?
- October 18, 2012
- 16 replies
Post-virus (?) clean up - no start menu, can't bookmark things, etc.

SagansTurtleneck replied to SagansTurtleneck's topic in Resolved Malware Removal Logs

http://imageshack.us/a/img254/4469/error1sp.jpg Oy, I don't even know what he's really saying in that post. I don't know how to capture the isos. Are you back on duty tomorrow? I have to study for a midterm tomorrow.
- October 18, 2012
- 16 replies
Post-virus (?) clean up - no start menu, can't bookmark things, etc.

SagansTurtleneck replied to SagansTurtleneck's topic in Resolved Malware Removal Logs

It only says "exception error".
- October 18, 2012
- 16 replies
Post-virus (?) clean up - no start menu, can't bookmark things, etc.

SagansTurtleneck replied to SagansTurtleneck's topic in Resolved Malware Removal Logs

Ugh...I keep getting an exception error when I try to burn them.
- October 18, 2012
- 16 replies
Post-virus (?) clean up - no start menu, can't bookmark things, etc.

SagansTurtleneck replied to SagansTurtleneck's topic in Resolved Malware Removal Logs

Here's the ComboFix log and new DDS: ComboFix 12-10-17.05 - Janine 10/17/2012 19:05:55.1.2 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4061.2676 [GMT -5:00] Running from: c:\users\Janine\Desktop\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\msvcr71.dll c:\windows\SysWow64\msstdfmt.dll D:\install.exe . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Service_nvsvc . . ((((((((((((((((((((((((( Files Created from 2012-09-18 to 2012-10-18 ))))))))))))))))))))))))))))))) . . 2012-10-18 00:13 . 2012-10-18 00:15 -------- d-----w- c:\users\Janine\AppData\Local\temp 2012-10-16 20:58 . 2012-10-16 20:59 -------- d-----w- c:\program files (x86)\ERUNT 2012-10-16 10:10 . 2012-09-19 05:58 9308616 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5A44B735-C4B1-4838-8878-4C28F40E49E1}\mpengine.dll 2012-10-14 22:00 . 2012-10-14 22:00 -------- d-----w- c:\program files (x86)\Common Files\Java 2012-10-14 22:00 . 2012-10-14 21:59 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2012-10-14 21:59 . 2012-10-14 21:59 -------- d-----w- c:\program files (x86)\Java 2012-10-14 00:51 . 2012-08-21 09:13 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2012-10-14 00:51 . 2012-08-21 09:13 359464 ----a-w- c:\windows\system32\drivers\aswSP.sys 2012-10-14 00:51 . 2012-08-21 09:13 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys 2012-10-14 00:51 . 2012-08-21 09:13 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2012-10-14 00:51 . 2012-08-21 09:13 969200 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-10-14 00:50 . 2012-08-21 09:13 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2012-10-14 00:50 . 2012-08-21 09:12 41224 ----a-w- c:\windows\avastSS.scr 2012-10-14 00:50 . 2012-08-21 09:12 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe 2012-10-14 00:50 . 2012-10-14 00:50 -------- d-----w- c:\program files\AVAST Software 2012-10-13 07:15 . 2012-10-11 01:06 261600 ----a-w- c:\program files (x86)\Mozilla Firefox\components\browsercomps.dll 2012-10-13 07:15 . 2012-10-11 01:06 96224 ----a-w- c:\program files (x86)\Mozilla Firefox\webapprt-stub.exe 2012-10-13 07:15 . 2012-10-11 01:06 157272 ----a-w- c:\program files (x86)\Mozilla Firefox\webapp-uninstaller.exe 2012-10-13 07:02 . 2012-10-13 07:02 -------- d-----w- c:\windows\SysWow64\C2MP 2012-10-13 05:25 . 2012-10-13 05:25 -------- d-----w- c:\users\Janine\AppData\Local\webkit 2012-10-13 04:27 . 2012-10-13 04:27 -------- d-----w- c:\users\Janine\AppData\Local\fontconfig 2012-10-13 04:27 . 2012-10-13 05:27 -------- d-----w- c:\users\Janine\.gimp-2.8 2012-10-13 04:27 . 2012-10-13 04:27 -------- d-----w- c:\users\Janine\AppData\Local\gegl-0.2 2012-10-13 04:12 . 2012-10-13 04:13 -------- d-----w- c:\program files\GIMP 2 2012-10-13 03:49 . 2012-10-13 03:49 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-10-13 03:49 . 2012-09-07 22:04 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-10-13 01:50 . 2012-10-13 01:50 -------- d-----w- c:\windows\SysWow64\MFAData 2012-10-13 01:50 . 2012-10-13 01:50 -------- d-----w- c:\windows\system32\MFAData 2012-10-13 00:54 . 2012-10-14 06:59 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-10-13 00:54 . 2012-10-14 06:59 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-10-12 22:20 . 2012-10-12 22:47 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2012-10-12 20:57 . 2012-10-12 20:57 -------- d-----w- c:\users\Default\AppData\Roaming\TuneUp Software 2012-10-12 08:39 . 2012-10-12 08:39 -------- d-----w- C:\found.000 2012-10-12 07:08 . 2012-10-15 06:45 -------- d-----w- c:\windows\system32\%LocalAppData% 2012-10-01 05:17 . 2012-10-01 05:17 39904 ----a-w- c:\windows\SysWow64\dischandler.exe 2012-09-29 00:26 . 2012-09-29 00:26 -------- d-----w- c:\users\Janine\AppData\Roaming\Blackboard 2012-09-27 19:38 . 2012-09-27 19:38 -------- d-----w- c:\users\Janine\AppData\Roaming\AVG2013 2012-09-27 19:37 . 2012-09-27 19:37 -------- d-----w- c:\users\Janine\AppData\Roaming\TuneUp Software 2012-09-27 19:31 . 2012-09-27 19:43 -------- d-----w- c:\users\Janine\AppData\Local\Avg2013 2012-09-27 19:31 . 2012-09-27 19:31 -------- d-----w- c:\users\Janine\AppData\Local\MFAData 2012-09-26 14:54 . 2012-08-21 21:01 245760 ----a-w- c:\windows\system32\OxpsConverter.exe 2012-09-25 05:30 . 2012-09-25 05:30 3915776 ----a-w- c:\windows\SysWow64\ffmpeg.dll 2012-09-25 05:30 . 2012-09-25 05:30 112640 ----a-w- c:\windows\SysWow64\ff_vfw.dll 2012-09-25 05:29 . 2012-09-25 05:29 3504128 ----a-w- c:\windows\SysWow64\ffdshow.ax 2012-09-25 05:29 . 2012-09-25 05:29 271360 ----a-w- c:\windows\SysWow64\TomsMoComp_ff.dll 2012-09-25 05:29 . 2012-09-25 05:29 99840 ----a-w- c:\windows\SysWow64\ff_wmv9.dll 2012-09-25 05:29 . 2012-09-25 05:29 157184 ----a-w- c:\windows\SysWow64\ff_unrar.dll 2012-09-25 05:29 . 2012-09-25 05:29 147456 ----a-w- c:\windows\SysWow64\ff_libmad.dll 2012-09-25 05:28 . 2012-09-25 05:28 211968 ----a-w- c:\windows\SysWow64\ff_libdts.dll 2012-09-25 05:28 . 2012-09-25 05:28 1525760 ----a-w- c:\windows\SysWow64\ff_samplerate.dll 2012-09-25 05:28 . 2012-09-25 05:28 114688 ----a-w- c:\windows\SysWow64\ff_liba52.dll 2012-09-25 05:27 . 2012-09-25 05:27 4012544 ----a-w- c:\windows\system32\ffmpeg.dll 2012-09-25 05:27 . 2012-09-25 05:27 127488 ----a-w- c:\windows\system32\ff_vfw.dll 2012-09-25 05:27 . 2012-09-25 05:27 4377088 ----a-w- c:\windows\system32\ffdshow.ax 2012-09-25 05:26 . 2012-09-25 05:26 474624 ----a-w- c:\windows\system32\ff_kernelDeint.dll 2012-09-25 05:26 . 2012-09-25 05:26 631296 ----a-w- c:\windows\system32\TomsMoComp_ff.dll 2012-09-25 05:25 . 2012-09-25 05:25 114688 ----a-w- c:\windows\system32\ff_wmv9.dll 2012-09-25 05:25 . 2012-09-25 05:25 156160 ----a-w- c:\windows\system32\ff_libmad.dll 2012-09-25 05:25 . 2012-09-25 05:25 223232 ----a-w- c:\windows\system32\ff_libdts.dll 2012-09-25 05:25 . 2012-09-25 05:25 183296 ----a-w- c:\windows\system32\ff_unrar.dll 2012-09-25 05:25 . 2012-09-25 05:25 1532928 ----a-w- c:\windows\system32\ff_samplerate.dll 2012-09-25 05:25 . 2012-09-25 05:25 116224 ----a-w- c:\windows\system32\ff_liba52.dll 2012-09-24 16:21 . 2012-09-13 06:44 17936 ----a-w- c:\windows\system32\nitrolocalui2.dll 2012-09-24 16:21 . 2012-09-13 06:44 29712 ----a-w- c:\windows\system32\nitrolocalmon2.dll 2012-09-24 16:21 . 2012-09-24 16:21 -------- d-----w- c:\program files\Common Files\Nitro PDF 2012-09-24 16:21 . 2012-09-24 16:21 -------- d-----w- c:\program files (x86)\Common Files\Nitro PDF 2012-09-24 00:03 . 2012-09-24 00:03 1289728 ----a-w- c:\windows\SysWow64\VSFilter.dll 2012-09-22 22:48 . 2012-09-22 22:48 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll 2012-09-22 22:48 . 2012-10-13 01:56 -------- d-----w- c:\program files (x86)\QuickTime 2012-09-22 22:47 . 2012-09-22 22:47 -------- d-----w- c:\program files (x86)\Common Files\Apple 2012-09-22 02:10 . 2012-09-22 02:10 -------- d-----w- c:\programdata\Hewlett-Packard 2012-09-22 02:10 . 2009-07-14 01:41 230400 ----a-w- c:\windows\system32\Spool\prtprocs\x64\hpzppw71.dll 2012-09-22 01:59 . 2012-10-18 00:15 4194304 ----a-w- c:\windows\ServiceProfiles\NetworkService\msmqlog.bin 2012-09-22 01:59 . 2012-09-22 01:59 -------- d-----w- c:\windows\system32\msmq 2012-09-21 22:16 . 2012-08-24 10:17 85504 ----a-w- c:\windows\system32\jsproxy.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-10-14 21:59 . 2010-09-03 18:00 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll 2012-10-10 14:12 . 2010-09-14 12:18 65309168 ----a-w- c:\windows\system32\MRT.exe 2012-09-14 03:04 . 2012-09-14 03:04 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll 2012-09-14 03:04 . 2012-09-14 03:04 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe 2012-09-14 03:04 . 2012-09-14 03:04 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll 2012-09-14 03:04 . 2012-09-14 03:04 161792 ----a-w- c:\windows\SysWow64\msls31.dll 2012-09-14 03:04 . 2012-09-14 03:04 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll 2012-09-14 03:04 . 2012-09-14 03:04 74752 ----a-w- c:\windows\SysWow64\iesetup.dll 2012-09-14 03:04 . 2012-09-14 03:04 63488 ----a-w- c:\windows\SysWow64\tdc.ocx 2012-09-14 03:04 . 2012-09-14 03:04 367104 ----a-w- c:\windows\SysWow64\html.iec 2012-09-14 03:04 . 2012-09-14 03:04 35840 ----a-w- c:\windows\SysWow64\imgutil.dll 2012-09-14 03:04 . 2012-09-14 03:04 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll 2012-09-14 03:04 . 2012-09-14 03:04 152064 ----a-w- c:\windows\SysWow64\wextract.exe 2012-09-14 03:04 . 2012-09-14 03:04 150528 ----a-w- c:\windows\SysWow64\iexpress.exe 2012-09-14 03:04 . 2012-09-14 03:04 11776 ----a-w- c:\windows\SysWow64\mshta.exe 2012-09-14 03:04 . 2012-09-14 03:04 101888 ----a-w- c:\windows\SysWow64\admparse.dll 2012-09-14 03:04 . 2012-09-14 03:04 222208 ----a-w- c:\windows\system32\msls31.dll 2012-09-14 03:04 . 2012-09-14 03:04 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2012-09-14 03:04 . 2012-09-14 03:04 65024 ----a-w- c:\windows\system32\pngfilt.dll 2012-09-14 03:04 . 2012-09-14 03:04 55296 ----a-w- c:\windows\system32\msfeedsbs.dll 2012-09-14 03:04 . 2012-09-14 03:04 49664 ----a-w- c:\windows\system32\imgutil.dll 2012-09-14 03:04 . 2012-09-14 03:04 48640 ----a-w- c:\windows\system32\mshtmler.dll 2012-09-14 03:04 . 2012-09-14 03:04 267776 ----a-w- c:\windows\system32\ieaksie.dll 2012-09-14 03:04 . 2012-09-14 03:04 197120 ----a-w- c:\windows\system32\msrating.dll 2012-09-14 03:04 . 2012-09-14 03:04 163840 ----a-w- c:\windows\system32\ieakui.dll 2012-09-14 03:04 . 2012-09-14 03:04 160256 ----a-w- c:\windows\system32\ieakeng.dll 2012-09-14 03:04 . 2012-09-14 03:04 149504 ----a-w- c:\windows\system32\occache.dll 2012-09-14 03:04 . 2012-09-14 03:04 145920 ----a-w- c:\windows\system32\iepeers.dll 2012-09-14 03:04 . 2012-09-14 03:04 135168 ----a-w- c:\windows\system32\IEAdvpack.dll 2012-09-14 03:04 . 2012-09-14 03:04 12288 ----a-w- c:\windows\system32\mshta.exe 2012-09-14 03:04 . 2012-09-14 03:04 114176 ----a-w- c:\windows\system32\admparse.dll 2012-09-14 03:04 . 2012-09-14 03:04 111616 ----a-w- c:\windows\system32\iesysprep.dll 2012-09-14 03:04 . 2012-09-14 03:04 10752 ----a-w- c:\windows\system32\msfeedssync.exe 2012-09-14 03:04 . 2012-09-14 03:04 89088 ----a-w- c:\windows\system32\ie4uinit.exe 2012-09-14 03:04 . 2012-09-14 03:04 85504 ----a-w- c:\windows\system32\iesetup.dll 2012-09-14 03:04 . 2012-09-14 03:04 82432 ----a-w- c:\windows\system32\icardie.dll 2012-09-14 03:04 . 2012-09-14 03:04 76800 ----a-w- c:\windows\system32\tdc.ocx 2012-09-14 03:04 . 2012-09-14 03:04 534528 ----a-w- c:\windows\system32\ieapfltr.dll 2012-09-14 03:04 . 2012-09-14 03:04 452608 ----a-w- c:\windows\system32\dxtmsft.dll 2012-09-14 03:04 . 2012-09-14 03:04 448512 ----a-w- c:\windows\system32\html.iec 2012-09-14 03:04 . 2012-09-14 03:04 403248 ----a-w- c:\windows\system32\iedkcs32.dll 2012-09-14 03:04 . 2012-09-14 03:04 39936 ----a-w- c:\windows\system32\iernonce.dll 2012-09-14 03:04 . 2012-09-14 03:04 3695416 ----a-w- c:\windows\system32\ieapfltr.dat 2012-09-14 03:04 . 2012-09-14 03:04 30720 ----a-w- c:\windows\system32\licmgr10.dll 2012-09-14 03:04 . 2012-09-14 03:04 282112 ----a-w- c:\windows\system32\dxtrans.dll 2012-09-14 03:04 . 2012-09-14 03:04 249344 ----a-w- c:\windows\system32\webcheck.dll 2012-09-14 03:04 . 2012-09-14 03:04 165888 ----a-w- c:\windows\system32\iexpress.exe 2012-09-14 03:04 . 2012-09-14 03:04 160256 ----a-w- c:\windows\system32\wextract.exe 2012-09-14 03:04 . 2012-09-14 03:04 103936 ----a-w- c:\windows\system32\inseng.dll 2012-09-01 04:57 . 2012-07-15 02:34 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll 2012-08-23 19:01 . 2012-08-23 19:01 233472 ----a-w- c:\windows\SysWow64\DCBassSourceMod.ax 2012-08-23 13:43 . 2012-08-23 13:43 54328 ----a-w- c:\windows\SysWow64\bass_opus.dll 2012-08-22 18:12 . 2012-09-12 06:33 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-08-22 18:12 . 2012-09-12 06:33 950128 ----a-w- c:\windows\system32\drivers\ndis.sys 2012-08-22 18:12 . 2012-09-12 06:33 376688 ----a-w- c:\windows\system32\drivers\netio.sys 2012-08-22 18:12 . 2012-09-12 06:33 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS 2012-08-21 09:12 . 2012-03-20 10:09 285328 ----a-w- c:\windows\system32\aswBoot.exe 2012-08-20 17:38 . 2012-10-10 08:02 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2012-08-02 17:58 . 2012-09-12 06:33 574464 ----a-w- c:\windows\system32\d3d10level9.dll 2012-08-02 16:57 . 2012-09-12 06:33 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll 2012-07-23 20:59 . 2011-11-25 10:54 24960 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"="c:\users\Janine\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-08-24 1193176] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "ASUS Screen Saver Protector"="c:\windows\AsScrPro.exe" [2009-12-23 3058304] "ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2009-10-09 6937216] "ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2009-08-20 170624] "HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016] "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ \0 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-15 136176] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-14 250808] R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2009-08-12 40448] R3 DIRECTIO;DIRECTIO;e:\burnintest\DirectIo.sys [x] R3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2009-10-15 117760] R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-15 136176] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880] R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-11 115168] R3 NETw1v64;Intel® Wireless WiFi Link 1000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\NETw1v64.sys [2009-07-20 7058432] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184] R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-02-18 51712] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-09-03 1255736] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2009-09-17 359552] S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-08-21 71600] S2 iprip;RIP Listener;c:\windows\System32\svchost.exe [2009-07-14 27136] S2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;c:\program files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [2012-09-13 229392] S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] S2 SupThrSrv;Super Thruster Service;c:\esupport\SupThrSrv\SupThrSrv.exe [2009-09-04 80512] S3 ALSysIO;ALSysIO;c:\users\Janine\AppData\Local\Temp\ALSysIO64.sys [x] S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [2009-09-04 62464] S3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [2009-09-16 6952960] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2009-04-30 81440] S3 VSTWinDriver6;VSTWinDriver6;c:\windows\system32\drivers\VSTwindrvr6.sys [2008-07-04 252928] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] iissvcs REG_MULTI_SZ w3svc was apphost REG_MULTI_SZ apphostsvc . Contents of the 'Scheduled Tasks' folder . 2012-10-17 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-13 06:59] . 2012-10-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-15 00:24] . 2012-10-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-15 00:24] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2012-08-21 09:11 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Persistence"="c:\windows\system32\igfxpers.exe" [2009-08-05 365592] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-08-05 165912] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-08-05 387608] "AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-08-12 323072] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-06-11 12503184] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-08-28 16336488] . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://asus.msn.com IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105 TCP: DhcpNameServer = 192.168.0.1 FF - ProfilePath - . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) Toolbar-Locked - (no file) . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe c:\program files\ATKGFNEX\GFNEXSrv.exe c:\program files\AVAST Software\Avast\AvastSvc.exe c:\program files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe . ************************************************************************** . Completion time: 2012-10-17 19:20:24 - machine was rebooted ComboFix-quarantined-files.txt 2012-10-18 00:20 . Pre-Run: 61,592,215,552 bytes free Post-Run: 60,811,034,624 bytes free . - - End Of File - - 1BB658C9A3F75FE3E2FBB03215DE7E11 DS (Ver_2012-10-14.05) - NTFS_AMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.7.2 Run by Janine at 19:21:36 on 2012-10-17 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4061.2732 [GMT -5:00] . AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\FBAgent.exe C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe C:\Program Files\ATKGFNEX\GFNEXSrv.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k apphost C:\Windows\system32\CISVC.EXE C:\Windows\System32\svchost.exe -k ipripsvc C:\Windows\system32\mqsvc.exe C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe C:\Windows\System32\snmp.exe C:\Windows\system32\svchost.exe -k imgsvc C:\eSupport\SupThrSrv\SupThrSrv.exe C:\Windows\system32\svchost.exe -k iissvcs C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe C:\Windows\system32\WUDFHost.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\taskhost.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe C:\Program Files\P4G\BatteryLife.exe C:\Program Files\Core Temp\Core Temp.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\System32\igfxtray.exe C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Users\Janine\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Windows\AsScrPro.exe C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\SearchProtocolHost.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\sppsvc.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\notepad.exe C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://asus.msn.com BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - <orphaned> BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll uRun: [spotify Web Helper] "C:\Users\Janine\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" mRun: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" StartupFolder: C:\Users\Janine\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\StartUp\ERUNTA~1.LNK - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 uPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: NoDrives = dword:0 mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll . INFO: HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . TCP: NameServer = 192.168.0.1 TCP: Interfaces\{0715ADF1-090F-41F4-A0AA-B046B46EADAF} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{C4F2C1E4-C2D4-4A05-8A7C-A64991484053} : DHCPNameServer = 192.168.0.1 TCP: Interfaces\{C4F2C1E4-C2D4-4A05-8A7C-A64991484053}\0525F475C4E65647 : DHCPNameServer = 129.89.10.202 129.89.99.20 TCP: Interfaces\{C4F2C1E4-C2D4-4A05-8A7C-A64991484053}\5575D475966496 : DHCPNameServer = 129.89.10.1 129.89.10.2 TCP: Interfaces\{C4F2C1E4-C2D4-4A05-8A7C-A64991484053}\C696E6B6379737 : DHCPNameServer = 209.18.47.61 209.18.47.62 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned> SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll x64-BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s x64-Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\System32\NvCpl.dll,NvStartup x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll . INFO: x64-HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - x64-Notify: igfxcui - igfxdev.dll x64-Notify: PFW - <no file> x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL . ================= FIREFOX =================== . FF - ProfilePath - . ============= SERVICES / DRIVERS =============== . R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2012-10-13 969200] R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2012-10-13 359464] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904] R2 AFBAgent;AFBAgent;C:\Windows\System32\FBAgent.exe [2009-12-23 359552] R2 ASMMAP64;ASMMAP64;C:\Program Files\ATKGFNEX\ASMMAP64.sys [2009-12-23 14904] R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2012-10-13 25232] R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2012-10-13 71600] R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-10-13 44808] R2 iprip;RIP Listener;C:\Windows\System32\svchost.exe -k ipripsvc [2009-7-13 27136] R2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [2012-9-13 229392] R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-10-12 1153368] R2 SupThrSrv;Super Thruster Service;C:\eSupport\SupThrSrv\SupThrSrv.exe [2009-12-23 80512] R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller (NDIS 6.20);C:\Windows\System32\drivers\L1C62x64.sys [2009-9-4 62464] R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2009-9-15 6952960] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\System32\drivers\nvhda64v.sys [2009-4-30 81440] R3 VSTWinDriver6;VSTWinDriver6;C:\Windows\System32\drivers\VSTwindrvr6.sys [2008-7-3 252928] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-13 17920] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-9-14 136176] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-12 250808] S3 AmUStor;AM USB Stroage Driver;C:\Windows\System32\drivers\AmUStor.sys [2009-8-12 40448] S3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2009-10-15 117760] S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-9-14 136176] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880] S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-3 115168] S3 NETw1v64;Intel® Wireless WiFi Link 1000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\NETw1v64.sys [2009-7-20 7058432] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\System32\drivers\SiSG664.sys [2009-6-10 56832] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-9-12 59392] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2011-2-18 51712] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-9-3 1255736] . =============== Created Last 30 ================ . 2012-10-18 00:20:26 -------- d-----w- C:\Users\Janine\AppData\Local\temp 2012-10-18 00:04:10 98816 ----a-w- C:\Windows\sed.exe 2012-10-18 00:04:10 256000 ----a-w- C:\Windows\PEV.exe 2012-10-18 00:04:10 208896 ----a-w- C:\Windows\MBR.exe 2012-10-18 00:01:35 -------- d---a-w- \Qoobox 2012-10-16 10:10:57 9308616 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5A44B735-C4B1-4838-8878-4C28F40E49E1}\mpengine.dll 2012-10-14 22:00:06 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2012-10-14 00:51:03 54072 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys 2012-10-14 00:51:00 969200 ----a-w- C:\Windows\System32\drivers\aswSnx.sys 2012-10-14 00:50:57 71600 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys 2012-10-14 00:50:34 41224 ----a-w- C:\Windows\avastSS.scr 2012-10-14 00:50:19 -------- d-----w- C:\Program Files\AVAST Software 2012-10-13 07:15:07 96224 ----a-w- C:\Program Files (x86)\Mozilla Firefox\webapprt-stub.exe 2012-10-13 07:15:07 261600 ----a-w- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll 2012-10-13 07:15:07 157272 ----a-w- C:\Program Files (x86)\Mozilla Firefox\webapp-uninstaller.exe 2012-10-13 07:02:18 -------- d-----w- C:\Windows\SysWow64\C2MP 2012-10-13 05:25:52 -------- d-----w- C:\Users\Janine\AppData\Local\webkit 2012-10-13 04:27:10 -------- d-----w- C:\Users\Janine\AppData\Local\fontconfig 2012-10-13 04:27:07 -------- d-----w- C:\Users\Janine\AppData\Local\gegl-0.2 2012-10-13 04:27:07 -------- d-----w- C:\Users\Janine\.gimp-2.8 2012-10-13 04:12:35 -------- d-----w- C:\Program Files\GIMP 2 2012-10-13 03:49:31 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-10-13 03:49:31 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-10-13 01:50:10 -------- d-----w- C:\Windows\SysWow64\MFAData 2012-10-13 01:50:10 -------- d-----w- C:\Windows\System32\MFAData 2012-10-13 00:54:15 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-10-13 00:54:15 696760 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-10-12 22:20:58 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2012-10-12 08:39:46 -------- d-----w- C:\found.000 2012-10-12 08:39:46 -------- d-----w- \found.000 2012-10-12 07:08:06 -------- d-----w- C:\Windows\System32\%LocalAppData% 2012-10-01 05:17:22 39904 ----a-w- C:\Windows\SysWow64\dischandler.exe 2012-09-27 19:31:33 -------- d-----w- C:\Users\Janine\AppData\Local\MFAData 2012-09-27 19:31:33 -------- d-----w- C:\Users\Janine\AppData\Local\Avg2013 2012-09-26 14:54:59 245760 ----a-w- C:\Windows\System32\OxpsConverter.exe 2012-09-25 05:30:54 3915776 ----a-w- C:\Windows\SysWow64\ffmpeg.dll 2012-09-25 05:30:04 112640 ----a-w- C:\Windows\SysWow64\ff_vfw.dll 2012-09-25 05:29:52 3504128 ----a-w- C:\Windows\SysWow64\ffdshow.ax 2012-09-25 05:29:20 271360 ----a-w- C:\Windows\SysWow64\TomsMoComp_ff.dll 2012-09-25 05:29:00 99840 ----a-w- C:\Windows\SysWow64\ff_wmv9.dll 2012-09-25 05:29:00 157184 ----a-w- C:\Windows\SysWow64\ff_unrar.dll 2012-09-25 05:29:00 147456 ----a-w- C:\Windows\SysWow64\ff_libmad.dll 2012-09-25 05:28:58 211968 ----a-w- C:\Windows\SysWow64\ff_libdts.dll 2012-09-25 05:28:58 1525760 ----a-w- C:\Windows\SysWow64\ff_samplerate.dll 2012-09-25 05:28:58 114688 ----a-w- C:\Windows\SysWow64\ff_liba52.dll 2012-09-25 05:27:44 4012544 ----a-w- C:\Windows\System32\ffmpeg.dll 2012-09-25 05:27:06 127488 ----a-w- C:\Windows\System32\ff_vfw.dll 2012-09-25 05:27:04 4377088 ----a-w- C:\Windows\System32\ffdshow.ax 2012-09-25 05:26:56 474624 ----a-w- C:\Windows\System32\ff_kernelDeint.dll 2012-09-25 05:26:02 631296 ----a-w- C:\Windows\System32\TomsMoComp_ff.dll 2012-09-25 05:25:52 114688 ----a-w- C:\Windows\System32\ff_wmv9.dll 2012-09-25 05:25:50 156160 ----a-w- C:\Windows\System32\ff_libmad.dll 2012-09-25 05:25:48 223232 ----a-w- C:\Windows\System32\ff_libdts.dll 2012-09-25 05:25:48 183296 ----a-w- C:\Windows\System32\ff_unrar.dll 2012-09-25 05:25:48 1532928 ----a-w- C:\Windows\System32\ff_samplerate.dll 2012-09-25 05:25:46 116224 ----a-w- C:\Windows\System32\ff_liba52.dll 2012-09-24 16:21:21 29712 ----a-w- C:\Windows\System32\nitrolocalmon2.dll 2012-09-24 16:21:21 17936 ----a-w- C:\Windows\System32\nitrolocalui2.dll 2012-09-24 00:03:56 1289728 ----a-w- C:\Windows\SysWow64\VSFilter.dll 2012-09-22 22:48:53 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll 2012-09-22 02:10:34 230400 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\hpzppw71.dll 2012-09-22 01:59:20 -------- d-----w- C:\Windows\System32\msmq . ==================== Find3M ==================== . 2012-10-14 21:59:57 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2012-09-14 19:19:29 2048 ----a-w- C:\Windows\System32\tzres.dll 2012-09-14 18:28:53 2048 ----a-w- C:\Windows\SysWow64\tzres.dll 2012-09-01 04:57:28 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2012-08-31 18:19:35 1659760 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2012-08-30 18:03:45 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-08-30 17:12:02 3968880 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-08-30 17:12:02 3914096 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-08-24 18:05:07 220160 ----a-w- C:\Windows\System32\wintrust.dll 2012-08-24 16:57:48 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll 2012-08-24 10:31:32 2312704 ----a-w- C:\Windows\System32\jscript9.dll 2012-08-24 10:21:18 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-08-24 10:20:11 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-08-24 10:14:45 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-08-24 10:13:29 599040 ----a-w- C:\Windows\System32\vbscript.dll 2012-08-24 10:09:42 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-08-24 06:59:17 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-08-24 06:51:27 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-08-24 06:51:02 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-08-24 06:47:26 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-08-24 06:47:12 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll 2012-08-24 06:43:58 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-08-23 19:01:14 233472 ----a-w- C:\Windows\SysWow64\DCBassSourceMod.ax 2012-08-23 13:43:14 54328 ----a-w- C:\Windows\SysWow64\bass_opus.dll 2012-08-22 18:12:50 1913200 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2012-08-22 18:12:40 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys 2012-08-22 18:12:40 376688 ----a-w- C:\Windows\System32\drivers\netio.sys 2012-08-22 18:12:33 288624 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS 2012-08-20 18:48:44 362496 ----a-w- C:\Windows\System32\wow64win.dll 2012-08-20 18:48:44 243200 ----a-w- C:\Windows\System32\wow64.dll 2012-08-20 18:48:44 13312 ----a-w- C:\Windows\System32\wow64cpu.dll 2012-08-20 18:48:43 215040 ----a-w- C:\Windows\System32\winsrv.dll 2012-08-20 18:48:37 16384 ----a-w- C:\Windows\System32\ntvdm64.dll 2012-08-20 18:48:35 424448 ----a-w- C:\Windows\System32\KernelBase.dll 2012-08-20 18:46:22 338432 ----a-w- C:\Windows\System32\conhost.exe 2012-08-20 17:40:21 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll 2012-08-20 17:38:44 44032 ----a-w- C:\Windows\apppatch\acwow64.dll 2012-08-20 17:38:26 25600 ----a-w- C:\Windows\SysWow64\setup16.exe 2012-08-20 17:37:19 5120 ----a-w- C:\Windows\SysWow64\wow32.dll 2012-08-20 17:37:18 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll 2012-08-20 15:38:21 7680 ----a-w- C:\Windows\SysWow64\instnm.exe 2012-08-20 15:38:20 2048 ----a-w- C:\Windows\SysWow64\user.exe 2012-08-20 15:33:28 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll 2012-08-20 15:33:28 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll 2012-08-20 15:33:28 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll 2012-08-20 15:33:28 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll 2012-08-11 00:56:03 715776 ----a-w- C:\Windows\System32\kerberos.dll 2012-08-10 23:56:14 542208 ----a-w- C:\Windows\SysWow64\kerberos.dll 2012-08-02 17:58:52 574464 ----a-w- C:\Windows\System32\d3d10level9.dll 2012-08-02 16:57:20 490496 ----a-w- C:\Windows\SysWow64\d3d10level9.dll 2012-07-23 20:59:14 24960 ----a-w- C:\Windows\System32\RegistryDefragBootTime.exe . ============= FINISH: 19:21:52.59 =============== DDS (Ver_2012-10-14.05) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 9/1/2010 4:22:32 AM System Uptime: 10/17/2012 7:13:53 PM (0 hours ago) . Motherboard: ASUSTeK Computer Inc. | | UL50VT Processor: Genuine Intel® CPU U7300 @ 1.30GHz | Socket 478 | 1300/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 116 GiB total, 56.731 GiB free. D: is FIXED (NTFS) - 335 GiB total, 185.486 GiB free. E: is CDROM () G: is Removable . ==== Disabled Device Manager Items ============= . Class GUID: {4d36e968-e325-11ce-bfc1-08002be10318} Description: NVIDIA GeForce G210M Device ID: PCI\VEN_10DE&DEV_0A74&SUBSYS_1AF21043&REV_A2\4&25EC4E7B&0&0008 Manufacturer: NVIDIA Name: NVIDIA GeForce G210M PNP Device ID: PCI\VEN_10DE&DEV_0A74&SUBSYS_1AF21043&REV_A2\4&25EC4E7B&0&0008 Service: nvlddmkm . ==== System Restore Points =================== . RP305: 10/15/2012 11:48:35 AM - Scheduled Checkpoint RP306: 10/16/2012 5:09:21 AM - Windows Update RP307: 10/16/2012 4:26:16 PM - Windows Backup . ==== Installed Programs ====================== . Adobe Flash Player 11 Plugin Advanced SystemCare 5 Alcor Micro USB Card Reader Apple Application Support ASUS AI Recovery ASUS LifeFrame3 ASUS Power4Gear Hybrid ATK Generic Function Service ATK Hotkey ATK Media ATKOSD2 Auslogics Disk Defrag Auslogics Registry Cleaner avast! Free Antivirus Brain Workshop 4.8.1 Choice Guard ControlDeck Core Temp 1.0 RC3 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition DVD Flick 1.3.0.7 ERUNT 1.1j ETDWare PS/2-x64 7.0.5.9_WHQL Express Gate Fast Boot GIMP 2.8.2 Google Update Helper Java 7 Update 7 Java Auto Updater K-Lite Codec Pack 9.2.0 (64-bit) Malwarebytes Anti-Malware version 1.65.0.1400 Media Player Codec Pack 4.2.3 Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Groove MUI (English) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 64-bit MUI (English) 2010 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Word MUI (English) 2010 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server 2008 Native Client Microsoft Sync Framework Runtime Native v1.0 (x86) Microsoft Sync Framework Services Native v1.0 (x86) Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Mozilla Firefox 16.0.1 (x86 en-US) Mozilla Maintenance Service MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Nitro Reader 2 NVIDIA Drivers POWERPREP II R for Windows 2.15.1 RCA Detective™ 3.0.3.0 RCA Digital Voice Manager 7.1.2.0 RCA Updater 2.1.7.0 Realtek High Definition Audio Driver Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2687436) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553260) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589322) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition Security Update for Microsoft SharePoint Workspace 2010 (KB2566445) Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2553488) 32-Bit Edition Spybot - Search & Destroy SRS Premium Sound Control Panel swMSM System Requirements Lab Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553092) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition USB 2.0 VGA UVC WebCam Visual Studio 2008 x64 Redistributables Visual Studio 2010 x64 Redistributables Windows Live Communications Platform Windows Live Essentials Windows Live Photo Gallery WinFlash Write-N-Cite . ==== Event Viewer Messages From Past Week ======== . 10/17/2012 7:15:01 PM, Error: SNMP [1500] - The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration. 10/17/2012 7:15:00 PM, Error: Service Control Manager [7001] - The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 10/17/2012 7:15:00 PM, Error: Service Control Manager [7001] - The Internet Connection Sharing (ICS) service depends on the Remote Access Connection Manager service which failed to start because of the following error: The dependency service or group failed to start. 10/17/2012 7:13:18 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. 10/17/2012 7:12:17 PM, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. 10/17/2012 12:17:33 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk0\DR0. 10/16/2012 8:04:43 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1. 10/14/2012 11:54:49 PM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit. 10/14/2012 1:15:38 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\C:\Users\Janine\ntuser.dat' was corrupted and it has been recovered. Some data might have been lost. 10/13/2012 7:27:51 PM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied. 10/12/2012 3:58:04 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the AVGIDSAgent service to connect. 10/12/2012 3:58:04 PM, Error: Service Control Manager [7000] - The AVGIDSAgent service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 10/12/2012 2:08:16 AM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 10/12/2012 12:36:53 AM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume OS. 10/12/2012 12:36:49 AM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:. 10/12/2012 1:55:29 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 10/12/2012 1:55:29 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89} 10/12/2012 1:55:29 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E} 10/12/2012 1:55:28 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 10/12/2012 1:55:22 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 10/12/2012 1:55:21 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 10/12/2012 1:54:35 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AVGIDSDriver Avgldx64 Avgmfx64 Avgtdia DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf 10/12/2012 1:54:33 AM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 10/12/2012 1:54:33 AM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 10/12/2012 1:54:33 AM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning. 10/12/2012 1:54:33 AM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 10/12/2012 1:54:33 AM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 10/12/2012 1:54:33 AM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning. 10/12/2012 1:54:33 AM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 10/12/2012 1:54:33 AM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning. 10/12/2012 1:54:33 AM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 10/12/2012 1:54:33 AM, Error: Service Control Manager [7001] - The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error: A device attached to the system is not functioning. 10/11/2012 9:00:42 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 10/11/2012 9:00:27 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start. 10/11/2012 8:32:49 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F} 10/11/2012 8:32:49 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF} 10/11/2012 8:26:55 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AVGIDSDriver Avgldx64 Avgmfx64 discache spldr Wanarpv6 10/11/2012 7:00:32 PM, Error: iaStor [9] - The device, \Device\Ide\iaStor0, did not respond within the timeout period. 10/10/2012 10:24:18 AM, Error: Service Control Manager [7022] - The Windows Update service hung on starting. . ==== End Of File ===========================
- October 18, 2012
- 16 replies
Post-virus (?) clean up - no start menu, can't bookmark things, etc.

SagansTurtleneck replied to SagansTurtleneck's topic in Resolved Malware Removal Logs

This is an ASUS Notebook UL50VT/UL50Vg Series. I think it has a AI - Recovery Burner. (?) I would be pretty conservative with the Registry Cleaner and just removed log files and stuff like that. Should i try the Recovery Burner before I do the ComboFix?
- October 17, 2012
- 16 replies
Post-virus (?) clean up - no start menu, can't bookmark things, etc.

SagansTurtleneck replied to SagansTurtleneck's topic in Resolved Malware Removal Logs

Thank you so much for responding. I don't know if I can reinstall Windows because it just came on my laptop. Would I have to buy it seperately? Sorry if that sounds dumb. And I tried backing thing up and it stopped halfway through with an error. I saved most of my papers and research data onto a usb, though. I don't know if this might be helpful, but I saw on a different forum that registry cleaners might remove some information that helps you guys decipher everything. I reversed the things that got cleaned, backed up the registry with ERUNT, did another DDS and aswMBR (but didn't try to fix anything) so I have more complete logs if that would help you. DDS (Ver_2012-10-14.05) - NTFS_AMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.7.2 Run by Janine at 21:19:33 on 2012-10-16 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4061.1875 [GMT -5:00] . AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\FBAgent.exe C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe C:\Program Files\ATKGFNEX\GFNEXSrv.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k apphost C:\Windows\system32\CISVC.EXE C:\Windows\System32\svchost.exe -k ipripsvc C:\Windows\system32\mqsvc.exe C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe C:\Windows\System32\snmp.exe C:\Windows\system32\svchost.exe -k imgsvc C:\eSupport\SupThrSrv\SupThrSrv.exe C:\Windows\system32\svchost.exe -k iissvcs C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe C:\Program Files\P4G\BatteryLife.exe C:\Program Files\Core Temp\Core Temp.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\igfxtray.exe C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Users\Janine\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe C:\Windows\AsScrPro.exe C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\svchost.exe -k SDRSVC C:\Windows\SysWOW64\ctfmon.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\DllHost.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://asus.msn.com uDefault_Page_URL = hxxp://asus.msn.com mWinlogon: Userinit = userinit.exe BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - <orphaned> BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll uRun: [spotify Web Helper] "C:\Users\Janine\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" mRun: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" StartupFolder: C:\Users\Janine\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\StartUp\ERUNTA~1.LNK - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll . INFO: HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . TCP: NameServer = 192.168.0.1 TCP: Interfaces\{0715ADF1-090F-41F4-A0AA-B046B46EADAF} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{C4F2C1E4-C2D4-4A05-8A7C-A64991484053} : DHCPNameServer = 192.168.0.1 TCP: Interfaces\{C4F2C1E4-C2D4-4A05-8A7C-A64991484053}\0525F475C4E65647 : DHCPNameServer = 129.89.10.202 129.89.99.20 TCP: Interfaces\{C4F2C1E4-C2D4-4A05-8A7C-A64991484053}\5575D475966496 : DHCPNameServer = 129.89.10.1 129.89.10.2 TCP: Interfaces\{C4F2C1E4-C2D4-4A05-8A7C-A64991484053}\C696E6B6379737 : DHCPNameServer = 209.18.47.61 209.18.47.62 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned> SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll x64-BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s x64-Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\System32\NvCpl.dll,NvStartup x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll . INFO: x64-HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - x64-Notify: igfxcui - igfxdev.dll x64-Notify: PFW - <no file> x64-SSODL: WebCheck - <orphaned> x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL Hosts: 127.0.0.1 www.spywareinfo.com . ================= FIREFOX =================== . FF - ProfilePath - . ============= SERVICES / DRIVERS =============== . R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2012-10-13 969200] R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2012-10-13 359464] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904] R2 AFBAgent;AFBAgent;C:\Windows\System32\FBAgent.exe [2009-12-23 359552] R2 ASMMAP64;ASMMAP64;C:\Program Files\ATKGFNEX\ASMMAP64.sys [2009-12-23 14904] R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2012-10-13 25232] R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2012-10-13 71600] R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-10-13 44808] R2 iprip;RIP Listener;C:\Windows\System32\svchost.exe -k ipripsvc [2009-7-13 27136] R2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [2012-9-13 229392] R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-10-12 1153368] R2 SupThrSrv;Super Thruster Service;C:\eSupport\SupThrSrv\SupThrSrv.exe [2009-12-23 80512] R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller (NDIS 6.20);C:\Windows\System32\drivers\L1C62x64.sys [2009-9-4 62464] R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2009-9-15 6952960] R3 VSTWinDriver6;VSTWinDriver6;C:\Windows\System32\drivers\VSTwindrvr6.sys [2008-7-3 252928] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-13 17920] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-9-14 136176] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-12 250808] S3 AmUStor;AM USB Stroage Driver;C:\Windows\System32\drivers\AmUStor.sys [2009-8-12 40448] S3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2009-10-15 117760] S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-9-14 136176] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880] S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-3 115168] S3 NETw1v64;Intel® Wireless WiFi Link 1000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\NETw1v64.sys [2009-7-20 7058432] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\System32\drivers\nvhda64v.sys [2009-4-30 81440] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\System32\drivers\SiSG664.sys [2009-6-10 56832] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-9-12 59392] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2011-2-18 51712] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-9-3 1255736] . =============== Created Last 30 ================ . 2012-10-16 10:10:57 9308616 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5A44B735-C4B1-4838-8878-4C28F40E49E1}\mpengine.dll 2012-10-14 22:00:06 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2012-10-14 00:51:03 54072 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys 2012-10-14 00:51:00 969200 ----a-w- C:\Windows\System32\drivers\aswSnx.sys 2012-10-14 00:50:57 71600 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys 2012-10-14 00:50:34 41224 ----a-w- C:\Windows\avastSS.scr 2012-10-14 00:50:19 -------- d-----w- C:\Program Files\AVAST Software 2012-10-13 07:15:07 96224 ----a-w- C:\Program Files (x86)\Mozilla Firefox\webapprt-stub.exe 2012-10-13 07:15:07 261600 ----a-w- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll 2012-10-13 07:15:07 157272 ----a-w- C:\Program Files (x86)\Mozilla Firefox\webapp-uninstaller.exe 2012-10-13 07:02:18 -------- d-----w- C:\Windows\SysWow64\C2MP 2012-10-13 05:25:52 -------- d-----w- C:\Users\Janine\AppData\Local\webkit 2012-10-13 04:27:10 -------- d-----w- C:\Users\Janine\AppData\Local\fontconfig 2012-10-13 04:27:07 -------- d-----w- C:\Users\Janine\AppData\Local\gegl-0.2 2012-10-13 04:27:07 -------- d-----w- C:\Users\Janine\.gimp-2.8 2012-10-13 04:12:35 -------- d-----w- C:\Program Files\GIMP 2 2012-10-13 03:49:31 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-10-13 03:49:31 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-10-13 01:50:10 -------- d-----w- C:\Windows\SysWow64\MFAData 2012-10-13 01:50:10 -------- d-----w- C:\Windows\System32\MFAData 2012-10-13 00:54:15 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-10-13 00:54:15 696760 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-10-12 22:20:58 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2012-10-12 08:39:46 -------- d-sh--w- C:\found.000 2012-10-12 08:39:46 -------- d-sh--w- \found.000 2012-10-12 07:08:06 -------- d-----w- C:\Windows\System32\%LocalAppData% 2012-10-01 05:17:22 39904 ----a-w- C:\Windows\SysWow64\dischandler.exe 2012-09-27 19:31:33 -------- d-----w- C:\Users\Janine\AppData\Local\MFAData 2012-09-27 19:31:33 -------- d-----w- C:\Users\Janine\AppData\Local\Avg2013 2012-09-26 14:54:59 245760 ----a-w- C:\Windows\System32\OxpsConverter.exe 2012-09-25 05:30:54 3915776 ----a-w- C:\Windows\SysWow64\ffmpeg.dll 2012-09-25 05:30:04 112640 ----a-w- C:\Windows\SysWow64\ff_vfw.dll 2012-09-25 05:29:52 3504128 ----a-w- C:\Windows\SysWow64\ffdshow.ax 2012-09-25 05:29:20 271360 ----a-w- C:\Windows\SysWow64\TomsMoComp_ff.dll 2012-09-25 05:29:00 99840 ----a-w- C:\Windows\SysWow64\ff_wmv9.dll 2012-09-25 05:29:00 157184 ----a-w- C:\Windows\SysWow64\ff_unrar.dll 2012-09-25 05:29:00 147456 ----a-w- C:\Windows\SysWow64\ff_libmad.dll 2012-09-25 05:28:58 211968 ----a-w- C:\Windows\SysWow64\ff_libdts.dll 2012-09-25 05:28:58 1525760 ----a-w- C:\Windows\SysWow64\ff_samplerate.dll 2012-09-25 05:28:58 114688 ----a-w- C:\Windows\SysWow64\ff_liba52.dll 2012-09-25 05:27:44 4012544 ----a-w- C:\Windows\System32\ffmpeg.dll 2012-09-25 05:27:06 127488 ----a-w- C:\Windows\System32\ff_vfw.dll 2012-09-25 05:27:04 4377088 ----a-w- C:\Windows\System32\ffdshow.ax 2012-09-25 05:26:56 474624 ----a-w- C:\Windows\System32\ff_kernelDeint.dll 2012-09-25 05:26:02 631296 ----a-w- C:\Windows\System32\TomsMoComp_ff.dll 2012-09-25 05:25:52 114688 ----a-w- C:\Windows\System32\ff_wmv9.dll 2012-09-25 05:25:50 156160 ----a-w- C:\Windows\System32\ff_libmad.dll 2012-09-25 05:25:48 223232 ----a-w- C:\Windows\System32\ff_libdts.dll 2012-09-25 05:25:48 183296 ----a-w- C:\Windows\System32\ff_unrar.dll 2012-09-25 05:25:48 1532928 ----a-w- C:\Windows\System32\ff_samplerate.dll 2012-09-25 05:25:46 116224 ----a-w- C:\Windows\System32\ff_liba52.dll 2012-09-24 16:21:21 29712 ----a-w- C:\Windows\System32\nitrolocalmon2.dll 2012-09-24 16:21:21 17936 ----a-w- C:\Windows\System32\nitrolocalui2.dll 2012-09-24 00:03:56 1289728 ----a-w- C:\Windows\SysWow64\VSFilter.dll 2012-09-22 22:48:53 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll 2012-09-22 02:10:34 230400 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\hpzppw71.dll 2012-09-22 01:59:20 -------- d-----w- C:\Windows\System32\msmq . ==================== Find3M ==================== . 2012-10-14 21:59:57 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2012-09-14 19:19:29 2048 ----a-w- C:\Windows\System32\tzres.dll 2012-09-14 18:28:53 2048 ----a-w- C:\Windows\SysWow64\tzres.dll 2012-09-01 04:57:28 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2012-08-31 18:19:35 1659760 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2012-08-30 18:03:45 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-08-30 17:12:02 3968880 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-08-30 17:12:02 3914096 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-08-24 18:05:07 220160 ----a-w- C:\Windows\System32\wintrust.dll 2012-08-24 16:57:48 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll 2012-08-24 10:31:32 2312704 ----a-w- C:\Windows\System32\jscript9.dll 2012-08-24 10:21:18 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-08-24 10:20:11 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-08-24 10:14:45 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-08-24 10:13:29 599040 ----a-w- C:\Windows\System32\vbscript.dll 2012-08-24 10:09:42 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-08-24 06:59:17 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-08-24 06:51:27 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-08-24 06:51:02 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-08-24 06:47:26 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-08-24 06:47:12 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll 2012-08-24 06:43:58 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-08-23 19:01:14 233472 ----a-w- C:\Windows\SysWow64\DCBassSourceMod.ax 2012-08-23 13:43:14 54328 ----a-w- C:\Windows\SysWow64\bass_opus.dll 2012-08-22 18:12:50 1913200 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2012-08-22 18:12:40 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys 2012-08-22 18:12:40 376688 ----a-w- C:\Windows\System32\drivers\netio.sys 2012-08-22 18:12:33 288624 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS 2012-08-20 18:48:44 362496 ----a-w- C:\Windows\System32\wow64win.dll 2012-08-20 18:48:44 243200 ----a-w- C:\Windows\System32\wow64.dll 2012-08-20 18:48:44 13312 ----a-w- C:\Windows\System32\wow64cpu.dll 2012-08-20 18:48:43 215040 ----a-w- C:\Windows\System32\winsrv.dll 2012-08-20 18:48:37 16384 ----a-w- C:\Windows\System32\ntvdm64.dll 2012-08-20 18:48:35 424448 ----a-w- C:\Windows\System32\KernelBase.dll 2012-08-20 18:46:22 338432 ----a-w- C:\Windows\System32\conhost.exe 2012-08-20 17:40:21 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll 2012-08-20 17:38:44 44032 ----a-w- C:\Windows\apppatch\acwow64.dll 2012-08-20 17:38:26 25600 ----a-w- C:\Windows\SysWow64\setup16.exe 2012-08-20 17:37:19 5120 ----a-w- C:\Windows\SysWow64\wow32.dll 2012-08-20 17:37:18 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll 2012-08-20 15:38:21 7680 ----a-w- C:\Windows\SysWow64\instnm.exe 2012-08-20 15:38:20 2048 ----a-w- C:\Windows\SysWow64\user.exe 2012-08-20 15:33:28 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll 2012-08-20 15:33:28 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll 2012-08-20 15:33:28 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll 2012-08-20 15:33:28 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll 2012-08-11 00:56:03 715776 ----a-w- C:\Windows\System32\kerberos.dll 2012-08-10 23:56:14 542208 ----a-w- C:\Windows\SysWow64\kerberos.dll 2012-08-02 17:58:52 574464 ----a-w- C:\Windows\System32\d3d10level9.dll 2012-08-02 16:57:20 490496 ----a-w- C:\Windows\SysWow64\d3d10level9.dll 2012-07-23 20:59:14 24960 ----a-w- C:\Windows\System32\RegistryDefragBootTime.exe 2012-07-19 18:58:54 1436672 ----a-w- C:\Windows\System32\LAVVideo.ax 2012-07-19 18:58:38 486912 ----a-w- C:\Windows\System32\LAVSplitter.ax 2012-07-19 18:58:34 264704 ----a-w- C:\Windows\System32\LAVAudio.ax 2012-07-19 18:58:32 357376 ----a-w- C:\Windows\System32\IntelQuickSyncDecoder.dll 2012-07-19 18:58:32 202752 ----a-w- C:\Windows\System32\libbluray.dll 2012-07-19 18:58:26 7128652 ----a-w- C:\Windows\System32\avcodec-lav-54.dll 2012-07-19 18:58:26 420110 ----a-w- C:\Windows\System32\swscale-lav-2.dll 2012-07-19 18:58:26 248625 ----a-w- C:\Windows\System32\avutil-lav-51.dll 2012-07-19 18:58:26 174229 ----a-w- C:\Windows\System32\avfilter-lav-3.dll 2012-07-19 18:58:26 110826 ----a-w- C:\Windows\System32\avresample-lav-0.dll 2012-07-19 18:58:26 1074211 ----a-w- C:\Windows\System32\avformat-lav-54.dll 2012-07-19 18:56:30 1114624 ----a-w- C:\Windows\SysWow64\LAVVideo.ax 2012-07-19 18:56:14 399360 ----a-w- C:\Windows\SysWow64\LAVSplitter.ax 2012-07-19 18:56:12 233472 ----a-w- C:\Windows\SysWow64\LAVAudio.ax 2012-07-19 18:56:08 274944 ----a-w- C:\Windows\SysWow64\IntelQuickSyncDecoder.dll 2012-07-19 18:56:08 172544 ----a-w- C:\Windows\SysWow64\libbluray.dll 2012-07-19 18:56:02 6894331 ----a-w- C:\Windows\SysWow64\avcodec-lav-54.dll 2012-07-19 18:56:02 401685 ----a-w- C:\Windows\SysWow64\swscale-lav-2.dll 2012-07-19 18:56:02 232895 ----a-w- C:\Windows\SysWow64\avutil-lav-51.dll 2012-07-19 18:56:02 162743 ----a-w- C:\Windows\SysWow64\avfilter-lav-3.dll 2012-07-19 18:56:02 1111581 ----a-w- C:\Windows\SysWow64\avformat-lav-54.dll 2012-07-19 18:56:02 101820 ----a-w- C:\Windows\SysWow64\avresample-lav-0.dll . ============= FINISH: 21:19:53.73 =============== DDS (Ver_2012-10-14.05) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 9/1/2010 4:22:32 AM System Uptime: 10/16/2012 3:12:36 PM (6 hours ago) . Motherboard: ASUSTeK Computer Inc. | | UL50VT Processor: Genuine Intel® CPU U7300 @ 1.30GHz | Socket 478 | 1300/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 116 GiB total, 57.767 GiB free. D: is FIXED (NTFS) - 335 GiB total, 185.485 GiB free. E: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP305: 10/15/2012 11:48:35 AM - Scheduled Checkpoint RP306: 10/16/2012 5:09:21 AM - Windows Update RP307: 10/16/2012 4:26:16 PM - Windows Backup . ==== Installed Programs ====================== . Adobe Flash Player 11 Plugin Advanced SystemCare 5 Alcor Micro USB Card Reader Apple Application Support ASUS AI Recovery ASUS LifeFrame3 ASUS Power4Gear Hybrid ATK Generic Function Service ATK Hotkey ATK Media ATKOSD2 Auslogics Disk Defrag Auslogics Registry Cleaner avast! Free Antivirus Brain Workshop 4.8.1 Choice Guard ControlDeck Core Temp 1.0 RC3 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition DVD Flick 1.3.0.7 ERUNT 1.1j ETDWare PS/2-x64 7.0.5.9_WHQL Express Gate Fast Boot GIMP 2.8.2 Google Update Helper Java 7 Update 7 Java Auto Updater K-Lite Codec Pack 9.2.0 (64-bit) Malwarebytes Anti-Malware version 1.65.0.1400 Media Player Codec Pack 4.2.3 Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Groove MUI (English) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 64-bit MUI (English) 2010 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Word MUI (English) 2010 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server 2008 Native Client Microsoft Sync Framework Runtime Native v1.0 (x86) Microsoft Sync Framework Services Native v1.0 (x86) Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Mozilla Firefox 16.0.1 (x86 en-US) Mozilla Maintenance Service MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Nitro Reader 2 NVIDIA Drivers POWERPREP II R for Windows 2.15.1 RCA Detective™ 3.0.3.0 RCA Digital Voice Manager 7.1.2.0 RCA Updater 2.1.7.0 Realtek High Definition Audio Driver Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2687436) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553260) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589322) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition Security Update for Microsoft SharePoint Workspace 2010 (KB2566445) Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2553488) 32-Bit Edition Spybot - Search & Destroy SRS Premium Sound Control Panel swMSM System Requirements Lab Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553092) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition USB 2.0 VGA UVC WebCam Visual Studio 2008 x64 Redistributables Visual Studio 2010 x64 Redistributables Windows Live Communications Platform Windows Live Essentials Windows Live Photo Gallery WinFlash Write-N-Cite . ==== Event Viewer Messages From Past Week ======== . 10/16/2012 8:04:43 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1. 10/16/2012 4:37:17 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk0\DR0. 10/16/2012 2:18:23 PM, Error: SNMP [1500] - The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration. 10/15/2012 12:41:14 AM, Error: Service Control Manager [7001] - The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 10/15/2012 12:41:14 AM, Error: Service Control Manager [7001] - The Internet Connection Sharing (ICS) service depends on the Remote Access Connection Manager service which failed to start because of the following error: The dependency service or group failed to start. 10/14/2012 11:54:49 PM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit. 10/14/2012 1:15:38 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\C:\Users\Janine\ntuser.dat' was corrupted and it has been recovered. Some data might have been lost. 10/13/2012 7:27:51 PM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied. 10/12/2012 3:58:04 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the AVGIDSAgent service to connect. 10/12/2012 3:58:04 PM, Error: Service Control Manager [7000] - The AVGIDSAgent service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 10/12/2012 2:08:16 AM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 10/12/2012 12:36:53 AM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume OS. 10/12/2012 12:36:49 AM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:. 10/12/2012 1:55:29 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 10/12/2012 1:55:29 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89} 10/12/2012 1:55:29 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E} 10/12/2012 1:55:28 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 10/12/2012 1:55:22 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 10/12/2012 1:55:21 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 10/12/2012 1:54:35 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AVGIDSDriver Avgldx64 Avgmfx64 Avgtdia DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf 10/12/2012 1:54:33 AM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 10/12/2012 1:54:33 AM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 10/12/2012 1:54:33 AM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning. 10/12/2012 1:54:33 AM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 10/12/2012 1:54:33 AM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 10/12/2012 1:54:33 AM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning. 10/12/2012 1:54:33 AM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 10/12/2012 1:54:33 AM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning. 10/12/2012 1:54:33 AM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 10/12/2012 1:54:33 AM, Error: Service Control Manager [7001] - The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error: A device attached to the system is not functioning. 10/11/2012 9:00:42 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 10/11/2012 9:00:27 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start. 10/11/2012 8:32:49 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F} 10/11/2012 8:32:49 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF} 10/11/2012 8:26:55 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AVGIDSDriver Avgldx64 Avgmfx64 discache spldr Wanarpv6 10/11/2012 7:00:32 PM, Error: iaStor [9] - The device, \Device\Ide\iaStor0, did not respond within the timeout period. 10/10/2012 10:24:18 AM, Error: Service Control Manager [7022] - The Windows Update service hung on starting. . ==== End Of File =========================== aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software Run date: 2012-10-16 21:33:49 ----------------------------- 21:33:49.518 OS Version: Windows x64 6.1.7601 Service Pack 1 21:33:49.518 Number of processors: 2 586 0x170A 21:33:49.518 ComputerName: JANINE-PC UserName: Janine 21:33:50.418 Initialize success 21:33:50.518 AVAST engine defs: 12101601 21:33:54.068 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 21:33:54.068 Disk 0 Vendor: ST950032 0002 Size: 476940MB BusType: 3 21:33:54.128 Disk 0 MBR read successfully 21:33:54.128 Disk 0 MBR scan 21:33:54.138 Disk 0 Windows VISTA default MBR code 21:33:54.168 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 14997 MB offset 2048 21:33:54.198 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 119235 MB offset 30717952 21:33:54.198 Disk 0 Partition - 00 0F Extended LBA 342705 MB offset 274911232 21:33:54.238 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 342704 MB offset 274913280 21:33:54.338 Disk 0 scanning C:\Windows\system32\drivers 21:34:25.928 Service scanning 21:34:30.118 Service DIRECTIO E:\BurnInTest\DirectIo.sys **LOCKED** 21 21:34:47.828 Modules scanning 21:34:48.208 Disk 0 trace - called modules: 21:34:48.278 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll 21:34:48.288 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004a91530] 21:34:48.288 3 CLASSPNP.SYS[fffff88000e8043f] -> nt!IofCallDriver -> [0xfffffa8004622630] 21:34:48.298 5 ACPI.sys[fffff88000f717a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80046aa050] 21:34:49.168 AVAST engine scan C:\Windows 21:35:05.678 AVAST engine scan C:\Windows\system32 21:40:46.348 AVAST engine scan C:\Windows\system32\drivers 21:41:00.638 AVAST engine scan C:\Users\Janine 21:46:29.961 AVAST engine scan C:\ProgramData 21:48:05.936 Scan finished successfully 22:35:45.691 Disk 0 MBR has been saved successfully to "C:\Users\Janine\Desktop\MBR.dat" 22:35:45.707 The log file has been saved successfully to "C:\Users\Janine\Desktop\aswMBR.txt"
- October 17, 2012
- 16 replies
Post-virus (?) clean up - no start menu, can't bookmark things, etc.

SagansTurtleneck posted a topic in Resolved Malware Removal Logs

Hi! I *think* I removed a nasty MBR virus that had everything shut down (even in safe mode) by rearranging the boot order and booting Spy-Bot (sorry!) from a thumb drive. If I'm remebering correctly SpyBot found a corrupted Flash Plug-in dealie. I was running AVG before, but that got messed up, so I removed it and am now running Avast. Subsequent scans with Avast and Malwarebytes show no sign of infection. But I can't bookmark anything in Firefox (even after removed, reinstalled, updated plug-ins), can't get my Start menu to work right, can't change the settings for it, my recycle bin shows nothing I put in it. I tried both Unhide and SecRes. I'm getting nothing. So what do you think? dds.txtattach.txt Oh, der, here are the logs from DDS as text instead of attachments. DDS (Ver_2012-10-14.05) - NTFS_AMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.7.2 Run by Janine at 4:38:50 on 2012-10-15 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4061.2473 [GMT -5:00] . AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\nvvsvc.exe C:\Windows\system32\FBAgent.exe C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe C:\Program Files\ATKGFNEX\GFNEXSrv.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k apphost C:\Windows\system32\CISVC.EXE C:\Windows\System32\svchost.exe -k ipripsvc C:\Windows\system32\mqsvc.exe C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe C:\Windows\System32\snmp.exe C:\Windows\system32\svchost.exe -k imgsvc C:\eSupport\SupThrSrv\SupThrSrv.exe C:\Windows\system32\svchost.exe -k iissvcs C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\WUDFHost.exe C:\Windows\system32\taskeng.exe C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe C:\Program Files\P4G\BatteryLife.exe C:\Program Files\Core Temp\Core Temp.exe C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe C:\Windows\Explorer.EXE C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\System32\igfxtray.exe C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Windows\AsScrPro.exe C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\svchost.exe -k SDRSVC C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe C:\Windows\SysWOW64\ctfmon.exe C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://asus.msn.com uDefault_Page_URL = hxxp://asus.msn.com mWinlogon: Userinit = userinit.exe BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - <orphaned> BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll mRun: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll . INFO: HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . TCP: NameServer = 192.168.0.1 TCP: Interfaces\{0715ADF1-090F-41F4-A0AA-B046B46EADAF} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{C4F2C1E4-C2D4-4A05-8A7C-A64991484053} : DHCPNameServer = 192.168.0.1 TCP: Interfaces\{C4F2C1E4-C2D4-4A05-8A7C-A64991484053}\0525F475C4E65647 : DHCPNameServer = 129.89.10.202 129.89.99.20 TCP: Interfaces\{C4F2C1E4-C2D4-4A05-8A7C-A64991484053}\5575D475966496 : DHCPNameServer = 129.89.10.1 129.89.10.2 TCP: Interfaces\{C4F2C1E4-C2D4-4A05-8A7C-A64991484053}\C696E6B6379737 : DHCPNameServer = 209.18.47.61 209.18.47.62 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned> SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll x64-BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - <orphaned> x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s x64-Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\System32\NvCpl.dll,NvStartup x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll . INFO: x64-HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-Notify: PFW - <no file> x64-SSODL: WebCheck - <orphaned> x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL Hosts: 127.0.0.1 www.spywareinfo.com . ================= FIREFOX =================== . FF - ProfilePath - . ============= SERVICES / DRIVERS =============== . R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2012-10-13 969200] R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2012-10-13 359464] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904] R2 AFBAgent;AFBAgent;C:\Windows\System32\FBAgent.exe [2009-12-23 359552] R2 ASMMAP64;ASMMAP64;C:\Program Files\ATKGFNEX\ASMMAP64.sys [2009-12-23 14904] R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2012-10-13 25232] R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2012-10-13 71600] R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-10-13 44808] R2 iprip;RIP Listener;C:\Windows\System32\svchost.exe -k ipripsvc [2009-7-13 27136] R2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [2012-9-13 229392] R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-10-12 1153368] R2 SupThrSrv;Super Thruster Service;C:\eSupport\SupThrSrv\SupThrSrv.exe [2009-12-23 80512] R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller (NDIS 6.20);C:\Windows\System32\drivers\L1C62x64.sys [2009-9-4 62464] R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2009-9-15 6952960] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\System32\drivers\nvhda64v.sys [2009-4-30 81440] R3 VSTWinDriver6;VSTWinDriver6;C:\Windows\System32\drivers\VSTwindrvr6.sys [2008-7-3 252928] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-13 17920] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-9-14 136176] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-12 250808] S3 AmUStor;AM USB Stroage Driver;C:\Windows\System32\drivers\AmUStor.sys [2009-8-12 40448] S3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2009-10-15 117760] S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-9-14 136176] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880] S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-3 115168] S3 NETw1v64;Intel® Wireless WiFi Link 1000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\NETw1v64.sys [2009-7-20 7058432] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\System32\drivers\SiSG664.sys [2009-6-10 56832] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-9-12 59392] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2011-2-18 51712] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-9-3 1255736] . =============== Created Last 30 ================ . 2012-10-14 22:00:06 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2012-10-14 00:51:03 54072 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys 2012-10-14 00:51:00 969200 ----a-w- C:\Windows\System32\drivers\aswSnx.sys 2012-10-14 00:50:57 71600 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys 2012-10-14 00:50:34 41224 ----a-w- C:\Windows\avastSS.scr 2012-10-14 00:50:19 -------- d-----w- C:\Program Files\AVAST Software 2012-10-13 19:08:23 9308616 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{58F0FA2C-AFC7-4549-B919-0933FE565840}\mpengine.dll 2012-10-13 07:15:07 96224 ----a-w- C:\Program Files (x86)\Mozilla Firefox\webapprt-stub.exe 2012-10-13 07:15:07 261600 ----a-w- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll 2012-10-13 07:15:07 157272 ----a-w- C:\Program Files (x86)\Mozilla Firefox\webapp-uninstaller.exe 2012-10-13 07:02:18 -------- d-----w- C:\Windows\SysWow64\C2MP 2012-10-13 05:25:52 -------- d-----w- C:\Users\Janine\AppData\Local\webkit 2012-10-13 04:27:10 -------- d-----w- C:\Users\Janine\AppData\Local\fontconfig 2012-10-13 04:27:07 -------- d-----w- C:\Users\Janine\AppData\Local\gegl-0.2 2012-10-13 04:27:07 -------- d-----w- C:\Users\Janine\.gimp-2.8 2012-10-13 04:12:35 -------- d-----w- C:\Program Files\GIMP 2 2012-10-13 03:49:31 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-10-13 03:49:31 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-10-13 01:50:10 -------- d-----w- C:\Windows\SysWow64\MFAData 2012-10-13 01:50:10 -------- d-----w- C:\Windows\System32\MFAData 2012-10-13 00:54:15 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-10-13 00:54:15 696760 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-10-12 22:20:58 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2012-10-12 08:39:46 -------- d-sh--w- C:\found.000 2012-10-12 08:39:46 -------- d-sh--w- \found.000 2012-10-12 07:15:12 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy 2012-10-12 07:08:06 -------- d-----w- C:\Windows\System32\%LocalAppData% 2012-10-01 05:17:22 39904 ----a-w- C:\Windows\SysWow64\dischandler.exe 2012-09-27 19:31:33 -------- d-----w- C:\Users\Janine\AppData\Local\MFAData 2012-09-27 19:31:33 -------- d-----w- C:\Users\Janine\AppData\Local\Avg2013 2012-09-26 14:54:59 245760 ----a-w- C:\Windows\System32\OxpsConverter.exe 2012-09-25 05:30:54 3915776 ----a-w- C:\Windows\SysWow64\ffmpeg.dll 2012-09-25 05:30:04 112640 ----a-w- C:\Windows\SysWow64\ff_vfw.dll 2012-09-25 05:29:52 3504128 ----a-w- C:\Windows\SysWow64\ffdshow.ax 2012-09-25 05:29:20 271360 ----a-w- C:\Windows\SysWow64\TomsMoComp_ff.dll 2012-09-25 05:29:00 99840 ----a-w- C:\Windows\SysWow64\ff_wmv9.dll 2012-09-25 05:29:00 157184 ----a-w- C:\Windows\SysWow64\ff_unrar.dll 2012-09-25 05:29:00 147456 ----a-w- C:\Windows\SysWow64\ff_libmad.dll 2012-09-25 05:28:58 211968 ----a-w- C:\Windows\SysWow64\ff_libdts.dll 2012-09-25 05:28:58 1525760 ----a-w- C:\Windows\SysWow64\ff_samplerate.dll 2012-09-25 05:28:58 114688 ----a-w- C:\Windows\SysWow64\ff_liba52.dll 2012-09-25 05:27:44 4012544 ----a-w- C:\Windows\System32\ffmpeg.dll 2012-09-25 05:27:06 127488 ----a-w- C:\Windows\System32\ff_vfw.dll 2012-09-25 05:27:04 4377088 ----a-w- C:\Windows\System32\ffdshow.ax 2012-09-25 05:26:56 474624 ----a-w- C:\Windows\System32\ff_kernelDeint.dll 2012-09-25 05:26:02 631296 ----a-w- C:\Windows\System32\TomsMoComp_ff.dll 2012-09-25 05:25:52 114688 ----a-w- C:\Windows\System32\ff_wmv9.dll 2012-09-25 05:25:50 156160 ----a-w- C:\Windows\System32\ff_libmad.dll 2012-09-25 05:25:48 223232 ----a-w- C:\Windows\System32\ff_libdts.dll 2012-09-25 05:25:48 183296 ----a-w- C:\Windows\System32\ff_unrar.dll 2012-09-25 05:25:48 1532928 ----a-w- C:\Windows\System32\ff_samplerate.dll 2012-09-25 05:25:46 116224 ----a-w- C:\Windows\System32\ff_liba52.dll 2012-09-24 16:21:21 29712 ----a-w- C:\Windows\System32\nitrolocalmon2.dll 2012-09-24 16:21:21 17936 ----a-w- C:\Windows\System32\nitrolocalui2.dll 2012-09-24 00:03:56 1289728 ----a-w- C:\Windows\SysWow64\VSFilter.dll 2012-09-22 22:48:53 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll 2012-09-22 02:10:34 230400 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\hpzppw71.dll 2012-09-22 01:59:20 -------- d-----w- C:\Windows\System32\msmq . ==================== Find3M ==================== . 2012-10-14 21:59:57 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2012-09-14 19:19:29 2048 ----a-w- C:\Windows\System32\tzres.dll 2012-09-14 18:28:53 2048 ----a-w- C:\Windows\SysWow64\tzres.dll 2012-09-01 04:57:28 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2012-08-31 18:19:35 1659760 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2012-08-30 18:03:45 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-08-30 17:12:02 3968880 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-08-30 17:12:02 3914096 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-08-24 18:05:07 220160 ----a-w- C:\Windows\System32\wintrust.dll 2012-08-24 16:57:48 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll 2012-08-24 10:31:32 2312704 ----a-w- C:\Windows\System32\jscript9.dll 2012-08-24 10:21:18 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-08-24 10:20:11 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-08-24 10:14:45 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-08-24 10:13:29 599040 ----a-w- C:\Windows\System32\vbscript.dll 2012-08-24 10:09:42 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-08-24 06:59:17 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-08-24 06:51:27 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-08-24 06:51:02 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-08-24 06:47:26 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-08-24 06:47:12 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll 2012-08-24 06:43:58 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-08-23 19:01:14 233472 ----a-w- C:\Windows\SysWow64\DCBassSourceMod.ax 2012-08-23 13:43:14 54328 ----a-w- C:\Windows\SysWow64\bass_opus.dll 2012-08-22 18:12:50 1913200 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2012-08-22 18:12:40 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys 2012-08-22 18:12:40 376688 ----a-w- C:\Windows\System32\drivers\netio.sys 2012-08-22 18:12:33 288624 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS 2012-08-20 18:48:44 362496 ----a-w- C:\Windows\System32\wow64win.dll 2012-08-20 18:48:44 243200 ----a-w- C:\Windows\System32\wow64.dll 2012-08-20 18:48:44 13312 ----a-w- C:\Windows\System32\wow64cpu.dll 2012-08-20 18:48:43 215040 ----a-w- C:\Windows\System32\winsrv.dll 2012-08-20 18:48:37 16384 ----a-w- C:\Windows\System32\ntvdm64.dll 2012-08-20 18:48:35 424448 ----a-w- C:\Windows\System32\KernelBase.dll 2012-08-20 18:46:22 338432 ----a-w- C:\Windows\System32\conhost.exe 2012-08-20 17:40:21 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll 2012-08-20 17:38:44 44032 ----a-w- C:\Windows\apppatch\acwow64.dll 2012-08-20 17:38:26 25600 ----a-w- C:\Windows\SysWow64\setup16.exe 2012-08-20 17:37:19 5120 ----a-w- C:\Windows\SysWow64\wow32.dll 2012-08-20 17:37:18 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll 2012-08-20 15:38:21 7680 ----a-w- C:\Windows\SysWow64\instnm.exe 2012-08-20 15:38:20 2048 ----a-w- C:\Windows\SysWow64\user.exe 2012-08-20 15:33:28 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll 2012-08-20 15:33:28 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll 2012-08-20 15:33:28 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll 2012-08-20 15:33:28 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll 2012-08-11 00:56:03 715776 ----a-w- C:\Windows\System32\kerberos.dll 2012-08-10 23:56:14 542208 ----a-w- C:\Windows\SysWow64\kerberos.dll 2012-08-02 17:58:52 574464 ----a-w- C:\Windows\System32\d3d10level9.dll 2012-08-02 16:57:20 490496 ----a-w- C:\Windows\SysWow64\d3d10level9.dll 2012-07-23 20:59:14 24960 ----a-w- C:\Windows\System32\RegistryDefragBootTime.exe 2012-07-19 18:58:54 1436672 ----a-w- C:\Windows\System32\LAVVideo.ax 2012-07-19 18:58:38 486912 ----a-w- C:\Windows\System32\LAVSplitter.ax 2012-07-19 18:58:34 264704 ----a-w- C:\Windows\System32\LAVAudio.ax 2012-07-19 18:58:32 357376 ----a-w- C:\Windows\System32\IntelQuickSyncDecoder.dll 2012-07-19 18:58:32 202752 ----a-w- C:\Windows\System32\libbluray.dll 2012-07-19 18:58:26 7128652 ----a-w- C:\Windows\System32\avcodec-lav-54.dll 2012-07-19 18:58:26 420110 ----a-w- C:\Windows\System32\swscale-lav-2.dll 2012-07-19 18:58:26 248625 ----a-w- C:\Windows\System32\avutil-lav-51.dll 2012-07-19 18:58:26 174229 ----a-w- C:\Windows\System32\avfilter-lav-3.dll 2012-07-19 18:58:26 110826 ----a-w- C:\Windows\System32\avresample-lav-0.dll 2012-07-19 18:58:26 1074211 ----a-w- C:\Windows\System32\avformat-lav-54.dll 2012-07-19 18:56:30 1114624 ----a-w- C:\Windows\SysWow64\LAVVideo.ax 2012-07-19 18:56:14 399360 ----a-w- C:\Windows\SysWow64\LAVSplitter.ax 2012-07-19 18:56:12 233472 ----a-w- C:\Windows\SysWow64\LAVAudio.ax 2012-07-19 18:56:08 274944 ----a-w- C:\Windows\SysWow64\IntelQuickSyncDecoder.dll 2012-07-19 18:56:08 172544 ----a-w- C:\Windows\SysWow64\libbluray.dll 2012-07-19 18:56:02 6894331 ----a-w- C:\Windows\SysWow64\avcodec-lav-54.dll 2012-07-19 18:56:02 401685 ----a-w- C:\Windows\SysWow64\swscale-lav-2.dll 2012-07-19 18:56:02 232895 ----a-w- C:\Windows\SysWow64\avutil-lav-51.dll 2012-07-19 18:56:02 162743 ----a-w- C:\Windows\SysWow64\avfilter-lav-3.dll 2012-07-19 18:56:02 1111581 ----a-w- C:\Windows\SysWow64\avformat-lav-54.dll 2012-07-19 18:56:02 101820 ----a-w- C:\Windows\SysWow64\avresample-lav-0.dll 2012-07-18 18:15:06 3148800 ----a-w- C:\Windows\System32\win32k.sys . ============= FINISH: 4:39:07.00 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-10-14.05) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 9/1/2010 4:22:32 AM System Uptime: 10/15/2012 3:38:54 AM (1 hours ago) . Motherboard: ASUSTeK Computer Inc. | | UL50VT Processor: Genuine Intel® CPU U7300 @ 1.30GHz | Socket 478 | 1300/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 116 GiB total, 60.138 GiB free. D: is FIXED (NTFS) - 335 GiB total, 218.827 GiB free. E: is CDROM () G: is Removable . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . No restore point in system. . ==== Installed Programs ====================== . Adobe Flash Player 11 Plugin Advanced SystemCare 5 Alcor Micro USB Card Reader Apple Application Support ASUS AI Recovery ASUS LifeFrame3 ASUS Power4Gear Hybrid ATK Generic Function Service ATK Hotkey ATK Media ATKOSD2 Auslogics Disk Defrag Auslogics Registry Cleaner avast! Free Antivirus Brain Workshop 4.8.1 Choice Guard ControlDeck Core Temp 1.0 RC3 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition DVD Flick 1.3.0.7 ETDWare PS/2-x64 7.0.5.9_WHQL Express Gate Fast Boot GIMP 2.8.2 Google Update Helper Java 7 Update 7 Java Auto Updater K-Lite Codec Pack 9.2.0 (64-bit) Malwarebytes Anti-Malware version 1.65.0.1400 Media Player Codec Pack 4.2.3 Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Groove MUI (English) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 64-bit MUI (English) 2010 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Word MUI (English) 2010 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server 2008 Native Client Microsoft Sync Framework Runtime Native v1.0 (x86) Microsoft Sync Framework Services Native v1.0 (x86) Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Mozilla Firefox 16.0.1 (x86 en-US) Mozilla Maintenance Service MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Nitro Reader 2 NVIDIA Drivers POWERPREP II R for Windows 2.15.1 RCA Detective™ 3.0.3.0 RCA Digital Voice Manager 7.1.2.0 RCA Updater 2.1.7.0 Realtek High Definition Audio Driver Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2687436) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553260) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589322) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition Security Update for Microsoft SharePoint Workspace 2010 (KB2566445) Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2553488) 32-Bit Edition Spybot - Search & Destroy SRS Premium Sound Control Panel swMSM System Requirements Lab Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553092) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition USB 2.0 VGA UVC WebCam Visual Studio 2008 x64 Redistributables Visual Studio 2010 x64 Redistributables Windows Live Communications Platform Windows Live Essentials Windows Live Photo Gallery WinFlash Write-N-Cite . ==== Event Viewer Messages From Past Week ======== . 10/15/2012 3:39:29 AM, Error: SNMP [1500] - The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration. 10/15/2012 12:41:14 AM, Error: Service Control Manager [7001] - The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 10/15/2012 12:41:14 AM, Error: Service Control Manager [7001] - The Internet Connection Sharing (ICS) service depends on the Remote Access Connection Manager service which failed to start because of the following error: The dependency service or group failed to start. 10/15/2012 1:29:03 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk0\DR0. 10/14/2012 11:54:49 PM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit. 10/14/2012 1:15:38 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\C:\Users\Janine\ntuser.dat' was corrupted and it has been recovered. Some data might have been lost. 10/13/2012 7:27:51 PM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied. 10/12/2012 5:28:40 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1. 10/12/2012 3:58:04 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the AVGIDSAgent service to connect. 10/12/2012 3:58:04 PM, Error: Service Control Manager [7000] - The AVGIDSAgent service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 10/12/2012 2:08:16 AM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 10/12/2012 12:36:53 AM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume OS. 10/12/2012 12:36:49 AM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:. 10/12/2012 1:55:29 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 10/12/2012 1:55:29 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89} 10/12/2012 1:55:29 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E} 10/12/2012 1:55:28 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 10/12/2012 1:55:22 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 10/12/2012 1:55:21 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 10/12/2012 1:54:35 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AVGIDSDriver Avgldx64 Avgmfx64 Avgtdia DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf 10/12/2012 1:54:33 AM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 10/12/2012 1:54:33 AM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 10/12/2012 1:54:33 AM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning. 10/12/2012 1:54:33 AM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 10/12/2012 1:54:33 AM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 10/12/2012 1:54:33 AM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning. 10/12/2012 1:54:33 AM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 10/12/2012 1:54:33 AM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning. 10/12/2012 1:54:33 AM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 10/12/2012 1:54:33 AM, Error: Service Control Manager [7001] - The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error: A device attached to the system is not functioning. 10/11/2012 9:00:42 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 10/11/2012 9:00:27 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start. 10/11/2012 8:32:49 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F} 10/11/2012 8:32:49 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF} 10/11/2012 8:26:55 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AVGIDSDriver Avgldx64 Avgmfx64 discache spldr Wanarpv6 10/11/2012 7:00:32 PM, Error: iaStor [9] - The device, \Device\Ide\iaStor0, did not respond within the timeout period. 10/10/2012 10:24:18 AM, Error: Service Control Manager [7022] - The Windows Update service hung on starting. . ==== End Of File ===========================
- October 15, 2012
- 16 replies

Sign In

SagansTurtleneck

Posts

Joined

Last visited

Content Type

Events

Profiles

Forums

Everything posted by SagansTurtleneck

Post-virus (?) clean up - no start menu, can't bookmark things, etc.

Post-virus (?) clean up - no start menu, can't bookmark things, etc.

Post-virus (?) clean up - no start menu, can't bookmark things, etc.

Post-virus (?) clean up - no start menu, can't bookmark things, etc.

Post-virus (?) clean up - no start menu, can't bookmark things, etc.

Post-virus (?) clean up - no start menu, can't bookmark things, etc.

Post-virus (?) clean up - no start menu, can't bookmark things, etc.

Post-virus (?) clean up - no start menu, can't bookmark things, etc.

Browse

Activity

Personal

Business

Business Modules

Partners

Learn

Start here

Type of malware/attacks

How does it get on my computer?

Scams and grifts

Support

Important Information