madmac7

Members

View Profile See their activity

Posts
4
Joined
January 3, 2013
Last visited
January 4, 2013

Reputation

0 Neutral

SVC: Vongo threat detected on Avast...Vundo trojan detected on malwarebytes

madmac7 replied to madmac7's topic in Resolved Malware Removal Logs

Malwarebytes Anti-Malware 1.70.0.1100 www.malwarebytes.org Database version: v2013.01.04.06 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 joey :: JOEY-PC [administrator] 1/4/2013 1:10:00 PM mbam-log-2013-01-04 (13-10-00).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 194974 Time elapsed: 5 minute(s), 15 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
- January 4, 2013
- 8 replies
SVC: Vongo threat detected on Avast...Vundo trojan detected on malwarebytes

madmac7 replied to madmac7's topic in Resolved Malware Removal Logs

Results of screen317's Security Check version 0.99.56 Windows Vista x86 (UAC is enabled) Out of date service pack!! Internet Explorer 7 Out of date! ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.70.0.1100 Java 7 Update 10 Java 6 Update 2 Java version out of Date! Adobe Reader 8 Adobe Reader out of Date! Google Chrome 23.0.1271.97 ````````Process Check: objlist.exe by Laurent```````` Windows Defender MSASCui.exe Windows Defender MSASCui.exe AVAST Software Avast AvastSvc.exe AVAST Software Avast AvastUI.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 7 % Defragment your hard drive soon! (Do NOT defrag if SSD!) ````````````````````End of Log``````````````````````
- January 3, 2013
- 8 replies
SVC: Vongo threat detected on Avast...Vundo trojan detected on malwarebytes

madmac7 replied to madmac7's topic in Resolved Malware Removal Logs

OTL logfile created on: 1/3/2013 2:45:37 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\joey\Desktop Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation Internet Explorer (Version = 7.0.6000.16512) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1.94 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 51.66% Memory free 4.09 Gb Paging File | 3.03 Gb Available in Paging File | 74.04% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 137.35 Gb Total Space | 98.93 Gb Free Space | 72.03% Space Free | Partition Type: NTFS Drive D: | 11.70 Gb Total Space | 1.86 Gb Free Space | 15.89% Space Free | Partition Type: NTFS Computer Name: JOEY-PC | User Name: joey | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013/01/03 14:42:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\joey\Desktop\OTL.exe PRC - [2012/10/30 15:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2012/10/30 15:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2007/10/24 23:36:50 | 001,006,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe PRC - [2007/09/15 00:29:10 | 000,102,400 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPStart.exe PRC - [2006/11/02 01:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe ========== Modules (No Company Name) ========== MOD - [2007/10/25 01:16:19 | 000,815,104 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\8fbca0140921ed343cb511595869a0ed\System.Runtime.Remoting.ni.dll MOD - [2007/10/25 01:14:54 | 000,393,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7108eaf5b5973bf7cdbdb47875e616e4\PresentationFramework.Aero.ni.dll MOD - [2007/10/25 01:14:52 | 014,594,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a9141ad6851ff94ece503a1898c4ca3a\PresentationFramework.ni.dll MOD - [2007/10/25 01:13:46 | 012,025,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\81e201b865ca4b1dc1baa769353a1d32\PresentationCore.ni.dll MOD - [2007/10/01 15:11:02 | 000,036,864 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\Content.XmlSerializers.dll MOD - [2007/10/01 15:11:00 | 000,007,168 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\RemotingClient.dll MOD - [2007/10/01 15:10:50 | 000,057,344 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll MOD - [2007/10/01 15:10:28 | 000,036,864 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\MessagingClients.dll MOD - [2007/10/01 15:10:20 | 000,040,960 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\MessagingServer.dll MOD - [2007/10/01 15:10:20 | 000,028,672 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\MessagingMessages.dll MOD - [2007/10/01 15:10:20 | 000,006,144 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\MessagingInterface.dll MOD - [2006/11/02 04:57:46 | 000,659,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\59192aecec284fba3e9b4b6ec41a755d\System.EnterpriseServices.ni.dll MOD - [2006/11/02 04:57:45 | 000,684,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\b9588344b72703e9c361bd47d87cccf9\System.Transactions.ni.dll MOD - [2006/11/02 04:57:45 | 000,294,912 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\59192aecec284fba3e9b4b6ec41a755d\System.EnterpriseServices.Wrapper.dll MOD - [2006/11/02 04:57:44 | 006,656,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\7812c95c325062211532c560b59da6b3\System.Data.ni.dll MOD - [2006/11/02 04:57:34 | 013,148,160 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\35a9f19f21aac42b979be321f1bb5fd4\System.Windows.Forms.ni.dll MOD - [2006/11/02 04:56:59 | 001,617,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\70c145ed25af403aa899ffcb633350b1\System.Drawing.ni.dll MOD - [2006/11/02 04:56:48 | 005,619,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f76a7622c73e26e4d2daf54068d7ff79\System.Xml.ni.dll MOD - [2006/11/02 04:56:39 | 001,003,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\d7b63c1d2ab17ac3cc24881c4ff78b63\System.Configuration.ni.dll MOD - [2006/11/02 04:55:38 | 003,272,704 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\3b53dcf335a24dff03c7354dfebcb049\WindowsBase.ni.dll MOD - [2006/11/02 04:55:23 | 008,151,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\fcc712bc5da45a672e7f1ad176dbd5a5\System.ni.dll MOD - [2006/11/02 04:55:10 | 011,628,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7fe79782947b85d961fd55cb5e02a129\mscorlib.ni.dll MOD - [2006/11/02 01:46:09 | 000,364,544 | ---- | M] () -- C:\WINDOWS\System32\msjetoledb40.dll MOD - [2006/11/01 22:34:22 | 000,114,176 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll MOD - [2006/10/19 17:14:53 | 000,260,096 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll MOD - [2006/10/19 17:14:47 | 002,894,336 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ========== Services (SafeList) ========== SRV - [2012/10/30 15:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2007/10/24 23:36:50 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007/08/31 10:15:06 | 000,176,128 | ---- | M] (Starz Entertainment Group LLC) [On_Demand | Stopped] -- C:\Program Files\Vongo\VongoService.exe -- (Vongo Service) SRV - [2007/03/05 10:30:06 | 000,110,592 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -- (Com4Qlb) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\SymIM.sys -- (SymIMMP) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\SymIM.sys -- (SymIM) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Unknown] -- C:\Users\joey\AppData\Local\Temp\mbr.sys -- (mbr) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive) DRV - [2012/10/30 15:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2012/10/30 15:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP) DRV - [2012/10/30 15:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2012/10/30 15:51:58 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (AswRdr) DRV - [2012/10/30 15:51:57 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2012/10/30 15:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2007/09/28 00:06:00 | 007,628,192 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2007/09/08 23:12:28 | 000,176,640 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\CHDART.sys -- (HdAudAddService) DRV - [2007/07/09 15:27:56 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\XAudio.sys -- (XAudio) DRV - [2007/06/18 17:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr) DRV - [2007/05/30 15:40:42 | 000,735,232 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\athr.sys -- (athr) DRV - [2007/03/21 22:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\rixdptsk.sys -- (rismxdp) DRV - [2007/03/06 05:15:58 | 001,059,112 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvmfdx32.sys -- (NVENETFD) DRV - [2007/02/24 14:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\rimmptsk.sys -- (rimmptsk) DRV - [2007/02/16 00:50:32 | 000,012,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvsmu.sys -- (nvsmu) DRV - [2007/01/23 16:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2006/06/28 10:54:00 | 000,009,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\CPQBttn.sys -- (HBtnKey) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Presario&pf=laptop IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Presario&pf=laptop IE - HKLM\..\SearchScopes,DefaultScope = {DB9DBEB0-BC08-4306-AE91-AE7CDFC606EA} IE - HKLM\..\SearchScopes\{0864C034-A3A2-4A60-B61D-554FC878F44B}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd IE - HKLM\..\SearchScopes\{DB9DBEB0-BC08-4306-AE91-AE7CDFC606EA}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=hp-pvdt IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Presario&pf=laptop IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) IE - HKCU\..\SearchScopes,DefaultScope = {DB9DBEB0-BC08-4306-AE91-AE7CDFC606EA} IE - HKCU\..\SearchScopes\{0864C034-A3A2-4A60-B61D-554FC878F44B}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd IE - HKCU\..\SearchScopes\{DB9DBEB0-BC08-4306-AE91-AE7CDFC606EA}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=hp-pvdt IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll () ========== Chrome ========== CHR - homepage: http://www.google.com CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter} CHR - homepage: http://www.google.com CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.89\npGoogleUpdate3.dll CHR - plugin: Java Platform SE 7 U10 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll CHR - plugin: Java Deployment Toolkit 7.0.100.18 (Enabled) = C:\Windows\system32\npDeployJava1.dll CHR - Extension: Google Drive = C:\Users\joey\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: YouTube = C:\Users\joey\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google Search = C:\Users\joey\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: avast! WebRep = C:\Users\joey\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\ CHR - Extension: Gmail = C:\Users\joey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2006/09/18 13:41:30 | 000,000,761 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found. O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (HP Print Clips) - {FFFFFFFF-FF12-44C5-91EC-068E3AA1B2D7} - c:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.) O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found. O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe File not found O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation) O4 - HKLM..\Run: [synTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre7\bin\jp2iexp.dll () O9 - Extra Button: HP Smart Select - {58ECB495-38F0-49cb-A538-10282ABF65E7} - c:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 10.10.2) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AF19A56B-21F5-4055-9CB0-92BF5198FA90}: DhcpNameServer = 192.168.2.1 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\CompaqTrace.jpg O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\CompaqTrace.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2007/10/25 00:41:43 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2005/09/11 07:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2013/01/03 14:41:55 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\joey\Desktop\OTL.exe [2013/01/03 13:24:29 | 000,000,000 | ---D | C] -- C:\Users\joey\AppData\Roaming\Malwarebytes [2013/01/03 13:24:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013/01/03 13:24:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013/01/03 13:24:03 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2013/01/03 13:24:03 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2013/01/03 13:20:29 | 000,237,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [2013/01/03 12:55:13 | 000,688,992 | ---- | C] (Swearware) -- C:\Users\joey\Desktop\dds.com [2013/01/03 12:45:09 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0 [2013/01/03 12:27:56 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2013/01/02 22:34:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2013/01/02 22:15:34 | 000,000,000 | ---D | C] -- C:\Users\joey\AppData\Local\Google [2013/01/02 22:15:31 | 000,000,000 | ---D | C] -- C:\Program Files\Google [2013/01/02 22:15:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus [2013/01/02 22:15:29 | 000,021,256 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys [2013/01/02 22:15:28 | 000,361,032 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys [2013/01/02 22:15:25 | 000,035,928 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys [2013/01/02 22:15:24 | 000,054,232 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys [2013/01/02 22:15:22 | 000,738,504 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys [2013/01/02 22:15:19 | 000,058,680 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys [2013/01/02 22:13:15 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr [2013/01/02 22:13:14 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe [2013/01/02 22:11:47 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software [2013/01/02 22:11:47 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2013/01/02 22:05:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2013/01/02 22:04:56 | 000,779,704 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll [2013/01/02 22:04:53 | 000,859,072 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll [2013/01/02 22:04:53 | 000,260,528 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe [2013/01/02 22:04:34 | 000,174,000 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe [2013/01/02 22:04:34 | 000,173,992 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe [2013/01/02 22:04:34 | 000,093,640 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll [2013/01/02 22:01:33 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee [2013/01/02 21:38:03 | 000,000,000 | ---D | C] -- C:\Users\joey\Desktop\Backup [2013/01/02 21:18:05 | 000,000,000 | ---D | C] -- C:\Users\joey\AppData\Local\Hewlett-Packard [2013/01/02 21:17:49 | 000,000,000 | ---D | C] -- C:\Users\joey\AppData\Local\QuickPlay [2013/01/02 21:17:48 | 000,000,000 | ---D | C] -- C:\Users\joey\AppData\Roaming\Symantec [2013/01/02 21:17:08 | 000,000,000 | R--D | C] -- C:\Users\joey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2013/01/02 21:17:08 | 000,000,000 | R--D | C] -- C:\Users\joey\Searches [2013/01/02 21:17:08 | 000,000,000 | R--D | C] -- C:\Users\joey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2013/01/02 21:16:58 | 000,000,000 | ---D | C] -- C:\Users\joey\AppData\Roaming\Identities [2013/01/02 21:16:56 | 000,000,000 | R--D | C] -- C:\Users\joey\Contacts [2013/01/02 21:16:46 | 000,000,000 | ---D | C] -- C:\Users\joey\AppData\Local\VirtualStore [2013/01/02 21:13:36 | 000,000,000 | ---D | C] -- C:\Users\joey\AppData\Roaming\Macromedia [2013/01/02 21:13:18 | 000,000,000 | ---D | C] -- C:\Users\joey\AppData\Roaming\Hewlett-Packard [2013/01/02 21:12:58 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo! [2013/01/02 21:11:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts [2013/01/02 21:10:38 | 000,000,000 | ---D | C] -- C:\Users\joey\AppData\Local\Downloaded Installations [2013/01/02 21:10:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts [2013/01/02 21:06:32 | 000,000,000 | ---D | C] -- C:\Program Files\Electronic Arts [2013/01/02 21:06:14 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll [2013/01/02 21:06:14 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll [2013/01/02 21:06:13 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll [2013/01/02 21:06:13 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll [2013/01/02 21:06:12 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll [2013/01/02 21:06:02 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll [2013/01/02 21:06:01 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll [2013/01/02 21:06:01 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll [2013/01/02 21:06:00 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll [2013/01/02 21:06:00 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll [2013/01/02 21:05:59 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll [2013/01/02 21:05:56 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll [2013/01/02 21:05:55 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll [2013/01/02 21:05:53 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll [2013/01/02 21:03:45 | 000,000,000 | R--D | C] -- C:\Users\joey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2013/01/02 21:03:45 | 000,000,000 | R--D | C] -- C:\Users\joey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2013/01/02 21:03:45 | 000,000,000 | -HSD | C] -- C:\Users\joey\AppData\Local\Temporary Internet Files [2013/01/02 21:03:45 | 000,000,000 | -HSD | C] -- C:\Users\joey\Templates [2013/01/02 21:03:45 | 000,000,000 | -HSD | C] -- C:\Users\joey\Start Menu [2013/01/02 21:03:45 | 000,000,000 | -HSD | C] -- C:\Users\joey\SendTo [2013/01/02 21:03:45 | 000,000,000 | -HSD | C] -- C:\Users\joey\Recent [2013/01/02 21:03:45 | 000,000,000 | -HSD | C] -- C:\Users\joey\PrintHood [2013/01/02 21:03:45 | 000,000,000 | -HSD | C] -- C:\Users\joey\NetHood [2013/01/02 21:03:45 | 000,000,000 | -HSD | C] -- C:\Users\joey\Documents\My Videos [2013/01/02 21:03:45 | 000,000,000 | -HSD | C] -- C:\Users\joey\Documents\My Pictures [2013/01/02 21:03:45 | 000,000,000 | -HSD | C] -- C:\Users\joey\Documents\My Music [2013/01/02 21:03:45 | 000,000,000 | -HSD | C] -- C:\Users\joey\My Documents [2013/01/02 21:03:45 | 000,000,000 | -HSD | C] -- C:\Users\joey\Local Settings [2013/01/02 21:03:45 | 000,000,000 | -HSD | C] -- C:\Users\joey\AppData\Local\History [2013/01/02 21:03:45 | 000,000,000 | -HSD | C] -- C:\Users\joey\Cookies [2013/01/02 21:03:45 | 000,000,000 | -HSD | C] -- C:\Users\joey\Application Data [2013/01/02 21:03:45 | 000,000,000 | -HSD | C] -- C:\Users\joey\AppData\Local\Application Data [2013/01/02 21:03:45 | 000,000,000 | ---D | C] -- C:\Users\joey\AppData\Local\Temp [2013/01/02 21:03:45 | 000,000,000 | ---D | C] -- C:\Users\joey\AppData\Local\Microsoft [2013/01/02 21:03:45 | 000,000,000 | ---D | C] -- C:\Users\joey\AppData\Roaming\Media Center Programs [2013/01/02 21:03:45 | 000,000,000 | ---D | C] -- C:\Users\joey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite [2013/01/02 21:03:44 | 000,000,000 | --SD | C] -- C:\Users\joey\AppData\Roaming\Microsoft [2013/01/02 21:03:44 | 000,000,000 | R--D | C] -- C:\Users\joey\Videos [2013/01/02 21:03:44 | 000,000,000 | R--D | C] -- C:\Users\joey\Saved Games [2013/01/02 21:03:44 | 000,000,000 | R--D | C] -- C:\Users\joey\Pictures [2013/01/02 21:03:44 | 000,000,000 | R--D | C] -- C:\Users\joey\Music [2013/01/02 21:03:44 | 000,000,000 | R--D | C] -- C:\Users\joey\Links [2013/01/02 21:03:44 | 000,000,000 | R--D | C] -- C:\Users\joey\Favorites [2013/01/02 21:03:44 | 000,000,000 | R--D | C] -- C:\Users\joey\Downloads [2013/01/02 21:03:44 | 000,000,000 | R--D | C] -- C:\Users\joey\Documents [2013/01/02 21:03:44 | 000,000,000 | R--D | C] -- C:\Users\joey\Desktop [2013/01/02 21:03:44 | 000,000,000 | -H-D | C] -- C:\Users\joey\AppData [2013/01/02 20:59:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Templates [2013/01/02 20:59:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Start Menu [2013/01/02 20:59:55 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Videos [2013/01/02 20:59:55 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Pictures [2013/01/02 20:59:55 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Music [2013/01/02 20:59:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favorites [2013/01/02 20:59:55 | 000,000,000 | -HSD | C] -- C:\Documents and Settings [2013/01/02 20:59:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Documents [2013/01/02 20:59:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Desktop [2013/01/02 20:59:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Application Data [2013/01/02 20:59:28 | 000,000,000 | -HSD | C] -- C:\System Volume Information ========== Files - Modified Within 30 Days ========== [2013/01/03 14:42:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\joey\Desktop\OTL.exe [2013/01/03 13:56:26 | 000,000,878 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013/01/03 13:56:00 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013/01/03 13:50:59 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2013/01/03 13:50:59 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2013/01/03 13:24:08 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2013/01/03 12:57:33 | 000,618,648 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013/01/03 12:57:33 | 000,104,024 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013/01/03 12:55:19 | 000,688,992 | ---- | M] (Swearware) -- C:\Users\joey\Desktop\dds.com [2013/01/03 12:52:02 | 000,000,162 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini [2013/01/03 12:50:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013/01/03 12:50:32 | 2079,248,384 | -HS- | M] () -- C:\hiberfil.sys [2013/01/03 12:20:46 | 000,001,800 | ---- | M] () -- C:\ProgramData\LuUninstall.LiveUpdate [2013/01/02 22:34:07 | 000,001,971 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2013/01/02 22:34:07 | 000,001,955 | ---- | M] () -- C:\Users\joey\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2013/01/02 22:18:09 | 000,003,584 | ---- | M] () -- C:\Users\joey\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013/01/02 22:15:30 | 000,001,829 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2013/01/02 22:15:19 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt [2013/01/02 22:03:48 | 000,093,640 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll [2013/01/02 22:03:32 | 000,260,528 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe [2013/01/02 22:03:32 | 000,174,000 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe [2013/01/02 22:03:31 | 000,173,992 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe [2013/01/02 22:03:30 | 000,859,072 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll [2013/01/02 22:03:30 | 000,779,704 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll [2013/01/02 21:50:23 | 000,000,943 | ---- | M] () -- C:\Users\joey\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2013/01/02 21:16:45 | 000,000,081 | ---- | M] () -- C:\Windows\System32\LOG [2013/01/02 21:16:42 | 000,000,044 | ---- | M] () -- C:\Windows\System\hpsysdrv.dat [2013/01/02 21:13:08 | 000,001,851 | ---- | M] () -- C:\Users\Public\Desktop\Internet & Digital Services.lnk [2013/01/02 21:04:12 | 000,000,000 | RHS- | M] () -- C:\Windows\System32\drivers\103C_HP_cNB_Presario F700 Notebook PC_Y5335KV_0U_QCNF8064LR0_E458057-001_4A_I30EA_SQuanta_V86.09_F.05_T071207_WV3-0_L409_M1983_J160_7AMD_8F82_91.90_#071025_N10DE054C;168C001C_(KC490UA#ABA)_XMOBILE_CN10_Z_2Rev 1.MRK [2013/01/02 20:58:05 | 000,311,488 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012/12/14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys ========== Files Created - No Company Name ========== [2013/01/03 13:24:08 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2013/01/03 12:23:37 | 2079,248,384 | -HS- | C] () -- C:\hiberfil.sys [2013/01/03 12:20:46 | 000,001,800 | ---- | C] () -- C:\ProgramData\LuUninstall.LiveUpdate [2013/01/02 22:34:07 | 000,001,971 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2013/01/02 22:34:07 | 000,001,955 | ---- | C] () -- C:\Users\joey\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2013/01/02 22:18:08 | 000,003,584 | ---- | C] () -- C:\Users\joey\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013/01/02 22:16:00 | 000,000,882 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013/01/02 22:15:57 | 000,000,878 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013/01/02 22:15:30 | 000,001,829 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2013/01/02 21:50:23 | 000,000,943 | ---- | C] () -- C:\Users\joey\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2013/01/02 21:17:10 | 000,000,949 | ---- | C] () -- C:\Users\joey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2013/01/02 21:17:08 | 000,000,944 | ---- | C] () -- C:\Users\joey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk [2013/01/02 21:16:56 | 000,000,915 | ---- | C] () -- C:\Users\joey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk [2013/01/02 21:16:45 | 000,000,081 | ---- | C] () -- C:\Windows\System32\LOG [2013/01/02 21:16:42 | 000,000,044 | ---- | C] () -- C:\Windows\System\hpsysdrv.dat [2013/01/02 21:13:09 | 000,002,061 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk [2013/01/02 21:13:09 | 000,002,045 | ---- | C] () -- C:\Users\Public\Desktop\MSN.lnk [2013/01/02 21:13:09 | 000,001,865 | ---- | C] () -- C:\Users\Public\Desktop\HP Total Care Advisor.lnk [2013/01/02 21:13:09 | 000,001,865 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Total Care Advisor.lnk [2013/01/02 21:13:08 | 000,001,851 | ---- | C] () -- C:\Users\Public\Desktop\Internet & Digital Services.lnk [2013/01/02 21:04:12 | 000,000,000 | RHS- | C] () -- C:\Windows\System32\drivers\103C_HP_cNB_Presario F700 Notebook PC_Y5335KV_0U_QCNF8064LR0_E458057-001_4A_I30EA_SQuanta_V86.09_F.05_T071207_WV3-0_L409_M1983_J160_7AMD_8F82_91.90_#071025_N10DE054C;168C001C_(KC490UA#ABA)_XMOBILE_CN10_Z_2Rev 1.MRK [2013/01/02 21:03:45 | 000,000,258 | ---- | C] () -- C:\Users\joey\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk [2013/01/02 21:03:45 | 000,000,240 | ---- | C] () -- C:\Users\joey\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk ========== ZeroAccess Check ========== [2006/11/02 04:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2007/10/24 23:56:41 | 011,315,200 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2006/11/02 01:46:04 | 000,614,400 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2006/11/02 01:46:13 | 000,348,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== ========== Purity Check ========== < End of report > OTL Extras logfile created on: 1/3/2013 2:45:37 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\joey\Desktop Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation Internet Explorer (Version = 7.0.6000.16512) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1.94 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 51.66% Memory free 4.09 Gb Paging File | 3.03 Gb Available in Paging File | 74.04% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 137.35 Gb Total Space | 98.93 Gb Free Space | 72.03% Space Free | Partition Type: NTFS Drive D: | 11.70 Gb Total Space | 1.86 Gb Free Space | 15.89% Space Free | Partition Type: NTFS Computer Name: JOEY-PC | User Name: joey | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "UacDisableNotify" = 0 "InternetSettingsDisableNotify" = 0 "AutoUpdateDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 "" = [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "" = "C:\Program Files\Vongo\VongoService.exe" = C:\Program Files\Vongo\VongoService.exe:*:enabled:VongoService -- (Starz Entertainment Group LLC) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink -- (EarthLink, Inc.) ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{1AE562DA-7309-453A-9981-14754F331E8B}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{215A0E8B-F3B1-4142-9EDC-67844C866781}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{3AB9E897-EFD5-46F8-A8FD-92524044A185}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe | "{4630CE96-7C84-4111-9852-86D38C21972F}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe | "{5D822295-A632-4383-8E27-59B0DDEE4CB9}" = dir=in | app=c:\program files\hp\quickplay\qp.exe | "{6DA52B40-B3EB-44DC-A7FD-F76685D124B8}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe | "{71D34C68-56BB-40D3-89EE-C4D9B9E729FB}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe | "{AB196BDF-4D50-4B68-BD55-10E9173EF3AB}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe | "{BAF2F0A3-BD92-4F8F-BE0A-268C5AF5A2E8}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe | "{CA6C467C-F80C-4393-A684-1A757088196E}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe | "{CCB39148-7984-4B64-B9C3-C4136001128B}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe | "{D012D9F6-2140-435A-84C2-5468FCAFA85A}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe | "{FB8AC562-E60F-4011-B998-AC91AD9AB9A9}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{06E74B9B-631F-4378-BF3A-40D868450C05}" = HPPhotoSmartPhotobookHolidayPack1 "{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer "{082F8ABA-84D5-4837-9DFC-F365D91A07D4}" = HP Smart Web Printing "{11B83AD3-7A46-4C2E-A568-9505981D4C6F}" = HP Update "{11BB336F-0E58-4977-B866-F24FA334616B}" = HP Active Support Library "{12A76360-388E-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1 "{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works "{172AEB5E-CBB2-4CDD-A4CF-388600825839}" = HPPhotoSmartPhotobookPlayfulPack1 "{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}" = Adobe Shockwave Player "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite "{209CDA54-D390-46A2-A97C-7BF61734418D}" = WeatherBug Gadget "{2284D904-C138-4B58-93EC-5C362AB5130A}" = The Sims™ Life Stories "{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant "{250E9609-E830-43EB-B379-DAB7546A2422}" = muvee autoProducer 6.1 "{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check "{26A24AE4-039D-4CA4-87B4-2F83217010FF}" = Java 7 Update 10 "{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Driver Installation Program "{28EDCE9C-3304-4331-8AB3-F3EBE94C35B4}" = HP Help and Support "{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java 6 Update 2 "{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE "{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.30 D2 "{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP DVD Play 3.6 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6}" = Cards_Calendar_OrderGift_DoMorePlugout "{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01 "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites "{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check "{68471BF2-F1F7-4C89-BBBA-400B94996596}" = ESU for Microsoft Vista "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{89E052B2-5CA5-4B7A-AF0C-28CA2836B030}" = HPPhotoSmartPhotobookModernPack1 "{8C3AE2D1-854D-4650-A73D-C7CC7EE36B80}" = Vongo "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English) "{9885A11E-60E4-417C-B58B-8B31B21C0B8A}" = HP Easy Setup - Frontend "{A07840FC-CE63-4CB8-8030-EF4B9805925A}" = HPPhotoSmartDiscLabel_PaperLabel "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1033-7B44-A81000000003}" = Adobe Reader 8.1.0 "{AC95121F-1576-45B8-82F7-3911D27882E6}" = HPPhotoSmartPhotobookScrapbookPack1 "{ADFB9653-F44C-460C-BF58-189CC552DFFE}" = hpphotosmartdisclabelplugin "{b02df929-29a7-4fd2-9a70-81a644b635f7}" = HP Total Care Advisor "{B4E91E95-A5BA-4E50-A465-DB7EFEB176E8}" = HPPhotoSmartDiscLabel_PrintOnDisc "{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5 "{BD0E2B92-3814-46F0-893B-4612EA010C7E}" = HP Customer Experience Enhancements "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "{CBAE4F50-9FC9-4557-AB36-9826DF3C103C}" = HP Wireless Assistant "{DD3C88A0-C53C-41D0-A21B-6D021981D23E}" = HPPhotoSmartDiscLabelContent1 "{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01 "{E6D3A461-8DDE-45C9-8C34-A33436FCC0B4}" = HP User Guides 0091 "{F5577101-33CC-4711-8235-3A95BCD49DB0}" = EA Link "{F636EE9A-F9EC-4606-BCFA-77DD0E210788}" = HPPhotoSmartDiscLabel_Tattoo "{F7F3B252-E772-48AA-93EB-7964BC326067}" = MSCU for Microsoft Vista "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites "Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX "AIM_6" = AIM 6 "avast" = avast! Free Antivirus "CNXT_AUDIO_HDA" = Conexant HD Audio "CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP "Google Chrome" = Google Chrome "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "HP Photosmart Essential" = HP Photosmart Essential 2.5 "HP Smart Web Printing" = HP Smart Web Printing "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "InstallShield_{F5577101-33CC-4711-8235-3A95BCD49DB0}" = EA Link "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100 "NVIDIA Drivers" = NVIDIA Drivers "SlingMedia.QPSlingPlayer_is1" = QuickPlay SlingPlayer 0.4.4 "SynTPDeinstKey" = Synaptics Pointing Device Driver "ViewpointMediaPlayer" = Viewpoint Media Player "WildTangent hp Master Uninstall" = My HP Games "Yahoo! Companion" = Yahoo! Toolbar "Yahoo! Toolbar" = Yahoo! Toolbar ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 1/3/2013 1:16:24 AM | Computer Name = joey-PC | Source = RasClient | ID = 20227 Description = Error - 1/3/2013 2:35:03 AM | Computer Name = joey-PC | Source = Application Hang | ID = 1002 Description = The program avast.setup version 7.0.1474.765 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel. Process ID: 1240 Start Time: 01cde9791e1b6980 Termination Time: 0 Error - 1/3/2013 4:14:15 PM | Computer Name = joey-PC | Source = WerSvc | ID = 5007 Description = Error - 1/3/2013 4:18:59 PM | Computer Name = joey-PC | Source = EventSystem | ID = 4609 Description = Error - 1/3/2013 4:25:03 PM | Computer Name = joey-PC | Source = Application Hang | ID = 1002 Description = The program Explorer.EXE version 6.0.6000.16386 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel. Process ID: 4f0 Start Time: 01cde9f049cc007b Termination Time: 62 Error - 1/3/2013 4:28:44 PM | Computer Name = joey-PC | Source = WerSvc | ID = 5007 Description = Error - 1/3/2013 4:57:33 PM | Computer Name = joey-PC | Source = WerSvc | ID = 5007 Description = [ System Events ] Error - 1/3/2013 6:29:29 PM | Computer Name = joey-PC | Source = Microsoft-Windows-Servicing | ID = 4375 Description = Error - 1/3/2013 6:29:29 PM | Computer Name = joey-PC | Source = Microsoft-Windows-Servicing | ID = 4375 Description = Error - 1/3/2013 6:29:29 PM | Computer Name = joey-PC | Source = Microsoft-Windows-Servicing | ID = 4375 Description = Error - 1/3/2013 6:29:29 PM | Computer Name = joey-PC | Source = Microsoft-Windows-Servicing | ID = 4375 Description = Error - 1/3/2013 6:29:29 PM | Computer Name = joey-PC | Source = Microsoft-Windows-Servicing | ID = 4375 Description = Error - 1/3/2013 6:29:29 PM | Computer Name = joey-PC | Source = Microsoft-Windows-Servicing | ID = 4375 Description = Error - 1/3/2013 6:29:29 PM | Computer Name = joey-PC | Source = Microsoft-Windows-Servicing | ID = 4375 Description = Error - 1/3/2013 6:29:29 PM | Computer Name = joey-PC | Source = Microsoft-Windows-Servicing | ID = 4375 Description = Error - 1/3/2013 6:29:29 PM | Computer Name = joey-PC | Source = Microsoft-Windows-Servicing | ID = 4375 Description = Error - 1/3/2013 6:29:29 PM | Computer Name = joey-PC | Source = Microsoft-Windows-Servicing | ID = 4375 Description = < End of report >
- January 3, 2013
- 8 replies
SVC: Vongo threat detected on Avast...Vundo trojan detected on malwarebytes

madmac7 posted a topic in Resolved Malware Removal Logs

So I ran malwarebytes quick scan and Vundotrojan was detected. It claimed to successfully remove it. Then I ran a full scan on avast and SVC:Vongo threat was detected. This was also removed. However, just in case I restored my laptop to factory settings. After downloading avast once I put it to factory settings it started to act up. Multiple browsers opened up and I saw the CMD open and close really fast in the back. I'm not sure if it was Norton and Avast conflicting with each other or the virus (I uninstalled Norton). . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft® Windows Vista™ Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 2/17/2008 10:04:01 AM System Uptime: 1/3/2013 12:50:16 PM (0 hours ago) . Motherboard: Quanta | | 30EA Processor: AMD Turion 64 X2 Mobile Technology TL-58 | Socket S1 | 1900/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 137 GiB total, 101.624 GiB free. D: is FIXED (NTFS) - 12 GiB total, 1.859 GiB free. E: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . . ==== Installed Programs ====================== . Activation Assistant for the 2007 Microsoft Office suites Adobe Flash Player ActiveX Adobe Reader 8.1.0 Adobe Shockwave Player AIM 6 Atheros Driver Installation Program avast! Free Antivirus Cards_Calendar_OrderGift_DoMorePlugout Compatibility Pack for the 2007 Office system Conexant HD Audio DVD Suite EA Link ESU for Microsoft Vista Google Chrome Google Update Helper HDAUDIO Soft Data Fax Modem with SmartCP Hewlett-Packard Active Check Hewlett-Packard Asset Agent for Health Check HP Active Support Library HP Customer Experience Enhancements HP Doc Viewer HP DVD Play 3.6 HP Easy Setup - Frontend HP Help and Support HP Photosmart Essential 2.5 HP Quick Launch Buttons 6.30 D2 HP Smart Web Printing HP Total Care Advisor HP Update HP User Guides 0091 HP Wireless Assistant HPNetworkAssistant HPPhotoSmartDiscLabel_PaperLabel HPPhotoSmartDiscLabel_PrintOnDisc HPPhotoSmartDiscLabel_Tattoo HPPhotoSmartDiscLabelContent1 hpphotosmartdisclabelplugin HPPhotoSmartPhotobookHolidayPack1 HPPhotoSmartPhotobookModernPack1 HPPhotoSmartPhotobookPlayfulPack1 HPPhotoSmartPhotobookScrapbookPack1 HPPhotoSmartPhotobookWebPack1 Java 7 Update 10 Java Auto Updater Java 6 Update 2 LabelPrint Microsoft Office Excel MUI (English) 2007 Microsoft Office Home and Student 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Works MSCU for Microsoft Vista MSXML 4.0 SP2 (KB973688) muvee autoProducer 6.1 My HP Games NetWaiting NVIDIA Drivers Power2Go PowerDirector PSSWCORE QuickPlay SlingPlayer 0.4.4 RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01 Synaptics Pointing Device Driver The Sims™ Life Stories Update for Office 2007 (KB934528) VideoToolkit01 Viewpoint Media Player Vongo WeatherBug Gadget Yahoo! Toolbar . ==== End Of File =========================== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft® Windows Vista™ Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 2/17/2008 10:04:01 AM System Uptime: 1/3/2013 12:50:16 PM (0 hours ago) . Motherboard: Quanta | | 30EA Processor: AMD Turion 64 X2 Mobile Technology TL-58 | Socket S1 | 1900/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 137 GiB total, 101.624 GiB free. D: is FIXED (NTFS) - 12 GiB total, 1.859 GiB free. E: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . . ==== Installed Programs ====================== . Activation Assistant for the 2007 Microsoft Office suites Adobe Flash Player ActiveX Adobe Reader 8.1.0 Adobe Shockwave Player AIM 6 Atheros Driver Installation Program avast! Free Antivirus Cards_Calendar_OrderGift_DoMorePlugout Compatibility Pack for the 2007 Office system Conexant HD Audio DVD Suite EA Link ESU for Microsoft Vista Google Chrome Google Update Helper HDAUDIO Soft Data Fax Modem with SmartCP Hewlett-Packard Active Check Hewlett-Packard Asset Agent for Health Check HP Active Support Library HP Customer Experience Enhancements HP Doc Viewer HP DVD Play 3.6 HP Easy Setup - Frontend HP Help and Support HP Photosmart Essential 2.5 HP Quick Launch Buttons 6.30 D2 HP Smart Web Printing HP Total Care Advisor HP Update HP User Guides 0091 HP Wireless Assistant HPNetworkAssistant HPPhotoSmartDiscLabel_PaperLabel HPPhotoSmartDiscLabel_PrintOnDisc HPPhotoSmartDiscLabel_Tattoo HPPhotoSmartDiscLabelContent1 hpphotosmartdisclabelplugin HPPhotoSmartPhotobookHolidayPack1 HPPhotoSmartPhotobookModernPack1 HPPhotoSmartPhotobookPlayfulPack1 HPPhotoSmartPhotobookScrapbookPack1 HPPhotoSmartPhotobookWebPack1 Java 7 Update 10 Java Auto Updater Java 6 Update 2 LabelPrint Microsoft Office Excel MUI (English) 2007 Microsoft Office Home and Student 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Works MSCU for Microsoft Vista MSXML 4.0 SP2 (KB973688) muvee autoProducer 6.1 My HP Games NetWaiting NVIDIA Drivers Power2Go PowerDirector PSSWCORE QuickPlay SlingPlayer 0.4.4 RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01 Synaptics Pointing Device Driver The Sims™ Life Stories Update for Office 2007 (KB934528) VideoToolkit01 Viewpoint Media Player Vongo WeatherBug Gadget Yahoo! Toolbar . ==== End Of File ===========================
- January 3, 2013
- 8 replies

Sign In

madmac7

Posts

Joined

Last visited

Reputation

SVC: Vongo threat detected on Avast...Vundo trojan detected on malwarebytes

SVC: Vongo threat detected on Avast...Vundo trojan detected on malwarebytes

SVC: Vongo threat detected on Avast...Vundo trojan detected on malwarebytes

SVC: Vongo threat detected on Avast...Vundo trojan detected on malwarebytes

Browse

Activity

Personal

Business

Business Modules

Partners

Learn

Start here

Type of malware/attacks

How does it get on my computer?

Scams and grifts

Support

Important Information