Jump to content

madmac7

Members
 View Profile  See their activity

  • Posts

    4

  • Joined

  • Last visited

 Content Type 

Posts posted by madmac7

    SVC: Vongo threat detected on Avast...Vundo trojan detected on malwarebytes

    in Resolved Malware Removal Logs

    Posted

    Malwarebytes Anti-Malware 1.70.0.1100

    www.malwarebytes.org

    Database version: v2013.01.04.06

    Windows Vista Service Pack 2 x86 NTFS

    Internet Explorer 9.0.8112.16421

    joey :: JOEY-PC [administrator]

    1/4/2013 1:10:00 PM

    mbam-log-2013-01-04 (13-10-00).txt

    Scan type: Quick scan

    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

    Scan options disabled: P2P

    Objects scanned: 194974

    Time elapsed: 5 minute(s), 15 second(s)

    Memory Processes Detected: 0

    (No malicious items detected)

    Memory Modules Detected: 0

    (No malicious items detected)

    Registry Keys Detected: 0

    (No malicious items detected)

    Registry Values Detected: 0

    (No malicious items detected)

    Registry Data Items Detected: 0

    (No malicious items detected)

    Folders Detected: 0

    (No malicious items detected)

    Files Detected: 0

    (No malicious items detected)

    (end)

    SVC: Vongo threat detected on Avast...Vundo trojan detected on malwarebytes

    in Resolved Malware Removal Logs

    Posted

    Results of screen317's Security Check version 0.99.56

    Windows Vista x86 (UAC is enabled)

    Out of date service pack!!

    Internet Explorer 7 Out of date!

    ``````````````Antivirus/Firewall Check:``````````````

    Windows Firewall Enabled!

    WMI entry may not exist for antivirus; attempting automatic update.

    `````````Anti-malware/Other Utilities Check:`````````

    Malwarebytes Anti-Malware version 1.70.0.1100

    Java 7 Update 10

    Java 6 Update 2

    Java version out of Date!

    Adobe Reader 8 Adobe Reader out of Date!

    Google Chrome 23.0.1271.97

    ````````Process Check: objlist.exe by Laurent````````

    Windows Defender MSASCui.exe

    Windows Defender MSASCui.exe

    AVAST Software Avast AvastSvc.exe

    AVAST Software Avast AvastUI.exe

    `````````````````System Health check`````````````````

    Total Fragmentation on Drive C: 7 % Defragment your hard drive soon! (Do NOT defrag if SSD!)

    ````````````````````End of Log``````````````````````

    SVC: Vongo threat detected on Avast...Vundo trojan detected on malwarebytes

    in Resolved Malware Removal Logs

    Posted

    OTL logfile created on: 1/3/2013 2:45:37 PM - Run 1

    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\joey\Desktop

    Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation

    Internet Explorer (Version = 7.0.6000.16512)

    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    1.94 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 51.66% Memory free

    4.09 Gb Paging File | 3.03 Gb Available in Paging File | 74.04% Paging File free

    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

    Drive C: | 137.35 Gb Total Space | 98.93 Gb Free Space | 72.03% Space Free | Partition Type: NTFS

    Drive D: | 11.70 Gb Total Space | 1.86 Gb Free Space | 15.89% Space Free | Partition Type: NTFS

    Computer Name: JOEY-PC | User Name: joey | Logged in as Administrator.

    Boot Mode: Normal | Scan Mode: Current user

    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2013/01/03 14:42:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\joey\Desktop\OTL.exe

    PRC - [2012/10/30 15:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe

    PRC - [2012/10/30 15:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe

    PRC - [2007/10/24 23:36:50 | 001,006,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe

    PRC - [2007/09/15 00:29:10 | 000,102,400 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPStart.exe

    PRC - [2006/11/02 01:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

    ========== Modules (No Company Name) ==========

    MOD - [2007/10/25 01:16:19 | 000,815,104 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\8fbca0140921ed343cb511595869a0ed\System.Runtime.Remoting.ni.dll

    MOD - [2007/10/25 01:14:54 | 000,393,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7108eaf5b5973bf7cdbdb47875e616e4\PresentationFramework.Aero.ni.dll

    MOD - [2007/10/25 01:14:52 | 014,594,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a9141ad6851ff94ece503a1898c4ca3a\PresentationFramework.ni.dll

    MOD - [2007/10/25 01:13:46 | 012,025,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\81e201b865ca4b1dc1baa769353a1d32\PresentationCore.ni.dll

    MOD - [2007/10/01 15:11:02 | 000,036,864 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\Content.XmlSerializers.dll

    MOD - [2007/10/01 15:11:00 | 000,007,168 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\RemotingClient.dll

    MOD - [2007/10/01 15:10:50 | 000,057,344 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll

    MOD - [2007/10/01 15:10:28 | 000,036,864 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\MessagingClients.dll

    MOD - [2007/10/01 15:10:20 | 000,040,960 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\MessagingServer.dll

    MOD - [2007/10/01 15:10:20 | 000,028,672 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\MessagingMessages.dll

    MOD - [2007/10/01 15:10:20 | 000,006,144 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\MessagingInterface.dll

    MOD - [2006/11/02 04:57:46 | 000,659,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\59192aecec284fba3e9b4b6ec41a755d\System.EnterpriseServices.ni.dll

    MOD - [2006/11/02 04:57:45 | 000,684,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\b9588344b72703e9c361bd47d87cccf9\System.Transactions.ni.dll

    MOD - [2006/11/02 04:57:45 | 000,294,912 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\59192aecec284fba3e9b4b6ec41a755d\System.EnterpriseServices.Wrapper.dll

    MOD - [2006/11/02 04:57:44 | 006,656,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\7812c95c325062211532c560b59da6b3\System.Data.ni.dll

    MOD - [2006/11/02 04:57:34 | 013,148,160 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\35a9f19f21aac42b979be321f1bb5fd4\System.Windows.Forms.ni.dll

    MOD - [2006/11/02 04:56:59 | 001,617,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\70c145ed25af403aa899ffcb633350b1\System.Drawing.ni.dll

    MOD - [2006/11/02 04:56:48 | 005,619,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f76a7622c73e26e4d2daf54068d7ff79\System.Xml.ni.dll

    MOD - [2006/11/02 04:56:39 | 001,003,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\d7b63c1d2ab17ac3cc24881c4ff78b63\System.Configuration.ni.dll

    MOD - [2006/11/02 04:55:38 | 003,272,704 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\3b53dcf335a24dff03c7354dfebcb049\WindowsBase.ni.dll

    MOD - [2006/11/02 04:55:23 | 008,151,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\fcc712bc5da45a672e7f1ad176dbd5a5\System.ni.dll

    MOD - [2006/11/02 04:55:10 | 011,628,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7fe79782947b85d961fd55cb5e02a129\mscorlib.ni.dll

    MOD - [2006/11/02 01:46:09 | 000,364,544 | ---- | M] () -- C:\WINDOWS\System32\msjetoledb40.dll

    MOD - [2006/11/01 22:34:22 | 000,114,176 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll

    MOD - [2006/10/19 17:14:53 | 000,260,096 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll

    MOD - [2006/10/19 17:14:47 | 002,894,336 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll

    ========== Services (SafeList) ==========

    SRV - [2012/10/30 15:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)

    SRV - [2007/10/24 23:36:50 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

    SRV - [2007/08/31 10:15:06 | 000,176,128 | ---- | M] (Starz Entertainment Group LLC) [On_Demand | Stopped] -- C:\Program Files\Vongo\VongoService.exe -- (Vongo Service)

    SRV - [2007/03/05 10:30:06 | 000,110,592 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -- (Com4Qlb)

    ========== Driver Services (SafeList) ==========

    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\SymIM.sys -- (SymIMMP)

    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\SymIM.sys -- (SymIM)

    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)

    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)

    DRV - File not found [Kernel | On_Demand | Unknown] -- C:\Users\joey\AppData\Local\Temp\mbr.sys -- (mbr)

    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)

    DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)

    DRV - [2012/10/30 15:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)

    DRV - [2012/10/30 15:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)

    DRV - [2012/10/30 15:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)

    DRV - [2012/10/30 15:51:58 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (AswRdr)

    DRV - [2012/10/30 15:51:57 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswMonFlt.sys -- (aswMonFlt)

    DRV - [2012/10/30 15:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)

    DRV - [2007/09/28 00:06:00 | 007,628,192 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvlddmkm.sys -- (nvlddmkm)

    DRV - [2007/09/08 23:12:28 | 000,176,640 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\CHDART.sys -- (HdAudAddService)

    DRV - [2007/07/09 15:27:56 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\XAudio.sys -- (XAudio)

    DRV - [2007/06/18 17:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)

    DRV - [2007/05/30 15:40:42 | 000,735,232 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\athr.sys -- (athr)

    DRV - [2007/03/21 22:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\rixdptsk.sys -- (rismxdp)

    DRV - [2007/03/06 05:15:58 | 001,059,112 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvmfdx32.sys -- (NVENETFD)

    DRV - [2007/02/24 14:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\rimmptsk.sys -- (rimmptsk)

    DRV - [2007/02/16 00:50:32 | 000,012,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvsmu.sys -- (nvsmu)

    DRV - [2007/01/23 16:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\rimsptsk.sys -- (rimsptsk)

    DRV - [2006/06/28 10:54:00 | 000,009,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\CPQBttn.sys -- (HBtnKey)

    ========== Standard Registry (SafeList) ==========

    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Presario&pf=laptop

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Presario&pf=laptop

    IE - HKLM\..\SearchScopes,DefaultScope = {DB9DBEB0-BC08-4306-AE91-AE7CDFC606EA}

    IE - HKLM\..\SearchScopes\{0864C034-A3A2-4A60-B61D-554FC878F44B}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd

    IE - HKLM\..\SearchScopes\{DB9DBEB0-BC08-4306-AE91-AE7CDFC606EA}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=hp-pvdt

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Presario&pf=laptop

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

    IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

    IE - HKCU\..\SearchScopes,DefaultScope = {DB9DBEB0-BC08-4306-AE91-AE7CDFC606EA}

    IE - HKCU\..\SearchScopes\{0864C034-A3A2-4A60-B61D-554FC878F44B}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd

    IE - HKCU\..\SearchScopes\{DB9DBEB0-BC08-4306-AE91-AE7CDFC606EA}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=hp-pvdt

    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========

    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

    FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()

    ========== Chrome ==========

    CHR - homepage: http://www.google.com

    CHR - default_search_provider: Google (Enabled)

    CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}

    CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}

    CHR - homepage: http://www.google.com

    CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll

    CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer

    CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll

    CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\pdf.dll

    CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll

    CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.89\npGoogleUpdate3.dll

    CHR - plugin: Java Platform SE 7 U10 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

    CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll

    CHR - plugin: Java Deployment Toolkit 7.0.100.18 (Enabled) = C:\Windows\system32\npDeployJava1.dll

    CHR - Extension: Google Drive = C:\Users\joey\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\

    CHR - Extension: YouTube = C:\Users\joey\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\

    CHR - Extension: Google Search = C:\Users\joey\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\

    CHR - Extension: avast! WebRep = C:\Users\joey\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\

    CHR - Extension: Gmail = C:\Users\joey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

    O1 HOSTS File: ([2006/09/18 13:41:30 | 000,000,761 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\hosts

    O1 - Hosts: 127.0.0.1 localhost

    O1 - Hosts: ::1 localhost

    O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

    O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

    O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.

    O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

    O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

    O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

    O2 - BHO: (HP Print Clips) - {FFFFFFFF-FF12-44C5-91EC-068E3AA1B2D7} - c:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)

    O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.

    O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

    O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

    O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)

    O4 - HKLM..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe File not found

    O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)

    O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)

    O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)

    O4 - HKLM..\Run: [synTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)

    O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)

    O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)

    O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

    O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre7\bin\jp2iexp.dll ()

    O9 - Extra Button: HP Smart Select - {58ECB495-38F0-49cb-A538-10282ABF65E7} - c:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)

    O13 - gopher Prefix: missing

    O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)

    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Reg Error: Value error.)

    O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)

    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 10.10.2)

    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1

    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AF19A56B-21F5-4055-9CB0-92BF5198FA90}: DhcpNameServer = 192.168.2.1

    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

    O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)

    O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\CompaqTrace.jpg

    O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\CompaqTrace.jpg

    O32 - HKLM CDRom: AutoRun - 1

    O32 - AutoRun File - [2007/10/25 00:41:43 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

    O32 - AutoRun File - [2005/09/11 07:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]

    O34 - HKLM BootExecute: (autocheck autochk *)

    O35 - HKLM\..comfile [open] -- "%1" %*

    O35 - HKLM\..exefile [open] -- "%1" %*

    O37 - HKLM\...com [@ = comfile] -- "%1" %*

    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

    ========== Files/Folders - Created Within 30 Days ==========

    [2013/01/03 14:41:55 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\joey\Desktop\OTL.exe

    [2013/01/03 13:24:29 | 000,000,000 | ---D | C] -- C:\Users\joey\AppData\Roaming\Malwarebytes

    [2013/01/03 13:24:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

    [2013/01/03 13:24:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

    [2013/01/03 13:24:03 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

    [2013/01/03 13:24:03 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

    [2013/01/03 13:20:29 | 000,237,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe

    [2013/01/03 12:55:13 | 000,688,992 | ---- | C] (Swearware) -- C:\Users\joey\Desktop\dds.com

    [2013/01/03 12:45:09 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0

    [2013/01/03 12:27:56 | 000,000,000 | -HSD | C] -- C:\Config.Msi

    [2013/01/02 22:34:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

    [2013/01/02 22:15:34 | 000,000,000 | ---D | C] -- C:\Users\joey\AppData\Local\Google

    [2013/01/02 22:15:31 | 000,000,000 | ---D | C] -- C:\Program Files\Google

    [2013/01/02 22:15:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus

    [2013/01/02 22:15:29 | 000,021,256 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys

    [2013/01/02 22:15:28 | 000,361,032 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys

    [2013/01/02 22:15:25 | 000,035,928 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys

    [2013/01/02 22:15:24 | 000,054,232 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys

    [2013/01/02 22:15:22 | 000,738,504 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys

    [2013/01/02 22:15:19 | 000,058,680 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys

    [2013/01/02 22:13:15 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr

    [2013/01/02 22:13:14 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe

    [2013/01/02 22:11:47 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software

    [2013/01/02 22:11:47 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software

    [2013/01/02 22:05:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun

    [2013/01/02 22:04:56 | 000,779,704 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll

    [2013/01/02 22:04:53 | 000,859,072 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll

    [2013/01/02 22:04:53 | 000,260,528 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe

    [2013/01/02 22:04:34 | 000,174,000 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe

    [2013/01/02 22:04:34 | 000,173,992 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe

    [2013/01/02 22:04:34 | 000,093,640 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll

    [2013/01/02 22:01:33 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee

    [2013/01/02 21:38:03 | 000,000,000 | ---D | C] -- C:\Users\joey\Desktop\Backup

    [2013/01/02 21:18:05 | 000,000,000 | ---D | C] -- C:\Users\joey\AppData\Local\Hewlett-Packard

    [2013/01/02 21:17:49 | 000,000,000 | ---D | C] -- C:\Users\joey\AppData\Local\QuickPlay

    [2013/01/02 21:17:48 | 000,000,000 | ---D | C] -- C:\Users\joey\AppData\Roaming\Symantec

    [2013/01/02 21:17:08 | 000,000,000 | R--D | C] -- C:\Users\joey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

    [2013/01/02 21:17:08 | 000,000,000 | R--D | C] -- C:\Users\joey\Searches

    [2013/01/02 21:17:08 | 000,000,000 | R--D | C] -- C:\Users\joey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

    [2013/01/02 21:16:58 | 000,000,000 | ---D | C] -- C:\Users\joey\AppData\Roaming\Identities

    [2013/01/02 21:16:56 | 000,000,000 | R--D | C] -- C:\Users\joey\Contacts

    [2013/01/02 21:16:46 | 000,000,000 | ---D | C] -- C:\Users\joey\AppData\Local\VirtualStore

    [2013/01/02 21:13:36 | 000,000,000 | ---D | C] -- C:\Users\joey\AppData\Roaming\Macromedia

    [2013/01/02 21:13:18 | 000,000,000 | ---D | C] -- C:\Users\joey\AppData\Roaming\Hewlett-Packard

    [2013/01/02 21:12:58 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo!

    [2013/01/02 21:11:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts

    [2013/01/02 21:10:38 | 000,000,000 | ---D | C] -- C:\Users\joey\AppData\Local\Downloaded Installations

    [2013/01/02 21:10:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts

    [2013/01/02 21:06:32 | 000,000,000 | ---D | C] -- C:\Program Files\Electronic Arts

    [2013/01/02 21:06:14 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll

    [2013/01/02 21:06:14 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll

    [2013/01/02 21:06:13 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll

    [2013/01/02 21:06:13 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll

    [2013/01/02 21:06:12 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll

    [2013/01/02 21:06:02 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll

    [2013/01/02 21:06:01 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll

    [2013/01/02 21:06:01 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll

    [2013/01/02 21:06:00 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll

    [2013/01/02 21:06:00 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll

    [2013/01/02 21:05:59 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll

    [2013/01/02 21:05:56 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll

    [2013/01/02 21:05:55 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll

    [2013/01/02 21:05:53 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll

    [2013/01/02 21:03:45 | 000,000,000 | R--D | C] -- C:\Users\joey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

    [2013/01/02 21:03:45 | 000,000,000 | R--D | C] -- C:\Users\joey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

    [2013/01/02 21:03:45 | 000,000,000 | -HSD | C] -- C:\Users\joey\AppData\Local\Temporary Internet Files

    [2013/01/02 21:03:45 | 000,000,000 | -HSD | C] -- C:\Users\joey\Templates

    [2013/01/02 21:03:45 | 000,000,000 | -HSD | C] -- C:\Users\joey\Start Menu

    [2013/01/02 21:03:45 | 000,000,000 | -HSD | C] -- C:\Users\joey\SendTo

    [2013/01/02 21:03:45 | 000,000,000 | -HSD | C] -- C:\Users\joey\Recent

    [2013/01/02 21:03:45 | 000,000,000 | -HSD | C] -- C:\Users\joey\PrintHood

    [2013/01/02 21:03:45 | 000,000,000 | -HSD | C] -- C:\Users\joey\NetHood

    [2013/01/02 21:03:45 | 000,000,000 | -HSD | C] -- C:\Users\joey\Documents\My Videos

    [2013/01/02 21:03:45 | 000,000,000 | -HSD | C] -- C:\Users\joey\Documents\My Pictures

    [2013/01/02 21:03:45 | 000,000,000 | -HSD | C] -- C:\Users\joey\Documents\My Music

    [2013/01/02 21:03:45 | 000,000,000 | -HSD | C] -- C:\Users\joey\My Documents

    [2013/01/02 21:03:45 | 000,000,000 | -HSD | C] -- C:\Users\joey\Local Settings

    [2013/01/02 21:03:45 | 000,000,000 | -HSD | C] -- C:\Users\joey\AppData\Local\History

    [2013/01/02 21:03:45 | 000,000,000 | -HSD | C] -- C:\Users\joey\Cookies

    [2013/01/02 21:03:45 | 000,000,000 | -HSD | C] -- C:\Users\joey\Application Data

    [2013/01/02 21:03:45 | 000,000,000 | -HSD | C] -- C:\Users\joey\AppData\Local\Application Data

    [2013/01/02 21:03:45 | 000,000,000 | ---D | C] -- C:\Users\joey\AppData\Local\Temp

    [2013/01/02 21:03:45 | 000,000,000 | ---D | C] -- C:\Users\joey\AppData\Local\Microsoft

    [2013/01/02 21:03:45 | 000,000,000 | ---D | C] -- C:\Users\joey\AppData\Roaming\Media Center Programs

    [2013/01/02 21:03:45 | 000,000,000 | ---D | C] -- C:\Users\joey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite

    [2013/01/02 21:03:44 | 000,000,000 | --SD | C] -- C:\Users\joey\AppData\Roaming\Microsoft

    [2013/01/02 21:03:44 | 000,000,000 | R--D | C] -- C:\Users\joey\Videos

    [2013/01/02 21:03:44 | 000,000,000 | R--D | C] -- C:\Users\joey\Saved Games

    [2013/01/02 21:03:44 | 000,000,000 | R--D | C] -- C:\Users\joey\Pictures

    [2013/01/02 21:03:44 | 000,000,000 | R--D | C] -- C:\Users\joey\Music

    [2013/01/02 21:03:44 | 000,000,000 | R--D | C] -- C:\Users\joey\Links

    [2013/01/02 21:03:44 | 000,000,000 | R--D | C] -- C:\Users\joey\Favorites

    [2013/01/02 21:03:44 | 000,000,000 | R--D | C] -- C:\Users\joey\Downloads

    [2013/01/02 21:03:44 | 000,000,000 | R--D | C] -- C:\Users\joey\Documents

    [2013/01/02 21:03:44 | 000,000,000 | R--D | C] -- C:\Users\joey\Desktop

    [2013/01/02 21:03:44 | 000,000,000 | -H-D | C] -- C:\Users\joey\AppData

    [2013/01/02 20:59:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Templates

    [2013/01/02 20:59:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Start Menu

    [2013/01/02 20:59:55 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Videos

    [2013/01/02 20:59:55 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Pictures

    [2013/01/02 20:59:55 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Music

    [2013/01/02 20:59:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favorites

    [2013/01/02 20:59:55 | 000,000,000 | -HSD | C] -- C:\Documents and Settings

    [2013/01/02 20:59:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Documents

    [2013/01/02 20:59:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Desktop

    [2013/01/02 20:59:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Application Data

    [2013/01/02 20:59:28 | 000,000,000 | -HSD | C] -- C:\System Volume Information

    ========== Files - Modified Within 30 Days ==========

    [2013/01/03 14:42:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\joey\Desktop\OTL.exe

    [2013/01/03 13:56:26 | 000,000,878 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

    [2013/01/03 13:56:00 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

    [2013/01/03 13:50:59 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

    [2013/01/03 13:50:59 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

    [2013/01/03 13:24:08 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

    [2013/01/03 12:57:33 | 000,618,648 | ---- | M] () -- C:\Windows\System32\perfh009.dat

    [2013/01/03 12:57:33 | 000,104,024 | ---- | M] () -- C:\Windows\System32\perfc009.dat

    [2013/01/03 12:55:19 | 000,688,992 | ---- | M] (Swearware) -- C:\Users\joey\Desktop\dds.com

    [2013/01/03 12:52:02 | 000,000,162 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini

    [2013/01/03 12:50:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

    [2013/01/03 12:50:32 | 2079,248,384 | -HS- | M] () -- C:\hiberfil.sys

    [2013/01/03 12:20:46 | 000,001,800 | ---- | M] () -- C:\ProgramData\LuUninstall.LiveUpdate

    [2013/01/02 22:34:07 | 000,001,971 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk

    [2013/01/02 22:34:07 | 000,001,955 | ---- | M] () -- C:\Users\joey\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

    [2013/01/02 22:18:09 | 000,003,584 | ---- | M] () -- C:\Users\joey\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

    [2013/01/02 22:15:30 | 000,001,829 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk

    [2013/01/02 22:15:19 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt

    [2013/01/02 22:03:48 | 000,093,640 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll

    [2013/01/02 22:03:32 | 000,260,528 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe

    [2013/01/02 22:03:32 | 000,174,000 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe

    [2013/01/02 22:03:31 | 000,173,992 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe

    [2013/01/02 22:03:30 | 000,859,072 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll

    [2013/01/02 22:03:30 | 000,779,704 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll

    [2013/01/02 21:50:23 | 000,000,943 | ---- | M] () -- C:\Users\joey\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

    [2013/01/02 21:16:45 | 000,000,081 | ---- | M] () -- C:\Windows\System32\LOG

    [2013/01/02 21:16:42 | 000,000,044 | ---- | M] () -- C:\Windows\System\hpsysdrv.dat

    [2013/01/02 21:13:08 | 000,001,851 | ---- | M] () -- C:\Users\Public\Desktop\Internet & Digital Services.lnk

    [2013/01/02 21:04:12 | 000,000,000 | RHS- | M] () -- C:\Windows\System32\drivers\103C_HP_cNB_Presario F700 Notebook PC_Y5335KV_0U_QCNF8064LR0_E458057-001_4A_I30EA_SQuanta_V86.09_F.05_T071207_WV3-0_L409_M1983_J160_7AMD_8F82_91.90_#071025_N10DE054C;168C001C_(KC490UA#ABA)_XMOBILE_CN10_Z_2Rev 1.MRK

    [2013/01/02 20:58:05 | 000,311,488 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

    [2012/12/14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

    ========== Files Created - No Company Name ==========

    [2013/01/03 13:24:08 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

    [2013/01/03 12:23:37 | 2079,248,384 | -HS- | C] () -- C:\hiberfil.sys

    [2013/01/03 12:20:46 | 000,001,800 | ---- | C] () -- C:\ProgramData\LuUninstall.LiveUpdate

    [2013/01/02 22:34:07 | 000,001,971 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk

    [2013/01/02 22:34:07 | 000,001,955 | ---- | C] () -- C:\Users\joey\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

    [2013/01/02 22:18:08 | 000,003,584 | ---- | C] () -- C:\Users\joey\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

    [2013/01/02 22:16:00 | 000,000,882 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

    [2013/01/02 22:15:57 | 000,000,878 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

    [2013/01/02 22:15:30 | 000,001,829 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk

    [2013/01/02 21:50:23 | 000,000,943 | ---- | C] () -- C:\Users\joey\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

    [2013/01/02 21:17:10 | 000,000,949 | ---- | C] () -- C:\Users\joey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

    [2013/01/02 21:17:08 | 000,000,944 | ---- | C] () -- C:\Users\joey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk

    [2013/01/02 21:16:56 | 000,000,915 | ---- | C] () -- C:\Users\joey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk

    [2013/01/02 21:16:45 | 000,000,081 | ---- | C] () -- C:\Windows\System32\LOG

    [2013/01/02 21:16:42 | 000,000,044 | ---- | C] () -- C:\Windows\System\hpsysdrv.dat

    [2013/01/02 21:13:09 | 000,002,061 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk

    [2013/01/02 21:13:09 | 000,002,045 | ---- | C] () -- C:\Users\Public\Desktop\MSN.lnk

    [2013/01/02 21:13:09 | 000,001,865 | ---- | C] () -- C:\Users\Public\Desktop\HP Total Care Advisor.lnk

    [2013/01/02 21:13:09 | 000,001,865 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Total Care Advisor.lnk

    [2013/01/02 21:13:08 | 000,001,851 | ---- | C] () -- C:\Users\Public\Desktop\Internet & Digital Services.lnk

    [2013/01/02 21:04:12 | 000,000,000 | RHS- | C] () -- C:\Windows\System32\drivers\103C_HP_cNB_Presario F700 Notebook PC_Y5335KV_0U_QCNF8064LR0_E458057-001_4A_I30EA_SQuanta_V86.09_F.05_T071207_WV3-0_L409_M1983_J160_7AMD_8F82_91.90_#071025_N10DE054C;168C001C_(KC490UA#ABA)_XMOBILE_CN10_Z_2Rev 1.MRK

    [2013/01/02 21:03:45 | 000,000,258 | ---- | C] () -- C:\Users\joey\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk

    [2013/01/02 21:03:45 | 000,000,240 | ---- | C] () -- C:\Users\joey\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk

    ========== ZeroAccess Check ==========

    [2006/11/02 04:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    "" = %SystemRoot%\system32\shell32.dll -- [2007/10/24 23:56:41 | 011,315,200 | ---- | M] (Microsoft Corporation)

    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

    "" = %systemroot%\system32\wbem\fastprox.dll -- [2006/11/02 01:46:04 | 000,614,400 | ---- | M] (Microsoft Corporation)

    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

    "" = %systemroot%\system32\wbem\wbemess.dll -- [2006/11/02 01:46:13 | 000,348,672 | ---- | M] (Microsoft Corporation)

    "ThreadingModel" = Both

    ========== LOP Check ==========

    ========== Purity Check ==========

    < End of report >

    OTL Extras logfile created on: 1/3/2013 2:45:37 PM - Run 1

    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\joey\Desktop

    Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation

    Internet Explorer (Version = 7.0.6000.16512)

    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    1.94 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 51.66% Memory free

    4.09 Gb Paging File | 3.03 Gb Available in Paging File | 74.04% Paging File free

    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

    Drive C: | 137.35 Gb Total Space | 98.93 Gb Free Space | 72.03% Space Free | Partition Type: NTFS

    Drive D: | 11.70 Gb Total Space | 1.86 Gb Free Space | 15.89% Space Free | Partition Type: NTFS

    Computer Name: JOEY-PC | User Name: joey | Logged in as Administrator.

    Boot Mode: Normal | Scan Mode: Current user

    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========

    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

    .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

    .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

    .html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

    .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

    .html [@ = ChromeHTML] -- Reg Error: Key error. File not found

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

    batfile [open] -- "%1" %*

    cmdfile [open] -- "%1" %*

    comfile [open] -- "%1" %*

    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

    exefile [open] -- "%1" %*

    helpfile [open] -- Reg Error: Key error.

    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

    http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

    https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

    InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l

    piffile [open] -- "%1" %*

    regfile [merge] -- Reg Error: Key error.

    scrfile [config] -- "%1"

    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

    scrfile [open] -- "%1" /S

    txtfile [edit] -- Reg Error: Key error.

    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)

    Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)

    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

    "cval" = 1

    "UacDisableNotify" = 0

    "InternetSettingsDisableNotify" = 0

    "AutoUpdateDisableNotify" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    "DisableMonitoring" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

    "DisableMonitoring" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

    "DisableMonitoring" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

    "AntiVirusOverride" = 0

    "AntiSpywareOverride" = 0

    "FirewallOverride" = 0

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

    "DisableNotifications" = 0

    "EnableFirewall" = 1

    "" =

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

    "DisableNotifications" = 0

    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

    "DisableNotifications" = 0

    "EnableFirewall" = 1

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

    "" =

    "C:\Program Files\Vongo\VongoService.exe" = C:\Program Files\Vongo\VongoService.exe:*:enabled:VongoService -- (Starz Entertainment Group LLC)

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

    "C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink -- (EarthLink, Inc.)

    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

    "{1AE562DA-7309-453A-9981-14754F331E8B}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |

    "{215A0E8B-F3B1-4142-9EDC-67844C866781}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |

    "{3AB9E897-EFD5-46F8-A8FD-92524044A185}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |

    "{4630CE96-7C84-4111-9852-86D38C21972F}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |

    "{5D822295-A632-4383-8E27-59B0DDEE4CB9}" = dir=in | app=c:\program files\hp\quickplay\qp.exe |

    "{6DA52B40-B3EB-44DC-A7FD-F76685D124B8}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |

    "{71D34C68-56BB-40D3-89EE-C4D9B9E729FB}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe |

    "{AB196BDF-4D50-4B68-BD55-10E9173EF3AB}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |

    "{BAF2F0A3-BD92-4F8F-BE0A-268C5AF5A2E8}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |

    "{CA6C467C-F80C-4393-A684-1A757088196E}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |

    "{CCB39148-7984-4B64-B9C3-C4136001128B}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |

    "{D012D9F6-2140-435A-84C2-5468FCAFA85A}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |

    "{FB8AC562-E60F-4011-B998-AC91AD9AB9A9}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

    "{06E74B9B-631F-4378-BF3A-40D868450C05}" = HPPhotoSmartPhotobookHolidayPack1

    "{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer

    "{082F8ABA-84D5-4837-9DFC-F365D91A07D4}" = HP Smart Web Printing

    "{11B83AD3-7A46-4C2E-A568-9505981D4C6F}" = HP Update

    "{11BB336F-0E58-4977-B866-F24FA334616B}" = HP Active Support Library

    "{12A76360-388E-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1

    "{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works

    "{172AEB5E-CBB2-4CDD-A4CF-388600825839}" = HPPhotoSmartPhotobookPlayfulPack1

    "{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}" = Adobe Shockwave Player

    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

    "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite

    "{209CDA54-D390-46A2-A97C-7BF61734418D}" = WeatherBug Gadget

    "{2284D904-C138-4B58-93EC-5C362AB5130A}" = The Sims™ Life Stories

    "{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant

    "{250E9609-E830-43EB-B379-DAB7546A2422}" = muvee autoProducer 6.1

    "{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check

    "{26A24AE4-039D-4CA4-87B4-2F83217010FF}" = Java 7 Update 10

    "{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Driver Installation Program

    "{28EDCE9C-3304-4331-8AB3-F3EBE94C35B4}" = HP Help and Support

    "{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java 6 Update 2

    "{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE

    "{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.30 D2

    "{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting

    "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go

    "{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP DVD Play 3.6

    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

    "{4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6}" = Cards_Calendar_OrderGift_DoMorePlugout

    "{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01

    "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites

    "{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check

    "{68471BF2-F1F7-4C89-BBBA-400B94996596}" = ESU for Microsoft Vista

    "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

    "{89E052B2-5CA5-4B7A-AF0C-28CA2836B030}" = HPPhotoSmartPhotobookModernPack1

    "{8C3AE2D1-854D-4650-A73D-C7CC7EE36B80}" = Vongo

    "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007

    "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007

    "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007

    "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

    "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

    "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

    "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system

    "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007

    "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007

    "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007

    "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007

    "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007

    "{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)

    "{9885A11E-60E4-417C-B58B-8B31B21C0B8A}" = HP Easy Setup - Frontend

    "{A07840FC-CE63-4CB8-8030-EF4B9805925A}" = HPPhotoSmartDiscLabel_PaperLabel

    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

    "{AC76BA86-7AD7-1033-7B44-A81000000003}" = Adobe Reader 8.1.0

    "{AC95121F-1576-45B8-82F7-3911D27882E6}" = HPPhotoSmartPhotobookScrapbookPack1

    "{ADFB9653-F44C-460C-BF58-189CC552DFFE}" = hpphotosmartdisclabelplugin

    "{b02df929-29a7-4fd2-9a70-81a644b635f7}" = HP Total Care Advisor

    "{B4E91E95-A5BA-4E50-A465-DB7EFEB176E8}" = HPPhotoSmartDiscLabel_PrintOnDisc

    "{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5

    "{BD0E2B92-3814-46F0-893B-4612EA010C7E}" = HP Customer Experience Enhancements

    "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint

    "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector

    "{CBAE4F50-9FC9-4557-AB36-9826DF3C103C}" = HP Wireless Assistant

    "{DD3C88A0-C53C-41D0-A21B-6D021981D23E}" = HPPhotoSmartDiscLabelContent1

    "{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01

    "{E6D3A461-8DDE-45C9-8C34-A33436FCC0B4}" = HP User Guides 0091

    "{F5577101-33CC-4711-8235-3A95BCD49DB0}" = EA Link

    "{F636EE9A-F9EC-4606-BCFA-77DD0E210788}" = HPPhotoSmartDiscLabel_Tattoo

    "{F7F3B252-E772-48AA-93EB-7964BC326067}" = MSCU for Microsoft Vista

    "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites

    "Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX

    "AIM_6" = AIM 6

    "avast" = avast! Free Antivirus

    "CNXT_AUDIO_HDA" = Conexant HD Audio

    "CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP

    "Google Chrome" = Google Chrome

    "HOMESTUDENTR" = Microsoft Office Home and Student 2007

    "HP Photosmart Essential" = HP Photosmart Essential 2.5

    "HP Smart Web Printing" = HP Smart Web Printing

    "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector

    "InstallShield_{F5577101-33CC-4711-8235-3A95BCD49DB0}" = EA Link

    "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100

    "NVIDIA Drivers" = NVIDIA Drivers

    "SlingMedia.QPSlingPlayer_is1" = QuickPlay SlingPlayer 0.4.4

    "SynTPDeinstKey" = Synaptics Pointing Device Driver

    "ViewpointMediaPlayer" = Viewpoint Media Player

    "WildTangent hp Master Uninstall" = My HP Games

    "Yahoo! Companion" = Yahoo! Toolbar

    "Yahoo! Toolbar" = Yahoo! Toolbar

    ========== Last 20 Event Log Errors ==========

    [ Application Events ]

    Error - 1/3/2013 1:16:24 AM | Computer Name = joey-PC | Source = RasClient | ID = 20227

    Description =

    Error - 1/3/2013 2:35:03 AM | Computer Name = joey-PC | Source = Application Hang | ID = 1002

    Description = The program avast.setup version 7.0.1474.765 stopped interacting with

    Windows and was closed. To see if more information about the problem is available,

    check the problem history in the Problem Reports and Solutions control panel. Process

    ID: 1240 Start Time: 01cde9791e1b6980 Termination Time: 0

    Error - 1/3/2013 4:14:15 PM | Computer Name = joey-PC | Source = WerSvc | ID = 5007

    Description =

    Error - 1/3/2013 4:18:59 PM | Computer Name = joey-PC | Source = EventSystem | ID = 4609

    Description =

    Error - 1/3/2013 4:25:03 PM | Computer Name = joey-PC | Source = Application Hang | ID = 1002

    Description = The program Explorer.EXE version 6.0.6000.16386 stopped interacting

    with Windows and was closed. To see if more information about the problem is available,

    check the problem history in the Problem Reports and Solutions control panel. Process

    ID: 4f0 Start Time: 01cde9f049cc007b Termination Time: 62

    Error - 1/3/2013 4:28:44 PM | Computer Name = joey-PC | Source = WerSvc | ID = 5007

    Description =

    Error - 1/3/2013 4:57:33 PM | Computer Name = joey-PC | Source = WerSvc | ID = 5007

    Description =

    [ System Events ]

    Error - 1/3/2013 6:29:29 PM | Computer Name = joey-PC | Source = Microsoft-Windows-Servicing | ID = 4375

    Description =

    Error - 1/3/2013 6:29:29 PM | Computer Name = joey-PC | Source = Microsoft-Windows-Servicing | ID = 4375

    Description =

    Error - 1/3/2013 6:29:29 PM | Computer Name = joey-PC | Source = Microsoft-Windows-Servicing | ID = 4375

    Description =

    Error - 1/3/2013 6:29:29 PM | Computer Name = joey-PC | Source = Microsoft-Windows-Servicing | ID = 4375

    Description =

    Error - 1/3/2013 6:29:29 PM | Computer Name = joey-PC | Source = Microsoft-Windows-Servicing | ID = 4375

    Description =

    Error - 1/3/2013 6:29:29 PM | Computer Name = joey-PC | Source = Microsoft-Windows-Servicing | ID = 4375

    Description =

    Error - 1/3/2013 6:29:29 PM | Computer Name = joey-PC | Source = Microsoft-Windows-Servicing | ID = 4375

    Description =

    Error - 1/3/2013 6:29:29 PM | Computer Name = joey-PC | Source = Microsoft-Windows-Servicing | ID = 4375

    Description =

    Error - 1/3/2013 6:29:29 PM | Computer Name = joey-PC | Source = Microsoft-Windows-Servicing | ID = 4375

    Description =

    Error - 1/3/2013 6:29:29 PM | Computer Name = joey-PC | Source = Microsoft-Windows-Servicing | ID = 4375

    Description =

    < End of report >

    SVC: Vongo threat detected on Avast...Vundo trojan detected on malwarebytes

    in Resolved Malware Removal Logs

    Posted

    So I ran malwarebytes quick scan and Vundotrojan was detected. It claimed to successfully remove it. Then I ran a full scan on avast and SVC:Vongo threat was detected. This was also removed. However, just in case I restored my laptop to factory settings. After downloading avast once I put it to factory settings it started to act up. Multiple browsers opened up and I saw the CMD open and close really fast in the back. I'm not sure if it was Norton and Avast conflicting with each other or the virus (I uninstalled Norton).

    .

    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

    IF REQUESTED, ZIP IT UP & ATTACH IT

    .

    DDS (Ver_2012-11-20.01)

    .

    Microsoft® Windows Vista™ Home Premium

    Boot Device: \Device\HarddiskVolume1

    Install Date: 2/17/2008 10:04:01 AM

    System Uptime: 1/3/2013 12:50:16 PM (0 hours ago)

    .

    Motherboard: Quanta | | 30EA

    Processor: AMD Turion 64 X2 Mobile Technology TL-58 | Socket S1 | 1900/200mhz

    .

    ==== Disk Partitions =========================

    .

    C: is FIXED (NTFS) - 137 GiB total, 101.624 GiB free.

    D: is FIXED (NTFS) - 12 GiB total, 1.859 GiB free.

    E: is CDROM ()

    .

    ==== Disabled Device Manager Items =============

    .

    ==== System Restore Points ===================

    .

    .

    ==== Installed Programs ======================

    .

    Activation Assistant for the 2007 Microsoft Office suites

    Adobe Flash Player ActiveX

    Adobe Reader 8.1.0

    Adobe Shockwave Player

    AIM 6

    Atheros Driver Installation Program

    avast! Free Antivirus

    Cards_Calendar_OrderGift_DoMorePlugout

    Compatibility Pack for the 2007 Office system

    Conexant HD Audio

    DVD Suite

    EA Link

    ESU for Microsoft Vista

    Google Chrome

    Google Update Helper

    HDAUDIO Soft Data Fax Modem with SmartCP

    Hewlett-Packard Active Check

    Hewlett-Packard Asset Agent for Health Check

    HP Active Support Library

    HP Customer Experience Enhancements

    HP Doc Viewer

    HP DVD Play 3.6

    HP Easy Setup - Frontend

    HP Help and Support

    HP Photosmart Essential 2.5

    HP Quick Launch Buttons 6.30 D2

    HP Smart Web Printing

    HP Total Care Advisor

    HP Update

    HP User Guides 0091

    HP Wireless Assistant

    HPNetworkAssistant

    HPPhotoSmartDiscLabel_PaperLabel

    HPPhotoSmartDiscLabel_PrintOnDisc

    HPPhotoSmartDiscLabel_Tattoo

    HPPhotoSmartDiscLabelContent1

    hpphotosmartdisclabelplugin

    HPPhotoSmartPhotobookHolidayPack1

    HPPhotoSmartPhotobookModernPack1

    HPPhotoSmartPhotobookPlayfulPack1

    HPPhotoSmartPhotobookScrapbookPack1

    HPPhotoSmartPhotobookWebPack1

    Java 7 Update 10

    Java Auto Updater

    Java 6 Update 2

    LabelPrint

    Microsoft Office Excel MUI (English) 2007

    Microsoft Office Home and Student 2007

    Microsoft Office OneNote MUI (English) 2007

    Microsoft Office PowerPoint MUI (English) 2007

    Microsoft Office PowerPoint Viewer 2007 (English)

    Microsoft Office Proof (English) 2007

    Microsoft Office Proof (French) 2007

    Microsoft Office Proof (Spanish) 2007

    Microsoft Office Proofing (English) 2007

    Microsoft Office Shared MUI (English) 2007

    Microsoft Office Shared Setup Metadata MUI (English) 2007

    Microsoft Office Word MUI (English) 2007

    Microsoft Visual C++ 2005 Redistributable

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

    Microsoft Works

    MSCU for Microsoft Vista

    MSXML 4.0 SP2 (KB973688)

    muvee autoProducer 6.1

    My HP Games

    NetWaiting

    NVIDIA Drivers

    Power2Go

    PowerDirector

    PSSWCORE

    QuickPlay SlingPlayer 0.4.4

    RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01

    Synaptics Pointing Device Driver

    The Sims™ Life Stories

    Update for Office 2007 (KB934528)

    VideoToolkit01

    Viewpoint Media Player

    Vongo

    WeatherBug Gadget

    Yahoo! Toolbar

    .

    ==== End Of File ===========================

    .

    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

    IF REQUESTED, ZIP IT UP & ATTACH IT

    .

    DDS (Ver_2012-11-20.01)

    .

    Microsoft® Windows Vista™ Home Premium

    Boot Device: \Device\HarddiskVolume1

    Install Date: 2/17/2008 10:04:01 AM

    System Uptime: 1/3/2013 12:50:16 PM (0 hours ago)

    .

    Motherboard: Quanta | | 30EA

    Processor: AMD Turion 64 X2 Mobile Technology TL-58 | Socket S1 | 1900/200mhz

    .

    ==== Disk Partitions =========================

    .

    C: is FIXED (NTFS) - 137 GiB total, 101.624 GiB free.

    D: is FIXED (NTFS) - 12 GiB total, 1.859 GiB free.

    E: is CDROM ()

    .

    ==== Disabled Device Manager Items =============

    .

    ==== System Restore Points ===================

    .

    .

    ==== Installed Programs ======================

    .

    Activation Assistant for the 2007 Microsoft Office suites

    Adobe Flash Player ActiveX

    Adobe Reader 8.1.0

    Adobe Shockwave Player

    AIM 6

    Atheros Driver Installation Program

    avast! Free Antivirus

    Cards_Calendar_OrderGift_DoMorePlugout

    Compatibility Pack for the 2007 Office system

    Conexant HD Audio

    DVD Suite

    EA Link

    ESU for Microsoft Vista

    Google Chrome

    Google Update Helper

    HDAUDIO Soft Data Fax Modem with SmartCP

    Hewlett-Packard Active Check

    Hewlett-Packard Asset Agent for Health Check

    HP Active Support Library

    HP Customer Experience Enhancements

    HP Doc Viewer

    HP DVD Play 3.6

    HP Easy Setup - Frontend

    HP Help and Support

    HP Photosmart Essential 2.5

    HP Quick Launch Buttons 6.30 D2

    HP Smart Web Printing

    HP Total Care Advisor

    HP Update

    HP User Guides 0091

    HP Wireless Assistant

    HPNetworkAssistant

    HPPhotoSmartDiscLabel_PaperLabel

    HPPhotoSmartDiscLabel_PrintOnDisc

    HPPhotoSmartDiscLabel_Tattoo

    HPPhotoSmartDiscLabelContent1

    hpphotosmartdisclabelplugin

    HPPhotoSmartPhotobookHolidayPack1

    HPPhotoSmartPhotobookModernPack1

    HPPhotoSmartPhotobookPlayfulPack1

    HPPhotoSmartPhotobookScrapbookPack1

    HPPhotoSmartPhotobookWebPack1

    Java 7 Update 10

    Java Auto Updater

    Java 6 Update 2

    LabelPrint

    Microsoft Office Excel MUI (English) 2007

    Microsoft Office Home and Student 2007

    Microsoft Office OneNote MUI (English) 2007

    Microsoft Office PowerPoint MUI (English) 2007

    Microsoft Office PowerPoint Viewer 2007 (English)

    Microsoft Office Proof (English) 2007

    Microsoft Office Proof (French) 2007

    Microsoft Office Proof (Spanish) 2007

    Microsoft Office Proofing (English) 2007

    Microsoft Office Shared MUI (English) 2007

    Microsoft Office Shared Setup Metadata MUI (English) 2007

    Microsoft Office Word MUI (English) 2007

    Microsoft Visual C++ 2005 Redistributable

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

    Microsoft Works

    MSCU for Microsoft Vista

    MSXML 4.0 SP2 (KB973688)

    muvee autoProducer 6.1

    My HP Games

    NetWaiting

    NVIDIA Drivers

    Power2Go

    PowerDirector

    PSSWCORE

    QuickPlay SlingPlayer 0.4.4

    RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01

    Synaptics Pointing Device Driver

    The Sims™ Life Stories

    Update for Office 2007 (KB934528)

    VideoToolkit01

    Viewpoint Media Player

    Vongo

    WeatherBug Gadget

    Yahoo! Toolbar

    .

    ==== End Of File ===========================

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.