Jump to content

Coooper

Members
 View Profile  See their activity

  • Posts

    3

  • Joined

  • Last visited

 Content Type 

Posts posted by Coooper

    Im infected please help =(

    in Resolved Malware Removal Logs

    Posted

    Hey TheDarkKnight :)

    Virus wont allow me to run OTL.exe. I tried to change the extension but that didn't work either.

    Exception EOleSysError in module OTL.exe 000584A5. class not registered .... <-- this is the message that pops up everytime I try to run it.

    All security and anti virus are still disabled, so not sure about what to do now?

    Im infected please help =(

    in Resolved Malware Removal Logs

    Posted

    One major issue is that the sound wont work for anything that I try to run. Computer default sounds still go.

    here is the log from combo fix

    ComboFix 13-01-06.01 - Cooper Family 08/01/2013 10:42:04.1.2 - x64

    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.64.1033.18.1513.471 [GMT 13:00]

    Running from: c:\users\Cooper Family\Desktop\ComboFix.exe

    AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

    FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

    SP: Norton Internet Security *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    .

    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

    .

    .

    c:\programdata\Amazon.ico

    c:\users\Cooper Family\Documents\~WRL0003.tmp

    c:\users\Cooper Family\Documents\~WRL0941.tmp

    .

    ----- File Replicators -----

    .

    c:\programdata\Adobe\ARM\Reader_10.1.0\1106\AcrobatUpdater.exe

    c:\programdata\Adobe\ARM\Reader_10.1.0\1106\AdobeARMHelper.exe

    c:\programdata\Adobe\ARM\Reader_10.1.0\1106\ReaderUpdater.exe

    c:\programdata\Adobe\ARM\Reader_10.1.0\15273\AcrobatUpdater.exe

    c:\programdata\Adobe\ARM\Reader_10.1.0\15273\AdobeARMHelper.exe

    c:\programdata\Adobe\ARM\Reader_10.1.0\15273\ReaderUpdater.exe

    c:\programdata\Adobe\ARM\Reader_10.1.0\16063\AcrobatUpdater.exe

    c:\programdata\Adobe\ARM\Reader_10.1.0\16063\AdobeARMHelper.exe

    c:\programdata\Adobe\ARM\Reader_10.1.0\16063\ReaderUpdater.exe

    c:\programdata\Adobe\ARM\Reader_10.1.0\16914\AcrobatUpdater.exe

    c:\programdata\Adobe\ARM\Reader_10.1.0\16914\AdobeARMHelper.exe

    c:\programdata\Adobe\ARM\Reader_10.1.0\16914\ReaderUpdater.exe

    c:\programdata\Adobe\ARM\Reader_10.1.0\17424\AcrobatUpdater.exe

    c:\programdata\Adobe\ARM\Reader_10.1.0\17424\AdobeARMHelper.exe

    c:\programdata\Adobe\ARM\Reader_10.1.0\17424\ReaderUpdater.exe

    c:\programdata\Adobe\ARM\Reader_10.1.0\18258\AcrobatUpdater.exe

    c:\programdata\Adobe\ARM\Reader_10.1.0\18258\AdobeARMHelper.exe

    c:\programdata\Adobe\ARM\Reader_10.1.0\18258\ReaderUpdater.exe

    c:\programdata\Adobe\ARM\Reader_10.1.0\24066\AcrobatUpdater.exe

    c:\programdata\Adobe\ARM\Reader_10.1.0\24066\AdobeARMHelper.exe

    c:\programdata\Adobe\ARM\Reader_10.1.0\24066\ReaderUpdater.exe

    c:\programdata\Adobe\ARM\Reader_10.1.0\2747\AcrobatUpdater.exe

    c:\programdata\Adobe\ARM\Reader_10.1.0\2747\AdobeARMHelper.exe

    c:\programdata\Adobe\ARM\Reader_10.1.0\2747\ReaderUpdater.exe

    c:\programdata\Adobe\ARM\Reader_10.1.0\27658\AcrobatUpdater.exe

    c:\programdata\Adobe\ARM\Reader_10.1.0\27658\AdobeARMHelper.exe

    c:\programdata\Adobe\ARM\Reader_10.1.0\27658\ReaderUpdater.exe

    c:\programdata\Adobe\ARM\Reader_10.1.0\2869\AcrobatUpdater.exe

    c:\programdata\Adobe\ARM\Reader_10.1.0\2869\AdobeARMHelper.exe

    c:\programdata\Adobe\ARM\Reader_10.1.0\2869\ReaderUpdater.exe

    c:\programdata\Adobe\ARM\Reader_10.1.0\29851\AcrobatUpdater.exe

    c:\programdata\Adobe\ARM\Reader_10.1.0\29851\AdobeARMHelper.exe

    c:\programdata\Adobe\ARM\Reader_10.1.0\29851\ReaderUpdater.exe

    c:\users\All Users\Adobe\ARM\Reader_10.1.0\1106\AcrobatUpdater.exe

    c:\users\All Users\Adobe\ARM\Reader_10.1.0\1106\AdobeARMHelper.exe

    c:\users\All Users\Adobe\ARM\Reader_10.1.0\1106\ReaderUpdater.exe

    c:\users\All Users\Adobe\ARM\Reader_10.1.0\15273\AcrobatUpdater.exe

    c:\users\All Users\Adobe\ARM\Reader_10.1.0\15273\AdobeARMHelper.exe

    c:\users\All Users\Adobe\ARM\Reader_10.1.0\15273\ReaderUpdater.exe

    c:\users\All Users\Adobe\ARM\Reader_10.1.0\16063\AcrobatUpdater.exe

    c:\users\All Users\Adobe\ARM\Reader_10.1.0\16063\AdobeARMHelper.exe

    c:\users\All Users\Adobe\ARM\Reader_10.1.0\16063\ReaderUpdater.exe

    c:\users\All Users\Adobe\ARM\Reader_10.1.0\16914\AcrobatUpdater.exe

    c:\users\All Users\Adobe\ARM\Reader_10.1.0\16914\AdobeARMHelper.exe

    c:\users\All Users\Adobe\ARM\Reader_10.1.0\16914\ReaderUpdater.exe

    c:\users\All Users\Adobe\ARM\Reader_10.1.0\17424\AcrobatUpdater.exe

    c:\users\All Users\Adobe\ARM\Reader_10.1.0\17424\AdobeARMHelper.exe

    c:\users\All Users\Adobe\ARM\Reader_10.1.0\17424\ReaderUpdater.exe

    c:\users\All Users\Adobe\ARM\Reader_10.1.0\18258\AcrobatUpdater.exe

    c:\users\All Users\Adobe\ARM\Reader_10.1.0\18258\AdobeARMHelper.exe

    c:\users\All Users\Adobe\ARM\Reader_10.1.0\18258\ReaderUpdater.exe

    c:\users\All Users\Adobe\ARM\Reader_10.1.0\24066\AcrobatUpdater.exe

    c:\users\All Users\Adobe\ARM\Reader_10.1.0\24066\AdobeARMHelper.exe

    c:\users\All Users\Adobe\ARM\Reader_10.1.0\24066\ReaderUpdater.exe

    c:\users\All Users\Adobe\ARM\Reader_10.1.0\2747\AcrobatUpdater.exe

    c:\users\All Users\Adobe\ARM\Reader_10.1.0\2747\AdobeARMHelper.exe

    c:\users\All Users\Adobe\ARM\Reader_10.1.0\2747\ReaderUpdater.exe

    c:\users\All Users\Adobe\ARM\Reader_10.1.0\27658\AcrobatUpdater.exe

    c:\users\All Users\Adobe\ARM\Reader_10.1.0\27658\AdobeARMHelper.exe

    c:\users\All Users\Adobe\ARM\Reader_10.1.0\27658\ReaderUpdater.exe

    c:\users\All Users\Adobe\ARM\Reader_10.1.0\2869\AcrobatUpdater.exe

    c:\users\All Users\Adobe\ARM\Reader_10.1.0\2869\AdobeARMHelper.exe

    c:\users\All Users\Adobe\ARM\Reader_10.1.0\2869\ReaderUpdater.exe

    c:\users\All Users\Adobe\ARM\Reader_10.1.0\29851\AcrobatUpdater.exe

    c:\users\All Users\Adobe\ARM\Reader_10.1.0\29851\AdobeARMHelper.exe

    c:\users\All Users\Adobe\ARM\Reader_10.1.0\29851\ReaderUpdater.exe

    .

    .

    ((((((((((((((((((((((((( Files Created from 2012-12-07 to 2013-01-07 )))))))))))))))))))))))))))))))

    .

    .

    2013-01-07 21:57 . 2013-01-07 21:57 -------- d-----w- c:\users\Default\AppData\Local\temp

    2013-01-07 21:48 . 2013-01-07 21:48 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{15E7049F-7357-48DA-87B5-E241427C16AC}\offreg.dll

    2013-01-07 05:51 . 2013-01-07 06:14 -------- d-----w- c:\program files (x86)\ethen1

    2013-01-07 05:40 . 2013-01-07 05:40 -------- d-----w- c:\users\Cooper Family\AppData\Roaming\Malwarebytes

    2013-01-07 05:35 . 2013-01-07 05:35 -------- d-----w- c:\programdata\Malwarebytes

    2013-01-07 05:35 . 2013-01-07 05:40 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

    2013-01-07 05:35 . 2012-12-14 03:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys

    2013-01-07 05:35 . 2013-01-07 05:35 -------- d-----w- c:\users\Cooper Family\AppData\Local\Programs

    2013-01-07 04:36 . 2013-01-07 04:36 -------- d-----w- c:\program files (x86)\SaveAs

    2013-01-07 04:36 . 2013-01-07 21:13 -------- d-----w- c:\programdata\SaveAs

    2013-01-07 04:35 . 2013-01-07 04:35 -------- d-----w- c:\programdata\InstallMate

    2013-01-07 00:59 . 2013-01-07 00:59 -------- d-----w- c:\program files\DIFX

    2013-01-07 00:59 . 2013-01-07 01:00 -------- d-----w- c:\windows\F9233F0256174BDC8EC64B798EDFE6F4.TMP

    2013-01-07 00:57 . 2013-01-07 00:59 -------- d-----w- c:\program files (x86)\LeapFrog

    2013-01-07 00:57 . 2013-01-07 00:57 -------- d-----w- c:\programdata\Leapfrog

    2013-01-05 10:58 . 2012-11-18 12:01 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{15E7049F-7357-48DA-87B5-E241427C16AC}\mpengine.dll

    2012-12-21 21:13 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll

    2012-12-21 21:13 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll

    2012-12-21 21:13 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll

    2012-12-21 21:13 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll

    2012-12-20 08:41 . 2013-01-06 07:51 -------- d-----w- c:\users\Cooper Family\AppData\Roaming\Skype

    2012-12-20 08:41 . 2012-12-20 08:41 -------- d-----r- c:\program files (x86)\Skype

    2012-12-20 08:41 . 2012-12-20 08:41 -------- d-----w- c:\program files (x86)\Common Files\Skype

    2012-12-20 08:29 . 2012-12-20 08:30 -------- d-----w- c:\users\Cooper Family\AppData\Local\Facebook

    2012-12-17 01:25 . 2012-12-17 01:25 0 ----a-w- c:\windows\SysWow64\sho6610.tmp

    2012-12-16 22:29 . 2012-12-16 22:29 -------- d-----w- c:\programdata\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF}

    2012-12-13 19:39 . 2012-11-14 06:01 548864 ----a-w- c:\program files\Internet Explorer\ieproxy.dll

    2012-12-13 05:56 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll

    2012-12-13 05:56 . 2012-11-09 04:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll

    2012-12-13 05:54 . 2012-11-02 05:59 478208 ----a-w- c:\windows\system32\dpnet.dll

    2012-12-13 05:54 . 2012-11-02 05:11 376832 ----a-w- c:\windows\SysWow64\dpnet.dll

    .

    .

    .

    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    2013-01-07 01:22 . 2012-03-03 18:39 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

    2013-01-07 01:22 . 2012-03-03 18:39 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

    2012-12-13 19:45 . 2012-11-14 01:47 67413224 ----a-w- c:\windows\system32\MRT.exe

    2012-10-16 08:38 . 2012-12-02 05:41 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll

    2012-10-16 08:38 . 2012-12-02 05:41 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll

    2012-10-16 07:39 . 2012-12-02 05:41 561664 ----a-w- c:\windows\apppatch\AcLayers.dll

    2012-10-15 20:38 . 2012-06-06 10:15 175736 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS

    .

    .

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    .

    *Note* empty entries & legit default entries are not shown

    REGEDIT4

    .

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "Spotify"="c:\users\Cooper Family\AppData\Roaming\Spotify\Spotify.exe" [2012-10-27 7880664]

    "Spotify Web Helper"="c:\users\Cooper Family\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-10-27 1199576]

    "SDP"="c:\program files (x86)\FilesFrog Update Checker\update_checker.exe" [2012-10-03 201808]

    "Facebook Update"="c:\users\Cooper Family\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-12-20 138096]

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

    "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-02-10 630912]

    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]

    "HPOSD"="c:\program files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" [2011-08-19 379960]

    "HP CoolSense"="c:\program files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe" [2011-08-26 1342008]

    "HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2012-03-05 578944]

    "Monitor"="c:\program files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" [2012-09-28 298376]

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

    "ConsentPromptBehaviorAdmin"= 5 (0x5)

    "ConsentPromptBehaviorUser"= 3 (0x3)

    "EnableUIADesktopToggle"= 0 (0x0)

    .

    R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2011-12-06 95248]

    R3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe [2012-06-11 240208]

    S0 amd_sata;amd_sata;c:\windows\system32\drivers\amd_sata.sys [2011-12-13 82048]

    S0 amd_xata;amd_xata;c:\windows\system32\drivers\amd_xata.sys [2011-12-13 42624]

    S0 amdkmpfd;AMD PCI Root Bus Lower Filter;c:\windows\system32\drivers\amdkmpfd.sys [2012-02-02 31872]

    S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-02-10 235520]

    S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-02-10 361984]

    S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe [2012-06-11 193616]

    S3 amdhub30;AMD USB 3.0 Hub Driver;c:\windows\system32\drivers\amdhub30.sys [2011-10-26 102528]

    S3 amdiox64;AMD IO Driver;c:\windows\system32\drivers\amdiox64.sys [2010-02-18 46136]

    S3 amdxhc;AMD USB 3.0 Host Controller Driver;c:\windows\system32\drivers\amdxhc.sys [2011-10-26 219776]

    S3 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20121130.005\BHDrvx64.sys [2012-10-23 1384608]

    .

    .

    Contents of the 'Scheduled Tasks' folder

    .

    2013-01-07 c:\windows\Tasks\Adobe Flash Player Updater.job

    - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-03 01:22]

    .

    2013-01-07 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1095308568-52703581-1482608865-1002Core.job

    - c:\users\Cooper Family\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-20 08:37]

    .

    2013-01-07 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1095308568-52703581-1482608865-1002UA.job

    - c:\users\Cooper Family\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-20 08:37]

    .

    2013-01-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-05 07:49]

    .

    2013-01-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-05 07:49]

    .

    2013-01-05 c:\windows\Tasks\HPCeeScheduleForCooper Family.job

    - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 12:43]

    .

    .

    --------- X64 Entries -----------

    .

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-01-04 1425408]

    "SetDefault"="c:\program files\Hewlett-Packard\HP LaunchBox\SetDefault.exe" [2011-12-20 44880]

    .

    ------- Supplementary Scan -------

    .

    uLocal Page = c:\windows\system32\blank.htm

    mLocal Page = c:\windows\SysWOW64\blank.htm

    TCP: DhcpNameServer = 192.168.1.254

    .

    - - - - ORPHANS REMOVED - - - -

    .

    HKLM_Wow6432Node-ActiveSetup-{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} - msiexec

    HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe

    AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe

    .

    .

    .

    [HKEY_LOCAL_MACHINE\system\ControlSet001\services\NIS]

    "ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\19.9.0.9\diMaster.dll\" /prefetch:1"

    .

    --------------------- LOCKED REGISTRY KEYS ---------------------

    .

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

    @Denied: (A 2) (Everyone)

    @="FlashBroker"

    "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

    "Enabled"=dword:00000001

    .

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

    @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

    @Denied: (A 2) (Everyone)

    @="IFlashBroker5"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

    @="{00020424-0000-0000-C000-000000000046}"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

    "Version"="1.0"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

    @Denied: (A 2) (Everyone)

    @="IFlashBroker5"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

    @="{00020424-0000-0000-C000-000000000046}"

    .

    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

    "Version"="1.0"

    .

    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

    @Denied: (Full) (Everyone)

    .

    Completion time: 2013-01-08 11:24:59

    ComboFix-quarantined-files.txt 2013-01-07 22:24

    .

    Pre-Run: 244,236,308,480 bytes free

    Post-Run: 244,192,059,392 bytes free

    .

    - - End Of File - - C6BA0903F65581FB9DCE938012493E4B

    Sound still not going after scan.

    Thanks again

    Im infected please help =(

    in Resolved Malware Removal Logs

    Posted

    Hi There virus wouldn't let me attach files so i've pasted them

    DDS (Ver_2012-11-20.01) - NTFS_AMD64

    Internet Explorer: 9.0.8112.16457

    Run by Cooper Family at 19:48:35 on 2013-01-07

    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.64.1033.18.1513.513 [GMT 13:00]

    .

    AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    SP: Norton Internet Security *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

    FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

    .

    ============== Running Processes ===============

    .

    C:\Windows\system32\lsm.exe

    C:\Windows\system32\svchost.exe -k DcomLaunch

    C:\Windows\system32\svchost.exe -k RPCSS

    C:\Windows\system32\atiesrxx.exe

    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

    C:\Windows\system32\svchost.exe -k netsvcs

    C:\Program Files\IDT\WDM\STacSV64.exe

    C:\Windows\system32\svchost.exe -k LocalService

    C:\Windows\system32\Hpservice.exe

    C:\Windows\system32\atieclxx.exe

    C:\Windows\system32\svchost.exe -k NetworkService

    C:\Windows\system32\WLANExt.exe

    C:\Windows\System32\spoolsv.exe

    C:\Windows\system32\Dwm.exe

    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

    C:\Windows\Explorer.EXE

    C:\Windows\system32\taskhost.exe

    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

    C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe

    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

    C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

    C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe

    C:\Windows\system32\taskeng.exe

    C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

    C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

    C:\Windows\system32\svchost.exe -k imgsvc

    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

    C:\Windows\system32\SearchIndexer.exe

    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

    C:\Program Files\IDT\WDM\sttray64.exe

    C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe

    C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe

    C:\Users\Cooper Family\AppData\Roaming\Spotify\spotify.exe

    C:\Users\Cooper Family\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

    C:\Program Files (x86)\FilesFrog Update Checker\update_checker.exe

    C:\Users\Cooper Family\AppData\Local\Facebook\Update\FacebookUpdate.exe

    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

    C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe

    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

    C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE

    C:\Program Files\Windows Media Player\wmpnetwk.exe

    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

    C:\Windows\system32\taskeng.exe

    C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

    C:\Windows\System32\svchost.exe -k LocalServicePeerNet

    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

    C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

    C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe

    C:\Windows\System32\svchost.exe -k secsvcs

    C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe

    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    C:\Windows\system32\SearchProtocolHost.exe

    C:\Windows\system32\SearchFilterHost.exe

    C:\Windows\system32\wbem\wmiprvse.exe

    C:\Windows\System32\cscript.exe

    .

    ============== Pseudo HJT Report ===============

    .

    mWinlogon: Userinit = userinit.exe

    uRun: [spotify] "C:\Users\Cooper Family\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart

    uRun: [spotify Web Helper] "C:\Users\Cooper Family\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

    uRun: [sDP] C:\Program Files (x86)\FilesFrog Update Checker\update_checker.exe /auto

    uRun: [Facebook Update] "C:\Users\Cooper Family\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

    mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

    mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe

    mRun: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey

    mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

    mRun: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe"

    mPolicies-Explorer: NoActiveDesktop = dword:1

    mPolicies-Explorer: NoActiveDesktopChanges = dword:1

    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

    mPolicies-System: ConsentPromptBehaviorUser = dword:3

    mPolicies-System: EnableUIADesktopToggle = dword:0

    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - <orphaned>

    IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - <orphaned>

    IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204

    TCP: NameServer = 192.168.1.254

    TCP: Interfaces\{8B4C0550-9AA5-456B-BF46-386B7A80EF23} : DHCPNameServer = 192.168.1.254

    TCP: Interfaces\{8B4C0550-9AA5-456B-BF46-386B7A80EF23}\4586F6D637F6E6135463345443 : DHCPNameServer = 192.168.1.254

    TCP: Interfaces\{8B4C0550-9AA5-456B-BF46-386B7A80EF23}\A416E65647 : DHCPNameServer = 192.168.1.254

    TCP: Interfaces\{CDAE239F-2CDC-4A73-9EDC-8C40F4D56FF2} : DHCPNameServer = 192.168.1.254

    Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - <orphaned>

    Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - <orphaned>

    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>

    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

    SSODL: WebCheck - <orphaned>

    mASetup: {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} - msiexec /fu {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} /qn

    CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - <is not referencing any dll>

    x64-BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll

    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

    x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe

    x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe

    x64-Run: [setDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe

    x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

    x64-Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll

    x64-Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll

    x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

    x64-SSODL: WebCheck - <orphaned>

    .

    ============= SERVICES / DRIVERS ===============

    .

    R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2011-12-14 82048]

    R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2011-12-14 42624]

    R0 amdkmpfd;AMD PCI Root Bus Lower Filter;C:\Windows\System32\drivers\amdkmpfd.sys [2012-2-2 31872]

    R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-2-11 235520]

    R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-2-10 361984]

    R2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE [2012-6-11 193616]

    R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]

    R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]

    R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]

    R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2011-5-14 30520]

    R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\ccsvchst.exe [2012-10-6 138272]

    R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]

    R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-12-13 3290896]

    R3 amdhub30;AMD USB 3.0 Hub Driver;C:\Windows\System32\drivers\amdhub30.sys [2011-10-27 102528]

    R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2012-6-6 46136]

    R3 amdxhc;AMD USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\amdxhc.sys [2011-10-27 219776]

    R3 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20121130.005\BHDrvx64.sys [2012-12-4 1384608]

    R3 ccSet_NIS;Norton Internet Security Settings Manager;C:\Windows\System32\drivers\NISx64\1309000.009\ccsetx64.sys [2012-10-6 167072]

    R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-7-29 31088]

    R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-10-5 138912]

    R3 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20121202.001\IDSviA64.sys [2012-12-4 513184]

    R3 RSP2STOR;Realtek PCIE CardReader Driver - P2;C:\Windows\System32\drivers\RtsP2Stor.sys [2012-6-6 258664]

    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-6-6 565352]

    R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]

    R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]

    R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]

    R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]

    R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]

    R3 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NISx64\1309000.009\symds64.sys [2012-10-6 451192]

    R3 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NISx64\1309000.009\symefa64.sys [2012-10-6 1129120]

    R3 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NISx64\1309000.009\ironx64.sys [2012-10-6 190072]

    R3 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\NISx64\1309000.009\symnets.sys [2012-10-6 405624]

    R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2012-6-6 56448]

    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

    S2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-3-5 35200]

    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944]

    S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2011-12-7 95248]

    S3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE [2012-6-11 240208]

    S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-13 206072]

    S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-14 292864]

    S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-14 1485312]

    S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-14 740864]

    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]

    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]

    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-10-8 1255736]

    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]

    .

    =============== Created Last 30 ================

    .

    2013-01-07 05:51:14 -------- d-----w- C:\Program Files (x86)\ethen1

    2013-01-07 05:40:40 -------- d-----w- C:\Users\Cooper Family\AppData\Roaming\Malwarebytes

    2013-01-07 05:35:57 -------- d-----w- C:\ProgramData\Malwarebytes

    2013-01-07 05:35:55 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys

    2013-01-07 05:35:55 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

    2013-01-07 05:35:30 -------- d-----w- C:\Users\Cooper Family\AppData\Local\Programs

    2013-01-07 04:36:27 -------- d-----w- C:\Program Files (x86)\SaveAs

    2013-01-07 04:36:20 -------- d-----w- C:\ProgramData\SaveAs

    2013-01-07 04:35:22 -------- d-----w- C:\ProgramData\InstallMate

    2013-01-07 00:59:15 -------- d-----w- C:\Windows\F9233F0256174BDC8EC64B798EDFE6F4.TMP

    2013-01-07 00:57:43 -------- d-----w- C:\Program Files (x86)\LeapFrog

    2013-01-07 00:57:42 -------- d-----w- C:\ProgramData\Leapfrog

    2013-01-06 20:59:13 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{15E7049F-7357-48DA-87B5-E241427C16AC}\offreg.dll

    2013-01-05 10:58:49 9125352 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{15E7049F-7357-48DA-87B5-E241427C16AC}\mpengine.dll

    2012-12-21 21:13:02 46080 ----a-w- C:\Windows\System32\atmlib.dll

    2012-12-21 21:13:02 367616 ----a-w- C:\Windows\System32\atmfd.dll

    2012-12-21 21:13:02 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll

    2012-12-21 21:13:01 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll

    2012-12-20 08:41:14 -------- d-----r- C:\Program Files (x86)\Skype

    2012-12-20 08:29:31 -------- d-----w- C:\Users\Cooper Family\AppData\Local\Facebook

    2012-12-17 01:25:04 0 ----a-w- C:\Windows\SysWow64\sho6610.tmp

    2012-12-16 22:29:17 -------- d-----w- C:\ProgramData\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF}

    2012-12-13 19:39:59 548864 ----a-w- C:\Program Files\Internet Explorer\ieproxy.dll

    2012-12-13 05:56:40 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

    2012-12-13 05:56:40 2048 ----a-w- C:\Windows\System32\tzres.dll

    2012-12-13 05:54:48 478208 ----a-w- C:\Windows\System32\dpnet.dll

    2012-12-13 05:54:48 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll

    2012-12-10 07:20:59 9125352 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll

    .

    ==================== Find3M ====================

    .

    2013-01-07 01:22:25 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

    2013-01-07 01:22:25 697272 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

    2012-11-22 03:26:40 3149824 ----a-w- C:\Windows\System32\win32k.sys

    2012-11-14 06:11:44 2312704 ----a-w- C:\Windows\System32\jscript9.dll

    2012-11-14 06:04:11 1392128 ----a-w- C:\Windows\System32\wininet.dll

    2012-11-14 06:02:49 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

    2012-11-14 05:57:46 599040 ----a-w- C:\Windows\System32\vbscript.dll

    2012-11-14 05:57:35 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

    2012-11-14 05:52:40 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

    2012-11-14 02:09:22 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll

    2012-11-14 01:58:15 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

    2012-11-14 01:57:37 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

    2012-11-14 01:49:25 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

    2012-11-14 01:48:27 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll

    2012-11-14 01:44:42 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

    2012-10-16 08:38:37 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll

    2012-10-16 08:38:34 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll

    2012-10-16 07:39:52 561664 ----a-w- C:\Windows\apppatch\AcLayers.dll

    2012-10-15 20:38:17 175736 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS

    2012-10-09 18:17:13 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll

    2012-10-09 18:17:13 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll

    2012-10-09 17:40:31 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll

    2012-10-09 17:40:31 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll

    .

    ============= FINISH: 19:49:41.12 ===============

    and the attach.txt

    .

    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

    IF REQUESTED, ZIP IT UP & ATTACH IT

    .

    DDS (Ver_2012-11-20.01)

    .

    Microsoft Windows 7 Home Premium

    Boot Device: \Device\HarddiskVolume1

    Install Date: 5/10/2012 8:39:58 a.m.

    System Uptime: 7/01/2013 7:17:21 p.m. (0 hours ago)

    .

    Motherboard: Hewlett-Packard | | 1849

    Processor: AMD A6-4400M APU with Radeon™ HD Graphics | Socket FT1 | 1674/100mhz

    .

    ==== Disk Partitions =========================

    .

    C: is FIXED (NTFS) - 278 GiB total, 222.928 GiB free.

    D: is FIXED (NTFS) - 20 GiB total, 2.151 GiB free.

    E: is CDROM ()

    .

    ==== Disabled Device Manager Items =============

    .

    ==== System Restore Points ===================

    .

    RP26: 19/12/2012 8:01:26 a.m. - Windows Update

    RP27: 22/12/2012 10:12:12 a.m. - Windows Update

    RP28: 26/12/2012 12:38:26 p.m. - Windows Update

    RP29: 2/01/2013 6:48:07 p.m. - Windows Update

    RP30: 5/01/2013 11:57:43 p.m. - Windows Update

    .

    ==== Installed Programs ======================

    .

    Adobe Flash Player 11 ActiveX

    Adobe Flash Player 11 Plugin

    Adobe Reader X (10.1.0) MUI

    Adobe Shockwave Player 11.6

    AMD Accelerated Video Transcoding

    AMD APP SDK Runtime

    AMD Catalyst Install Manager

    AMD Fuel

    AMD Steady Video Plug-In

    AMD VISION Engine Control Center

    Atheros Driver Installation Program

    Bejeweled 3

    Bing Bar

    Blackhawk Striker 2

    Blio

    Catalyst Control Center - Branding

    Catalyst Control Center Graphics Previews Common

    Catalyst Control Center InstallProxy

    Catalyst Control Center Localization All

    ccc-utility64

    CCC Help Chinese Standard

    CCC Help Chinese Traditional

    CCC Help Czech

    CCC Help Danish

    CCC Help Dutch

    CCC Help English

    CCC Help Finnish

    CCC Help French

    CCC Help German

    CCC Help Greek

    CCC Help Hungarian

    CCC Help Italian

    CCC Help Japanese

    CCC Help Korean

    CCC Help Norwegian

    CCC Help Polish

    CCC Help Portuguese

    CCC Help Russian

    CCC Help Spanish

    CCC Help Swedish

    CCC Help Thai

    CCC Help Turkish

    Chuzzle Deluxe

    Cisco EAP-FAST Module

    Cisco LEAP Module

    Cisco PEAP Module

    Cradle of Rome 2

    CyberLink YouCam

    D3DX10

    Dora's World Adventure

    ESU for Microsoft Windows 7 SP1

    Evernote v. 4.5.2

    Facebook Video Calling 1.2.0.287

    Farm Frenzy

    Farmscapes

    FATE

    FilesFrog Update Checker

    Final Drive Fury

    Free YouTube Downloader 3.5.128

    Google Chrome

    Google Update Helper

    Happy Feet

    Hewlett-Packard ACLM.NET v1.2.1.1

    Hoyle Card Games

    HP 3D DriveGuard

    HP Auto

    HP Client Services

    HP CoolSense

    HP Customer Experience Enhancements

    HP Documentation

    HP Games

    HP Launch Box

    HP On Screen Display

    HP Power Manager

    HP Quick Launch

    HP Recovery Manager

    HP Security Assistant

    HP Setup

    HP Setup Manager

    HP Software Framework

    HP Support Assistant

    IDT Audio

    Jewel Match 3

    Jewel Quest Mysteries: The Seventh Gate Collector's Edition

    John Deere Drive Green

    Junk Mail filter update

    LeapFrog Connect

    LeapFrog LeapPad Explorer Plugin

    Letters from Nowhere 2

    Luxor HD

    Mah Jong Medley

    Malwarebytes Anti-Malware version 1.70.0.1100

    Mesh Runtime

    Microsoft .NET Framework 4 Client Profile

    Microsoft Application Error Reporting

    Microsoft Office 2010

    Microsoft Office Click-to-Run 2010

    Microsoft Office Starter 2010 - English

    Microsoft Silverlight

    Microsoft SQL Server 2005 Compact Edition [ENU]

    Microsoft Visual C++ 2005 Redistributable

    Microsoft Visual C++ 2005 Redistributable (x64)

    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319

    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319

    MSVCRT

    MSVCRT_amd64

    Norton Internet Security

    opensource

    Penguins!

    Plants vs. Zombies - Game of the Year

    PlayReady PC Runtime x86

    Poker Superstars III

    Polar Bowler

    Polar Golfer

    Realtek Ethernet Controller Driver

    Realtek PCIE Card Reader

    RollerCoaster Tycoon 3: Platinum

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

    Skype Click to Call

    Skype™ 6.0

    Spotify

    swMSM

    Synaptics Pointing Device Driver

    The Treasures of Mystery Island: The Ghost Ship

    Torchlight

    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

    Update Installer for WildTangent Games App

    Use the entry named LeapFrog Connect to uninstall (LeapFrog LeapPad Explorer Plugin)

    Virtual Villagers 4 - The Tree of Life

    WildTangent Games App (HP Games)

    Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012)

    Windows Live Communications Platform

    Windows Live Essentials

    Windows Live ID Sign-in Assistant

    Windows Live Installer

    Windows Live Language Selector

    Windows Live Mail

    Windows Live Mesh

    Windows Live Mesh ActiveX Control for Remote Connections

    Windows Live Messenger

    Windows Live MIME IFilter

    Windows Live Movie Maker

    Windows Live Photo Common

    Windows Live Photo Gallery

    Windows Live PIMT Platform

    Windows Live Remote Client

    Windows Live Remote Client Resources

    Windows Live Remote Service

    Windows Live Remote Service Resources

    Windows Live SOXE

    Windows Live SOXE Definitions

    Windows Live UX Platform

    Windows Live UX Platform Language Pack

    Windows Live Writer

    Windows Live Writer Resources

    Zuma's Revenge

    .

    ==== Event Viewer Messages From Past Week ========

    .

    7/01/2013 7:18:06 p.m., Error: Service Control Manager [7034] - The HPWMISVC service terminated unexpectedly. It has done this 1 time(s).

    7/01/2013 7:11:50 p.m., Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

    7/01/2013 7:11:13 p.m., Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

    7/01/2013 7:11:13 p.m., Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

    7/01/2013 7:11:09 p.m., Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}

    7/01/2013 7:11:09 p.m., Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}

    7/01/2013 7:11:08 p.m., Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

    7/01/2013 7:11:02 p.m., Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

    7/01/2013 7:10:56 p.m., Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf

    7/01/2013 7:10:56 p.m., Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

    7/01/2013 7:10:56 p.m., Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

    7/01/2013 7:10:56 p.m., Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.

    7/01/2013 7:10:56 p.m., Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

    7/01/2013 7:10:56 p.m., Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

    7/01/2013 7:10:56 p.m., Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.

    7/01/2013 7:10:56 p.m., Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

    7/01/2013 7:10:56 p.m., Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

    7/01/2013 7:10:56 p.m., Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.

    7/01/2013 7:10:56 p.m., Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

    7/01/2013 7:10:56 p.m., Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The dependency service or group failed to start.

    7/01/2013 5:48:45 p.m., Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\SystemRoot\System32\Config\SOFTWARE' was corrupted and it has been recovered. Some data might have been lost.

    7/01/2013 1:59:48 p.m., Error: Service Control Manager [7030] - The LeapFrog Connect Device Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

    .

    ==== End Of File ===========================

    thank you for looking at this

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.