Jump to content

Bennerman2000

Members
 View Profile  See their activity

  • Posts

    6

  • Joined

  • Last visited

 Content Type 

Posts posted by Bennerman2000

    Need help.

    in Resolved Malware Removal Logs

    Posted

    UGH. My biggest problem is this "System restore/repair" Thing. MBAM scanned and found like four trogans and it wanted to restart. (Usually ive had problems when restarting cause it does that system restore crap, but I thought I was in the clear because I had been scanning with avast, etc, and getting rid of things) BUT- when MBAM wanted me to restart and I did it did that damn system restore thing AGAIN. And made me restore almost back to where I was, the beginning of this crap! Hopefully you guys can help me solve this.. I'm ready to throw it against a wall, lol.

    Need help.

    in Resolved Malware Removal Logs

    Posted

    I also have another question. I was assuming CouponBar had something to do with my issues and I got it uninstalled, but then had to restore my comp to a previous entry and now I can't seem to get rid of it through the uninstall section, Isn't there a program or something out there to help me get rid of it? >.<

    Need help.

    in Resolved Malware Removal Logs

    Posted

    .

    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

    IF REQUESTED, ZIP IT UP & ATTACH IT

    .

    DDS (Ver_2012-11-20.01)

    .

    Microsoft Windows 7 Home Premium

    Boot Device: \Device\HarddiskVolume1

    Install Date: 12/22/2010 5:27:46 PM

    System Uptime: 1/12/2013 3:21:30 PM (1 hours ago)

    .

    Motherboard: Hewlett-Packard | | 1439

    Processor: Intel® Pentium® CPU P6100 @ 2.00GHz | CPU | 919/1066mhz

    .

    ==== Disk Partitions =========================

    .

    C: is FIXED (NTFS) - 448 GiB total, 387.551 GiB free.

    D: is FIXED (NTFS) - 17 GiB total, 2.459 GiB free.

    E: is CDROM (CDFS)

    .

    ==== Disabled Device Manager Items =============

    .

    ==== System Restore Points ===================

    .

    RP240: 12/21/2012 9:07:42 AM - Installed HP Support Assistant

    RP241: 12/21/2012 9:18:24 AM - Windows Modules Installer

    RP242: 12/21/2012 9:19:42 AM - Windows Modules Installer

    RP243: 12/21/2012 9:42:49 PM - Windows Update

    RP244: 12/23/2012 7:00:09 PM - Windows Backup

    RP245: 12/30/2012 7:00:07 PM - Windows Backup

    RP246: 1/7/2013 4:11:56 AM - Windows Backup

    RP247: 1/9/2013 8:38:53 PM - Windows Update

    RP248: 1/12/2013 12:39:18 PM - avast! Free Antivirus Setup

    RP249: 1/12/2013 2:06:25 PM - avast! Internet Security Setup

    .

    ==== Installed Programs ======================

    .

    Adobe Flash Player 11 ActiveX

    Adobe Flash Player 11 Plugin

    Adobe Reader X (10.1.3)

    Bejeweled 2 Deluxe

    Bing Bar

    Bing Bar Platform

    Blackhawk Striker 2

    Broadcom 802.11 Wireless LAN Adapter

    Build-a-lot 2

    Chuzzle Deluxe

    CinemaNow Media Manager

    Coupon Printer for Windows

    CouponBar

    CyberLink DVD Suite

    CyberLink MediaShow

    CyberLink PowerDVD 9

    CyberLink YouCam

    Diner Dash 2 Restaurant Rescue

    Dora's Carnival Adventure

    Energy Star Digital Logo

    Epson Connect

    Epson Customer Participation

    Epson Event Manager

    EPSON NX330 Series Printer Uninstall

    EPSON Scan

    EpsonNet Print

    Escape Rosecliff Island

    ESU for Microsoft Windows 7

    FATE

    Final Drive Nitro

    Heroes of Hellas 2 - Olympia

    Hewlett-Packard ACLM.NET v1.2.1.1

    HP Advisor

    HP Customer Experience Enhancements

    HP Documentation

    HP Game Console

    HP Games

    HP MediaSmart CinemaNow 2.0

    HP Photo Creations

    HP Power Manager

    HP Quick Launch

    HP Setup

    HP Software Framework

    HP Support Assistant

    HP Wireless Assistant

    Intel® Control Center

    Intel® Graphics Media Accelerator Driver

    Intel® Management Engine Components

    Intel® Rapid Storage Technology

    Java 7 Update 10

    Java Auto Updater

    Jewel Quest 3

    Jewel Quest Solitaire 2

    Junk Mail filter update

    LabelPrint

    LTCM Client

    Malwarebytes Anti-Malware version 1.70.0.1100

    Microsoft .NET Framework 4 Client Profile

    Microsoft Application Error Reporting

    Microsoft Choice Guard

    Microsoft Default Manager

    Microsoft Office 2010

    Microsoft Office Click-to-Run 2010

    Microsoft Office Starter 2010 - English

    Microsoft Search Enhancement Pack

    Microsoft Silverlight

    Microsoft SQL Server 2005 Compact Edition [ENU]

    Microsoft Visual C++ 2005 Redistributable

    Microsoft Visual C++ 2005 Redistributable (x64)

    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

    Microsoft WSE 3.0 Runtime

    Mozilla Firefox 18.0 (x86 en-US)

    Mozilla Maintenance Service

    MSVCRT

    MSXML 4.0 SP2 (KB954430)

    MSXML 4.0 SP2 (KB973688)

    Network Magic

    Norton Online Backup

    Penguins!

    PhotoNow!

    Plants vs. Zombies

    Poker Superstars III

    Polar Bowler

    Polar Golfer

    Power2Go

    PowerDirector

    Pure Networks Platform

    QuickTime

    Realtek Ethernet Controller Driver For Windows 7

    Realtek High Definition Audio Driver

    Realtek USB 2.0 Card Reader

    Recovery Manager

    Roxio CinemaNow 2.0

    RtVOsd

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

    Skype Toolbars

    Skype™ 5.10

    Synaptics Pointing Device Driver

    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

    Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

    Virtual Families

    Virtual Villagers - The Secret City

    Wheel of Fortune 2

    Windows Live Call

    Windows Live Communications Platform

    Windows Live Essentials

    Windows Live ID Sign-in Assistant

    Windows Live Mail

    Windows Live Messenger

    Windows Live Movie Maker

    Windows Live Photo Gallery

    Windows Live Sync

    Windows Live Upload Tool

    Windows Live Writer

    Yahoo! Detect

    Zuma Deluxe

    .

    ==== Event Viewer Messages From Past Week ========

    .

    1/6/2013 12:31:57 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR3.

    1/12/2013 3:22:41 PM, Error: Microsoft-Windows-DNS-Client [1012] - There was an error while attempting to read the local hosts file.

    1/12/2013 3:22:26 PM, Error: Service Control Manager [7000] - The SeaPort service failed to start due to the following error: The system cannot find the file specified.

    1/12/2013 3:22:26 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "2" attempting to start the service SeaPort with arguments "-Service" in order to run the server: {D6381B4A-D254-46EB-9018-A62E0F4BA6BA}

    1/12/2013 2:17:43 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.

    1/12/2013 11:59:02 AM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\bcmihvsrv64.dll Error Code: 21

    1/12/2013 11:58:59 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

    1/12/2013 11:58:59 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

    1/12/2013 11:58:58 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

    1/12/2013 11:58:53 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

    1/12/2013 11:58:45 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache spldr Wanarpv6

    1/12/2013 11:58:42 AM, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The dependency service or group failed to start.

    1/12/2013 11:54:37 AM, Error: Microsoft-Windows-WLAN-AutoConfig [10003] - WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\bcmihvsrv64.dll

    1/12/2013 11:54:30 AM, Error: Service Control Manager [7031] - The Intel® Management and Security Application Local Management Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

    1/12/2013 11:46:31 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Software Protection service to connect.

    1/12/2013 11:46:31 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the RtVOsdService Installer service to connect.

    1/12/2013 11:46:31 AM, Error: Service Control Manager [7001] - The Intel® Management & Security Application User Notification Service service depends on the Intel® Management and Security Application Local Management Service service which failed to start because of the following error: The operation completed successfully.

    1/12/2013 11:46:31 AM, Error: Service Control Manager [7000] - The Software Protection service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

    1/12/2013 11:46:31 AM, Error: Service Control Manager [7000] - The RtVOsdService Installer service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

    1/12/2013 11:46:29 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HP Wireless Assistant Service service to connect.

    1/12/2013 11:46:29 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HP Support Assistant Service service to connect.

    1/12/2013 11:46:29 AM, Error: Service Control Manager [7000] - The HP Wireless Assistant Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

    1/12/2013 11:46:29 AM, Error: Service Control Manager [7000] - The HP Support Assistant Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

    1/12/2013 11:46:28 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect.

    1/12/2013 11:46:28 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X64 service to connect.

    1/12/2013 11:45:05 AM, Error: Service Control Manager [7034] - The Windows Live ID Sign-in Assistant service terminated unexpectedly. It has done this 3 time(s).

    1/12/2013 11:44:54 AM, Error: Service Control Manager [7031] - The Windows Live ID Sign-in Assistant service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

    1/12/2013 11:44:45 AM, Error: Service Control Manager [7034] - The Application Virtualization Client service terminated unexpectedly. It has done this 1 time(s).

    1/12/2013 11:44:44 AM, Error: Service Control Manager [7034] - The Skype Updater service terminated unexpectedly. It has done this 1 time(s).

    1/12/2013 11:44:44 AM, Error: Service Control Manager [7034] - The Pure Networks Platform Service service terminated unexpectedly. It has done this 1 time(s).

    1/12/2013 11:44:44 AM, Error: Service Control Manager [7034] - The Norton Online Backup service terminated unexpectedly. It has done this 1 time(s).

    1/12/2013 11:44:44 AM, Error: Service Control Manager [7034] - The HPWMISVC service terminated unexpectedly. It has done this 1 time(s).

    1/12/2013 11:44:44 AM, Error: Service Control Manager [7034] - The EpsonCustomerParticipation service terminated unexpectedly. It has done this 1 time(s).

    1/12/2013 11:44:44 AM, Error: Service Control Manager [7034] - The EpsonBidirectionalService service terminated unexpectedly. It has done this 1 time(s).

    1/12/2013 11:44:44 AM, Error: Service Control Manager [7034] - The Client Virtualization Handler service terminated unexpectedly. It has done this 1 time(s).

    1/12/2013 11:44:44 AM, Error: Service Control Manager [7034] - The CinemaNow Service service terminated unexpectedly. It has done this 1 time(s).

    1/12/2013 11:44:44 AM, Error: Service Control Manager [7034] - The Application Virtualization Service Agent service terminated unexpectedly. It has done this 1 time(s).

    1/12/2013 11:44:44 AM, Error: Service Control Manager [7034] - The Andrea RT Filters Service service terminated unexpectedly. It has done this 1 time(s).

    1/12/2013 11:44:44 AM, Error: Service Control Manager [7034] - The Adobe Acrobat Update Service service terminated unexpectedly. It has done this 1 time(s).

    1/12/2013 11:44:44 AM, Error: Service Control Manager [7031] - The Windows Live ID Sign-in Assistant service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

    1/11/2013 9:36:56 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Intel® Management and Security Application Local Management Service service, but this action failed with the following error: An instance of the service is already running.

    1/11/2013 9:36:02 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Installer service to connect.

    1/11/2013 9:36:02 PM, Error: Service Control Manager [7000] - The Windows Installer service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

    1/11/2013 9:34:59 PM, Error: Service Control Manager [7034] - The Windows Installer service terminated unexpectedly. It has done this 3 time(s).

    1/11/2013 9:34:17 PM, Error: Service Control Manager [7031] - The Windows Installer service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.

    1/11/2013 9:34:02 PM, Error: Service Control Manager [7031] - The Windows Installer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

    1/11/2013 9:33:47 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}

    1/11/2013 9:33:31 PM, Error: Service Control Manager [7031] - The Software Protection service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.

    1/11/2013 9:31:31 PM, Error: Service Control Manager [7031] - The Software Protection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

    1/11/2013 9:29:49 PM, Error: Service Control Manager [7034] - The HP Software Framework Service service terminated unexpectedly. It has done this 1 time(s).

    1/11/2013 9:28:03 PM, Error: Service Control Manager [7031] - The HP Support Assistant Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

    1/11/2013 9:27:02 PM, Error: Service Control Manager [7031] - The Microsoft .NET Framework NGEN v4.0.30319_X64 service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.

    1/11/2013 9:26:02 PM, Error: Service Control Manager [7034] - The RtVOsdService Installer service terminated unexpectedly. It has done this 2 time(s).

    1/11/2013 9:25:02 PM, Error: Service Control Manager [7034] - The Intel® Management & Security Application User Notification Service service terminated unexpectedly. It has done this 1 time(s).

    1/11/2013 9:25:02 PM, Error: Service Control Manager [7034] - The HP Wireless Assistant Service service terminated unexpectedly. It has done this 1 time(s).

    1/11/2013 9:25:02 PM, Error: Service Control Manager [7031] - The RtVOsdService Installer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

    1/11/2013 9:25:02 PM, Error: Service Control Manager [7031] - The Microsoft .NET Framework NGEN v4.0.30319_X64 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

    .

    ==== End Of File ===========================

    Need help.

    in Resolved Malware Removal Logs

    Posted

    DDS (Ver_2012-11-20.01) - NTFS_AMD64

    Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 10.10.2

    Run by kimmarie at 15:59:09 on 2013-01-12

    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3894.2555 [GMT -8:00]

    .

    AV: Trend Micro Titanium *Enabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}

    SP: Trend Micro Titanium *Enabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}

    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    .

    ============== Running Processes ===============

    .

    C:\Windows\system32\lsm.exe

    C:\Windows\system32\svchost.exe -k DcomLaunch

    C:\Windows\system32\svchost.exe -k RPCSS

    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

    C:\Windows\system32\svchost.exe -k netsvcs

    C:\Windows\system32\svchost.exe -k LocalService

    C:\Windows\system32\svchost.exe -k NetworkService

    C:\Windows\system32\WLANExt.exe

    C:\Windows\System32\spoolsv.exe

    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

    C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe

    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

    C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

    C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe

    C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork

    C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe

    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

    C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

    C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe

    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

    C:\Windows\system32\svchost.exe -k imgsvc

    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

    C:\Windows\system32\taskhost.exe

    C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe

    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

    C:\Windows\system32\wbem\wmiprvse.exe

    C:\Windows\system32\Dwm.exe

    C:\Windows\Explorer.EXE

    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

    C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

    C:\Windows\system32\SearchIndexer.exe

    C:\Windows\System32\hkcmd.exe

    C:\Windows\System32\igfxpers.exe

    C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe

    C:\Windows\System32\spool\drivers\x64\3\E_IATIHAA.EXE

    C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

    C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\mswinext.exe

    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

    C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe

    C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe

    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

    C:\Windows\system32\wbem\wmiprvse.exe

    C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

    C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

    C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe

    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

    C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe

    C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe

    C:\Program Files\Realtek\RtVOsd\RtVOsd.exe

    C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

    C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe

    C:\Windows\system32\svchost.exe -k SDRSVC

    C:\Windows\system32\svchost.exe -k defragsvc

    C:\Windows\System32\cscript.exe

    .

    ============== Pseudo HJT Report ===============

    .

    uStart Page = hxxp://search.coupons.com/

    mStart Page = hxxp://search.coupons.com/

    mDefault_Page_URL = hxxp://my.yahoo.com/linksys

    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

    BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -

    BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>

    BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -

    BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    BHO: Skype Plug-In: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

    BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -

    BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll

    BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

    BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll

    BHO: TBSB07898 Class: {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll

    TB: Coupons.com CouponBar: {8660E5B3-6C41-44DE-8503-98D99BBECD41} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll

    TB: @C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll

    TB: Coupons.com CouponBar: {8660E5B3-6C41-44DE-8503-98D99BBECD41} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll

    uRun: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe

    uRun: [Epson Stylus NX330(Network)] C:\Windows\System32\spool\DRIVERS\x64\3\E_IATIHAA.EXE /FU "C:\Users\kimmarie\AppData\Local\Temp\E_S22C5.tmp" /EF "HKCU"

    mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

    mRun: [bing Bar] "C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\mswinext.exe"

    mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume

    mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe

    mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

    mRun: [nmctxth] "C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe"

    mRun: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"

    mRun: [LTCM Client] C:\Program Files (x86)\LTCM Client\ltcmClient.exe /startup

    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

    mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

    uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

    uPolicies-Explorer: HideSCAHealth = dword:1

    mPolicies-Explorer: NoActiveDesktop = dword:1

    mPolicies-Explorer: NoActiveDesktopChanges = dword:1

    mPolicies-System: ConsentPromptBehaviorAdmin = dword:0

    mPolicies-System: ConsentPromptBehaviorUser = dword:3

    mPolicies-System: EnableLUA = dword:0

    mPolicies-System: EnableUIADesktopToggle = dword:0

    mPolicies-System: PromptOnSecureDesktop = dword:0

    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

    IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

    LSP: mswsock.dll

    DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/uno1/GAME_UNO1.cab

    DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

    TCP: NameServer = 192.168.0.1 205.171.2.25

    TCP: Interfaces\{58CEAD9E-B2B4-4CDE-BBCA-C81D05844292} : DHCPNameServer = 192.168.0.1 205.171.2.25

    TCP: Interfaces\{58CEAD9E-B2B4-4CDE-BBCA-C81D05844292}\361696C6F657 : DHCPNameServer = 192.168.1.1

    TCP: Interfaces\{58CEAD9E-B2B4-4CDE-BBCA-C81D05844292}\3656E647572797C696E6B6 : DHCPNameServer = 192.168.1.1 192.168.1.1

    TCP: Interfaces\{58CEAD9E-B2B4-4CDE-BBCA-C81D05844292}\4786562756475727E6F6664796D656 : DHCPNameServer = 192.168.1.1

    TCP: Interfaces\{58CEAD9E-B2B4-4CDE-BBCA-C81D05844292}\7756374756C6C653132383 : DHCPNameServer = 10.0.0.1

    TCP: Interfaces\{58CEAD9E-B2B4-4CDE-BBCA-C81D05844292}\A45637573702943702C4F62746 : DHCPNameServer = 75.75.75.75 75.75.76.76

    Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll

    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

    Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} -

    Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} -

    SSODL: WebCheck - <orphaned>

    SubSystems: Windows = basesrv,1 winsrv:UserServerDllInitialization,3 consrv:ConServerDllInitialization,2 sxssrv,4

    x64-BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -

    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    x64-BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -

    x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} -

    x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe

    x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s

    x64-Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden

    x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe

    x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe

    x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe

    x64-Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\amd64\puresp4.dll

    x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>

    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

    x64-Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} -

    x64-Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} -

    x64-Notify: igfxcui - igfxdev.dll

    x64-SSODL: WebCheck - <orphaned>

    .

    ================= FIREFOX ===================

    .

    FF - ProfilePath - C:\Users\kimmarie\AppData\Roaming\Mozilla\Firefox\Profiles\49bdvwv8.default\

    FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/

    FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL

    FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll

    FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll

    FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll

    FF - plugin: C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll

    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll

    FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll

    FF - plugin: C:\Windows\SysWOW64\npmproxy.dll

    .

    ============= SERVICES / DRIVERS ===============

    .

    R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2010-11-24 98208]

    R2 CinemaNow Service;CinemaNow Service;C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe [2010-5-21 140272]

    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

    R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]

    R2 EpsonCustomerParticipation;EpsonCustomerParticipation;C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe [2011-6-9 555392]

    R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]

    R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-6-18 103992]

    R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-2-15 34872]

    R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-24 13336]

    R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]

    R2 RtVOsdService;RtVOsdService Installer;C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [2010-6-24 315392]

    R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]

    R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-11-24 2320920]

    R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344]

    R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-1-21 287232]

    R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]

    R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]

    R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]

    R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]

    R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]

    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]

    S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]

    S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-11-24 225280]

    S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-11-24 333928]

    S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]

    S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]

    S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]

    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-5-23 59392]

    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-12-23 1255736]

    S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]

    .

    =============== File Associations ===============

    .

    FileExt: .vbe: VBEFile=C:\Windows\SysWow64\rundll32.exe shell32.dll,Control_RunDLL "%1",%*

    FileExt: .vbs: VBSFile=C:\Windows\SysWow64\rundll32.exe shell32.dll,Control_RunDLL "%1",%*

    FileExt: .js: JSFile=C:\Windows\SysWow64\rundll32.exe shell32.dll,Control_RunDLL "%1",%*

    FileExt: .jse: JSEFile=C:\Windows\SysWow64\rundll32.exe shell32.dll,Control_RunDLL "%1",%*

    FileExt: .wsf: WSFFile=C:\Windows\SysWow64\rundll32.exe shell32.dll,Control_RunDLL "%1",%*

    .

    =============== Created Last 30 ================

    .

    2013-01-12 20:39:36 -------- d-----w- C:\ProgramData\AVAST Software

    2013-01-12 20:39:36 -------- d-----w- C:\Program Files\AVAST Software

    2013-01-12 20:00:26 -------- d-----w- C:\Users\kimmarie\AppData\Local\Programs

    2013-01-12 19:41:38 -------- d-sh--w- C:\found.000

    2013-01-12 05:22:10 -------- d-----w- C:\ProgramData\2E18BA4274119F2100002E188C31A6E0

    2013-01-12 05:21:20 67072 ---ha-w- C:\Windows\System32\dfrgdt3264.dll

    2013-01-12 05:04:13 859072 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

    2013-01-12 05:04:01 95184 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

    2013-01-10 12:13:26 -------- d-----w- C:\d7f307cca949520a4a7db91c7b42aba2

    2013-01-09 12:36:50 2002432 ----a-w- C:\Windows\System32\msxml6.dll

    2013-01-09 12:36:49 1882624 ----a-w- C:\Windows\System32\msxml3.dll

    2013-01-09 12:36:49 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll

    2013-01-09 12:36:49 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll

    2013-01-09 12:36:04 307200 ----a-w- C:\Windows\System32\ncrypt.dll

    2013-01-09 12:36:04 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll

    2013-01-09 12:32:14 424448 ----a-w- C:\Windows\System32\KernelBase.dll

    2013-01-09 12:31:04 68608 ----a-w- C:\Windows\System32\taskhost.exe

    2013-01-09 12:30:55 3149824 ----a-w- C:\Windows\System32\win32k.sys

    2013-01-05 05:47:11 -------- d-----w- C:\Program Files (x86)\Coupons.com CouponBar

    2013-01-05 05:46:53 -------- d-----w- C:\Program Files (x86)\Coupons

    2012-12-22 05:43:15 46080 ----a-w- C:\Windows\System32\atmlib.dll

    2012-12-22 05:43:15 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll

    2012-12-22 05:43:13 367616 ----a-w- C:\Windows\System32\atmfd.dll

    2012-12-22 05:43:13 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll

    2012-12-21 17:07:27 -------- d-----w- C:\ProgramData\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF}

    .

    ==================== Find3M ====================

    .

    2013-01-12 05:03:56 779704 ----a-w- C:\Windows\SysWow64\deployJava1.dll

    2013-01-09 12:19:22 74248 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

    2013-01-09 12:19:22 697864 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

    2012-12-15 00:49:28 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys

    2012-12-07 13:20:16 441856 ----a-w- C:\Windows\System32\Wpc.dll

    2012-12-07 13:15:31 2746368 ----a-w- C:\Windows\System32\gameux.dll

    2012-12-07 12:26:17 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll

    2012-12-07 12:20:43 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll

    2012-12-07 11:20:04 30720 ----a-w- C:\Windows\System32\usk.rs

    2012-12-07 11:20:03 43520 ----a-w- C:\Windows\System32\csrr.rs

    2012-12-07 11:20:03 23552 ----a-w- C:\Windows\System32\oflc.rs

    2012-12-07 11:20:01 45568 ----a-w- C:\Windows\System32\oflc-nz.rs

    2012-12-07 11:20:01 44544 ----a-w- C:\Windows\System32\pegibbfc.rs

    2012-12-07 11:20:01 20480 ----a-w- C:\Windows\System32\pegi-fi.rs

    2012-12-07 11:20:00 20480 ----a-w- C:\Windows\System32\pegi-pt.rs

    2012-12-07 11:19:59 20480 ----a-w- C:\Windows\System32\pegi.rs

    2012-12-07 11:19:58 46592 ----a-w- C:\Windows\System32\fpb.rs

    2012-12-07 11:19:57 40960 ----a-w- C:\Windows\System32\cob-au.rs

    2012-12-07 11:19:57 21504 ----a-w- C:\Windows\System32\grb.rs

    2012-12-07 11:19:57 15360 ----a-w- C:\Windows\System32\djctq.rs

    2012-12-07 11:19:56 55296 ----a-w- C:\Windows\System32\cero.rs

    2012-12-07 11:19:55 51712 ----a-w- C:\Windows\System32\esrb.rs

    2012-11-30 05:45:35 362496 ----a-w- C:\Windows\System32\wow64win.dll

    2012-11-30 05:45:35 243200 ----a-w- C:\Windows\System32\wow64.dll

    2012-11-30 05:45:35 13312 ----a-w- C:\Windows\System32\wow64cpu.dll

    2012-11-30 05:45:14 215040 ----a-w- C:\Windows\System32\winsrv.dll

    2012-11-30 05:43:12 16384 ----a-w- C:\Windows\System32\ntvdm64.dll

    2012-11-30 04:54:00 5120 ----a-w- C:\Windows\SysWow64\wow32.dll

    2012-11-30 04:53:59 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll

    2012-11-30 03:23:48 338432 ----a-w- C:\Windows\System32\conhost.exe

    2012-11-30 02:44:06 25600 ----a-w- C:\Windows\SysWow64\setup16.exe

    2012-11-30 02:44:04 7680 ----a-w- C:\Windows\SysWow64\instnm.exe

    2012-11-30 02:44:04 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll

    2012-11-30 02:44:03 2048 ----a-w- C:\Windows\SysWow64\user.exe

    2012-11-30 02:38:59 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll

    2012-11-30 02:38:59 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll

    2012-11-30 02:38:59 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll

    2012-11-30 02:38:59 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll

    2012-11-22 05:44:23 800768 ----a-w- C:\Windows\System32\usp10.dll

    2012-11-22 04:45:03 626688 ----a-w- C:\Windows\SysWow64\usp10.dll

    2012-11-12 12:28:37 1638912 ----a-w- C:\Windows\System32\mshtml.tlb

    2012-11-12 11:52:18 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb

    2012-11-09 05:45:09 2048 ----a-w- C:\Windows\System32\tzres.dll

    2012-11-09 04:42:49 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

    2012-11-02 05:59:11 478208 ----a-w- C:\Windows\System32\dpnet.dll

    2012-11-02 05:11:31 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll

    2012-10-27 06:26:55 981504 ----a-w- C:\Windows\SysWow64\wininet.dll

    2012-10-27 05:51:21 1188864 ----a-w- C:\Windows\System32\wininet.dll

    2012-10-19 23:18:22 652160 ----a-w- C:\Windows\couponprinter_x64.ocx

    2012-10-19 23:18:02 440704 ----a-w- C:\Windows\CouponPrinter.ocx

    2012-10-16 08:38:37 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll

    2012-10-16 08:38:34 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll

    2012-10-16 07:39:52 561664 ----a-w- C:\Windows\apppatch\AcLayers.dll

    .

    ============= FINISH: 16:01:27.71 ===============

    Need help.

    in Resolved Malware Removal Logs

    Posted

    I don't have an antivirus. My daughter in law put Avast on, but everytime it wants me to restart to update, etc, my computer has issues restarting. It wants to do some kind of repair and it always makes me go to a restore point. (That is before avast was installed) That's the only way I'm able to log on to my comp. Here's a log of MBAM, it isn't catching anything at this point but it was earlier.. I know somethings wrong.

    Malwarebytes Anti-Malware 1.70.0.1100

    www.malwarebytes.org

    Database version: v2013.01.12.10

    Windows 7 Service Pack 1 x64 NTFS

    Internet Explorer 8.0.7601.17514

    kimmarie :: KIMMARIE-HP [administrator]

    1/12/2013 3:37:17 PM

    mbam-log-2013-01-12 (15-37-17).txt

    Scan type: Quick scan

    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

    Scan options disabled: P2P

    Objects scanned: 209907

    Time elapsed: 3 minute(s), 44 second(s)

    Memory Processes Detected: 0

    (No malicious items detected)

    Memory Modules Detected: 0

    (No malicious items detected)

    Registry Keys Detected: 0

    (No malicious items detected)

    Registry Values Detected: 0

    (No malicious items detected)

    Registry Data Items Detected: 0

    (No malicious items detected)

    Folders Detected: 0

    (No malicious items detected)

    Files Detected: 0

    (No malicious items detected)

    (end)

    Need help.

    in Resolved Malware Removal Logs

    Posted

    Hello, I'm new to the forum but my daughter in law has said she's used to you guys when she had problems with her comp and you are a big help. I recently started having issues last night when all of the sudden I somehow got a program on my computer called, "System Progressive Protection." My daughter in law scanned with MBAM and got it removed. But I'm still having issues. MBAM is still picking up infected objects, which it's getting rid of, but I'm having issues when restarting my comp. It's always wanting to do some kind of repair and hardly letting me in to my main screen. (Even hardly letting me run in safe mode) Can any of you help?

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.