Jump to content

bandarbalu

Members
  • Posts

    9
  • Joined

  • Last visited

Reputation

0 Neutral
  1. I did give the computer back to my relative before I left town, so I have to check with him, but in the couple of restarts I did before leaving, everything seemed good. I'm going to talk to him about getting the paid version of Malwarebytes for future protection. Do you have any more advice related to the computer's current status?
  2. Got Windows Defender running, so here are some new log files: DDS.txt: DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16502 BrowserJavaVersion: 10.25.2Run by Owner at 15:14:56 on 2013-09-08Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.1916.867 [GMT -7:00].AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k rpcssC:\Windows\System32\svchost.exe -k secsvcsC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k GPSvcGroupC:\Windows\system32\SLsvc.exeC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k NetworkServiceC:\Program Files\Alwil Software\Avast5\AvastSvc.exeC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Windows\system32\taskeng.exeC:\Program Files (x86)\ATT\8.2.1.6\ma\bin\MAHostService.exeC:\Program Files (x86)\Bonjour\mDNSResponder.exeC:\Windows\SysWOW64\svchost.exe -k hpdevmgmtC:\Program Files (x86)\ATT\8.2.1.6\ma\bin\node.exec:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exeC:\Windows\System32\svchost.exe -k HPZ12C:\Program Files\Common Files\Motive\pcCMService.exeC:\Windows\System32\svchost.exe -k HPZ12C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\system32\svchost.exe -k imgsvcC:\Windows\System32\svchost.exe -k WerSvcGroupC:\Windows\system32\SearchIndexer.exeC:\Windows\system32\DRIVERS\xaudio64.exeC:\Windows\System32\WUDFHost.exeC:\Windows\system32\svchost.exe -k HPServiceC:\Windows\system32\Dwm.exeC:\Windows\system32\taskeng.exeC:\Windows\Explorer.EXEC:\Windows\system32\taskeng.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Windows\ehome\ehtray.exeC:\hp\support\hpsysdrv.exeC:\Program Files (x86)\VoloMedia\VoloMedia Service\VoloMediaService.exeC:\Windows\twain_32\Dell\MFP1125\Monitor\Stsmon.exeC:\Program Files\Alwil Software\Avast5\AvastUI.exeC:\Program Files\Windows Media Player\wmpnscfg.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\system32\wbem\unsecapp.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\ehome\ehmsas.exeC:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exeC:\Program Files\Windows Defender\MSASCui.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationc:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dllBHO: Skype add-on (mastermind): {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllBHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dllBHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - <orphaned>BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllBHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dllBHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dllTB: <No Name>: - LocalServer32 - <no file>TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dllEB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dllEB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dlluRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRunuRun: [ehTray.exe] C:\Windows\ehome\ehTray.exemRun: [hpsysdrv] c:\hp\support\hpsysdrv.exemRun: [VoloMedia Service] "C:\Program Files (x86)\VoloMedia\VoloMedia Service\VoloMediaService.exe"mRun: [MFPMonitor] C:\Windows\twain_32\DELL\MFP1125\Monitor\Stsmon.exemRun: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /noguimRun: [sunJavaUpdateReg] "C:\Windows\System32\jureg.exe" -deletemRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottimeuPolicies-Explorer: NoDrives = dword:0mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0mPolicies-Explorer: NoDrives = dword:0mPolicies-System: EnableUIADesktopToggle = dword:0IE: {5067A26B-1337-4436-8AFE-EE169C2DA79F} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllIE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllIE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dllTCP: NameServer = 192.168.0.1TCP: Interfaces\{4D36FE6F-5620-4518-B24F-68BBDDC76305} : DHCPNameServer = 192.168.1.1TCP: Interfaces\{D88536FD-30BB-4C28-B54D-EDDF8598703F} : DHCPNameServer = 192.168.0.1Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dllLSA: Security Packages = kerberos msv1_0 schannel wdigest tspkgmASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromex64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dllx64-BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - <orphaned>x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dllx64-Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\System32\NvCpl.dll,NvStartupx64-mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0x64-mPolicies-Explorer: NoDrives = dword:0x64-mPolicies-System: EnableUIADesktopToggle = dword:0x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>.============= SERVICES / DRIVERS ===============.R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-6-13 65336]R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-6-13 204880]R1 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2013-6-13 22600]R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2011-7-9 1030952]R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2010-3-24 378944]R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2010-3-24 33400]R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2010-3-24 80816]R2 ATT MAHostService;ATT MAHostService;C:\Program Files (x86)\ATT\8.2.1.6\ma\bin\MAHostService.exe [2013-1-23 319488]R2 avast! Antivirus;avast! Antivirus;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-3-24 46808]R2 FontCache;Windows Font Cache Service;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 27648]R2 pcCMService64;pcCMService64;C:\Program Files\Common Files\Motive\pcCMService.exe [2013-2-3 460288]R3 CAXHWBS3;CAXHWBS3;C:\Windows\System32\drivers\CAXHWBS3.sys [2008-9-18 286208]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S2 gupdate1ca807470d0d884;Google Update Service (gupdate1ca807470d0d884);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-12-18 133104]S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968]S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2009-8-28 49152]S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-4-19 1022632]S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-9-18 89920].=============== File Associations ===============.FileExt: .jse: JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*.=============== Created Last 30 ================..==================== Find3M ====================.2013-09-04 06:03:05 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll2013-09-04 06:02:56 263592 ----a-w- C:\Windows\SysWow64\javaws.exe2013-09-04 06:02:56 175016 ----a-w- C:\Windows\SysWow64\javaw.exe2013-09-04 06:02:55 175016 ----a-w- C:\Windows\SysWow64\java.exe2013-09-04 06:02:53 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll2013-09-04 06:02:53 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll2013-08-30 07:48:10 65336 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys2013-08-30 07:48:10 64288 ----a-w- C:\Windows\System32\drivers\aswTdi.sys2013-08-30 07:48:10 59144 ----a-w- C:\Windows\System32\drivers\aswRdr.sys2013-08-30 07:48:10 378944 ----a-w- C:\Windows\System32\drivers\aswSP.sys2013-08-30 07:48:10 204880 ----a-w- C:\Windows\System32\drivers\aswVmm.sys2013-08-30 07:48:10 1030952 ----a-w- C:\Windows\System32\drivers\aswSnx.sys2013-08-30 07:48:09 80816 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys2013-08-30 07:48:09 33400 ----a-w- C:\Windows\System32\drivers\aswFsBlk.sys2013-08-30 07:47:40 41664 ----a-w- C:\Windows\avastSS.scr2013-08-30 07:47:14 287840 ----a-w- C:\Windows\System32\aswBoot.exe2013-08-22 02:13:40 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2013-08-22 02:13:40 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2013-08-05 23:14:32 78161360 ----a-w- C:\Windows\System32\mrt.exe2013-08-02 14:06:01 1706496 ----a-w- C:\Windows\System32\WMVDECOD.DLL2013-08-02 04:09:35 1548288 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL2013-07-25 03:54:29 17830400 ----a-w- C:\Windows\System32\mshtml.dll2013-07-25 03:37:25 2312704 ----a-w- C:\Windows\System32\jscript9.dll2013-07-25 03:35:45 10926080 ----a-w- C:\Windows\System32\ieframe.dll2013-07-25 03:31:23 1346560 ----a-w- C:\Windows\System32\urlmon.dll2013-07-25 03:30:49 1392128 ----a-w- C:\Windows\System32\wininet.dll2013-07-25 03:29:41 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl2013-07-25 03:29:21 237056 ----a-w- C:\Windows\System32\url.dll2013-07-25 03:29:06 86016 ----a-w- C:\Windows\System32\jsproxy.dll2013-07-25 03:28:46 173056 ----a-w- C:\Windows\System32\ieUnatt.exe2013-07-25 03:28:31 599040 ----a-w- C:\Windows\System32\vbscript.dll2013-07-25 03:28:27 816640 ----a-w- C:\Windows\System32\jscript.dll2013-07-25 03:28:24 2147840 ----a-w- C:\Windows\System32\iertutil.dll2013-07-25 03:28:18 729088 ----a-w- C:\Windows\System32\msfeeds.dll2013-07-25 03:27:29 96768 ----a-w- C:\Windows\System32\mshtmled.dll2013-07-25 03:27:20 2382848 ----a-w- C:\Windows\System32\mshtml.tlb2013-07-25 03:26:53 248320 ----a-w- C:\Windows\System32\ieui.dll2013-07-25 02:40:07 12334080 ----a-w- C:\Windows\SysWow64\mshtml.dll2013-07-25 02:32:35 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll2013-07-25 02:30:47 9738752 ----a-w- C:\Windows\SysWow64\ieframe.dll2013-07-25 02:26:45 1104384 ----a-w- C:\Windows\SysWow64\urlmon.dll2013-07-25 02:26:10 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll2013-07-25 02:25:30 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl2013-07-25 02:24:39 231936 ----a-w- C:\Windows\SysWow64\url.dll2013-07-25 02:24:24 65536 ----a-w- C:\Windows\SysWow64\jsproxy.dll2013-07-25 02:23:59 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe2013-07-25 02:23:58 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll2013-07-25 02:23:51 717824 ----a-w- C:\Windows\SysWow64\jscript.dll2013-07-25 02:23:30 1796096 ----a-w- C:\Windows\SysWow64\iertutil.dll2013-07-25 02:23:27 607744 ----a-w- C:\Windows\SysWow64\msfeeds.dll2013-07-25 02:22:47 73216 ----a-w- C:\Windows\SysWow64\mshtmled.dll2013-07-25 02:22:35 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb2013-07-25 02:22:04 176640 ----a-w- C:\Windows\SysWow64\ieui.dll2013-07-17 20:01:51 2048 ----a-w- C:\Windows\System32\tzres.dll2013-07-17 19:41:34 2048 ----a-w- C:\Windows\SysWow64\tzres.dll2013-07-10 09:47:49 677888 ----a-w- C:\Windows\SysWow64\rpcrt4.dll2013-07-10 09:42:55 1303552 ----a-w- C:\Windows\System32\rpcrt4.dll2013-07-09 12:04:30 1585256 ----a-w- C:\Windows\System32\ntdll.dll2013-07-09 12:04:30 1168088 ----a-w- C:\Windows\SysWow64\ntdll.dll2013-07-08 04:51:57 4691904 ----a-w- C:\Windows\System32\ntoskrnl.exe2013-07-08 04:20:17 5120 ----a-w- C:\Windows\SysWow64\wow32.dll2013-07-08 04:20:04 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll2013-07-08 04:18:51 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll2013-07-08 04:16:55 98304 ----a-w- C:\Windows\SysWow64\cryptnet.dll2013-07-08 04:16:55 133120 ----a-w- C:\Windows\SysWow64\cryptsvc.dll2013-07-08 04:16:54 992768 ----a-w- C:\Windows\SysWow64\crypt32.dll2013-07-08 04:16:33 43008 ----a-w- C:\Windows\apppatch\acwow64.dll2013-07-08 04:15:39 234496 ----a-w- C:\Windows\System32\wow64.dll2013-07-08 04:15:25 218624 ----a-w- C:\Windows\System32\wintrust.dll2013-07-08 04:14:21 16384 ----a-w- C:\Windows\System32\ntvdm64.dll2013-07-08 04:12:34 174592 ----a-w- C:\Windows\System32\cryptsvc.dll2013-07-08 04:12:34 132096 ----a-w- C:\Windows\System32\cryptnet.dll2013-07-08 04:12:34 1276416 ----a-w- C:\Windows\System32\crypt32.dll2013-07-08 01:39:04 26112 ----a-w- C:\Windows\SysWow64\setup16.exe2013-07-08 01:39:03 7680 ----a-w- C:\Windows\SysWow64\instnm.exe2013-07-08 01:39:02 2560 ----a-w- C:\Windows\SysWow64\user.exe2013-07-05 04:45:27 1423808 ----a-w- C:\Windows\System32\drivers\tcpip.sys2013-06-15 13:27:51 20480 ----a-w- C:\Windows\System32\icaapi.dll2013-06-15 11:38:39 29184 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys.============= FINISH: 15:16:41.51 =============== Attach.txt: .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft® Windows Vista™ Home Premium Boot Device: \Device\HarddiskVolume1Install Date: 10/16/2008 11:30:41 AMSystem Uptime: 9/8/2013 3:11:44 PM (0 hours ago).Motherboard: FOXCONN | | IrvineProcessor: Intel® Pentium® Dual CPU E2180 @ 2.00GHz | Socket 775 | 2000/200mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 220 GiB total, 138.673 GiB free.D: is FIXED (NTFS) - 13 GiB total, 1.744 GiB free.E: is CDROM (CDFS)G: is RemovableH: is RemovableI: is RemovableJ: is Removable.==== Disabled Device Manager Items =============.Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}Description: Microsoft 6to4 AdapterDevice ID: ROOT\*6TO4MP\0007Manufacturer: MicrosoftName: Microsoft 6to4 Adapter #2PNP Device ID: ROOT\*6TO4MP\0007Service: tunnel.Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}Description: Microsoft ISATAP AdapterDevice ID: ROOT\*ISATAP\0000Manufacturer: MicrosoftName: Microsoft ISATAP AdapterPNP Device ID: ROOT\*ISATAP\0000Service: tunnel.Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}Description: avast! Firewall NDIS Filter MiniportDevice ID: ROOT\SW_ASWNDISMP\0000Manufacturer: ALWIL SoftwareName: avast! Firewall NDIS Filter MiniportPNP Device ID: ROOT\SW_ASWNDISMP\0000Service: aswNdis.==== System Restore Points ===================..==== Installed Programs ======================.4500_G510nz_Help4500G510nz4500G510nz_Software_Min64 Bit HP CIO Components InstallerAdobe Flash Player 11 ActiveXAdobe Reader X (10.1.7)Apple Application SupportApple Mobile Device SupportApple Software UpdateATT Management Agentavast! Free AntivirusBelkin F5D8053 N Wireless USB AdapterBonjourBufferChmCards_Calendar_OrderGift_DoMorePlugoutCCleanerCompatibility Pack for the 2007 Office systemCustomerResearchQFolderCyberLink DVD Suite DeluxeD1500_HelpDell MFP 1125DestinationsDeviceDiscoveryDeviceManagementQFolderDJ_SF_03_D1500_ProductContextDJ_SF_03_D1500_SoftwareDJ_SF_03_D1500_Software_MinDocMgrDocProcEnhanced Multimedia Keyboard SolutioneSupportQFolderFaxGoogle ChromeGoogle EarthGoogle Update HelperGPBaseServiceGPBaseService2Hewlett-Packard Active Check for Health CheckHewlett-Packard Asset Agent for Health CheckHotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)HP Active Support LibraryHP Customer Experience EnhancementsHP Customer FeedbackHP Customer Participation Program 13.0HP Deskjet D1500 Printer Driver Software 10.0 Rel .3HP Document Manager 2.0HP Imaging Device Functions 13.0HP Officejet 4500 G510n-zHP Photosmart Essential 2.5HP Photosmart Essential 3.0HP Picasso Media Center Add-InHP Recovery Manager RSSHP Smart Web Printing 4.5HP Solution Center 13.0HP Total Care AdvisorHP UpdateHPPhotoSmartPhotobookWebPack1HPProductAssistantHPSSupplyHPTCSSetupiTunesJava 7 Update 25Java Auto UpdaterLabelPrintLightScribe System Software 1.14.17.1LightScribeTemplateLabelerMalwarebytes Anti-Malware version 1.75.0.1300MarketResearchMicrosoft .NET Framework 3.5 SP1Microsoft .NET Framework 4 Client ProfileMicrosoft Office PowerPoint Viewer 2007 (English)Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2005 Redistributable (x64)Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft WorksMobileMe Control PanelMSXML 4.0 SP2 (KB927978)MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)muvee autoProducer 6.1My HP GamesNetwork64NVIDIA DriversOCR Software by I.R.I.S. 13.0PC Tutor™ Learn Windows Vista™PCIe Soft Data Fax Modem with SmartCPPower2GoPowerDirectorPSSWCOREPython 2.5.2QuickTimeRealtek High Definition Audio DriverScanSecurity Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407)Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)Shop for HP SuppliesSkype web featuresSkype™ 5.10SmartWebPrintingSolutionCenterStatusToolboxTrayAppUnloadSupportUpdate for Microsoft .NET Framework 3.5 SP1 (KB2836940)Update for Microsoft .NET Framework 3.5 SP1 (KB963707)Update for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft .NET Framework 4 Client Profile (KB2836939)VideoToolkit01VLC media player 2.0.8VoloMedia iTunes plug-inWebRegYahoo! Toolbar.==== End Of File ===========================
  3. I managed to get to this before I left. DDS.txt; DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16502 BrowserJavaVersion: 10.25.2Run by Owner at 14:55:09 on 2013-09-08Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.1916.1138 [GMT -7:00].AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k rpcssC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k GPSvcGroupC:\Windows\system32\SLsvc.exeC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k NetworkServiceC:\Program Files\Alwil Software\Avast5\AvastSvc.exeC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Windows\system32\taskeng.exeC:\Program Files (x86)\ATT\8.2.1.6\ma\bin\MAHostService.exeC:\Program Files (x86)\Bonjour\mDNSResponder.exeC:\Windows\SysWOW64\svchost.exe -k hpdevmgmtc:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exeC:\Program Files (x86)\ATT\8.2.1.6\ma\bin\node.exeC:\Program Files\Common Files\Motive\pcCMService.exeC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\system32\svchost.exe -k imgsvcC:\Windows\System32\svchost.exe -k WerSvcGroupC:\Windows\system32\SearchIndexer.exeC:\Windows\system32\DRIVERS\xaudio64.exeC:\Windows\System32\WUDFHost.exeC:\Windows\system32\svchost.exe -k HPServiceC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationc:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exeC:\Windows\system32\Dwm.exeC:\Windows\system32\taskeng.exeC:\Windows\Explorer.EXEC:\Program Files\Windows Sidebar\sidebar.exeC:\Windows\ehome\ehtray.exeC:\hp\support\hpsysdrv.exeC:\Program Files (x86)\VoloMedia\VoloMedia Service\VoloMediaService.exeC:\Windows\twain_32\Dell\MFP1125\Monitor\Stsmon.exeC:\Program Files\Alwil Software\Avast5\AvastUI.exeC:\Program Files\Windows Media Player\wmpnscfg.exeC:\Windows\system32\wbem\unsecapp.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\ehome\ehmsas.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\system32\SearchProtocolHost.exeC:\Windows\system32\SearchFilterHost.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dllBHO: Skype add-on (mastermind): {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllBHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dllBHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - <orphaned>BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllBHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dllBHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dllTB: <No Name>: - LocalServer32 - <no file>TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dllEB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dllEB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dlluRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRunuRun: [ehTray.exe] C:\Windows\ehome\ehTray.exemRun: [hpsysdrv] c:\hp\support\hpsysdrv.exemRun: [VoloMedia Service] "C:\Program Files (x86)\VoloMedia\VoloMedia Service\VoloMediaService.exe"mRun: [MFPMonitor] C:\Windows\twain_32\DELL\MFP1125\Monitor\Stsmon.exemRun: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /noguimRun: [sunJavaUpdateReg] "C:\Windows\System32\jureg.exe" -deletemRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottimeuPolicies-Explorer: NoDrives = dword:0mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0mPolicies-Explorer: NoDrives = dword:0mPolicies-System: EnableUIADesktopToggle = dword:0IE: {5067A26B-1337-4436-8AFE-EE169C2DA79F} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllIE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllIE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dllTCP: NameServer = 192.168.0.1TCP: Interfaces\{4D36FE6F-5620-4518-B24F-68BBDDC76305} : DHCPNameServer = 192.168.1.1TCP: Interfaces\{D88536FD-30BB-4C28-B54D-EDDF8598703F} : DHCPNameServer = 192.168.0.1Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dllLSA: Security Packages = kerberos msv1_0 schannel wdigest tspkgmASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromex64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dllx64-BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - <orphaned>x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dllx64-Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\System32\NvCpl.dll,NvStartupx64-mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0x64-mPolicies-Explorer: NoDrives = dword:0x64-mPolicies-System: EnableUIADesktopToggle = dword:0x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>.============= SERVICES / DRIVERS ===============.R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-6-13 65336]R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-6-13 204880]R1 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2013-6-13 22600]R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2011-7-9 1030952]R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2010-3-24 378944]R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2010-3-24 33400]R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2010-3-24 80816]R2 ATT MAHostService;ATT MAHostService;C:\Program Files (x86)\ATT\8.2.1.6\ma\bin\MAHostService.exe [2013-1-23 319488]R2 avast! Antivirus;avast! Antivirus;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-3-24 46808]R2 FontCache;Windows Font Cache Service;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 27648]R2 pcCMService64;pcCMService64;C:\Program Files\Common Files\Motive\pcCMService.exe [2013-2-3 460288]R3 CAXHWBS3;CAXHWBS3;C:\Windows\System32\drivers\CAXHWBS3.sys [2008-9-18 286208]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S2 gupdate1ca807470d0d884;Google Update Service (gupdate1ca807470d0d884);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-12-18 133104]S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968]S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2009-8-28 49152]S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-4-19 1022632]S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-9-18 89920].=============== File Associations ===============.FileExt: .jse: JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*.=============== Created Last 30 ================..==================== Find3M ====================.2013-09-04 06:03:05 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll2013-09-04 06:02:56 263592 ----a-w- C:\Windows\SysWow64\javaws.exe2013-09-04 06:02:56 175016 ----a-w- C:\Windows\SysWow64\javaw.exe2013-09-04 06:02:55 175016 ----a-w- C:\Windows\SysWow64\java.exe2013-09-04 06:02:53 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll2013-09-04 06:02:53 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll2013-08-30 07:48:10 65336 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys2013-08-30 07:48:10 64288 ----a-w- C:\Windows\System32\drivers\aswTdi.sys2013-08-30 07:48:10 59144 ----a-w- C:\Windows\System32\drivers\aswRdr.sys2013-08-30 07:48:10 378944 ----a-w- C:\Windows\System32\drivers\aswSP.sys2013-08-30 07:48:10 204880 ----a-w- C:\Windows\System32\drivers\aswVmm.sys2013-08-30 07:48:10 1030952 ----a-w- C:\Windows\System32\drivers\aswSnx.sys2013-08-30 07:48:09 80816 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys2013-08-30 07:48:09 33400 ----a-w- C:\Windows\System32\drivers\aswFsBlk.sys2013-08-30 07:47:40 41664 ----a-w- C:\Windows\avastSS.scr2013-08-30 07:47:14 287840 ----a-w- C:\Windows\System32\aswBoot.exe2013-08-22 02:13:40 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2013-08-22 02:13:40 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2013-08-05 23:14:32 78161360 ----a-w- C:\Windows\System32\mrt.exe2013-08-02 14:06:01 1706496 ----a-w- C:\Windows\System32\WMVDECOD.DLL2013-08-02 04:09:35 1548288 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL2013-07-25 03:54:29 17830400 ----a-w- C:\Windows\System32\mshtml.dll2013-07-25 03:37:25 2312704 ----a-w- C:\Windows\System32\jscript9.dll2013-07-25 03:35:45 10926080 ----a-w- C:\Windows\System32\ieframe.dll2013-07-25 03:31:23 1346560 ----a-w- C:\Windows\System32\urlmon.dll2013-07-25 03:30:49 1392128 ----a-w- C:\Windows\System32\wininet.dll2013-07-25 03:29:41 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl2013-07-25 03:29:21 237056 ----a-w- C:\Windows\System32\url.dll2013-07-25 03:29:06 86016 ----a-w- C:\Windows\System32\jsproxy.dll2013-07-25 03:28:46 173056 ----a-w- C:\Windows\System32\ieUnatt.exe2013-07-25 03:28:31 599040 ----a-w- C:\Windows\System32\vbscript.dll2013-07-25 03:28:27 816640 ----a-w- C:\Windows\System32\jscript.dll2013-07-25 03:28:24 2147840 ----a-w- C:\Windows\System32\iertutil.dll2013-07-25 03:28:18 729088 ----a-w- C:\Windows\System32\msfeeds.dll2013-07-25 03:27:29 96768 ----a-w- C:\Windows\System32\mshtmled.dll2013-07-25 03:27:20 2382848 ----a-w- C:\Windows\System32\mshtml.tlb2013-07-25 03:26:53 248320 ----a-w- C:\Windows\System32\ieui.dll2013-07-25 02:40:07 12334080 ----a-w- C:\Windows\SysWow64\mshtml.dll2013-07-25 02:32:35 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll2013-07-25 02:30:47 9738752 ----a-w- C:\Windows\SysWow64\ieframe.dll2013-07-25 02:26:45 1104384 ----a-w- C:\Windows\SysWow64\urlmon.dll2013-07-25 02:26:10 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll2013-07-25 02:25:30 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl2013-07-25 02:24:39 231936 ----a-w- C:\Windows\SysWow64\url.dll2013-07-25 02:24:24 65536 ----a-w- C:\Windows\SysWow64\jsproxy.dll2013-07-25 02:23:59 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe2013-07-25 02:23:58 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll2013-07-25 02:23:51 717824 ----a-w- C:\Windows\SysWow64\jscript.dll2013-07-25 02:23:30 1796096 ----a-w- C:\Windows\SysWow64\iertutil.dll2013-07-25 02:23:27 607744 ----a-w- C:\Windows\SysWow64\msfeeds.dll2013-07-25 02:22:47 73216 ----a-w- C:\Windows\SysWow64\mshtmled.dll2013-07-25 02:22:35 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb2013-07-25 02:22:04 176640 ----a-w- C:\Windows\SysWow64\ieui.dll2013-07-17 20:01:51 2048 ----a-w- C:\Windows\System32\tzres.dll2013-07-17 19:41:34 2048 ----a-w- C:\Windows\SysWow64\tzres.dll2013-07-10 09:47:49 677888 ----a-w- C:\Windows\SysWow64\rpcrt4.dll2013-07-10 09:42:55 1303552 ----a-w- C:\Windows\System32\rpcrt4.dll2013-07-09 12:04:30 1585256 ----a-w- C:\Windows\System32\ntdll.dll2013-07-09 12:04:30 1168088 ----a-w- C:\Windows\SysWow64\ntdll.dll2013-07-08 04:51:57 4691904 ----a-w- C:\Windows\System32\ntoskrnl.exe2013-07-08 04:20:17 5120 ----a-w- C:\Windows\SysWow64\wow32.dll2013-07-08 04:20:04 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll2013-07-08 04:18:51 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll2013-07-08 04:16:55 98304 ----a-w- C:\Windows\SysWow64\cryptnet.dll2013-07-08 04:16:55 133120 ----a-w- C:\Windows\SysWow64\cryptsvc.dll2013-07-08 04:16:54 992768 ----a-w- C:\Windows\SysWow64\crypt32.dll2013-07-08 04:16:33 43008 ----a-w- C:\Windows\apppatch\acwow64.dll2013-07-08 04:15:39 234496 ----a-w- C:\Windows\System32\wow64.dll2013-07-08 04:15:25 218624 ----a-w- C:\Windows\System32\wintrust.dll2013-07-08 04:14:21 16384 ----a-w- C:\Windows\System32\ntvdm64.dll2013-07-08 04:12:34 174592 ----a-w- C:\Windows\System32\cryptsvc.dll2013-07-08 04:12:34 132096 ----a-w- C:\Windows\System32\cryptnet.dll2013-07-08 04:12:34 1276416 ----a-w- C:\Windows\System32\crypt32.dll2013-07-08 01:39:04 26112 ----a-w- C:\Windows\SysWow64\setup16.exe2013-07-08 01:39:03 7680 ----a-w- C:\Windows\SysWow64\instnm.exe2013-07-08 01:39:02 2560 ----a-w- C:\Windows\SysWow64\user.exe2013-07-05 04:45:27 1423808 ----a-w- C:\Windows\System32\drivers\tcpip.sys2013-06-15 13:27:51 20480 ----a-w- C:\Windows\System32\icaapi.dll2013-06-15 11:38:39 29184 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys.============= FINISH: 14:55:52.90 =============== Attach.txt: .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft® Windows Vista™ Home Premium Boot Device: \Device\HarddiskVolume1Install Date: 10/16/2008 11:30:41 AMSystem Uptime: 9/8/2013 2:26:11 PM (0 hours ago).Motherboard: FOXCONN | | IrvineProcessor: Intel® Pentium® Dual CPU E2180 @ 2.00GHz | Socket 775 | 2000/200mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 220 GiB total, 138.772 GiB free.D: is FIXED (NTFS) - 13 GiB total, 1.744 GiB free.E: is CDROM ()G: is RemovableH: is RemovableI: is RemovableJ: is Removable.==== Disabled Device Manager Items =============.Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}Description: Microsoft 6to4 AdapterDevice ID: ROOT\*6TO4MP\0007Manufacturer: MicrosoftName: Microsoft 6to4 Adapter #2PNP Device ID: ROOT\*6TO4MP\0007Service: tunnel.Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}Description: Microsoft ISATAP AdapterDevice ID: ROOT\*ISATAP\0000Manufacturer: MicrosoftName: Microsoft ISATAP AdapterPNP Device ID: ROOT\*ISATAP\0000Service: tunnel.Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}Description: avast! Firewall NDIS Filter MiniportDevice ID: ROOT\SW_ASWNDISMP\0000Manufacturer: ALWIL SoftwareName: avast! Firewall NDIS Filter MiniportPNP Device ID: ROOT\SW_ASWNDISMP\0000Service: aswNdis.==== System Restore Points ===================..==== Installed Programs ======================.4500_G510nz_Help4500G510nz4500G510nz_Software_Min64 Bit HP CIO Components InstallerAdobe Flash Player 11 ActiveXAdobe Reader X (10.1.7)Apple Application SupportApple Mobile Device SupportApple Software UpdateATT Management Agentavast! Free AntivirusBelkin F5D8053 N Wireless USB AdapterBonjourBufferChmCards_Calendar_OrderGift_DoMorePlugoutCCleanerCompatibility Pack for the 2007 Office systemCustomerResearchQFolderCyberLink DVD Suite DeluxeD1500_HelpDell MFP 1125DestinationsDeviceDiscoveryDeviceManagementQFolderDJ_SF_03_D1500_ProductContextDJ_SF_03_D1500_SoftwareDJ_SF_03_D1500_Software_MinDocMgrDocProcEnhanced Multimedia Keyboard SolutioneSupportQFolderFaxGoogle ChromeGoogle EarthGoogle Update HelperGPBaseServiceGPBaseService2Hewlett-Packard Active Check for Health CheckHewlett-Packard Asset Agent for Health CheckHotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)HP Active Support LibraryHP Customer Experience EnhancementsHP Customer FeedbackHP Customer Participation Program 13.0HP Deskjet D1500 Printer Driver Software 10.0 Rel .3HP Document Manager 2.0HP Imaging Device Functions 13.0HP Officejet 4500 G510n-zHP Photosmart Essential 2.5HP Photosmart Essential 3.0HP Picasso Media Center Add-InHP Recovery Manager RSSHP Smart Web Printing 4.5HP Solution Center 13.0HP Total Care AdvisorHP UpdateHPPhotoSmartPhotobookWebPack1HPProductAssistantHPSSupplyHPTCSSetupiTunesJava 7 Update 25Java Auto UpdaterLabelPrintLightScribe System Software 1.14.17.1LightScribeTemplateLabelerMalwarebytes Anti-Malware version 1.75.0.1300MarketResearchMicrosoft .NET Framework 3.5 SP1Microsoft .NET Framework 4 Client ProfileMicrosoft Office PowerPoint Viewer 2007 (English)Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2005 Redistributable (x64)Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft WorksMobileMe Control PanelMSXML 4.0 SP2 (KB927978)MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)muvee autoProducer 6.1My HP GamesNetwork64NVIDIA DriversOCR Software by I.R.I.S. 13.0PC Tutor™ Learn Windows Vista™PCIe Soft Data Fax Modem with SmartCPPower2GoPowerDirectorPSSWCOREPython 2.5.2QuickTimeRealtek High Definition Audio DriverScanSecurity Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407)Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)Shop for HP SuppliesSkype web featuresSkype™ 5.10SmartWebPrintingSolutionCenterStatusToolboxTrayAppUnloadSupportUpdate for Microsoft .NET Framework 3.5 SP1 (KB2836940)Update for Microsoft .NET Framework 3.5 SP1 (KB963707)Update for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft .NET Framework 4 Client Profile (KB2836939)VideoToolkit01VLC media player 2.0.8VoloMedia iTunes plug-inWebRegYahoo! Toolbar.==== End Of File ===========================
  4. Also, FYI, this cleanup is for a relative, and since I will be out of town this week, I am removing Combofix, JRT, AdwCleaner, and DDS for now so he can use the computer while I am gone. If you see anything else I should do, let me know and I will take care of it this coming weekend. Thanks for now!
  5. Combofix log: ComboFix 13-09-08.02 - Owner 09/08/2013 11:04:20.1.2 - x64Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.1916.837 [GMT -7:00]Running from: c:\users\Owner\Desktop\ComboFix.exeAV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}..((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))...((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))..-------\Service_pcCMService..((((((((((((((((((((((((( Files Created from 2013-08-08 to 2013-09-08 )))))))))))))))))))))))))))))))..2013-09-06 10:06 . 2013-09-06 10:06 -------- d-----w- c:\program files (x86)\Common Files\Skype2013-09-06 06:06 . 2013-08-06 08:58 9515512 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F640F8D2-1761-4AC7-B4E0-4A440050E693}\mpengine.dll2013-09-06 05:45 . 2013-09-06 05:45 -------- d-----w- c:\users\Owner\AppData\Local\WindowsUpdate2013-09-06 05:24 . 2013-09-06 05:27 -------- d-----w- C:\AdwCleaner2013-09-06 04:02 . 2013-09-06 04:02 -------- d-----w- c:\windows\ERUNT2013-09-05 04:08 . 2013-09-05 04:14 -------- d-----w- c:\program files (x86)\ERUNT2013-09-04 06:30 . 2013-09-04 06:30 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll2013-09-04 06:30 . 2013-09-04 06:29 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll2013-09-04 06:30 . 2013-09-04 06:29 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll2013-09-04 06:30 . 2013-09-04 06:29 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll2013-09-04 06:30 . 2013-09-04 06:29 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll2013-09-04 06:29 . 2013-09-04 06:29 -------- d-----w- c:\program files (x86)\QuickTime2013-09-04 06:22 . 2013-09-04 06:22 -------- d-----w- c:\program files (x86)\Apple Software Update2013-09-04 06:15 . 2013-09-04 06:20 -------- d-----w- c:\windows\system32\MRT2013-09-04 06:15 . 2013-09-04 13:56 -------- d-----w- c:\program files (x86)\Common Files\Adobe2013-09-04 06:04 . 2013-09-04 06:04 -------- d-----w- c:\program files (x86)\Common Files\Java2013-09-04 06:03 . 2013-09-04 06:02 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll2013-09-04 06:03 . 2013-09-04 06:03 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll2013-09-04 06:02 . 2013-09-04 06:02 -------- d-----w- c:\programdata\McAfee2013-09-04 05:24 . 2013-09-04 05:24 -------- d-----w- c:\users\Owner\AppData\Roaming\Malwarebytes2013-09-04 05:23 . 2013-09-04 05:23 -------- d-----w- c:\programdata\Malwarebytes2013-09-04 05:23 . 2013-04-04 21:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys2013-09-04 05:23 . 2013-09-04 05:23 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware2013-08-29 15:59 . 2013-08-02 14:06 1706496 ----a-w- c:\windows\system32\WMVDECOD.DLL2013-08-29 15:59 . 2013-08-02 04:09 1548288 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL2013-08-17 00:08 . 2013-07-08 04:16 992768 ----a-w- c:\windows\SysWow64\crypt32.dll2013-08-17 00:08 . 2013-07-08 04:12 1276416 ----a-w- c:\windows\system32\crypt32.dll2013-08-17 00:08 . 2013-07-08 04:16 133120 ----a-w- c:\windows\SysWow64\cryptsvc.dll2013-08-17 00:08 . 2013-07-08 04:15 218624 ----a-w- c:\windows\system32\wintrust.dll2013-08-17 00:08 . 2013-07-08 04:20 172544 ----a-w- c:\windows\SysWow64\wintrust.dll2013-08-17 00:08 . 2013-07-08 04:12 174592 ----a-w- c:\windows\system32\cryptsvc.dll2013-08-17 00:08 . 2013-07-08 04:12 132096 ----a-w- c:\windows\system32\cryptnet.dll2013-08-17 00:08 . 2013-07-08 04:16 98304 ----a-w- c:\windows\SysWow64\cryptnet.dll2013-08-16 03:19 . 2013-07-17 20:01 2048 ----a-w- c:\windows\system32\tzres.dll2013-08-16 03:19 . 2013-07-17 19:41 2048 ----a-w- c:\windows\SysWow64\tzres.dll2013-08-16 03:13 . 2013-07-25 03:28 816640 ----a-w- c:\windows\system32\jscript.dll2013-08-16 03:13 . 2013-07-25 03:28 2147840 ----a-w- c:\windows\system32\iertutil.dll2013-08-16 03:13 . 2013-07-25 02:25 104448 ----a-w- c:\program files (x86)\Internet Explorer\jsdebuggeride.dll2013-08-16 03:13 . 2013-07-25 03:30 499200 ----a-w- c:\program files\Internet Explorer\jsdbgui.dll2013-08-16 03:13 . 2013-07-25 02:25 387584 ----a-w- c:\program files (x86)\Internet Explorer\jsdbgui.dll2013-08-16 03:13 . 2013-07-25 03:30 887808 ----a-w- c:\program files\Internet Explorer\iedvtool.dll2013-08-16 03:13 . 2013-07-25 02:25 678912 ----a-w- c:\program files (x86)\Internet Explorer\iedvtool.dll2013-08-16 03:13 . 2013-07-25 03:54 17830400 ----a-w- c:\windows\system32\mshtml.dll2013-08-16 03:13 . 2013-07-25 03:35 10926080 ----a-w- c:\windows\system32\ieframe.dll...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2013-09-04 06:02 . 2010-10-15 01:30 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll2013-08-30 07:48 . 2013-06-13 21:00 204880 ----a-w- c:\windows\system32\drivers\aswVmm.sys2013-08-30 07:48 . 2013-06-13 21:00 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys2013-08-30 07:48 . 2011-07-10 05:52 1030952 ----a-w- c:\windows\system32\drivers\aswSnx.sys2013-08-30 07:48 . 2010-03-25 02:20 378944 ----a-w- c:\windows\system32\drivers\aswSP.sys2013-08-30 07:48 . 2010-03-25 02:20 59144 ----a-w- c:\windows\system32\drivers\aswRdr.sys2013-08-30 07:48 . 2010-03-25 02:20 64288 ----a-w- c:\windows\system32\drivers\aswTdi.sys2013-08-30 07:48 . 2010-03-25 02:20 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys2013-08-30 07:48 . 2010-03-25 02:20 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys2013-08-30 07:47 . 2010-10-26 18:38 41664 ----a-w- c:\windows\avastSS.scr2013-08-30 07:47 . 2011-01-18 10:16 287840 ----a-w- c:\windows\system32\aswBoot.exe2013-08-22 02:13 . 2013-01-05 20:16 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl2013-08-22 02:13 . 2013-01-05 20:16 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe2013-08-05 23:14 . 2006-11-02 12:35 78161360 ----a-w- c:\windows\system32\mrt.exe2013-07-08 04:16 . 2013-08-17 00:17 43008 ----a-w- c:\windows\apppatch\acwow64.dll..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4.[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1555968]"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240].[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 65536]"VoloMedia Service"="c:\program files (x86)\VoloMedia\VoloMedia Service\VoloMediaService.exe" [2009-05-07 3965648]"MFPMonitor"="c:\windows\twain_32\DELL\MFP1125\Monitor\Stsmon.exe" [2007-08-08 2002944]"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2013-08-30 4858968]"SunJavaUpdateReg"="c:\windows\system32\jureg.exe" [2007-04-07 54936]"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-22 59720]"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"EnableUIADesktopToggle"= 0 (0x0).[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]"LoadAppInit_DLLs"=1 (0x1).[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]@="Service".--- Other Services/Drivers In Memory ---.*NewlyCreated* - WS2IFSL.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc.HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcsThemes.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]2013-09-05 04:01 1177552 ----a-w- c:\program files (x86)\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe.Contents of the 'Scheduled Tasks' folder.2013-09-08 c:\windows\Tasks\Adobe Flash Player Updater.job- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-05 02:13].2013-09-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-19 06:28].2013-09-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-19 06:28].2013-09-08 c:\windows\Tasks\HPCeeScheduleForOwner.job- c:\program files (x86)\hewlett-packard\sdp\ceement\HPCEE.exe [2008-09-18 03:03].2013-09-08 c:\windows\Tasks\PCConfidential.job- c:\program files (x86)\Winferno\PC Confidential\PCConfidential.exe [2009-05-26 21:10]..--------- X64 Entries -----------..[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]@="{472083B0-C522-11CF-8763-00608CC02F24}"[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]2013-08-30 07:47 133840 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-22 15851040].------- Supplementary Scan -------.uLocal Page = c:\windows\system32\blank.htmmLocal Page = c:\windows\SysWOW64\blank.htmTCP: DhcpNameServer = 192.168.0.1.- - - - ORPHANS REMOVED - - - -.Wow6432Node-HKCU-Run-VibeFireAlerts - (no file)Wow6432Node-HKLM-Run-hpqSRMon - (no file)SafeBoot-WudfPfSafeBoot-WudfRdAddRemove-DellMFP1125 - c:\windows\Uninstall.exe...--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_USERS\S-1-5-21-261273699-3008607065-3077023680-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{23EBC65C-CD94-6282-573F-9611C2B61F5A}*]@Allowed: (Read) (RestrictedCode)"jadbogfmaimgagnlpkpm"=hex:62,61,68,6f,00,00"jadbogfmaimgagnlpkdm"=hex:62,61,61,6f,00,00"iadacpddekbajedhhi"=hex:6b,61,69,6f,6b,63,63,6c,6e,62,68,61,61,6c,65,6e,6a,70, 6c,6d,63,6f,00,00.[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe".[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="IFlashBroker5".[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Shockwave Flash Object".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]@="0".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]@="ShockwaveFlash.ShockwaveFlash.11".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="ShockwaveFlash.ShockwaveFlash".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Macromedia Flash Factory Object".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]@="FlashFactory.FlashFactory.1".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="FlashFactory.FlashFactory".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="IFlashBroker5".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]@Denied: (A 2) (Everyone).[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]@="Shockwave Flash".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]@Denied: (A 2) (Everyone)@="".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]@="FlashBroker".[HKEY_LOCAL_MACHINE\software\Wow6432Node\Classes]"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59, 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\.[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.------------------------ Other Running Processes ------------------------.c:\program files\Alwil Software\Avast5\AvastSvc.exec:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exec:\program files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exec:\program files (x86)\ATT\8.2.1.6\ma\bin\MAHostService.exec:\program files (x86)\Bonjour\mDNSResponder.exec:\program files (x86)\ATT\8.2.1.6\ma\bin\node.exec:\program files (x86)\Common Files\LightScribe\LSSrvc.exe.**************************************************************************.Completion time: 2013-09-08 12:47:06 - machine was rebootedComboFix-quarantined-files.txt 2013-09-08 19:47.Pre-Run: 148,779,753,472 bytes freePost-Run: 148,769,640,448 bytes free.- - End Of File - - 7FF47A01C2F94CE5B837A4F0BCE6A97603BA8F890B47C0BE359A4D5A636D214D
  6. The system is running smoothly, but the Avast full system scans continue to find a threat that Avast fails to remove. Sorry, but it appears the Avast logs cannot be cut and pasted, so here is the log entry transcribed: File name Severity Status Action Result C:\Windows\Installer\2b510.msi|>Binary.NewBinary19 High Threat:JS.ADODB-BT [Expl] Move to Chest Error: The operation is not supported for this type of archive. (42111) I have also been updating all the software on the system that I can.
  7. Here is the AdwCleaner log: # AdwCleaner v3.002 - Report created 05/09/2013 at 22:27:29# Updated 01/09/2013 by Xplode# Operating System : Windows Vista Home Premium Service Pack 2 (64 bits)# Username : Owner - OWNER-PC# Running from : C:\Users\Owner\Downloads\AdwCleaner.exe# Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** [!] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freeze.com[!] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freeze.comFile Deleted : C:\Windows\Uninstall.exe ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Classes\ToolBand.EasyHideBtnKey Deleted : HKLM\SOFTWARE\Classes\ToolBand.EasyHideBtn.1Key Deleted : HKLM\SOFTWARE\Classes\ToolBand.LocalizerKey Deleted : HKLM\SOFTWARE\Classes\ToolBand.Localizer.1Key Deleted : HKLM\SOFTWARE\Classes\ToolBand.NameHighlighterKey Deleted : HKLM\SOFTWARE\Classes\ToolBand.NameHighlighter.1Key Deleted : HKLM\SOFTWARE\Classes\ToolBand.NameHighlighterStatisticsKey Deleted : HKLM\SOFTWARE\Classes\ToolBand.NameHighlighterStatistics.1Key Deleted : HKLM\SOFTWARE\Classes\ToolBand.SkypeIEHelperKey Deleted : HKLM\SOFTWARE\Classes\ToolBand.SkypeIEHelper.1Key Deleted : HKLM\SOFTWARE\Classes\ToolBand.SNameProxyKey Deleted : HKLM\SOFTWARE\Classes\ToolBand.SNameProxy.1Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [AdobeUpdater]Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{937936AF-28CA-4973-B8AE-F250406149A2}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{937936AF-28CA-4973-B8AE-F250406149A2}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4B5C-9287-DA72D38F4FE6}Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}]Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}Key Deleted : HKCU\Software\AppDataLow\Software\alotKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtilityKey Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\alotToolbarKey Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdUtility ***** [ Browsers ] ***** -\\ Internet Explorer v9.0.8112.16502 -\\ Google Chrome v29.0.1547.66 [ File : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [4987 octets] - [05/09/2013 22:26:13]AdwCleaner[s0].txt - [4711 octets] - [05/09/2013 22:27:29] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [4771 octets] ########## Here is the MBAM log: Malwarebytes Anti-Malware 1.75.0.1300www.malwarebytes.org Database version: v2013.09.06.02 Windows Vista Service Pack 2 x64 NTFSInternet Explorer 9.0.8112.16421Owner :: OWNER-PC [administrator] 9/5/2013 10:34:32 PMmbam-log-2013-09-05 (22-34-32).txt Scan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 251339Time elapsed: 5 minute(s), 29 second(s) Memory Processes Detected: 0(No malicious items detected) Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 0(No malicious items detected) Registry Values Detected: 0(No malicious items detected) Registry Data Items Detected: 0(No malicious items detected) Folders Detected: 0(No malicious items detected) Files Detected: 0(No malicious items detected) (end)
  8. Thanks for your help, Borislav. Before I post the logs, please note that I did a couple iterations of Avast full and boot-time scans, as well as a couple full MBAM scans, after I posted my original message and before you replied. Let me know if you want me to run DDS again. Here is the JRT log: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 5.5.8 (09.05.2013:1)OS: Windows Vista Home Premium x64Ran by Owner on Thu 09/05/2013 at 21:02:44.49~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start PageSuccessfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Default_Page_URLSuccessfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\bandoocore.exeSuccessfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\dnu.exeSuccessfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{6F43FA77-C18F-4D0C-9C7E-958876FE2061}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{DF948646-8BF4-450E-A059-CF8A4E0FE2BE}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{E96B49B0-E11F-48FC-984A-EEC29A4F57E1}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\freeze.comSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbarSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\bandooSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\freeze.comSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnupdateSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnupdater.downloaduibrowserSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnupdater.downloaduibrowser.1Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnupdater.downloadupdcontrollerSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnupdater.downloadupdcontroller.1Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\alottoolbarSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6} ~~~ Files Successfully deleted: [File] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ebay.lnk" ~~~ Folders Successfully deleted: [Folder] "C:\Users\Owner\AppData\Roaming\vghd"Successfully deleted: [Folder] "C:\Users\Owner\appdata\locallow\alot"Successfully deleted: [Folder] "C:\Users\Owner\appdata\locallow\zango"Successfully deleted: [Folder] "C:\Program Files (x86)\alot"Successfully deleted: [Folder] "C:\Program Files (x86)\free offers from freeze.com"Successfully deleted: [Folder] "C:\Program Files (x86)\vghd"Successfully deleted: [Folder] "C:\Program Files (x86)\winferno\registrypowercleaner"Successfully deleted: [Folder] "C:\Program Files (x86)\Common Files\software update utility" ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on Thu 09/05/2013 at 21:12:27.78End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  9. Malwarebytes found 14 items, so here are the dds logs: DDS.txt: DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16502Run by Owner at 22:35:39 on 2013-09-03Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.1916.425 [GMT -7:00].AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k rpcssC:\Windows\System32\svchost.exe -k secsvcsC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k GPSvcGroupC:\Windows\system32\SLsvc.exeC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k NetworkServiceC:\Program Files\Alwil Software\Avast5\AvastSvc.exeC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Windows\system32\taskeng.exeC:\Program Files (x86)\ATT\8.2.1.6\ma\bin\MAHostService.exeC:\Windows\system32\Dwm.exeC:\Program Files (x86)\Bonjour\mDNSResponder.exeC:\Windows\Explorer.EXEC:\Windows\SysWOW64\svchost.exe -k hpdevmgmtC:\Program Files (x86)\ATT\8.2.1.6\ma\bin\node.exeC:\Program Files (x86)\Google\Update\GoogleUpdate.exeC:\Windows\system32\taskeng.exec:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exeC:\Windows\System32\svchost.exe -k HPZ12C:\Program Files (x86)\Common Files\Motive\pcCMService.exeC:\Program Files\Common Files\Motive\pcCMService.exeC:\Windows\System32\svchost.exe -k HPZ12C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\system32\svchost.exe -k imgsvcC:\Windows\System32\svchost.exe -k WerSvcGroupC:\Windows\system32\DRIVERS\xaudio64.exeC:\Windows\system32\svchost.exe -k HPServiceC:\Windows\System32\WUDFHost.exeC:\Windows\System32\mobsync.exeC:\Program Files\Windows Defender\MSASCui.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Windows\ehome\ehtray.exeC:\hp\support\hpsysdrv.exeC:\Program Files (x86)\VoloMedia\VoloMedia Service\VoloMediaService.exeC:\Windows\twain_32\Dell\MFP1125\Monitor\Stsmon.exeC:\Program Files\Alwil Software\Avast5\AvastUI.exeC:\Program Files\Windows Media Player\wmpnscfg.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\system32\wbem\unsecapp.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\ehome\ehmsas.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationc:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\system32\wuauclt.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exeC:\Windows\system32\msiexec.exeC:\Windows\system32\vssvc.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\System32\svchost.exe -k swprvC:\Windows\system32\taskeng.exeC:\Windows\system32\RacAgent.exeC:\Windows\syswow64\MsiExec.exeC:\Windows\syswow64\MsiExec.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.uURLSearchHooks: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dllmWinlogon: Userinit = userinit.exeBHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dllBHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dllBHO: ALOT Toolbar Helper: {14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6} - C:\Program Files (x86)\alot\bin\alot.dllBHO: Skype add-on (mastermind): {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllBHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dllBHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - <orphaned>BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dllBHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dllBHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dllTB: ALOT Toolbar: {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Program Files (x86)\alot\bin\alot.dllTB: <No Name>: - LocalServer32 - <no file>TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dllTB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dllEB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dllEB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dlluRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRunuRun: [ehTray.exe] C:\Windows\ehome\ehTray.exeuRun: [VibeFireAlerts] <no file>mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exemRun: [hpqSRMon] <no file>mRunOnce: [Malwarebytes Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /install /silentmPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoActiveDesktopChanges = dword:1mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0mPolicies-System: EnableUIADesktopToggle = dword:0IE: {5067A26B-1337-4436-8AFE-EE169C2DA79F} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllIE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllIE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dllTCP: NameServer = 192.168.0.1TCP: Interfaces\{4D36FE6F-5620-4518-B24F-68BBDDC76305} : DHCPNameServer = 192.168.1.1TCP: Interfaces\{D88536FD-30BB-4C28-B54D-EDDF8598703F} : DHCPNameServer = 192.168.0.1Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dllLSA: Security Packages = kerberos msv1_0 schannel wdigest tspkgx64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dllx64-BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - <orphaned>x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dllx64-Run: [Windows Defender] C:\Program Files (x86)\Windows Defender\MSASCui.exe -hidex64-Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\System32\NvCpl.dll,NvStartupx64-mPolicies-Explorer: NoActiveDesktop = dword:1x64-mPolicies-Explorer: NoActiveDesktopChanges = dword:1x64-mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0x64-mPolicies-System: EnableUIADesktopToggle = dword:0x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>.============= SERVICES / DRIVERS ===============.R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-6-13 65336]R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-6-13 204880]R1 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2013-6-13 22600]R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2011-7-9 1030952]R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2010-3-24 378944]R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2010-3-24 33400]R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2010-3-24 80816]R3 CAXHWBS3;CAXHWBS3;C:\Windows\System32\drivers\CAXHWBS3.sys [2008-9-18 286208].=============== File Associations ===============.FileExt: .js: JSFile=C:\Windows\SysWOW64\WScript.exe "%1" %*FileExt: .jse: JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*.=============== Created Last 30 ================..==================== Find3M ====================.2013-08-30 07:48:10 65336 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys2013-08-30 07:48:10 64288 ----a-w- C:\Windows\System32\drivers\aswTdi.sys2013-08-30 07:48:10 59144 ----a-w- C:\Windows\System32\drivers\aswRdr.sys2013-08-30 07:48:10 378944 ----a-w- C:\Windows\System32\drivers\aswSP.sys2013-08-30 07:48:10 204880 ----a-w- C:\Windows\System32\drivers\aswVmm.sys2013-08-30 07:48:10 1030952 ----a-w- C:\Windows\System32\drivers\aswSnx.sys2013-08-30 07:48:09 80816 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys2013-08-30 07:48:09 33400 ----a-w- C:\Windows\System32\drivers\aswFsBlk.sys2013-08-30 07:47:40 41664 ----a-w- C:\Windows\avastSS.scr2013-08-30 07:47:14 287840 ----a-w- C:\Windows\System32\aswBoot.exe2013-08-22 02:13:40 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2013-08-22 02:13:40 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2013-08-02 14:06:01 1706496 ----a-w- C:\Windows\System32\WMVDECOD.DLL2013-08-02 04:09:35 1548288 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL2013-07-25 03:54:29 17830400 ----a-w- C:\Windows\System32\mshtml.dll2013-07-25 03:37:25 2312704 ----a-w- C:\Windows\System32\jscript9.dll2013-07-25 03:35:45 10926080 ----a-w- C:\Windows\System32\ieframe.dll2013-07-25 03:31:23 1346560 ----a-w- C:\Windows\System32\urlmon.dll2013-07-25 03:30:49 1392128 ----a-w- C:\Windows\System32\wininet.dll2013-07-25 03:29:41 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl2013-07-25 03:29:21 237056 ----a-w- C:\Windows\System32\url.dll2013-07-25 03:29:06 86016 ----a-w- C:\Windows\System32\jsproxy.dll2013-07-25 03:28:46 173056 ----a-w- C:\Windows\System32\ieUnatt.exe2013-07-25 03:28:31 599040 ----a-w- C:\Windows\System32\vbscript.dll2013-07-25 03:28:27 816640 ----a-w- C:\Windows\System32\jscript.dll2013-07-25 03:28:24 2147840 ----a-w- C:\Windows\System32\iertutil.dll2013-07-25 03:28:18 729088 ----a-w- C:\Windows\System32\msfeeds.dll2013-07-25 03:27:29 96768 ----a-w- C:\Windows\System32\mshtmled.dll2013-07-25 03:27:20 2382848 ----a-w- C:\Windows\System32\mshtml.tlb2013-07-25 03:26:53 248320 ----a-w- C:\Windows\System32\ieui.dll2013-07-25 02:40:07 12334080 ----a-w- C:\Windows\SysWow64\mshtml.dll2013-07-25 02:32:35 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll2013-07-25 02:30:47 9738752 ----a-w- C:\Windows\SysWow64\ieframe.dll2013-07-25 02:26:45 1104384 ----a-w- C:\Windows\SysWow64\urlmon.dll2013-07-25 02:26:10 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll2013-07-25 02:25:30 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl2013-07-25 02:24:39 231936 ----a-w- C:\Windows\SysWow64\url.dll2013-07-25 02:24:24 65536 ----a-w- C:\Windows\SysWow64\jsproxy.dll2013-07-25 02:23:59 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe2013-07-25 02:23:58 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll2013-07-25 02:23:51 717824 ----a-w- C:\Windows\SysWow64\jscript.dll2013-07-25 02:23:30 1796096 ----a-w- C:\Windows\SysWow64\iertutil.dll2013-07-25 02:23:27 607744 ----a-w- C:\Windows\SysWow64\msfeeds.dll2013-07-25 02:22:47 73216 ----a-w- C:\Windows\SysWow64\mshtmled.dll2013-07-25 02:22:35 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb2013-07-25 02:22:04 176640 ----a-w- C:\Windows\SysWow64\ieui.dll2013-07-17 20:01:51 2048 ----a-w- C:\Windows\System32\tzres.dll2013-07-17 19:41:34 2048 ----a-w- C:\Windows\SysWow64\tzres.dll2013-07-10 09:47:49 677888 ----a-w- C:\Windows\SysWow64\rpcrt4.dll2013-07-10 09:42:55 1303552 ----a-w- C:\Windows\System32\rpcrt4.dll2013-07-09 12:04:30 1585256 ----a-w- C:\Windows\System32\ntdll.dll2013-07-09 12:04:30 1168088 ----a-w- C:\Windows\SysWow64\ntdll.dll2013-07-08 04:51:57 4691904 ----a-w- C:\Windows\System32\ntoskrnl.exe2013-07-08 04:20:17 5120 ----a-w- C:\Windows\SysWow64\wow32.dll2013-07-08 04:20:04 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll2013-07-08 04:18:51 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll2013-07-08 04:16:55 98304 ----a-w- C:\Windows\SysWow64\cryptnet.dll2013-07-08 04:16:55 133120 ----a-w- C:\Windows\SysWow64\cryptsvc.dll2013-07-08 04:16:54 992768 ----a-w- C:\Windows\SysWow64\crypt32.dll2013-07-08 04:16:33 43008 ----a-w- C:\Windows\apppatch\acwow64.dll2013-07-08 04:15:39 234496 ----a-w- C:\Windows\System32\wow64.dll2013-07-08 04:15:25 218624 ----a-w- C:\Windows\System32\wintrust.dll2013-07-08 04:14:21 16384 ----a-w- C:\Windows\System32\ntvdm64.dll2013-07-08 04:12:34 174592 ----a-w- C:\Windows\System32\cryptsvc.dll2013-07-08 04:12:34 132096 ----a-w- C:\Windows\System32\cryptnet.dll2013-07-08 04:12:34 1276416 ----a-w- C:\Windows\System32\crypt32.dll2013-07-08 01:39:04 26112 ----a-w- C:\Windows\SysWow64\setup16.exe2013-07-08 01:39:03 7680 ----a-w- C:\Windows\SysWow64\instnm.exe2013-07-08 01:39:02 2560 ----a-w- C:\Windows\SysWow64\user.exe2013-07-05 04:45:27 1423808 ----a-w- C:\Windows\System32\drivers\tcpip.sys2013-06-15 13:27:51 20480 ----a-w- C:\Windows\System32\icaapi.dll2013-06-15 11:38:39 29184 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys.============= FINISH: 22:37:49.85 =============== Attach.txt: .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft® Windows Vista™ Home Premium Boot Device: \Device\HarddiskVolume1Install Date: 10/16/2008 11:30:41 AMSystem Uptime: 9/3/2013 10:16:19 PM (0 hours ago).Motherboard: FOXCONN | | IrvineProcessor: Intel® Pentium® Dual CPU E2180 @ 2.00GHz | Socket 775 | 2000/200mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 220 GiB total, 138.935 GiB free.D: is FIXED (NTFS) - 13 GiB total, 1.744 GiB free.E: is CDROM (CDFS)G: is RemovableH: is RemovableI: is RemovableJ: is Removable.==== Disabled Device Manager Items =============.Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}Description: Microsoft 6to4 AdapterDevice ID: ROOT\*6TO4MP\0007Manufacturer: MicrosoftName: Microsoft 6to4 Adapter #2PNP Device ID: ROOT\*6TO4MP\0007Service: tunnel.Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}Description: Microsoft ISATAP AdapterDevice ID: ROOT\*ISATAP\0000Manufacturer: MicrosoftName: Microsoft ISATAP AdapterPNP Device ID: ROOT\*ISATAP\0000Service: tunnel.Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}Description: avast! Firewall NDIS Filter MiniportDevice ID: ROOT\SW_ASWNDISMP\0000Manufacturer: ALWIL SoftwareName: avast! Firewall NDIS Filter MiniportPNP Device ID: ROOT\SW_ASWNDISMP\0000Service: aswNdis.==== System Restore Points ===================..==== Installed Programs ======================.4500_G510nz_Help4500G510nz4500G510nz_Software_Min64 Bit HP CIO Components InstallerAdobe Flash Player 11 ActiveXALOT ToolbarApple Application SupportApple Mobile Device SupportApple Software UpdateATT Management Agentavast! Free AntivirusBelkin F5D8053 N Wireless USB AdapterBonjourBufferChmCards_Calendar_OrderGift_DoMorePlugoutCCleanerCompatibility Pack for the 2007 Office systemCustomerResearchQFolderCyberLink DVD Suite DeluxeD1500_HelpDell MFP 1125DestinationsDeviceDiscoveryDeviceManagementQFolderDJ_SF_03_D1500_ProductContextDJ_SF_03_D1500_SoftwareDJ_SF_03_D1500_Software_MinDocMgrDocProcDownload Updater (AOL LLC)Enhanced Multimedia Keyboard SolutioneSupportQFolderFaxGoogle ChromeGoogle EarthGoogle Update HelperGPBaseServiceGPBaseService2Hewlett-Packard Active Check for Health CheckHewlett-Packard Asset Agent for Health CheckHotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)HP Active Support LibraryHP Customer Experience EnhancementsHP Customer FeedbackHP Customer Participation Program 13.0HP Deskjet D1500 Printer Driver Software 10.0 Rel .3HP Document Manager 2.0HP Imaging Device Functions 13.0HP Officejet 4500 G510n-zHP Photosmart Essential 2.5HP Photosmart Essential 3.0HP Picasso Media Center Add-InHP Recovery Manager RSSHP Smart Web Printing 4.5HP Solution Center 13.0HP Total Care AdvisorHP UpdateHPPhotoSmartPhotobookWebPack1HPProductAssistantHPSSupplyHPTCSSetupiTunesJava Auto UpdaterJava 6 Update 22Java SE Runtime Environment 6 Update 1LabelPrintLightScribe System Software 1.14.17.1LightScribeTemplateLabelerMalwarebytes Anti-Malware version 1.75.0.1300MarketResearchMicrosoft .NET Framework 3.5 SP1Microsoft .NET Framework 4 Client ProfileMicrosoft Office PowerPoint Viewer 2007 (English)Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2005 Redistributable (x64)Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft WorksMobileMe Control PanelMSXML 4.0 SP2 (KB927978)MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)muvee autoProducer 6.1My HP GamesNetwork64NVIDIA DriversOCR Software by I.R.I.S. 13.0PC Tutor™ Learn Windows Vista™PCIe Soft Data Fax Modem with SmartCPPower2GoPowerDirectorPSSWCOREPython 2.5.2QuickTimeRealtek High Definition Audio DriverScanSecurity Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407)Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)Shop for HP SuppliesSkype web featuresSkype™ 4.1SmartWebPrintingSolutionCenterStatusToolboxTrayAppUnloadSupportUpdate for Microsoft .NET Framework 3.5 SP1 (KB2836940)Update for Microsoft .NET Framework 3.5 SP1 (KB963707)Update for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft .NET Framework 4 Client Profile (KB2836939)VideoToolkit01VLC media player 0.9.2VoloMedia iTunes plug-inWebRegYahoo! Toolbar.==== End Of File ===========================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.