Jump to content

i'm infected now, what do i do?


Recommended Posts

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421

Run by ORENDA at 16:26:39 on 2012-01-06

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5887.4002 [GMT -5:00]

.

AV: AVG Internet Security 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Internet Security 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: AVG Firewall *Enabled* {621CC794-9486-F902-D092-0484E8EA828B}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe

C:\Program Files (x86)\AVG\AVG2012\avgfws.exe

C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe

C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt

c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe

C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe

C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe

C:\Windows\system32\svchost.exe -k HPService

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\WUDFHost.exe

C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe

C:\Program Files (x86)\AVG\AVG2012\avgemca.exe

C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files (x86)\AVG\AVG2012\avgtray.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\taskeng.exe

c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe

C:\Users\ORENDA\AppData\Roaming\mjusbsp\magicJack.exe

C:\Users\ORENDA\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\ORENDA\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\ORENDA\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\ORENDA\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\ORENDA\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\ORENDA\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\ORENDA\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\ORENDA\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\ORENDA\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Users\ORENDA\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\AVG\AVG2012\avgrsa.exe

C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe

C:\Users\ORENDA\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\ORENDA\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\ORENDA\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.yahoo.com/?ilc=8

mDefault_Page_URL = hxxp://www.yahoo.com/?ilc=8

mStart Page = hxxp://www.yahoo.com/?ilc=8

uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll

uURLSearchHooks: PageRage Toolbar: {9565115d-c7d6-46d3-bd63-b67b481a4368} - C:\Program Files (x86)\PageRage\tbPage.dll

uURLSearchHooks: H - No File

uURLSearchHooks: H - No File

mURLSearchHooks: PageRage Toolbar: {9565115d-c7d6-46d3-bd63-b67b481a4368} - C:\Program Files (x86)\PageRage\tbPage.dll

mURLSearchHooks: H - No File

BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll

BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll

BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll

BHO: {56E4076B-A42B-4745-BA35-34DA8AC4C2F2} - No File

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll

BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

TB: Microsoft Live Search Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll

TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll

TB: PageRage Toolbar: {9565115d-c7d6-46d3-bd63-b67b481a4368} - C:\Program Files (x86)\PageRage\tbPage.dll

TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll

TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File

TB: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File

EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll

uRun: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe

uRun: [cdloader] "C:\Users\ORENDA\AppData\Roaming\mjusbsp\cdloader2.exe" MAGICJACK

uRunOnce: [Application Restart #1] C:\Users\ORENDA\AppData\Local\Google\Chrome\Application\chrome.exe --flag-switches-begin --enable-print-preview --flag-switches-end --restore-last-session -- http://login.yahoo.com/config/reset_cookies_token?.token=JMv9tUl.J5Oc65RDXJ1Qt7JJ64ztCUCwVEF2km5XWIYMyJKvQkbVZpCZLiubuhuCQx8A7byQaEQmEQGVYmGdRkPYoEbkOjVwCGZXmaWaNESQEm8y7wFV63pdO7yHJi5US6d3_46BejYH_PcjQ6gGeecBPygNX0suJFLhZZffM_nQHKqf0kQ..R4L5oD18If70LYViWeF.t3iQxmCakD4_LDSLfZyfhwoQvJtS0HMF2pf80_qX3miOMDXzq1cSyttDH5Mvh90ApUh2hZxlwXZpaQ6gJ2DHjLyrg8JiVqWog2tTEf1xNa8qaOc667psiQmMjzg_O2iG2jPHsSQtVWK0HVjxVIUTeIr7STlPnP3BSXAv3W4mPgxD85FcumOXvdaphnDlprxJ3ijmDTfMZvX9J.GAPlmyePWNmEZSiRGiYqCY2jeDkdKYNSCPGI0ZBf.ruXVSkUg4rvZPWhsTQ_INOBQtJyQbKOiJKk.reLHsIYM.86jPSuDcL_i0L4TgbzZCbWAASjgtzVBIcoZJ1288OWIov1EZqh6VJHr0F1.XVofNv.mxVWNYFIQKd6X8tAsLMtEpPJagM7KmCa9fh8r_zY.TVuVyoJu53O2AfWksuOzyKEcQRExl9uBiv2PDMDz25a7EnQR6TAxyK7BFRqPYR13W.OdFiLP6pV4Ri8rsSGEXgsETA--&.done=http%3A%2F%2Fus%2Erd%2Eyahoo%2Ecom%2Fmessenger%2Fclient%2F%3Fhttp%3A%2F%2Fmail%2Eyahoo%2Ecom%2F

mRun: [<NO NAME>]

mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: &Search

IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll

DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} - file:///C:/Program%20Files%20(x86)/Jewel%20Quest%20Mysteries%20-%20The%20Seventh%20Gate%20Collector's%20Edition/Images/stg_drm.ocx

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} - file:///C:/Program%20Files%20(x86)/BookWorm%20Adventures/Images/armhelper.ocx

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{55E66CF1-84C0-478A-9F64-C88BFBF0C7AD} : DhcpNameServer = 192.168.1.1

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll

BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll

BHO-X64: 0x1 - No File

BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

BHO-X64: HP Print Enhancer - No File

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll

BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File

BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll

BHO-X64: {56E4076B-A42B-4745-BA35-34DA8AC4C2F2} - No File

BHO-X64: EpicPlay Games - No File

BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll

BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

BHO-X64: HP Smart BHO Class - No File

TB-X64: Microsoft Live Search Toolbar: {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll

TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll

TB-X64: PageRage Toolbar: {9565115d-c7d6-46d3-bd63-b67b481a4368} - C:\Program Files (x86)\PageRage\tbPage.dll

TB-X64: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll

TB-X64: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File

TB-X64: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File

EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File

mRun-x64: [(Default)]

mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?]

R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]

R1 Avgfwfd;AVG network filter service;C:\Windows\system32\DRIVERS\avgfwd6a.sys --> C:\Windows\system32\DRIVERS\avgfwd6a.sys [?]

R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]

R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]

R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]

R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [2011-12-1 494424]

R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG2012\avgfws.exe [2011-11-23 2391832]

R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]

R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 192776]

R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-3-21 1153368]

R2 TeamViewer6;TeamViewer 6;C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-12-2 2358656]

R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?]

R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-4-16 136176]

S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\Windows\system32\Drivers\ssadadb.sys --> C:\Windows\system32\Drivers\ssadadb.sys [?]

S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]

S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-4-16 136176]

S3 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-6-21 85560]

S3 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-3-28 94264]

S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\system32\DRIVERS\ssadbus.sys --> C:\Windows\system32\DRIVERS\ssadbus.sys [?]

S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\system32\DRIVERS\ssadmdfl.sys --> C:\Windows\system32\DRIVERS\ssadmdfl.sys [?]

S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\system32\DRIVERS\ssadmdm.sys --> C:\Windows\system32\DRIVERS\ssadmdm.sys [?]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

S3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\system32\DRIVERS\WSDPrint.sys --> C:\Windows\system32\DRIVERS\WSDPrint.sys [?]

S3 WSDScan;WSD Scan Support via UMB;C:\Windows\system32\DRIVERS\WSDScan.sys --> C:\Windows\system32\DRIVERS\WSDScan.sys [?]

.

=============== Created Last 30 ================

.

2012-01-03 03:42:42 -------- d-----w- C:\Program Files (x86)\FreeWorkz

2011-12-26 04:26:31 -------- d-----w- C:\Users\ORENDA\AppData\Local\tjnet

2011-12-24 19:24:24 -------- d-----w- C:\Users\ORENDA\AppData\Local\magicJack

2011-12-24 14:52:19 65024 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ISBEW64.exe

2011-12-24 14:52:18 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ctor.dll

2011-12-24 14:52:18 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe

2011-12-24 14:52:18 274432 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iscript.dll

2011-12-24 14:52:18 204800 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iuser.dll

2011-12-24 14:52:15 757760 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iKernel.dll

2011-12-24 14:52:10 200836 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iGdi.dll

2011-12-24 14:52:06 331908 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\setup.dll

2011-12-16 15:56:27 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

2011-12-16 15:56:27 2048 ----a-w- C:\Windows\System32\tzres.dll

2011-12-16 08:00:59 887296 ----a-w- C:\Program Files\Internet Explorer\iedvtool.dll

2011-12-16 08:00:59 678912 ----a-w- C:\Program Files (x86)\Internet Explorer\iedvtool.dll

2011-12-15 20:08:57 43520 ----a-w- C:\Windows\System32\csrsrv.dll

2011-12-15 20:08:30 3145216 ----a-w- C:\Windows\System32\win32k.sys

2011-12-15 20:08:02 723456 ----a-w- C:\Windows\System32\EncDec.dll

2011-12-15 20:08:02 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll

2011-12-12 04:08:16 24576 ----a-w- C:\Windows\SetupAfterRebootService.exe

.

==================== Find3M ====================

.

2011-12-10 20:24:08 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys

2011-12-01 21:04:40 56513 ----a-w- C:\ProgramData\bdinstall.bin

2011-12-01 20:16:59 111408 ----a-w- C:\Windows\System32\drivers\46217673.sys

2011-11-04 01:53:39 2309120 ----a-w- C:\Windows\System32\jscript9.dll

2011-11-04 01:44:47 1390080 ----a-w- C:\Windows\System32\wininet.dll

2011-11-04 01:44:21 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl

2011-11-04 01:34:43 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2011-11-03 22:47:42 1798144 ----a-w- C:\Windows\SysWow64\jscript9.dll

2011-11-03 22:40:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2011-11-03 22:39:47 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll

2011-11-03 22:31:57 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2011-10-21 16:11:05 111408 ----a-w- C:\Windows\System32\drivers\53990291.sys

2011-10-20 04:10:14 22872 ----a-w- C:\Windows\System32\RegistryDefragBootTime.exe

2011-10-19 00:53:14 2957544 ----a-w- C:\Windows\System32\drivers\RTKVHD64.sys

2011-10-18 23:10:30 99432 ----a-w- C:\Windows\System32\RCoInst64.dll

2011-10-18 18:55:50 331880 ----a-w- C:\Windows\System32\RtlCPAPI64.dll

2011-10-18 18:47:22 1914472 ----a-w- C:\Windows\System32\RtkApi64.dll

2011-10-18 16:05:00 2528872 ----a-w- C:\Windows\System32\RtPgEx64.dll

2011-10-17 22:30:38 3213928 ----a-w- C:\Windows\System32\RtkAPO64.dll

2011-10-13 01:20:25 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

.

============= FINISH: 16:27:04.37 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 2/5/2010 2:05:00 AM

System Uptime: 1/6/2012 1:41:37 PM (3 hours ago)

.

Motherboard: PEGATRON CORPORATION | | VIOLET6

Processor: AMD Athlon II X4 630 Processor | CPU 1 | 2800/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 921 GiB total, 778.394 GiB free.

D: is FIXED (NTFS) - 11 GiB total, 1.563 GiB free.

E: is CDROM ()

F: is CDROM ()

G: is Removable

H: is Removable

I: is Removable

J: is Removable

K: is Removable

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP177: 12/1/2011 4:16:07 PM - Installed AVG 2012

RP178: 12/1/2011 9:25:10 PM - Windows Modules Installer

RP179: 12/1/2011 9:55:35 PM - IObit Uninstaller restore point

RP180: 12/1/2011 10:27:58 PM - Windows Update

RP181: 12/1/2011 10:28:47 PM - Windows Update

RP182: 12/16/2011 3:00:14 AM - Windows Update

RP183: 12/17/2011 3:00:15 AM - Windows Update

RP184: 1/1/2012 11:20:46 PM - HPSF Restore Point

RP185: 1/3/2012 5:13:52 PM - Windows Modules Installer

RP186: 1/3/2012 9:32:42 PM - Removed Ad-Aware

RP187: 1/3/2012 9:43:39 PM - IObit Uninstaller restore point

RP188: 1/5/2012 2:03:55 PM - Installed Ad-Aware

RP189: 1/5/2012 2:06:31 PM - Installed Ad-Aware

RP190: 1/5/2012 2:38:29 PM - Installed Ad-Aware

RP191: 1/5/2012 2:39:07 PM - Installed Ad-Aware

RP192: 1/5/2012 2:47:57 PM - Installed Ad-Aware

RP193: 1/5/2012 2:48:28 PM - Installed Ad-Aware

.

==== Installed Programs ======================

.

Adobe Flash Player 10 Plugin

Adobe Flash Player 11 ActiveX

Adobe Reader 9.1

Advanced SystemCare 5

AIO_CDA_ProductContext

AIO_CDA_Software

AIO_Scan

Apple Software Update

ArcSoft Print Creations

ArcSoft Print Creations - Greeting Card

ArcSoft Print Creations - Photo Calendar

Big Fish Games: Game Manager

BufferChm

C3100

c3100_Help

Compatibility Pack for the 2007 Office system

Conduit Engine

Copy

CyberLink DVD Suite Deluxe

Destinations

DeviceDiscovery

DirectX for Managed Code Update (Summer 2004)

DocProc

DVD Menu Pack for HP MediaSmart Video

EpicPlay

Epson CreativeZone

Epson Event Manager

EPSON Scan

EpsonNet Print

EpsonNet Setup

Escape - Special Edition Bundle

Facebook Plug-In

Farmscapes

Fax

Feedback Tool

FreeWorkz

GamesBar 2.0.1.59

Google Chrome

Google Earth Plug-in

Google Update Helper

Google Updater

GPBaseService2

Greenshot

Hewlett-Packard ACLM.NET v1.1.1.0

HP Advisor

HP Customer Experience Enhancements

HP Games

HP MediaSmart Demo

HP MediaSmart DVD

HP MediaSmart Music/Photo/Video

HP MediaSmart/TouchSmart Netflix

HP Odometer

HP Remote Solution

HP Setup

HP Support Assistant

HP Support Information

HP Update

HPDiagnosticAlert

HPPhotoGadget

HPPhotoSmartDiscLabelContent1

HPPhotosmartEssential

HPProductAssistant

HPSSupply

Hulu Desktop

Java Auto Updater

Java 6 Update 2

Java 6 Update 29

Junk Mail filter update

LabelPrint

LightScribe System Software

magicJack

Malwarebytes Anti-Malware version 1.60.0.1800

MarketResearch

Microsoft Choice Guard

Microsoft Live Search Toolbar

Microsoft Office PowerPoint Viewer 2007 (English)

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable - KB2467175

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Works

Movie Theme Pack for HP MediaSmart Video

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Mystery of Mortlake Mansion

Mystery Trackers: Raincliff Collector's Edition

OpenOffice.org 2.3

PageRage Toolbar

Photo Notifier and Animation Creator

Picasa 3

PictureMover

Power2Go

PowerDirector

QuickTime

Realtek High Definition Audio Driver

Recovery Manager

Scan

SecondLifeViewer2 (remove only)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

SmartWebPrinting

SolutionCenter

Spybot - Search & Destroy

Status

TeamViewer 6

Time Mysteries: The Ancient Spectres Collector's Edition

Toolbox

TrayApp

UnloadSupport

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update Installer for WildTangent Games App

Video Card Stability Test

Visual C++ 8.0 Runtime Setup Package (x64)

Visual Studio 2008 x64 Redistributables

WebReg

WildTangent Games App (HP Games)

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Mail

Windows Live Messenger

Windows Live Photo Gallery

Windows Live Sign-in Assistant

Windows Live Sync

Windows Live Upload Tool

Windows Live Writer

Yahoo! BrowserPlus 2.9.8

Yahoo! Messenger

Yahoo! Toolbar

.

==== Event Viewer Messages From Past Week ========

.

1/6/2012 4:23:31 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

1/6/2012 1:47:49 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.

1/5/2012 4:28:44 PM, Error: Service Control Manager [7034] - The LightScribeService Direct Disc Labeling Service service terminated unexpectedly. It has done this 1 time(s).

1/5/2012 2:49:17 PM, Error: Service Control Manager [7000] - The Lbd service failed to start due to the following error: The system cannot find the file specified.

1/1/2012 9:04:38 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume HP.

.

==== End Of File ===========================

Link to post
Share on other sites

  • 1 month later...
  • 2 weeks later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.