Jump to content

black screen at windows start up - not able to put on security


Recommended Posts

this is my dds and attach files - please help if you can. am traveling and this is my work computer. can only run things in safe mode and can not put on any security anit virus on. thank you for your time in advance, m

DDS (Ver_2012-11-07.01) - NTFS_AMD64 NETWORK

Internet Explorer: 9.0.8112.16450 BrowserJavaVersion: 10.7.2

Run by Mary at 10:46:31 on 2012-11-11

Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.3003.2264 [GMT -8:00]

.

AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\Explorer.EXE

C:\Windows\system32\ctfmon.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k secsvcs

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/ig

uProxyOverride = <local>;*.local

uURLSearchHooks: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - <orphaned>

uURLSearchHooks: {72cabc40-64b2-46ed-8648-26d831761150} - <orphaned>

mWinlogon: Userinit = userinit.exe,

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>

BHO: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll

BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -

BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.4\AVG Secure Search_toolbar.dll

BHO: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} -

BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB: VideoDownloadConverter: {48586425-6BB7-4F51-8DC6-38C88E3EBB58} -

TB: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} -

TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

TB: MapsGalaxy: {364ea597-e728-4ce4-bb4a-ed846ef47970} -

TB: VideoDownloadConverter: {48586425-6bb7-4f51-8dc6-38c88e3ebb58} -

TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.4\AVG Secure Search_toolbar.dll

uRun: [iSUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

uRun: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe

uRun: [CAHeadless] C:\Program Files (x86)\Adobe\Elements 10 Organizer\CAHeadless\ElementsAutoAnalyzer.exe

uRun: [AdobeBridge] <no file>

uRunOnce: [spybotDeletingB332] command.com /c del "C:\ProgramData\W3i\InstallIQUpdater\data.xml"

uRunOnce: [spybotDeletingD2868] cmd.exe /c del "C:\ProgramData\W3i\InstallIQUpdater\data.xml"

uRunOnce: [spybotDeletingB6285] command.com /c del "C:\ProgramData\W3i\InstallIQUpdater\iqu.ini"

uRunOnce: [spybotDeletingD2593] cmd.exe /c del "C:\ProgramData\W3i\InstallIQUpdater\iqu.ini"

uRunOnce: [spybotDeletingB7791] command.com /c del "C:\ProgramData\W3i\InstallIQUpdater\IQUMessageDlg.xsl"

uRunOnce: [spybotDeletingD3749] cmd.exe /c del "C:\ProgramData\W3i\InstallIQUpdater\IQUMessageDlg.xsl"

uRunOnce: [spybotDeletingB5010] command.com /c del "C:\ProgramData\W3i\InstallIQUpdater\updater.log"

uRunOnce: [spybotDeletingD3192] cmd.exe /c del "C:\ProgramData\W3i\InstallIQUpdater\updater.log"

uRunOnce: [spybotDeletingB9792] command.com /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater\InstallIQ Updater.lnk"

uRunOnce: [spybotDeletingD3136] cmd.exe /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater\InstallIQ Updater.lnk"

uRunOnce: [spybotDeletingB9013] command.com /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater\Privacy Policy.url"

uRunOnce: [spybotDeletingD1729] cmd.exe /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater\Privacy Policy.url"

uRunOnce: [spybotDeletingB3925] command.com /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater\Terms & Conditions.url"

uRunOnce: [spybotDeletingD1478] cmd.exe /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater\Terms & Conditions.url"

uRunOnce: [spybotDeletingB705] command.com /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater\Uninstall InstallIQ Updater.lnk"

uRunOnce: [spybotDeletingD9362] cmd.exe /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater\Uninstall InstallIQ Updater.lnk"

uRunOnce: [spybotDeletingB8033] command.com /c del "C:\Program Files (x86)\W3i\InstallIQUpdater\iqu.xsl"

uRunOnce: [spybotDeletingD2668] cmd.exe /c del "C:\Program Files (x86)\W3i\InstallIQUpdater\iqu.xsl"

mRun: [startCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start

mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"

mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"

mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

mRun: [iSUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start

mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

mRun: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

mRun: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [Memeo Instant Backup] C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe --silent --no_ui

mRun: [Memeo AutoSync] C:\Program Files (x86)\Memeo\AutoSync\MemeoLauncher2.exe --silent

mRun: [seagate Dashboard] C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY

mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

mRun: [ROC_roc_ssl_v12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12

mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=OABNAEUASAAtAFIARgA0AEIAWgAtAEYASABBAFQATwAtAFYAUgBWADMAQQAtADQASABPAFUATwAtAEQARQBNAEIAUgA"&"inst=NwA2AC0AOQA4ADMANQA4ADYANQAwADkALQBEADMAOAAxAEwAKwA1AC0ARABEAFQAKwAwAC0ASQA5ADAAKwAxAC0ATgAxAEQAKwAxAC0AUwBUADkAMABBAFAAUAArADEALQBQAEwAKwA5AA"&"prod=54"&"ver=9.0.914

mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

mRunOnce: [spybotDeletingA9911] command.com /c del "C:\ProgramData\W3i\InstallIQUpdater\data.xml"

mRunOnce: [spybotDeletingC5669] cmd.exe /c del "C:\ProgramData\W3i\InstallIQUpdater\data.xml"

mRunOnce: [spybotDeletingA6315] command.com /c del "C:\ProgramData\W3i\InstallIQUpdater\iqu.ini"

mRunOnce: [spybotDeletingC4713] cmd.exe /c del "C:\ProgramData\W3i\InstallIQUpdater\iqu.ini"

mRunOnce: [spybotDeletingA900] command.com /c del "C:\ProgramData\W3i\InstallIQUpdater\IQUMessageDlg.xsl"

mRunOnce: [spybotDeletingC939] cmd.exe /c del "C:\ProgramData\W3i\InstallIQUpdater\IQUMessageDlg.xsl"

mRunOnce: [spybotDeletingA3645] command.com /c del "C:\ProgramData\W3i\InstallIQUpdater\updater.log"

mRunOnce: [spybotDeletingC5963] cmd.exe /c del "C:\ProgramData\W3i\InstallIQUpdater\updater.log"

mRunOnce: [spybotDeletingA7383] command.com /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater\InstallIQ Updater.lnk"

mRunOnce: [spybotDeletingC7381] cmd.exe /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater\InstallIQ Updater.lnk"

mRunOnce: [spybotDeletingA9548] command.com /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater\Privacy Policy.url"

mRunOnce: [spybotDeletingC3349] cmd.exe /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater\Privacy Policy.url"

mRunOnce: [spybotDeletingA3506] command.com /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater\Terms & Conditions.url"

mRunOnce: [spybotDeletingC2744] cmd.exe /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater\Terms & Conditions.url"

mRunOnce: [spybotDeletingA16] command.com /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater\Uninstall InstallIQ Updater.lnk"

mRunOnce: [spybotDeletingC8752] cmd.exe /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater\Uninstall InstallIQ Updater.lnk"

mRunOnce: [spybotDeletingA1105] command.com /c del "C:\Program Files (x86)\W3i\InstallIQUpdater\iqu.xsl"

mRunOnce: [spybotDeletingC2203] cmd.exe /c del "C:\Program Files (x86)\W3i\InstallIQUpdater\iqu.xsl"

mRunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll

.

INFO: HKCU has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

.

INFO: HKLM has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

DPF: {38AB0814-B09B-4378-9940-14A19638C3C2} - hxxp://www.auctiva.com/Aurigma/ImageUploader57.cab

DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

TCP: NameServer = 192.168.1.254

TCP: Interfaces\{98020DCE-C89D-4204-8160-A19B26E85B96} : DHCPNameServer = 192.168.1.254

TCP: Interfaces\{98020DCE-C89D-4204-8160-A19B26E85B96}\2375942554932393 : DHCPNameServer = 192.168.1.254

TCP: Interfaces\{98020DCE-C89D-4204-8160-A19B26E85B96}\2656C656E6 : DHCPNameServer = 209.18.47.61 209.18.47.62

TCP: Interfaces\{98020DCE-C89D-4204-8160-A19B26E85B96}\2656C6B696E6534376 : DHCPNameServer = 192.168.2.1 75.75.75.75 75.75.76.76

TCP: Interfaces\{98020DCE-C89D-4204-8160-A19B26E85B96}\2656E6E697F5F6E6169627 : DHCPNameServer = 191.168.1.138

TCP: Interfaces\{98020DCE-C89D-4204-8160-A19B26E85B96}\47865602D696374716B656 : DHCPNameServer = 192.168.2.1

TCP: Interfaces\{98020DCE-C89D-4204-8160-A19B26E85B96}\5436F6E6F6D2E4F6274786 : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{98020DCE-C89D-4204-8160-A19B26E85B96}\C696E6B6379737 : DHCPNameServer = 192.168.0.1 68.94.156.1

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll

SSODL: WebCheck - <orphaned>

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL

x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

x64-BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -

x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL

x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL

x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe

x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe

x64-Run: [iAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe

x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe

x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe

x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

x64-Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices

x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

.

INFO: x64-HKLM has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL

Hosts: 127.0.0.1 www.spywareinfo.com

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2012-10-15 63328]

R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2012-9-21 225120]

R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2012-10-5 111456]

R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2012-9-14 40800]

R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-12-1 55856]

R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2012-9-21 200032]

R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-11-10 30568]

R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2010-1-13 7675392]

S1 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2012-5-13 28504]

S1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2012-4-25 984144]

S1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2012-4-25 370288]

S1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2012-10-22 154464]

S1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2012-10-2 185696]

S2 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10;C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [2011-9-14 169624]

S2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [2009-3-2 89600]

S2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2009-9-10 203264]

S2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2012-4-25 25232]

S2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2012-4-25 71600]

S2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-8-22 44808]

S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-6 5814392]

S2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]

S2 Browser Manager;Browser Manager;C:\ProgramData\Browser Manager\2.2.580.182\{d1538445-ebd9-4c43-882a-854eff8d928c}\brwmngr.exe [2012-9-27 1695776]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-3-28 94264]

S2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2011-5-13 30520]

S2 MemeoBackgroundService;MemeoBackgroundService;C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [2011-5-4 25824]

S2 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;C:\Program Files (x86)\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe [2012-11-10 132056]

S2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-11-11 1153368]

S2 SeagateDashboardService;Seagate Dashboard Service;C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe [2011-6-1 14088]

S2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-2 3064000]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-6-14 160944]

S2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [2012-11-10 711112]

S3 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2011-11-28 227896]

S3 intelkmd;intelkmd;C:\Windows\System32\drivers\igdpmd64.sys [2009-9-10 7369728]

S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]

S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2011-11-29 20992]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2011-11-28 216576]

S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-11-29 59392]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-11-28 1255736]

.

=============== Created Last 30 ================

.

2012-11-11 16:47:02 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy

2012-11-11 16:47:02 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy

2012-11-11 05:02:55 -------- d-----w- C:\ProgramData\Symantec

2012-11-11 04:53:00 -------- d-----w- C:\Program Files (x86)\Norton PC Checkup 3.0

2012-11-11 04:52:53 -------- d-----w- C:\ProgramData\Norton

2012-11-11 04:52:32 -------- d-----w- C:\Users\Mary\AppData\Roaming\PCCUStubInstaller

2012-11-11 04:31:58 -------- d-----w- C:\Users\Mary\AppData\Roaming\AVG2013

2012-11-11 04:29:09 -------- d-----w- C:\Users\Mary\AppData\Roaming\TuneUp Software

2012-11-11 04:29:09 -------- d-----w- C:\Users\Mary\AppData\Local\AVG Secure Search

2012-11-11 04:29:08 -------- d-----w- C:\ProgramData\AVG Secure Search

2012-11-11 04:29:00 30568 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys

2012-11-11 04:28:59 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search

2012-11-11 04:28:59 -------- d-----w- C:\Program Files (x86)\AVG Secure Search

2012-11-11 04:26:05 -------- d--h--w- C:\$AVG

2012-11-11 04:26:05 -------- d-----w- C:\ProgramData\AVG2013

2012-11-11 04:23:12 -------- d-----w- C:\Users\Mary\AppData\Local\MFAData

2012-11-11 04:23:12 -------- d-----w- C:\Users\Mary\AppData\Local\Avg2013

2012-11-11 04:23:12 -------- d-----w- C:\ProgramData\MFAData

2012-11-11 01:46:38 -------- d-sh--w- C:\found.003

2012-11-10 19:17:34 -------- d-sh--w- C:\found.002

2012-11-09 17:50:48 9291768 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{84B9F603-4BF9-4085-BD9B-08D17737F911}\mpengine.dll

2012-10-22 21:02:44 154464 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys

2012-10-15 11:48:50 63328 ----a-w- C:\Windows\System32\drivers\avgidsha.sys

.

==================== Find3M ====================

.

2012-10-30 23:51:55 984144 ----a-w- C:\Windows\System32\drivers\aswSnx.sys

2012-10-30 23:51:55 71600 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys

2012-10-30 23:51:07 41224 ----a-w- C:\Windows\avastSS.scr

2012-10-15 16:59:28 54072 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys

2012-10-08 23:32:59 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-10-08 23:32:59 696760 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2012-10-05 11:32:50 111456 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys

2012-10-02 11:30:38 185696 ----a-w- C:\Windows\System32\drivers\avgldx64.sys

2012-09-30 03:54:26 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-09-25 03:50:51 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2012-09-25 03:50:34 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

2012-09-25 03:50:34 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2012-09-21 11:46:04 200032 ----a-w- C:\Windows\System32\drivers\avgtdia.sys

2012-09-21 11:46:00 225120 ----a-w- C:\Windows\System32\drivers\avgloga.sys

2012-09-14 19:19:29 2048 ----a-w- C:\Windows\System32\tzres.dll

2012-09-14 18:28:53 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

2012-09-14 11:05:18 40800 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys

2012-08-31 18:19:35 1659760 ----a-w- C:\Windows\System32\drivers\ntfs.sys

2012-08-30 18:03:45 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe

2012-08-30 17:12:02 3968880 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2012-08-30 17:12:02 3914096 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2012-08-24 18:05:07 220160 ----a-w- C:\Windows\System32\wintrust.dll

2012-08-24 16:57:48 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll

2012-08-24 10:31:32 2312704 ----a-w- C:\Windows\System32\jscript9.dll

2012-08-24 10:21:18 1392128 ----a-w- C:\Windows\System32\wininet.dll

2012-08-24 10:20:11 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2012-08-24 10:14:45 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2012-08-24 10:13:29 599040 ----a-w- C:\Windows\System32\vbscript.dll

2012-08-24 10:09:42 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2012-08-24 06:59:17 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll

2012-08-24 06:51:27 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-08-24 06:51:02 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2012-08-24 06:47:26 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2012-08-24 06:47:12 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll

2012-08-24 06:43:58 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2012-08-22 18:12:50 1913200 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2012-08-22 18:12:40 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys

2012-08-22 18:12:40 376688 ----a-w- C:\Windows\System32\drivers\netio.sys

2012-08-22 18:12:33 288624 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS

2012-08-21 21:01:00 245760 ----a-w- C:\Windows\System32\OxpsConverter.exe

2012-08-21 18:01:20 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys

2012-08-21 18:01:20 125872 ----a-w- C:\Windows\System32\GEARAspi64.dll

2012-08-21 18:01:20 106928 ----a-w- C:\Windows\SysWow64\GEARAspi.dll

2012-08-20 18:48:44 362496 ----a-w- C:\Windows\System32\wow64win.dll

2012-08-20 18:48:44 243200 ----a-w- C:\Windows\System32\wow64.dll

2012-08-20 18:48:44 13312 ----a-w- C:\Windows\System32\wow64cpu.dll

2012-08-20 18:48:43 215040 ----a-w- C:\Windows\System32\winsrv.dll

2012-08-20 18:48:37 16384 ----a-w- C:\Windows\System32\ntvdm64.dll

2012-08-20 18:48:35 424448 ----a-w- C:\Windows\System32\KernelBase.dll

2012-08-20 18:46:22 338432 ----a-w- C:\Windows\System32\conhost.exe

2012-08-20 17:40:21 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll

2012-08-20 17:38:44 44032 ----a-w- C:\Windows\apppatch\acwow64.dll

2012-08-20 17:38:26 25600 ----a-w- C:\Windows\SysWow64\setup16.exe

2012-08-20 17:37:19 5120 ----a-w- C:\Windows\SysWow64\wow32.dll

2012-08-20 17:37:18 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll

2012-08-20 15:38:21 7680 ----a-w- C:\Windows\SysWow64\instnm.exe

2012-08-20 15:38:20 2048 ----a-w- C:\Windows\SysWow64\user.exe

2012-08-20 15:33:28 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll

2012-08-20 15:33:28 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll

2012-08-20 15:33:28 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll

2012-08-20 15:33:28 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll

.

============= FINISH: 10:49:23.96 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-07.01)

.

Microsoft Windows 7 Ultimate

Boot Device: \Device\HarddiskVolume1

Install Date: 1/9/2008 7:16:51 PM

System Uptime: 11/11/2012 10:31:48 AM (0 hours ago)

.

Motherboard: Hewlett-Packard | | 307B

Processor: Intel® Core2 Duo CPU L9400 @ 1.86GHz | CPU | 1862/1066mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 149 GiB total, 86.143 GiB free.

.

==== Disabled Device Manager Items =============

.

Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Description: Security Processor Loader Driver

Device ID: ROOT\LEGACY_SPLDR\0000

Manufacturer:

Name: Security Processor Loader Driver

PNP Device ID: ROOT\LEGACY_SPLDR\0000

Service: spldr

.

Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Description: avast! Network Shield Support

Device ID: ROOT\LEGACY_ASWTDI\0000

Manufacturer:

Name: avast! Network Shield Support

PNP Device ID: ROOT\LEGACY_ASWTDI\0000

Service: aswTdi

.

==== System Restore Points ===================

.

No restore point in system.

.

==== Installed Programs ======================

.

7-Zip 9.20

ActiveCheck component for HP Active Support Library

Adobe Acrobat X Pro - English, Français, Deutsch

Adobe After Effects CS5.5

Adobe AIR

Adobe Community Help

Adobe Content Viewer

Adobe Contribute CS5

Adobe Digital Editions

Adobe Download Assistant

Adobe Fireworks CS5

Adobe Flash Builder 4.5

Adobe Flash Catalyst CS5.5

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Flash Professional CS5.5

Adobe Illustrator CS5.1

Adobe InDesign CS5.5

Adobe Media Player

Adobe Photoshop CS5.1

Adobe Photoshop Elements 10

Adobe Photoshop.com Inspiration Browser

Adobe Premiere Elements 10

Adobe Premiere Pro CS5.5

Adobe Story

Any Video Converter 3.3.8

Apple Application Support

Apple Mobile Device Support

Apple Software Update

ATI Catalyst Install Manager

avast! Free Antivirus

AVG 2013

AVS Update Manager 1.0

AVS Video Converter 8

AVS4YOU Software Navigator 1.4

BlackBerry Desktop Software 6.1

BlackBerry Desktop Software 7.1

Bonjour

Browser Manager

Catalyst Control Center - Branding

Catalyst Control Center Core Implementation

Catalyst Control Center Graphics Full Existing

Catalyst Control Center Graphics Full New

Catalyst Control Center Graphics Light

Catalyst Control Center Graphics Previews Common

Catalyst Control Center Graphics Previews Vista

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

ccc-core-static

ccc-utility64

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

CDBurnerXP

CorelDRAW Graphics Suite X3

Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition

DivX Setup

Elements 10 Organizer

EN

File Type Assistant

FontNav

Free File Viewer 2011

Google Chrome

Google Toolbar for Internet Explorer

Google Update Helper

GoToMeeting 5.2.0.952

Grab & Burn, Version 4.0.1 ( Build 2005-09-21, Win32, CSS )

HP Quick Launch Buttons

HP Support Assistant

HPAsset component for HP Active Support Library

IDT Audio

ImgBurn

Intel® Matrix Storage Manager

Internet Explorer (Enable DEP)

iTunes

Java 7 Update 7

Java Auto Updater

JavaFX 2.1.0

Malwarebytes Anti-Malware version 1.65.1.1000

Memeo AutoSync

Memeo Instant Backup

Microsoft .NET Framework 4 Client Profile

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Groove MUI (English) 2010

Microsoft Office InfoPath MUI (English) 2010

Microsoft Office Office 32-bit Components 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Professional Plus 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared 32-bit MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Word MUI (English) 2010

Microsoft Outlook Social Connector Provider for Facebook 64-bit

Microsoft Silverlight

Microsoft VC80 Support DLLs

Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft_VC80_ATL_x86

Microsoft_VC80_ATL_x86_x64

Microsoft_VC80_CRT_x86

Microsoft_VC80_CRT_x86_x64

Microsoft_VC80_MFC_x86

Microsoft_VC80_MFC_x86_x64

Microsoft_VC80_MFCLOC_x86

Microsoft_VC80_MFCLOC_x86_x64

Microsoft_VC90_ATL_x86

Microsoft_VC90_ATL_x86_x64

Microsoft_VC90_CRT_x86

Microsoft_VC90_CRT_x86_x64

Microsoft_VC90_MFC_x86

Microsoft_VC90_MFC_x86_x64

Microsoft_VC90_MFCLOC_x86

Microsoft_VC90_MFCLOC_x86_x64

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Norton PC Checkup

PDF Settings CS5

PeerBlock 1.1 (r518)

PRE10STI64Installer

PSE10 STI Installer

PX Profile Update

PxMergeModule

QLBCASL

QuickTime

Realtek USB 2.0 Card Reader

Rhinoceros 4.0

Seagate Dashboard

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft Excel 2010 (KB2597166) 64-Bit Edition

Security Update for Microsoft InfoPath 2010 (KB2687417) 64-Bit Edition

Security Update for Microsoft InfoPath 2010 (KB2687436) 64-Bit Edition

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft Office 2010 (KB2553260) 64-Bit Edition

Security Update for Microsoft Office 2010 (KB2553371) 64-Bit Edition

Security Update for Microsoft Office 2010 (KB2553447) 64-Bit Edition

Security Update for Microsoft Office 2010 (KB2589320) 64-Bit Edition

Security Update for Microsoft Office 2010 (KB2589322) 64-Bit Edition

Security Update for Microsoft Office 2010 (KB2598243) 64-Bit Edition

Security Update for Microsoft PowerPoint 2010 (KB2553185) 64-Bit Edition

Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)

Security Update for Microsoft Visio Viewer 2010 (KB2598287) 64-Bit Edition

Security Update for Microsoft Word 2010 (KB2553488) 64-Bit Edition

Skype Click to Call

Skype™ 5.10

SmartSound Common Data

SmartSound Premiere Elements 10 x64 Plugin

SmartSound Sonicfire Pro 5

Spybot - Search & Destroy

Synaptics Pointing Device Driver

Tixati

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553092)

Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition

Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition

Update for Microsoft Office 2010 (KB2553270) 64-Bit Edition

Update for Microsoft Office 2010 (KB2553272) 64-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2598289) 64-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition

Update for Microsoft OneNote 2010 (KB2589345) 64-Bit Edition

Update for Microsoft Outlook 2010 (KB2553248) 64-Bit Edition

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition

Update Manager

VBA

VC80CRTRedist - 8.0.50727.6195

Video Download Converter version 1.0.0.0

Visual C++ 8.0 Runtime Setup Package (x64)

Visual Studio 2010 x64 Redistributables

VLC media player 2.0.1

VoipStunt

WebEx

WinRAR 4.00 (64-bit)

WinX DVD Ripper 5.5.5

Wondershare Video Converter Ultimate(Build 5.7.6.7)

Xvid Video Codec

.

==== Event Viewer Messages From Past Week ========

.

11/9/2012 10:32:33 AM, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control.

11/8/2012 9:38:07 AM, Error: Service Control Manager [7022] - The Windows Search service hung on starting.

11/8/2012 9:33:13 AM, Error: Service Control Manager [7009] - A timeout was reached (120000 milliseconds) while waiting for the Windows Search service to connect.

11/8/2012 9:33:13 AM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

11/8/2012 9:33:13 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

11/8/2012 9:32:42 AM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

11/8/2012 9:32:42 AM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.

11/8/2012 9:29:05 AM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume .

11/7/2012 12:15:57 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D3DCB472-7261-43CE-924B-0704BD730D5F} and APPID {D3DCB472-7261-43CE-924B-0704BD730D5F} to the user Mary-PC\Mary SID (S-1-5-21-1341807160-3865741825-2589349222-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

11/7/2012 12:15:54 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {145B4335-FE2A-4927-A040-7C35AD3180EF} and APPID {145B4335-FE2A-4927-A040-7C35AD3180EF} to the user Mary-PC\Mary SID (S-1-5-21-1341807160-3865741825-2589349222-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

11/7/2012 1:45:38 PM, Error: volsnap [14] - The shadow copies of volume C: were aborted because of an IO failure on volume C:.

11/7/2012 1:13:44 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.

11/6/2012 7:18:30 PM, Error: Service Control Manager [7011] - A timeout (120000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

11/11/2012 8:39:28 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F}

11/11/2012 8:39:27 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}

11/11/2012 10:49:19 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

11/11/2012 10:33:23 AM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.

11/11/2012 10:33:23 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

11/11/2012 10:33:22 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

11/11/2012 10:33:09 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

11/11/2012 10:32:55 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

11/11/2012 10:32:46 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: aswKbd aswSnx aswSP aswTdi AVGIDSDriver Avgldx64 cdrom discache spldr TermDD Wanarpv6

11/11/2012 10:32:37 AM, Error: Service Control Manager [7001] - The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error: A device attached to the system is not functioning.

11/11/2012 10:31:06 AM, Error: Service Control Manager [7024] - The AVGIDSAgent service terminated with service-specific error %%-536805256.

11/11/2012 10:30:41 AM, Error: Microsoft-Windows-TaskScheduler [413] - Task Scheduler service failed to load tasks at service startup. Additional Data: Error Value: 2147942402.

11/10/2012 8:59:55 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

11/10/2012 8:40:45 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: aswKbd aswSnx aswSP aswTdi AVGIDSDriver Avgldx64 blbdrive cdrom discache mssmbios spldr TermDD Wanarpv6

11/10/2012 8:39:54 PM, Error: volmgr [46] - Crash dump initialization failed!

11/10/2012 8:16:02 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: aswKbd aswSnx aswSP aswTdi cdrom discache spldr Wanarpv6

11/10/2012 4:56:29 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}

11/10/2012 4:46:01 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:.

11/10/2012 4:46:01 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume \Device\HarddiskVolume2.

11/10/2012 4:39:11 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

11/10/2012 4:39:09 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}

11/10/2012 4:39:09 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}

11/10/2012 4:38:48 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD aswKbd aswRdr aswSnx aswSP aswTdi cdrom CSC DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf

11/10/2012 4:38:48 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

11/10/2012 4:38:48 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

11/10/2012 4:38:48 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.

11/10/2012 4:38:48 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

11/10/2012 4:38:48 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

11/10/2012 4:38:48 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.

11/10/2012 4:38:48 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

11/10/2012 4:38:48 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

11/10/2012 4:38:48 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.

11/10/2012 4:38:48 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

11/10/2012 2:52:27 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cdrom

11/10/2012 2:12:57 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}

11/10/2012 12:06:38 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR2.

11/10/2012 11:24:01 AM, Error: Service Control Manager [7000] - The HP Health Check Service service failed to start due to the following error: The system cannot find the file specified.

11/10/2012 11:06:40 AM, Error: Service Control Manager [7023] - The Windows Defender service terminated with the following error: %%-2147023436

11/10/2012 11:00:56 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\C:\Users\Mary\ntuser.dat' was corrupted and it has been recovered. Some data might have been lost.

11/10/2012 11:00:40 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\SystemRoot\System32\Config\SOFTWARE' was corrupted and it has been recovered. Some data might have been lost.

.

==== End Of File ===========================

Link to post
Share on other sites

Hello racerkaczor and :welcome:! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.

Please proced with these instructions in Safe mode with Networking:

Step 1

  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

Step 2

Download aswMBR.exe to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan

aswMBR2-1.gif

On completion of the scan click save log, save it to your desktop and post in your next reply

aswMBR2.png

In your next reply, post the following log files:

  • Malwarebytes' Anti-Malware log
  • aswMBR log

Link to post
Share on other sites

  • 2 weeks later...

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.