shutting down randomly urgent!

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

serath40

Thread Starter
Joined
Jan 19, 2011
Messages
14
Hello all i am new here but this is urgent as this is a buisness computer about 3 days ago I got a windows update thats was random and mandatory i guess. but ever since my pc has been shutting randomly on its own every 1-3 hours i have cleaned registry repaired registry. i have checked pc tempature i have scanned for viruses 4 times! did system restore. then i looked on google for hours upon hours i got suspicious of it being because of it possibly being a windows 7 rc version but no it is the newest legit version ive defragged i meen ive done almost everything i can think of im losing it. i called dell support my warranty was up but he said it was most likely something to do with the windows update but im not sure. im not a rich person so i cannot afford really a technician as of now please help. i know its a windows 7 home premium dell inspiron 1764 laptop i3 processor 4gb of ram idk any others im not super pc smart.

p.s there is no error code or BSOD it just says logging off shutting off then thats it.
 

serath40

Thread Starter
Joined
Jan 19, 2011
Messages
14
i also wanted to add it cannot be overheating my pc temps are all around 35-40 celsius i have eset smart security 4 so it cant be a virus ive scanned 5 times now just did another this pc is only 7 months old. :(
 
Joined
Sep 13, 2010
Messages
628
Hi,
First off, never clean your registry unless advised to do so by an expert, this can cause yet more harm then you had to start with.
Have you tried doing a System Restore prior to installing the update to see if that helps.

Ray
 
Joined
Feb 14, 2009
Messages
128
Why do you have an RC copy of windows 7 on a new computer, which should have came windows pre-installed? Also if the computer is 7 Months old, your dell warranty is not up as they offer a limited 1 year warranty on their products. Given, dell does not cover software as it is not made by dell, but it is made by microsoft.


Does the computer turn its self off in safe mode as well? Having one antivirus on your computer does not mean its virus free. Posting a HJT log or even running malware bytes may be a good idea. Unfortunately HJT logs, as well as help in removing malware, has to be done by certified members.
 

dvk01

Derek
Retired Moderator Retired Malware Specialist
Joined
Dec 14, 2002
Messages
56,452
Please run the MGA Diagnostic Tool and post back the report it creates:
  • Download MGADiag to your desktop.
  • Double-click on MGADiag.exe to launch the program
  • Click "Continue"
  • Ensure that the "Windows" tab is selected (it should be by default).
  • Click the "Copy" button to copy the MGA Diagnostic Report to the Windows clipboard.
  • Paste the MGA Diagnostic Report back here in your next reply.
 

serath40

Thread Starter
Joined
Jan 19, 2011
Messages
14
fodelement it is not a rc version sorry if i was unclear but it is the build 7600 not rc. and dvk i will do that now. and fodelement how would i do malware bytes or hjt logs?
 

serath40

Thread Starter
Joined
Jan 19, 2011
Messages
14
Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->
Validation Code: 0
Cached Online Validation Code: 0x0
Windows Product Key: *****-*****-QCPVQ-KHRB8-RMV82
Windows Product Key Hash: +Rj3N34NLM2JqoBO/OzgzTZXgbY=
Windows Product ID: 00359-OEM-8992687-00095
Windows Product ID Type: 2
Windows License Type: OEM SLP
Windows OS version: 6.1.7600.2.00010300.0.0.003
ID: {5D276CB3-F2BB-4560-BF6A-0C7D9B3E12F1}(1)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: N/A, hr = 0x80070002
Signed By: N/A, hr = 0x80070002
Product Name: Windows 7 Home Premium
Architecture: 0x00000009
Build lab: 7600.win7_gdr.100618-1621
TTS Error:
Validation Diagnostic:
Resolution Status: N/A
Vista WgaER Data-->
ThreatID(s): N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002
OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002
OGA Data-->
Office Status: 109 N/A
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3
Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed
File Scan Data-->
Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{5D276CB3-F2BB-4560-BF6A-0C7D9B3E12F1}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7600.2.00010300.0.0.003</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-RMV82</PKey><PID>00359-OEM-8992687-00095</PID><PIDType>2</PIDType><SID>S-1-5-21-3353836649-3912363437-4109639246</SID><SYSTEM><Manufacturer>Dell Inc.</Manufacturer><Model>Inspiron 1764</Model></SYSTEM><BIOS><Manufacturer>Dell Inc.</Manufacturer><Version>A01</Version><SMBIOSVersion major="2" minor="6"/><Date>20091106000000.000000+000</Date></BIOS><HWID>C3BB3607018400FC</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern Standard Time(GMT-05:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>DELL </OEMID><OEMTableID>QA09 </OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>
Spsys.log Content: 0x80070002
Licensing Data-->
Software licensing service version: 6.1.7600.16385
Name: Windows(R) 7, HomePremium edition
Description: Windows Operating System - Windows(R) 7, OEM_SLP channel
Activation ID: d2c04e90-c3dd-4260-b0f3-f845f5d27d64
Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
Extended PID: 00359-00178-926-800095-02-1033-7600.0000-0432010
Installation ID: 016563014076755836839655519221844743683934686562982236
Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
Partial Product Key: RMV82
License Status: Licensed
Remaining Windows rearm count: 3
Trusted time: 1/21/2011 6:47:26 AM
Windows Activation Technologies-->
HrOffline: 0x00000000
HrOnline: 0x00000000
HealthStatus: 0x0000000000000000
Event Time Stamp: 12:31:2010 21:39
ActiveX: Registered, Version: 7.1.7600.16395
Admin Service: Registered, Version: 7.1.7600.16395
HealthStatus Bitmask Output:

HWID Data-->
HWID Hash Current: NgAAAAIAAgABAAEAAgABAAAAAwABAAEA6GFIyD7l/cAyjppRKD+QgY3vazZ0XQgzws8CnFxd
OEM Activation 1.0 Data-->
N/A
OEM Activation 2.0 Data-->
BIOS valid for OA 2.0: yes
Windows marker version: 0x20001
OEMID and OEMTableID Consistent: yes
BIOS Information:
ACPI Table Name OEMID Value OEMTableID Value
APIC PTLTD APIC
FACP INTEL CRESTLNE
HPET INTEL CRESTLNE
BOOT PTLTD $SBFTBL$
MCFG INTEL CRESTLNE
SLIC DELL QA09
OSFR DELL DELL
SSDT PmRef CpuPm

this is the mgadiag you requested dvk01
 

serath40

Thread Starter
Joined
Jan 19, 2011
Messages
14
is it safe by the way to post this up for the web to see just wondering? I believe its ok for members to see just not strangers from all over the web?
 

serath40

Thread Starter
Joined
Jan 19, 2011
Messages
14
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 3/8/2010 7:50:32 PM
System Uptime: 1/19/2011 5:09:28 AM (50 hours ago)
Motherboard: Dell Inc. | | 0TKV96
Processor: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz | U2E1 | 917/133mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 59 GiB total, 12.931 GiB free.
D: is FIXED (NTFS) - 397 GiB total, 365.75 GiB free.
E: is CDROM ()
F: is CDROM ()
G: is CDROM ()
==== Disabled Device Manager Items =============
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Virtual WiFi Miniport Adapter
Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&19573A40&0&01
Manufacturer: Microsoft
Name: Microsoft Virtual WiFi Miniport Adapter
PNP Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&19573A40&0&01
Service: vwifimp
==== System Restore Points ===================
RP194: 1/19/2011 6:30:01 AM - Scheduled Checkpoint
==== Installed Programs ======================
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.3.3
Apple Application Support
Apple Software Update
Banctec Service Agreement
BufferChm
CCleaner
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Complete Care Business Service Agreement
Complete Care Consumer Service Agreement
Consumer In-Home Service Agreement
Copy
Coupon Printer for Windows
D3DX10
Dell DataSafe Online
Dell Getting Started Guide
Dell Home Systems Service Agreement
Dell Support Center (Support Software)
Destinations
DeviceDiscovery
Diph
Disk Cleaner (remove only)
DJ_AIO_05_F4400_Software_Min
EA Download Manager
F4400
Focus Magic 3.02
Free Window Registry Repair
Game Booster
Google Earth
Google Update Helper
GoToAssist 8.0.0.514
GPBaseService2
HP Photo Creations
HP Update
HP USB Disk Storage Format Tool
HPPhotoGadget
HPProductAssistant
HPSSupply
Intel(R) Graphics Media Accelerator Driver
Internet TV for Windows Media Center
iPrep 101 v0.0.6.2 Beta
Java Auto Updater
Java(TM) 6 Update 23
JDownloader
Junk Mail filter update
Malwarebytes' Anti-Malware
MarketResearch
MCEBrowser
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Works
Mozilla Firefox (3.6.10)
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Pando Media Booster
PowerDVD DX
QualXServ Service Agreement
QuickTime
Realtek High Definition Audio Driver
Scan
Search Toolbar
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
SmartWebPrinting
Softonic_English Toolbar
SolutionCenter
SpeedFan (remove only)
Status
Steam
System Requirements Lab
System Requirements Lab CYRI
The Sims&#8482; 2 Double Deluxe
Toolbox
TrayApp
Virtual DJ Home - Atomix Productions
WavePad Sound Editor
WebReg
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
World of Warcraft
==== Event Viewer Messages From Past Week ========
1/20/2011 7:04:54 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
1/19/2011 2:44:12 AM, Error: Service Control Manager [7031] - The ESET Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
1/18/2011 9:11:11 PM, Error: Microsoft-Windows-SharedAccess_NAT [34001] - The ICS_IPV6 failed to configure IPv6 stack.
1/18/2011 9:09:43 PM, Error: Microsoft-Windows-SharedAccess_NAT [31004] - The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
1/18/2011 9:08:04 PM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
1/17/2011 6:13:44 PM, Error: VDS Basic Provider [1] - Unexpected failure. Error code: [email protected]
1/17/2011 2:20:57 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
1/17/2011 2:20:57 AM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
1/17/2011 12:37:52 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the LogMeIn Hamachi 2.0 Tunneling Engine service to connect.
1/17/2011 12:37:52 PM, Error: Service Control Manager [7000] - The LogMeIn Hamachi 2.0 Tunneling Engine service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
1/17/2011 12:37:37 PM, Error: Service Control Manager [7030] - The LogMeIn Hamachi 2.0 Tunneling Engine service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
1/17/2011 12:37:37 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Media Player Network Sharing Service service to connect.
1/17/2011 12:37:37 PM, Error: Service Control Manager [7000] - The Windows Media Player Network Sharing Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
1/16/2011 10:10:45 AM, Error: volsnap [67] - The shadow copy of volume C: being created failed to install.
==== End Of File ===========================


this is thee attach.
 

serath40

Thread Starter
Joined
Jan 19, 2011
Messages
14
DDS (Ver_10-12-12.02) - NTFS_AMD64
Run by Nova at 7:08:33.42 on Fri 01/21/2011
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_23
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3893.2161 [GMT -5:00]
AV: ESET Smart Security 4.2 *Enabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
SP: ESET Smart Security 4.2 *Enabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personal firewall *Enabled* {F3340042-195E-BB41-42D1-CDB495BB46DE}
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE
C:\Program Files (x86)\Windows Sidebar\sidebar.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\conhost.exe
C:\Windows\splwow64.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Users\Nova\Desktop\ShutdownGuard.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
C:\Windows\system32\LogonUI.exe
C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10i_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Softonic_English\Softonic_EnglishToolbarHelper.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Nova\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5FUI08BM\dds[1].scr
C:\Windows\system32\conhost.exe
============== Pseudo HJT Report ===============
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT1142338
uURLSearchHooks: Softonic English Toolbar: {930f1200-f5f1-4870-bac6-e233ec8e7023} - C:\Program Files (x86)\Softonic_English\tbSoft.dll
mURLSearchHooks: Softonic English Toolbar: {930f1200-f5f1-4870-bac6-e233ec8e7023} - C:\Program Files (x86)\Softonic_English\tbSoft.dll
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Softonic English Toolbar: {930f1200-f5f1-4870-bac6-e233ec8e7023} - C:\Program Files (x86)\Softonic_English\tbSoft.dll
BHO: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Softonic English Toolbar: {930f1200-f5f1-4870-bac6-e233ec8e7023} - C:\Program Files (x86)\Softonic_English\tbSoft.dll
TB: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe /autoRun
uRun: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
uRun: [WinUpdate] C:\Windows\system32\winupd.exe
uRun: [Adobe Drivers] C:\Users\Nova\AppData\Roaming\Microsoft\Windows Firewall\winnit.exe
mRun: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
mRun: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m
mRun: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [fsn] C:\Program Files (x86)\Phoenix Technologies Ltd\FailSafe\FailSafeNotifier.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [WinUpdate] C:\Windows\system32\winupd.exe
mRunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
StartupFolder: C:\Users\Nova\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\winupd.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.71.0.cab
DPF: {15B782AF-55D8-11D1-B477-006097098764} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/authorware/awswaxd.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.3.1.0.cab
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB-X64: {930F1200-F5F1-4870-BAC6-E233EC8E7023} - No File
TB-X64: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File
TB-X64: {9D425283-D487-4337-BAB6-AB8354A81457} - No File
mRun-x64: [Apoint] C:\Program Files\DellTPad\Apoint.exe
mRun-x64: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
mRun-x64: [IgfxTray] C:\Windows\system32\igfxtray.exe
mRun-x64: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
mRun-x64: [Persistence] C:\Windows\system32\igfxpers.exe
mRun-x64: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe
mRun-x64: [Broadcom Wireless Manager UI] C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe
mRun-x64: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
============= SERVICES / DRIVERS ===============
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-10-9 92160]
R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2008-12-18 155648]
R2 eamonm;eamonm;C:\Windows\System32\drivers\eamonm.sys [2010-3-24 163888]
R2 ekrn;ESET Service;C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2010-3-24 810120]
R2 epfwwfp;epfwwfp;C:\Windows\System32\drivers\epfwwfp.sys [2010-3-24 50600]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2009-10-12 151040]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2009-9-25 233984]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-3-4 346144]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-1-3 136176]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2009-7-16 220672]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2009-8-28 49152]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-13 17920]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-4-1 1255736]
=============== Created Last 30 ================
2011-01-21 11:59:55 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2011-01-21 11:59:51 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-01-21 11:49:26 -------- d-----w- C:\MGADiagToolOutput
2011-01-19 01:32:08 -------- d-----w- C:\Program Files (x86)\SpeedFan
2011-01-18 09:04:59 -------- d-----w- C:\Windows\SysWow64\Profiles
2011-01-18 04:22:20 -------- d-----w- C:\Program Files (x86)\Free Window Registry Repair
2011-01-17 22:54:42 -------- d-----w- C:\Users\Nova\AppData\Local\Promosoft Corporation
2011-01-17 22:54:31 -------- d-----w- C:\Program Files (x86)\Promosoft Corporation
2011-01-17 22:51:10 -------- d-----w- C:\Users\Nova\AppData\Roaming\SmartPCTools
2011-01-17 20:07:36 -------- d-----w- C:\Program Files (x86)\CCleaner
2011-01-17 19:42:33 -------- d-----w- C:\Windows\en
2011-01-17 19:38:40 469256 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\2339de2b1cbb67e05\InstallManager_WLE_WLE.exe
2011-01-17 19:38:36 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\2169b1d61cbb67e04\DXSETUP.exe
2011-01-17 19:38:35 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\2169b1d61cbb67e04\DSETUP.dll
2011-01-17 19:38:35 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\2169b1d61cbb67e04\dsetup32.dll
2011-01-17 19:38:34 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\1ffd7f4c1cbb67e03\DSETUP.dll
2011-01-17 19:38:34 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\1ffd7f4c1cbb67e03\DXSETUP.exe
2011-01-17 19:38:34 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\1ffd7f4c1cbb67e03\dsetup32.dll
2011-01-17 19:38:24 -------- d-----w- C:\Users\Nova\AppData\Local\Windows Live
2011-01-17 19:37:50 206848 ----a-w- C:\Windows\System32\mfps.dll
2011-01-17 19:37:49 4068864 ----a-w- C:\Windows\System32\mf.dll
2011-01-17 19:37:49 257024 ----a-w- C:\Windows\System32\mfreadwrite.dll
2011-01-17 19:37:49 196608 ----a-w- C:\Windows\SysWow64\mfreadwrite.dll
2011-01-17 19:37:49 1888256 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2011-01-17 19:37:49 1619456 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
2011-01-17 19:37:48 3181568 ----a-w- C:\Windows\SysWow64\mf.dll
2011-01-17 17:37:25 33856 ---ha-w- C:\Windows\System32\hamachi.sys
2011-01-16 01:25:39 -------- d-----w- C:\Users\Nova\AppData\Local\jagexlauncher
2011-01-15 22:05:42 720896 ----a-w- C:\Windows\System32\odbc32.dll
2011-01-15 22:05:41 987136 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msado15.dll
2011-01-15 22:05:41 573440 ----a-w- C:\Windows\SysWow64\odbc32.dll
2011-01-15 22:05:41 495616 ----a-w- C:\Program Files\Common Files\System\ado\msadox.dll
2011-01-15 22:05:41 466944 ----a-w- C:\Program Files\Common Files\System\ado\msadomd.dll
2011-01-15 22:05:41 372736 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadox.dll
2011-01-15 22:05:41 352256 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadomd.dll
2011-01-15 22:05:41 258048 ----a-w- C:\Program Files\Common Files\System\msadc\msadco.dll
2011-01-15 22:05:41 1425408 ----a-w- C:\Program Files\Common Files\System\ado\msado15.dll
2011-01-15 22:05:40 208896 ----a-w- C:\Program Files (x86)\Common Files\System\msadc\msadco.dll
2011-01-06 12:06:42 -------- d-----w- C:\Program Files (x86)\Search Toolbar
2011-01-06 12:05:50 -------- d-----w- C:\Program Files (x86)\NCH Swift Sound
2011-01-03 22:40:46 -------- d-----w- C:\Users\Nova\AppData\Local\Google
2011-01-01 01:23:09 -------- d-----w- C:\PROGRA~3\Electronic Arts
2010-12-29 22:39:23 -------- d-----w- C:\Program Files (x86)\EA GAMES
2010-12-23 15:22:18 -------- d-----w- C:\Users\Nova\AppData\Local\ElevatedDiagnostics
==================== Find3M ====================
2010-12-20 23:08:40 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2010-11-12 23:53:06 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2010-11-06 18:35:40 2484072 ----a-w- C:\Windows\SysWow64\abgx360.exe
2010-11-04 06:35:53 1194496 ----a-w- C:\Windows\System32\wininet.dll
2010-11-04 06:31:34 57856 ----a-w- C:\Windows\System32\licmgr10.dll
2010-11-04 05:52:17 978944 ----a-w- C:\Windows\SysWow64\wininet.dll
2010-11-04 05:48:36 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2010-11-04 05:16:14 482816 ----a-w- C:\Windows\System32\html.iec
2010-11-04 04:41:26 386048 ----a-w- C:\Windows\SysWow64\html.iec
2010-11-04 04:35:37 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2010-11-04 04:08:54 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2010-11-02 05:18:17 524288 ----a-w- C:\Windows\System32\wmicmiplugin.dll
2010-11-02 05:17:38 473600 ----a-w- C:\Windows\System32\taskcomp.dll
2010-11-02 05:17:38 1169408 ----a-w- C:\Windows\System32\taskschd.dll
2010-11-02 05:16:53 1114624 ----a-w- C:\Windows\System32\schedsvc.dll
2010-11-02 05:10:47 464384 ----a-w- C:\Windows\System32\taskeng.exe
2010-11-02 05:10:32 285696 ----a-w- C:\Windows\System32\schtasks.exe
2010-11-02 04:40:36 496128 ----a-w- C:\Windows\SysWow64\taskschd.dll
2010-11-02 04:40:36 305152 ----a-w- C:\Windows\SysWow64\taskcomp.dll
2010-11-02 04:34:44 192000 ----a-w- C:\Windows\SysWow64\taskeng.exe
2010-11-02 04:34:33 179712 ----a-w- C:\Windows\SysWow64\schtasks.exe
2010-10-27 05:06:22 2048 ----a-w- C:\Windows\System32\tzres.dll
2010-10-27 04:32:36 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2010-04-23 04:00:46 6 ----a-w- C:\Program Files (x86)\Common Files\UnInstallCompleted.tmp
2010-03-09 03:50:17 150528 ----a-w- C:\Program Files (x86)\Common Files\osdinst.dll
2010-03-09 01:02:04 4674112 ----a-w- C:\Program Files (x86)\Common Files\xsignal.exe
============= FINISH: 7:08:57.74 ===============


the DDS
 

dvk01

Derek
Retired Moderator Retired Malware Specialist
Joined
Dec 14, 2002
Messages
56,452
You do have what appears to be a SDbot trojan/virus

Delete any existing version of ComboFix you have sitting on your desktop
Please read and follow all these instructions very carefully
Do not edit or remove any information or user names etc, otherwise we cannot fix the problem. If you insist on editing out anything then I will close the topic & refuse to offer any help.

Download ComboFix from Here or Hereto your Desktop.
As you download it rename it to username123.exe


**Note: It is important that it is saved directly to your desktop and run from the desktop and not any other folder on your computer**
--------------------------------------------------------------------
1. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

  • Very Important! Temporarily disable your anti-virus and anti-malware real-time protection and any script blocking components of them or your firewall before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results" or stop combofix running at all
  • Click on THIS LINK to see instructions on how to temporarily disable many security programs while running combofix. The list does not cover every program. If yours is not listed and you don't know how to disable it, please ask.
  • Remember to re enable the protection again after combofix has finished
--------------------------------------------------------------------
2. Close any open browsers and any other programs you might have running
Double click on combofix.exe & follow the prompts.​
If you are using windows XP It might display a pop up saying that "Recovery console is not installed, do you want to install?"
Please select yes & let it download the files it needs to do this. Once the recovery console is installed Combofix will then offer to scan for malware. Select continue or yes.
When finished, it will produce a report for you.
Please post the "C:\ComboFix.txt" for further review


****Note: Do not mouseclick combofix's window while it's running. That may cause it to stall or freeze ****

Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.
Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell us when you reply. Read HERE why we disable autoruns

Please do not install any new programs or update anything (always allow your antivirus/antispyware to update) unless told to do so while we are fixing your problem. If combofix alerts to a new version and offers to update, please let it. It is essential we always use the latest version.

Please tell us if it has cured the problems or if there are any outstanding issues
 

serath40

Thread Starter
Joined
Jan 19, 2011
Messages
14
i cant tell if it worked...but here is the log i got from it. ComboFix 11-01-20.03 - Nova 01/21/2011 7:52.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3893.2524 [GMT -5:00]
Running from: c:\users\Nova\Desktop\username123.exe.exe
AV: ESET Smart Security 4.2 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
FW: ESET Personal firewall *Enabled* {F3340042-195E-BB41-42D1-CDB495BB46DE}
SP: ESET Smart Security 4.2 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files (x86)\Search Toolbar
c:\program files (x86)\Search Toolbar\icon.ico
c:\program files (x86)\Search Toolbar\SearchToolbar.dll
c:\program files (x86)\Search Toolbar\SearchToolbarUninstall.exe
c:\program files (x86)\Search Toolbar\SearchToolbarUpdater.exe
c:\users\Nova\AppData\Local\Temp\FB8D.tmp
c:\users\Nova\AppData\Roaming\inst.exe
c:\users\Nova\AppData\Roaming\Microsoft\system.exe
c:\users\Nova\AppData\Roaming\Microsoft\Windows Firewall
c:\users\Nova\AppData\Roaming\Microsoft\Windows\Templates\1.jpeg
.
((((((((((((((((((((((((( Files Created from 2010-12-21 to 2011-01-21 )))))))))))))))))))))))))))))))
.
2011-01-21 12:56 . 2011-01-21 12:56 -------- d-----w- c:\users\Mcx1-NOVA-PC\AppData\Local\temp
2011-01-21 12:56 . 2011-01-21 12:56 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-01-21 11:59 . 2010-12-20 23:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-01-21 11:59 . 2011-01-21 11:59 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-01-21 11:49 . 2011-01-21 11:49 -------- d-----w- C:\MGADiagToolOutput
2011-01-21 11:47 . 2011-01-21 11:47 -------- d-----w- c:\progra~3\Office Genuine Advantage
2011-01-19 01:32 . 2011-01-19 01:32 -------- d-----w- c:\program files (x86)\SpeedFan
2011-01-18 09:04 . 2011-01-18 09:04 -------- d-----w- c:\windows\SysWow64\Profiles
2011-01-18 04:22 . 2011-01-18 04:31 -------- d-----w- c:\program files (x86)\Free Window Registry Repair
2011-01-17 22:54 . 2011-01-17 23:13 -------- d-----w- c:\users\Nova\AppData\Local\Promosoft Corporation
2011-01-17 22:54 . 2011-01-17 23:13 -------- d-----w- c:\program files (x86)\Promosoft Corporation
2011-01-17 22:51 . 2011-01-17 22:51 -------- d-----w- c:\users\Nova\AppData\Roaming\SmartPCTools
2011-01-17 20:07 . 2011-01-17 20:07 -------- d-----w- c:\program files (x86)\CCleaner
2011-01-17 19:42 . 2011-01-17 19:42 -------- d-----w- c:\windows\en
2011-01-17 19:40 . 2011-01-17 19:40 -------- d-----w- c:\program files\Windows Live
2011-01-17 19:38 . 2011-01-17 19:38 469256 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\2339de2b1cbb67e05\InstallManager_WLE_WLE.exe
2011-01-17 19:38 . 2011-01-17 19:38 525656 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\2169b1d61cbb67e04\DXSETUP.exe
2011-01-17 19:38 . 2011-01-17 19:38 94040 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\2169b1d61cbb67e04\DSETUP.dll
2011-01-17 19:38 . 2011-01-17 19:38 1691480 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\2169b1d61cbb67e04\dsetup32.dll
2011-01-17 19:38 . 2011-01-17 19:38 94040 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\1ffd7f4c1cbb67e03\DSETUP.dll
2011-01-17 19:38 . 2011-01-17 19:38 525656 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\1ffd7f4c1cbb67e03\DXSETUP.exe
2011-01-17 19:38 . 2011-01-17 19:38 1691480 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\1ffd7f4c1cbb67e03\dsetup32.dll
2011-01-17 19:38 . 2011-01-21 12:43 -------- d-----w- c:\users\Nova\AppData\Local\Windows Live
2011-01-17 19:37 . 2010-05-23 08:35 206848 ----a-w- c:\windows\system32\mfps.dll
2011-01-17 19:37 . 2010-05-23 10:15 1619456 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2011-01-17 19:37 . 2010-05-23 10:11 196608 ----a-w- c:\windows\SysWow64\mfreadwrite.dll
2011-01-17 19:37 . 2010-05-23 08:37 1888256 ----a-w- c:\windows\system32\WMVDECOD.DLL
2011-01-17 19:37 . 2010-05-23 08:35 257024 ----a-w- c:\windows\system32\mfreadwrite.dll
2011-01-17 19:37 . 2010-05-23 08:35 4068864 ----a-w- c:\windows\system32\mf.dll
2011-01-17 19:37 . 2010-05-23 10:11 3181568 ----a-w- c:\windows\SysWow64\mf.dll
2011-01-17 17:37 . 2009-03-18 21:35 33856 ---ha-w- c:\windows\system32\hamachi.sys
2011-01-17 16:22 . 2011-01-17 16:22 -------- d-----w- c:\program files (x86)\Electronic Arts
2011-01-16 01:25 . 2011-01-17 19:47 -------- d-----w- c:\users\Nova\AppData\Local\jagexlauncher
2011-01-15 22:05 . 2010-10-16 05:17 720896 ----a-w- c:\windows\system32\odbc32.dll
2011-01-15 22:05 . 2010-10-16 05:16 495616 ----a-w- c:\program files\Common Files\System\ado\msadox.dll
2011-01-15 22:05 . 2010-10-16 05:16 466944 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll
2011-01-15 22:05 . 2010-10-16 05:16 1425408 ----a-w- c:\program files\Common Files\System\ado\msado15.dll
2011-01-15 22:05 . 2010-10-16 05:16 258048 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll
2011-01-15 22:05 . 2010-10-16 04:34 573440 ----a-w- c:\windows\SysWow64\odbc32.dll
2011-01-15 22:05 . 2010-10-16 04:33 372736 ----a-w- c:\program files (x86)\Common Files\System\ado\msadox.dll
2011-01-15 22:05 . 2010-10-16 04:33 352256 ----a-w- c:\program files (x86)\Common Files\System\ado\msadomd.dll
2011-01-15 22:05 . 2010-10-16 04:33 987136 ----a-w- c:\program files (x86)\Common Files\System\ado\msado15.dll
2011-01-15 22:05 . 2010-10-16 04:33 208896 ----a-w- c:\program files (x86)\Common Files\System\msadc\msadco.dll
2011-01-06 12:05 . 2011-01-06 12:05 -------- d-----w- c:\users\Nova\AppData\Roaming\NCH Swift Sound
2011-01-06 12:05 . 2011-01-06 12:05 -------- d-----w- c:\program files (x86)\NCH Swift Sound
2011-01-03 22:40 . 2011-01-03 22:41 -------- d-----w- c:\program files (x86)\Google
2011-01-03 22:40 . 2011-01-03 22:41 -------- d-----w- c:\users\Nova\AppData\Local\Google
2011-01-01 01:23 . 2011-01-17 16:22 -------- d-----w- c:\progra~3\Electronic Arts
2010-12-29 22:39 . 2010-12-29 22:39 -------- d-----w- c:\program files (x86)\EA GAMES
2010-12-23 15:22 . 2011-01-15 21:29 -------- d-----w- c:\users\Nova\AppData\Local\ElevatedDiagnostics
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-20 23:08 . 2010-03-21 17:23 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-11-12 23:53 . 2010-08-06 03:41 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2010-11-06 18:35 . 2010-11-06 18:35 2484072 ----a-w- c:\windows\SysWow64\abgx360.exe
2010-11-04 06:35 . 2010-12-16 05:44 1194496 ----a-w- c:\windows\system32\wininet.dll
2010-11-04 06:31 . 2010-12-16 05:44 57856 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-04 05:52 . 2010-12-16 05:44 978944 ----a-w- c:\windows\SysWow64\wininet.dll
2010-11-04 05:48 . 2010-12-16 05:44 44544 ----a-w- c:\windows\SysWow64\licmgr10.dll
2010-11-04 05:16 . 2010-12-16 05:44 482816 ----a-w- c:\windows\system32\html.iec
2010-11-04 04:41 . 2010-12-16 05:44 386048 ----a-w- c:\windows\SysWow64\html.iec
2010-11-04 04:35 . 2010-12-16 05:44 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2010-11-04 04:08 . 2010-12-16 05:44 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
2010-11-02 05:18 . 2010-12-16 05:45 524288 ----a-w- c:\windows\system32\wmicmiplugin.dll
2010-11-02 05:17 . 2010-12-16 05:45 473600 ----a-w- c:\windows\system32\taskcomp.dll
2010-11-02 05:17 . 2010-12-16 05:45 1169408 ----a-w- c:\windows\system32\taskschd.dll
2010-11-02 05:16 . 2010-12-16 05:45 1114624 ----a-w- c:\windows\system32\schedsvc.dll
2010-11-02 05:10 . 2010-12-16 05:45 464384 ----a-w- c:\windows\system32\taskeng.exe
2010-11-02 05:10 . 2010-12-16 05:45 285696 ----a-w- c:\windows\system32\schtasks.exe
2010-11-02 04:40 . 2010-12-16 05:45 496128 ----a-w- c:\windows\SysWow64\taskschd.dll
2010-11-02 04:40 . 2010-12-16 05:45 305152 ----a-w- c:\windows\SysWow64\taskcomp.dll
2010-11-02 04:34 . 2010-12-16 05:45 192000 ----a-w- c:\windows\SysWow64\taskeng.exe
2010-11-02 04:34 . 2010-12-16 05:45 179712 ----a-w- c:\windows\SysWow64\schtasks.exe
2010-10-29 16:18 . 2010-09-24 16:04 588096 ----a-w- c:\progra~3\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2010-10-28 16:24 . 2010-07-28 16:36 737072 ----a-w- c:\progra~3\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll
2010-10-27 05:06 . 2010-12-16 05:45 2048 ----a-w- c:\windows\system32\tzres.dll
2010-10-27 04:32 . 2010-12-16 05:45 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2010-04-23 04:00 . 2010-04-23 04:00 6 ----a-w- c:\program files (x86)\Common Files\UnInstallCompleted.tmp
2010-03-09 03:50 . 2010-03-09 03:50 150528 ----a-w- c:\program files (x86)\Common Files\osdinst.dll
2010-03-09 01:02 . 2010-03-09 03:50 4674112 ----a-w- c:\program files (x86)\Common Files\xsignal.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{930f1200-f5f1-4870-bac6-e233ec8e7023}"= "c:\program files (x86)\Softonic_English\tbSoft.dll" [2009-10-27 2325528]
[HKEY_CLASSES_ROOT\clsid\{930f1200-f5f1-4870-bac6-e233ec8e7023}]
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{930f1200-f5f1-4870-bac6-e233ec8e7023}]
2009-10-27 15:45 2325528 ----a-w- c:\program files (x86)\Softonic_English\tbSoft.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{930f1200-f5f1-4870-bac6-e233ec8e7023}"= "c:\program files (x86)\Softonic_English\tbSoft.dll" [2009-10-27 2325528]
[HKEY_CLASSES_ROOT\clsid\{930f1200-f5f1-4870-bac6-e233ec8e7023}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-09-23 4240760]
"Sidebar"="c:\program files (x86)\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"AlcoholAutomount"="c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" [2009-11-15 33120]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2010-11-21 1242448]
"DAEMON Tools Pro Agent"="c:\program files (x86)\DAEMON Tools Pro\DTAgent.exe" [2010-04-15 427328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-06-25 140520]
"Dell DataSafe Online"="c:\program files (x86)\Dell DataSafe Online\DataSafeOnline.exe" [2009-07-07 1779952]
"DellSupportCenter"="c:\program files (x86)\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"fsn"="c:\program files (x86)\Phoenix Technologies Ltd\FailSafe\FailSafeNotifier.exe" [2010-03-09 137792]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2009-11-11 417792]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2009-11-18 54576]
c:\users\Nova\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CurseClientStartup.ccip [2010-3-10 0]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
winupd.exe [2010-7-18 196096]
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-6-30 1316192]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-03 136176]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-07-17 220672]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2009-08-29 49152]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-04-01 1255736]
R3 WPRO_40_1340;WinPcap Packet Driver (WPRO_40_1340);c:\windows\system32\drivers\WPRO_40_1340.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-09-05 828912]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-03-25 139704]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-10-09 92160]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2008-12-18 155648]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-03-25 163888]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [2010-03-25 810120]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2010-03-25 50600]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2009-10-12 151040]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2009-09-26 233984]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144]

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
2011-01-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-03 22:40]
2011-01-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-03 22:40]
.
--------- x86-64 -----------

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2009-09-16 357376]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-10-09 8158240]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-10-23 166424]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-10-23 390168]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-10-23 408600]
"QuickSet"="c:\program files\Dell\QuickSet\QuickSet.exe" [2009-10-01 3189016]
"Broadcom Wireless Manager UI"="c:\program files\Dell\Dell Wireless WLAN Card\WLTRAY.exe" [2009-07-17 4968960]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2010-03-25 2839840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT1142338
DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.71.0.cab
DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.3.1.0.cab
FF - ProfilePath - c:\users\Nova\AppData\Roaming\Mozilla\Firefox\Profiles\scrb9w7i.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1098640&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - free-downloads.net Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT1098640&SearchSource=13
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=VUZTDF&PC=VUZE&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
FF - Ext: Tamper Data: {9c51bd27-6ed8-4000-a2bf-36cb95c0c947} - %profile%\extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}
FF - Ext: Firebug: [email protected] - %profile%\extensions\[email protected]
FF - Ext: free-downloads.net Toolbar: {ecdee021-0d17-467f-a1ff-c7a115230949} - %profile%\extensions\{ecdee021-0d17-467f-a1ff-c7a115230949}
FF - Ext: Search Toolbar: [email protected] - %profile%\extensions\[email protected]
FF - user.js: yahoo.homepage.dontask - true
.
- - - - ORPHANS REMOVED - - - -
Toolbar-Locked - (no file)
SafeBoot-mcmscsvc
SafeBoot-MCODS
Toolbar-Locked - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{930F1200-F5F1-4870-BAC6-E233EC8E7023} - (no file)
AddRemove-Search Toolbar - c:\program files (x86)\Search Toolbar\SearchToolbarUninstall.exe

.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\S-1-5-21-3353836649-3912363437-4109639246-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
[HKEY_USERS\S-1-5-21-3353836649-3912363437-4109639246-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx"
"ThreadingModel"="Apartment"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx, 1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx"
"ThreadingModel"="Apartment"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx, 1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\IObit\Game Booster\GameBox.exe
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\winupd.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
c:\program files (x86)\Dell Support Center\bin\sprtsvc.exe
.
**************************************************************************
.
Completion time: 2011-01-21 08:03:18 - machine was rebooted
ComboFix-quarantined-files.txt 2011-01-21 13:03
Pre-Run: 13,811,634,176 bytes free
Post-Run: 13,969,072,128 bytes free
- - End Of File - - E4948CF43CE075A2FFBB4007895A641F
 

serath40

Thread Starter
Joined
Jan 19, 2011
Messages
14
and sorry my son puts crazy programs on my pc which must be the cause. i let him check the logs out before i posted as he has some experience with the pc he must have deleted something before he saved.
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Top