Tech Support Guy banner
  • IMPORTANT: Only authorized members may reply to threads in this forum due to the complexity of the malware removal process. Authorized members include Malware Specialists and Trainees, Administrators, Moderators, and Trusted Advisors. Regular members are not permitted to reply, and any such posts will be deleted without notice or further explanation. Notice
Status
Not open for further replies.

Window Freezes and laptop works only in safe mode - 'eeeelp!!

2K views 0 replies 1 participant last post by  moly 
#1 ·
Hi y'all.

Recently my laptop running on windows 7 home edition started acting up. I boots up fine but once i get to windows then it gets tempremental. Sometimes it works fine until the screen saver comes on, sometimes it does not even open a browser window before it freezes.

I had trend micro titanium antivirus that expired last week, after which i installed avg. I thought it was the culprit which i uninstalled and installed avast and superantispyware. I ran both and they found a few problems that they claim to have resolved. Still the computer was not working well. Again in safe mode i ran kaspersky and it found 3 trojans that it removed but still no improvement.

I would really appreciate your help in resolving this. I have followed the instructions from the sticky and below are hijackthis log, DDS.txt, Attach.txt file and ark.txt file:

Hijackthis
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:39:37 PM, on 5/22/2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16766)
Boot mode: Safe mode with network support

Running processes:
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Amal\AppData\Local\Temp\Temporary Internet Files\Content.IE5\DHSI1ADN\HijackThis[1].exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1464\6.6.1079\TmIEPlg32.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Increase performance and video formats for your HTML5 - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
O2 - BHO: Microsoft Live Search Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [HPCam_Menu] "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam" UpdateWithCreateOnce "Software\Hewlett-Packard\Media\Webcam"
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [DivX Download Manager] "C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe" start
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [nmctxth] "C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe"
O4 - HKLM\..\Run: [nmapp] "C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\RunOnce: [GrpConv] grpconv -o
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW
O4 - HKCU\..\Run: [Google Update] "C:\Users\Amal\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = Amal\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: setup_9.0.0.722_22.05.2011_14-09[1].lnk = C:\Users\Amal\Desktop\Virus Removal Tool\setup_9.0.0.722_22.05.2011_14-09[1]\startup.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
O4 - Global Startup: WDSmartWare.lnk = C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1464\6.6.1079\TmIEPlg32.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d15ed671de43d681\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: DeviceVM Meta Data Export Service (DvmMDES) - DeviceVM, Inc. - C:\SPLASH.SYS\config\DVMExportService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GameConsoleService - Unknown owner - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d15ed671de43d681\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WD SmartWare Drive Manager Service (WDDMService) - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
O23 - Service: WD SmartWare Background Service (WDSmartWareBackgroundService) - Memeo - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15250 bytes

=============================================================================

DDS.txt
.
DDS (Ver_11-05-19.01) - NTFSx86 NETWORK
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_22
Run by Amal at 13:40:29 on 2011-05-22
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3895.2558 [GMT -4:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Trend Micro Titanium *Enabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Trend Micro Titanium *Enabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\Amal\AppData\Local\Temp\Temporary Internet Files\Content.IE5\A2GC9PWJ\dds[1].com
C:\Windows\SysWOW64\WSCRIPT.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mWinlogon: Userinit=userinit.exe
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: TmIEPlugInBHO Class: {1ca1377b-dc1d-4a52-9585-6e06050fac53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1464\6.6.1079\TmIEPlg32.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin .dll
BHO: DivX Plus Web Player HTML5 : {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
BHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: TmBpIeBHO Class: {bbacbafd-fa5e-4079-8b33-00eb9f13d4ac} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
BHO: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Microsoft Live Search Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
uRun: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW
uRun: [Google Update] "C:\Users\Amal\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
mRun: [HPCam_Menu] "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam" UpdateWithCreateOnce "Software\Hewlett-Packard\Media\Webcam"
mRun: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [<NO NAME>]
mRun: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [DivX Download Manager] "C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe" start
mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
mRun: [nmctxth] "C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe"
mRun: [nmapp] "C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRunOnce: [GrpConv] grpconv -o
mRunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
StartupFolder: C:\Users\Amal\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dr opbox.lnk - C:\Users\Amal\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\Amal\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SE TUP_~1.LNK - C:\Users\Amal\Desktop\Virus Removal Tool\setup_9.0.0.722_22.05.2011_14-09[1]\startup.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WDDMST~1.LNK - C:\Program Files (x86)\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WDSMAR~1.LNK - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1464\6.6.1079\TmIEPlg32.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
BHO-X64: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1464\6.6.1079\TmIEPlg.dll
BHO-X64: Trend Micro NSC BHO - No File
BHO-X64: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
BHO-X64: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe64.dll
BHO-X64: TmBpIeBHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
TB-X64: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
TB-X64: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
mRun-x64: [IgfxTray] C:\Windows\system32\igfxtray.exe
mRun-x64: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
mRun-x64: [Persistence] C:\Windows\system32\igfxpers.exe
mRun-x64: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
mRun-x64: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
mRun-x64: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
mRun-x64: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
mRun-x64: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
mRun-x64: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
.
============= SERVICES / DRIVERS ===============
.
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-5-4 128384]
R3 enecir;ENE CIR Receiver;C:\Windows\system32\DRIVERS\enecir.sys --> C:\Windows\system32\DRIVERS\enecir.sys [?]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S0 62984842;62984842 Boot Guard Driver;C:\Windows\system32\DRIVERS\62984842.sys --> C:\Windows\system32\DRIVERS\62984842.sys [?]
S1 62984841;62984841;C:\Windows\system32\DRIVERS\62984841.sys --> C:\Windows\system32\DRIVERS\62984841.sys [?]
S1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
S1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
S1 DVMIO;DVMIO;C:\SPLASH.SYS\config\dvmio.sys [2009-9-27 21624]
S1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2010-2-17 14920]
S1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2010-2-17 12360]
S1 setup_9.0.0.722_22.05.2011_14-09[1]drv;setup_9.0.0.722_22.05.2011_14-09[1]drv;C:\Windows\system32\DRIVERS\6298484.sys --> C:\Windows\system32\DRIVERS\6298484.sys [?]
S2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_ne utral_d15ed671de43d681\AESTSr64.exe [2009-12-30 89600]
S2 Amsp;Trend Micro Solution Platform;C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2010-12-14 256336]
S2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
S2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
S2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-5-21 42184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 DvmMDES;DeviceVM Meta Data Export Service;C:\SPLASH.SYS\config\DVMExportService.exe [2009-7-8 323584]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-2-28 136176]
S2 hpsrv;HP Service;C:\Windows\system32\Hpservice.exe --> C:\Windows\system32\Hpservice.exe [?]
S2 tmevtmgr;tmevtmgr;C:\Windows\system32\DRIVERS\tmevtmgr.sys --> C:\Windows\system32\DRIVERS\tmevtmgr.sys [?]
S2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-12-30 2320920]
S2 WDDMService;WD SmartWare Drive Manager Service;C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2010-1-21 130048]
S2 WDSmartWareBackgroundService;WD SmartWare Background Service;C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-6-16 20480]
S3 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-12-5 228408]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-2-28 136176]
S3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]
S3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
S3 ivusb;Initio Driver for USB Default Controller;C:\Windows\system32\DRIVERS\ivusb.sys --> C:\Windows\system32\DRIVERS\ivusb.sys [?]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\system32\DRIVERS\RtsPStor.sys --> C:\Windows\system32\DRIVERS\RtsPStor.sys [?]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
.
=============== Created Last 30 ================
.
2011-05-22 13:01:39 -------- d-----w- C:\Users\Amal\AppData\Roaming\Malwarebytes
2011-05-22 13:01:30 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2011-05-22 13:01:29 -------- d-----w- C:\ProgramData\Malwarebytes
2011-05-22 13:01:26 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-05-22 13:01:26 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-05-22 12:50:31 -------- d-----w- C:\ProgramData\Kaspersky Lab
2011-05-22 12:50:00 40464 ----a-w- C:\Windows\System32\drivers\62984842.sys
2011-05-22 12:50:00 352784 ----a-w- C:\Windows\System32\drivers\6298484.sys
2011-05-22 12:50:00 157712 ----a-w- C:\Windows\System32\drivers\62984841.sys
2011-05-22 12:27:26 14744 ----a-w- C:\Users\Amal\AppData\Roaming\Microsoft\IdentityCRL\Production\ppcrlconfig. dll
2011-05-21 04:36:25 600920 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2011-05-21 04:36:22 64344 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2011-05-21 04:36:01 40112 ----a-w- C:\Windows\avastSS.scr
2011-05-21 04:35:50 -------- d-----w- C:\ProgramData\AVAST Software
2011-05-21 04:35:50 -------- d-----w- C:\Program Files\AVAST Software
2011-05-21 02:27:56 8718160 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{44AA794F-57D6-4E16-AE0C-AB19298229A6}\mpengine.dll
2011-05-18 19:07:07 -------- d-----w- C:\Users\Amal\AppData\Roaming\SUPERAntiSpyware.com
2011-05-18 19:07:07 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2011-05-18 19:07:03 -------- d-----w- C:\ProgramData\!SASCORE
2011-05-18 19:06:57 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2011-05-18 14:29:40 -------- d--h--w- C:\$AVG
2011-05-18 06:59:24 -------- d-----w- C:\Users\Amal\AppData\Roaming\AVG10
2011-05-18 06:56:13 -------- d--h--w- C:\ProgramData\Common Files
2011-05-18 05:50:14 -------- d-----w- C:\ProgramData\AVG10
2011-05-18 05:49:17 -------- d-----w- C:\Program Files (x86)\AVG
2011-05-18 05:43:47 -------- d-----w- C:\ProgramData\MFAData
2011-05-13 17:19:05 -------- d-----w- C:\Users\Amal\AppData\Roaming\HP Support Assistant
2011-05-12 01:26:44 -------- d-----w- C:\Users\Amal\AppData\Local\Apple Computer
2011-05-12 01:26:21 34152 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
2011-05-12 01:26:21 126312 ----a-w- C:\Windows\System32\GEARAspi64.dll
2011-05-12 01:26:21 107368 ----a-w- C:\Windows\SysWow64\GEARAspi.dll
2011-05-12 01:26:03 -------- d-----w- C:\Program Files\iPod
2011-05-12 01:26:02 -------- d-----w- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2011-05-12 01:26:02 -------- d-----w- C:\Program Files\iTunes
2011-05-12 01:26:02 -------- d-----w- C:\Program Files (x86)\iTunes
2011-05-12 01:23:22 -------- d-----w- C:\Program Files\Bonjour
2011-05-12 01:23:22 -------- d-----w- C:\Program Files (x86)\Bonjour
2011-05-11 22:34:40 142336 ----a-w- C:\Windows\System32\poqexec.exe
2011-05-11 22:34:40 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe
2011-05-10 20:43:35 5509504 ----a-w- C:\Windows\System32\ntoskrnl.exe
2011-05-10 20:43:34 3957632 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2011-05-10 20:43:34 3901824 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2011-05-10 20:43:24 99328 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2011-05-10 20:43:24 7936 ----a-w- C:\Windows\System32\drivers\usbd.sys
2011-05-10 20:43:24 52224 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2011-05-10 20:43:24 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2011-05-10 20:43:24 324608 ----a-w- C:\Windows\System32\drivers\usbport.sys
2011-05-10 20:43:24 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2011-05-10 20:43:24 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
.
==================== Find3M ====================
.
2011-04-13 22:40:10 4284416 ----a-w- C:\Windows\SysWow64\GPhotos.scr
2011-03-12 12:03:46 662528 ----a-w- C:\Windows\System32\XpsPrint.dll
2011-03-12 11:31:58 442880 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
2011-03-11 06:23:13 187264 ----a-w- C:\Windows\System32\drivers\storport.sys
2011-03-11 06:23:06 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys
2011-03-11 06:23:06 1657216 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2011-03-11 06:23:06 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys
2011-03-11 06:23:00 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys
2011-03-11 06:22:41 107904 ----a-w- C:\Windows\System32\drivers\amdsata.sys
2011-03-11 06:22:40 27008 ----a-w- C:\Windows\System32\drivers\amdxata.sys
2011-03-11 06:19:26 1395712 ----a-w- C:\Windows\System32\mfc42.dll
2011-03-11 06:19:26 1359872 ----a-w- C:\Windows\System32\mfc42u.dll
2011-03-11 06:18:20 2566144 ----a-w- C:\Windows\System32\esent.dll
2011-03-11 06:15:54 96768 ----a-w- C:\Windows\System32\fsutil.exe
2011-03-11 05:40:24 1164288 ----a-w- C:\Windows\SysWow64\mfc42u.dll
2011-03-11 05:40:24 1137664 ----a-w- C:\Windows\SysWow64\mfc42.dll
2011-03-11 05:39:35 1686016 ----a-w- C:\Windows\SysWow64\esent.dll
2011-03-11 05:37:34 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe
2011-03-08 06:14:30 976896 ----a-w- C:\Windows\System32\inetcomm.dll
2011-03-08 05:38:13 740864 ----a-w- C:\Windows\SysWow64\inetcomm.dll
2011-03-04 06:17:25 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2011-03-04 06:17:24 347648 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2011-03-03 06:17:10 182272 ----a-w- C:\Windows\System32\dnsrslvr.dll
2011-03-03 06:14:38 30208 ----a-w- C:\Windows\System32\dnscacheugc.exe
2011-03-03 05:27:30 28672 ----a-w- C:\Windows\SysWow64\dnscacheugc.exe
2011-03-03 03:58:32 3133440 ----a-w- C:\Windows\System32\win32k.sys
2011-02-26 06:23:14 2870272 ----a-w- C:\Windows\explorer.exe
2011-02-26 05:33:07 2614784 ----a-w- C:\Windows\SysWow64\explorer.exe
2011-02-24 06:30:00 476160 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
2011-02-24 06:29:15 1197056 ----a-w- C:\Windows\System32\wininet.dll
2011-02-24 06:24:57 57856 ----a-w- C:\Windows\System32\licmgr10.dll
2011-02-24 05:32:52 288256 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
2011-02-24 05:32:44 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-02-24 05:30:16 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2011-02-24 05:05:13 482816 ----a-w- C:\Windows\System32\html.iec
2011-02-24 04:24:04 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2011-02-24 04:23:48 386048 ----a-w- C:\Windows\SysWow64\html.iec
2011-02-24 03:50:26 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-02-23 05:16:28 461312 ----a-w- C:\Windows\System32\drivers\srv.sys
2011-02-23 05:16:01 401920 ----a-w- C:\Windows\System32\drivers\srv2.sys
2011-02-23 05:15:50 161792 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2011-02-23 05:15:27 157696 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2011-02-23 05:15:14 286720 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2011-02-23 05:15:13 126464 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2011-02-23 05:15:06 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys
2010-12-13 19:01:43 5779456 ----a-w- C:\Program Files (x86)\setup-2.9.3959.exe
.
============= FINISH: 13:40:47.17 ===============

Attach.txt
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-05-19.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 11/11/2010 7:31:44 PM
System Uptime: 5/22/2011 8:30:23 AM (5 hours ago)
.
Motherboard: Hewlett-Packard | | 140A
Processor: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz | CPU | 2127/1066mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 447 GiB total, 259.353 GiB free.
D: is FIXED (NTFS) - 19 GiB total, 3.021 GiB free.
E: is FIXED (FAT32) - 0 GiB total, 0.09 GiB free.
F: is CDROM (UDF)
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e97d-e325-11ce-bfc1-08002be10318}
Description: Consumer IR Devices
Device ID: ROOT\SYSTEM\0001
Manufacturer: Microsoft
Name: Consumer IR Devices
PNP Device ID: ROOT\SYSTEM\0001
Service: circlass
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: avast! Network Shield Support
Device ID: ROOT\LEGACY_ASWTDI\0000
Manufacturer:
Name: avast! Network Shield Support
PNP Device ID: ROOT\LEGACY_ASWTDI\0000
Service: aswTdi
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Security Processor Loader Driver
Device ID: ROOT\LEGACY_SPLDR\0000
Manufacturer:
Name: Security Processor Loader Driver
PNP Device ID: ROOT\LEGACY_SPLDR\0000
Service: spldr
.
==== System Restore Points ===================
.
RP90: 5/6/2011 6:06:11 PM - Windows Update
RP91: 5/10/2011 4:41:05 PM - Windows Update
RP92: 5/11/2011 4:26:37 AM - Windows Update
RP93: 5/11/2011 9:25:11 PM - Installed iTunes
RP94: 5/13/2011 3:00:12 AM - Windows Update
RP95: 5/13/2011 4:45:45 AM - Windows Update
RP96: 5/17/2011 9:39:19 PM - Windows Update
RP97: 5/18/2011 1:48:50 AM - Installed AVG 2011
RP98: 5/18/2011 1:49:38 AM - Installed AVG 2011
RP99: 5/20/2011 10:27:04 PM - Windows Update
RP100: 5/21/2011 12:35:08 AM - avast! Free Antivirus Setup
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Acrobat.com
ActiveCheck component for HP Active Support Library
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Photoshop 7.0
Adobe Reader 9.1 MUI
Adobe Shockwave Player
AMR Player 1.3
Apple Application Support
Apple Software Update
Atheros Driver Installation Program
avast! Free Antivirus
Brownstone Equation Editor 5
Cisco Network Magic
Compatibility Pack for the 2007 Office system
COWON Media Center - jetAudio Basic VX
CyberLink DVD Suite
Diploma
DivX Setup
Dropbox
DVD Menu Pack for HP MediaSmart Video
ESU for Microsoft Windows 7
Google Earth Plug-in
Google Talk Plugin
Google Update Helper
GPL Ghostscript 8.71
Graph 4.3
GSview 4.9
HP Advisor
HP Customer Experience Enhancements
HP Games
HP MediaSmart DVD
HP MediaSmart Internet TV
HP MediaSmart Live TV
HP MediaSmart Music/Photo/Video
HP MediaSmart SlingPlayer
HP MediaSmart Software Notebook Demo
HP MediaSmart Webcam
HP MediaSmart/TouchSmart Netflix
HP Quick Launch Buttons
HP QuickWeb
HP Setup
HP Smart Web Printing
HP Support Assistant
HP Update
HP User Guides 0186
HP Wireless Assistant
HPAsset component for HP Active Support Library
Hulu Desktop
IDT Audio
Intel(R) Graphics Media Accelerator Driver
Intel(R) Management Engine Components
Java Auto Updater
Java(TM) 6 Update 22
Junk Mail filter update
LabelPrint
LightScribe System Software
Malwarebytes' Anti-Malware
Microsoft Choice Guard
Microsoft Live Search Toolbar
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Professional Plus 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable - KB2467175
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Works
MiKTeX 2.8
Movie Theme Pack for HP MediaSmart Video
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Network Magic
Norton Online Backup
Picasa 3
Power2Go
PowerDirector
Pure Networks Platform
QLBCASL
QuickTime
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
Realtek Ethernet Controller Driver For Windows Vista and Later
Realtek USB2.0&PCIE Card Reader
RealUpgrade 1.1
Recovery Manager
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2466156)
Security Update for 2007 Microsoft Office System (KB2509488)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2464583)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Skype™ 4.0
Texmaker
Trend Micro Titanium
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2509470)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2536413)
VC80CRTRedist - 8.0.50727.4053
Visual Studio 2008 x64 Redistributables
Wimba Diploma 6
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
Windows Media Player Firefox Plugin
Wolfram Notebook Indexer 2.0
.
==== Event Viewer Messages From Past Week ========
.
5/22/2011 8:44:01 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
5/22/2011 8:31:06 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
5/22/2011 8:31:05 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
5/22/2011 8:31:03 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
5/22/2011 8:30:56 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
5/22/2011 8:30:52 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: aswSnx aswSP aswTdi discache DVMIO SASDIFSV SASKUTIL spldr tmtdi Wanarpv6
5/22/2011 12:02:51 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
5/22/2011 1:37:31 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
5/21/2011 2:04:54 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Schedule service.
5/21/2011 2:04:24 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the LanmanWorkstation service.
5/21/2011 2:03:54 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
5/21/2011 2:03:24 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
5/21/2011 2:02:54 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the FDResPub service.
5/21/2011 2:02:24 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
5/21/2011 2:01:54 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SysMain service.
5/21/2011 12:22:32 AM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
5/21/2011 12:10:49 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
5/21/2011 12:10:49 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
5/21/2011 12:10:36 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Avgldx64 Avgmfx64 Avgtdia DfsC discache DVMIO NetBIOS NetBT nsiproxy Psched rdbss SASDIFSV SASKUTIL spldr tdx tmtdi vwififlt Wanarpv6 WfpLwf
5/21/2011 12:10:35 AM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
5/21/2011 12:10:35 AM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
5/21/2011 12:10:35 AM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
5/21/2011 12:10:35 AM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
5/21/2011 12:10:35 AM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
5/21/2011 12:10:35 AM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
5/21/2011 12:10:35 AM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
5/21/2011 12:10:35 AM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
5/21/2011 12:10:35 AM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
5/21/2011 12:10:35 AM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
5/19/2011 12:34:55 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Pure Networks Platform Service service to connect.
5/19/2011 12:34:55 PM, Error: Service Control Manager [7000] - The Pure Networks Platform Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
5/19/2011 12:17:01 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgwd service.
5/18/2011 9:27:22 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the WD SmartWare Background Service service to connect.
5/18/2011 10:47:26 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Avgldx64 Avgmfx64 discache DVMIO spldr tmtdi Wanarpv6
5/18/2011 10:39:05 AM, Error: Service Control Manager [7024] - The Background Intelligent Transfer Service service terminated with service-specific error %%-2147024846.
5/18/2011 10:39:05 AM, Error: Microsoft-Windows-Bits-Client [16392] - The BITS service failed to start. Error 0x80070032.
5/18/2011 10:33:36 AM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
5/18/2011 10:13:16 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Avgldx64
5/18/2011 1:29:39 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the AVGIDSAgent service to connect.
5/18/2011 1:29:39 PM, Error: Service Control Manager [7000] - The AVGIDSAgent service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
5/16/2011 12:53:47 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer OWNER-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{C3887979-AD50-43B1-B027-DFC261340C72}. The master browser is stopping or an election is being forced.
.
==== End Of File ===========================

and lastly, ark.txt was empty
 
See less See more
Status
Not open for further replies.
You have insufficient privileges to reply here.
Top