MandaNJ
-
Posts
16 -
Joined
-
Last visited
-
K then i did that.
-
Not sure if I did the combofix but the uninstall didn't work so I guess I didn't. Other than that I don't think I have any other questions.
-
Results of screen317's Security Check version 0.99.50 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Security Center service is not running! This report may not be accurate! WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.65.0.1400 Java version out of Date! Adobe Flash Player 11.3.300.271 Flash Player out of Date! Adobe Reader 9 Adobe Reader out of Date! ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe Malwarebytes' Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 0% ````````````````````End of Log``````````````````````
-
I will do this just as soon as I get home from school tomorrow. Probably like 6pm est
-
It's working great now! Haven't been redirected at all today! Thank you so much for all your help!
-
RogueKiller V8.0.2 [08/31/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Amanda [Admin rights] Mode : Scan -- Date : 09/11/2012 15:58:52 ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 4 ¤¤¤ [HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: WDC WD2500BEVT-75ZCT2 +++++ --- User --- [MBR] 2dbc9862d931294e7119278110e1b0c1 [bSP] f2554e82efed46df96eec1d04c45713e : Windows Vista MBR Code Partition table: 0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 15000 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 30801920 | Size: 223434 Mo User = LL1 ... OK! User = LL2 ... OK! +++++ PhysicalDrive1: +++++ --- User --- [MBR] 535103b99c1c3a7a77bffe0e3f00e171 [bSP] ea4d395a7aa1e36e0d9ae6c5e9f68a58 : MBR Code unknown Partition table: 0 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 8064 | Size: 3820 Mo User = LL1 ... OK! Error reading LL2 MBR! Finished : << RKreport[2].txt >> RKreport[1].txt ; RKreport[2].txt
-
RogueKiller V8.0.2 [08/31/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Amanda [Admin rights] Mode : Scan -- Date : 09/11/2012 14:46:46 ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 7 ¤¤¤ [TASK][sUSP PATH] At1.job : C:\Windows\hhh.exe -> FOUND [TASK][sUSP PATH] At1 : C:\Windows\hhh.exe -> FOUND [HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [HJ INPROC][ZeroAccess] HKCR\[...]\InprocServer32 : (C:\Users\Amanda\AppData\Local\{d39a077a-0fd1-8d59-16d6-4aea672bad8e}\n.) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ Infection : ZeroAccess ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: WDC WD2500BEVT-75ZCT2 +++++ --- User --- [MBR] 2dbc9862d931294e7119278110e1b0c1 [bSP] f2554e82efed46df96eec1d04c45713e : Windows Vista MBR Code Partition table: 0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 15000 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 30801920 | Size: 223434 Mo User = LL1 ... OK! User = LL2 ... OK! +++++ PhysicalDrive1: +++++ --- User --- [MBR] 535103b99c1c3a7a77bffe0e3f00e171 [bSP] ea4d395a7aa1e36e0d9ae6c5e9f68a58 : MBR Code unknown Partition table: 0 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 8064 | Size: 3820 Mo User = LL1 ... OK! Error reading LL2 MBR! Finished : << RKreport[2].txt >> RKreport[1].txt ; RKreport[2].txt
-
Malwarebytes Anti-Malware (Trial) 1.65.0.1400 www.malwarebytes.org Database version: v2012.09.07.13 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Amanda :: AMANDA-PC [administrator] Protection: Enabled 9/11/2012 2:33:41 PM mbam-log-2012-09-11 (14-33-41).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 196559 Time elapsed: 4 minute(s), 1 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
-
Alright, sorry for the delay! Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 04-09-2012 Ran by SYSTEM at 2012-09-11 08:34:03 Run:1 Running from E:\ ============================================== C:\Windows\Installer\{d39a077a-0fd1-8d59-16d6-4aea672bad8e} moved successfully. C:\Users\Amanda\AppData\Local\{d39a077a-0fd1-8d59-16d6-4aea672bad8e} moved successfully. C:\Windows\assembly\GAC_32\Desktop.ini moved successfully. C:\Windows\assembly\GAC_64\Desktop.ini moved successfully. C:\Windows\System32\services.exe moved successfully. C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe copied successfully to C:\Windows\System32\services.exe ==== End of Fixlog ====
-
SystemLook 30.07.11 by jpshortstuff Log created at 20:50 on 06/09/2012 by Amanda Administrator - Elevation successful ========== Filefind ========== Searching for "services.exe" C:\Windows\System32\services.exe --a---- 328704 bytes [23:19 13/07/2009] [01:39 14/07/2009] 014A9CB92514E27C0107614DF764BC06 C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe --a---- 328704 bytes [23:19 13/07/2009] [01:39 14/07/2009] 24ACB7E5BE595468E3B9AA488B9B4FCB -= EOF =- SOrry this took so long to get back..... 2 kids, homework, and 9-5 school schedule :/
-
Didn't let it search all the way through but it went for over 5 minutesFarbar Recovery Scan Tool (x64) Version: 04-09-2012 Ran by SYSTEM at 2012-09-04 23:27:21 Running from E:\ ================== Search: "services.exe" ===================
-
Scan result of Farbar Recovery Scan Tool (x64) Version: 04-09-2012 Ran by SYSTEM at 04-09-2012 23:19:35 Running from E:\ Windows 7 Home Premium (X64) OS Language: English(US) The current controlset is ControlSet001 ==================== Registry (Whitelisted) =================== HKLM\...\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe [384296 2010-04-05] (Alps Electric Co., Ltd.) HKLM\...\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe [444416 2009-06-29] (IDT, Inc.) HKLM\...\Run: [broadcom Wireless Manager UI] C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe [4968960 2009-07-16] (Dell Inc.) HKLM\...\Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe [3180624 2009-07-02] (Dell Inc.) HKLM\...\Run: [iAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [35696 2009-02-27] (Adobe Systems Incorporated) HKLM-x32\...\Run: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [140520 2009-06-24] (CyberLink Corp.) HKLM-x32\...\Run: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" [494064 2009-06-18] () HKLM-x32\...\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard) HKLM-x32\...\Run: [Easy Dock] [x] HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-05-30] (Apple Inc.) HKLM-x32\...\Run: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" [268640 2011-11-12] (LeapFrog Enterprises, Inc.) HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2011-10-24] (Apple Inc.) HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421776 2012-06-07] (Apple Inc.) HKLM-x32\...\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray [462920 2012-07-03] (Malwarebytes Corporation) HKU\Amanda\...\Run: [Easy Dock] [x] HKU\Amanda\...\Run: [HP Deskjet 3050A J611 series (NET)] "C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN1BP485RZ05PJ:NW" -scfn "HP Deskjet 3050A J611 series (NET)" -AutoStart 1 [2547048 2011-03-30] (Hewlett-Packard Co.) HKLM\...\RunOnce: [DSUpdateLauncher] "c:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe" /NOCONSOLE /D="c:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate" /RUNAS "c:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe" [161008 2009-09-17] () HKLM-x32\...\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [559616 2011-10-05] (Dell) HKLM-x32\...\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe [165104 2009-10-02] (Softthinks) HKLM-x32\...\RunOnce: [sTToasterLauncher] C:\program files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe [120048 2009-10-02] () Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X] Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 AppInit_DLLs: Startup: C:\Users\Amanda\Start Menu\Programs\Startup\fliptoast.lnk ShortcutTarget: fliptoast.lnk -> C:\Program Files (x86)\fliptoast\fliptoast.exe (No File) Startup: C:\Users\Default\Start Menu\Programs\Startup\Dell Dock First Run.lnk ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation) Startup: C:\Users\Default User\Start Menu\Programs\Startup\Dell Dock First Run.lnk ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation) ==================== Services (Whitelisted) ====== 2 MBAMService; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" [655944 2012-07-03] (Malwarebytes Corporation) 2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe [240128 2009-06-29] (IDT, Inc.) ==================== Drivers (Whitelisted) =================== 3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [24904 2012-07-03] (Malwarebytes Corporation) 1 mfenlfk; C:\Windows\System32\Drivers\mfenlfk.sys [75160 2011-04-14] (McAfee, Inc.) 3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] () ==================== NetSvcs (Whitelisted) ================= ==================== One Month Created Files and Folders ====================== 2012-09-05 00:00 - 2012-09-05 00:00 - 01454599 ____A (Farbar) C:\Users\Amanda\Desktop\FRST64.exe 2012-09-04 23:19 - 2012-09-04 23:19 - 00000000 ____D C:\FRST 2012-09-04 16:50 - 2012-09-04 16:50 - 00002747 ____A C:\Users\Amanda\Desktop\RKreport[1].txt 2012-09-04 16:48 - 2012-09-04 16:50 - 00000000 ____D C:\Users\Amanda\Desktop\RK_Quarantine 2012-09-04 16:48 - 2012-09-04 16:48 - 01378816 ____A C:\Users\Amanda\Desktop\RogueKiller.exe 2012-09-04 16:43 - 2012-09-04 16:43 - 00607260 ____R (Swearware) C:\Users\Amanda\Desktop\dds.scr 2012-09-04 16:42 - 2012-09-04 16:42 - 00607260 ____R (Swearware) C:\Users\Amanda\Desktop\dds.com 2012-09-04 16:30 - 2012-09-04 16:30 - 00001115 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2012-09-04 16:30 - 2012-09-04 16:30 - 00001115 ____A C:\Users\All Users\Desktop\Malwarebytes Anti-Malware.lnk 2012-09-04 16:30 - 2012-09-04 16:30 - 00000000 ____D C:\Users\Amanda\Application Data\Malwarebytes 2012-09-04 16:30 - 2012-09-04 16:30 - 00000000 ____D C:\Users\Amanda\AppData\Roaming\Malwarebytes 2012-09-04 16:29 - 2012-09-04 23:52 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-09-04 16:29 - 2012-09-04 16:29 - 10652120 ____A (Malwarebytes Corporation ) C:\Users\Amanda\Desktop\mbam-setup-1.62.0.1300.exe 2012-09-04 16:29 - 2012-09-04 16:29 - 00000000 ____D C:\Users\All Users\Malwarebytes 2012-09-04 16:29 - 2012-09-04 16:29 - 00000000 ____D C:\Users\All Users\Application Data\Malwarebytes 2012-09-04 16:29 - 2012-07-03 14:46 - 00024904 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys 2012-09-01 11:39 - 2012-09-01 11:39 - 00000000 ____D C:\Users\Amanda\Application Data\ViquaSoft 2012-09-01 11:39 - 2012-09-01 11:39 - 00000000 ____D C:\Users\Amanda\AppData\Roaming\ViquaSoft 2012-09-01 11:00 - 2012-09-01 11:39 - 00000000 ____D C:\Users\All Users\SnowGlobe 2012-09-01 11:00 - 2012-09-01 11:39 - 00000000 ____D C:\Users\All Users\Application Data\SnowGlobe 2012-08-28 23:16 - 2012-09-05 00:17 - 00000448 ____A C:\Windows\setupact.log 2012-08-28 23:16 - 2012-09-04 23:45 - 00006534 ____A C:\Windows\PFRO.log 2012-08-28 23:16 - 2012-08-28 23:16 - 00000000 ____A C:\Windows\setuperr.log 2012-08-28 21:55 - 2012-08-28 21:55 - 00000356 ____A C:\Users\Amanda\Desktop\songs.txt 2012-08-28 13:24 - 2012-08-28 13:25 - 00000000 ____D C:\Users\Amanda\Desktop\Massage stuff 2012-08-28 00:24 - 2012-08-28 00:24 - 00000000 __SHD C:\Windows\SysWOW64\%APPDATA% 2012-08-25 18:04 - 2012-08-25 18:04 - 00001276 ____A C:\Users\Public\Desktop\More Great Games.lnk 2012-08-25 18:04 - 2012-08-25 18:04 - 00001276 ____A C:\Users\All Users\Desktop\More Great Games.lnk 2012-08-25 18:03 - 2012-08-25 18:04 - 00000000 ____D C:\Program Files (x86)\Snow Globe - Farm World 2012-08-25 18:00 - 2012-08-25 18:01 - 00000000 ____D C:\Program Files (x86)\Shop-n-Spree - Shopping Paradise 2012-08-16 04:06 - 2012-06-29 00:55 - 17809920 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2012-08-16 04:06 - 2012-06-29 00:09 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2012-08-16 04:06 - 2012-06-28 23:56 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2012-08-16 04:06 - 2012-06-28 23:49 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2012-08-16 04:06 - 2012-06-28 23:49 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2012-08-16 04:06 - 2012-06-28 23:48 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2012-08-16 04:06 - 2012-06-28 23:47 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll 2012-08-16 04:06 - 2012-06-28 23:45 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2012-08-16 04:06 - 2012-06-28 23:44 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2012-08-16 04:06 - 2012-06-28 23:43 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2012-08-16 04:06 - 2012-06-28 23:42 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2012-08-16 04:06 - 2012-06-28 23:40 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2012-08-16 04:06 - 2012-06-28 23:39 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2012-08-16 04:06 - 2012-06-28 23:35 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2012-08-16 04:06 - 2012-06-28 20:52 - 12317184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2012-08-16 04:06 - 2012-06-28 20:27 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2012-08-16 04:06 - 2012-06-28 20:16 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2012-08-16 04:06 - 2012-06-28 20:09 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2012-08-16 04:06 - 2012-06-28 20:09 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2012-08-16 04:06 - 2012-06-28 20:08 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2012-08-16 04:06 - 2012-06-28 20:07 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2012-08-16 04:06 - 2012-06-28 20:06 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2012-08-16 04:06 - 2012-06-28 20:04 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2012-08-16 04:06 - 2012-06-28 20:04 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2012-08-16 04:06 - 2012-06-28 20:01 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2012-08-16 04:06 - 2012-06-28 20:01 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2012-08-16 04:06 - 2012-06-28 20:00 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2012-08-16 04:06 - 2012-06-28 19:57 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2012-08-15 10:18 - 2012-07-18 14:15 - 03148800 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys 2012-08-15 10:18 - 2012-07-04 18:16 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\netapi32.dll 2012-08-15 10:18 - 2012-07-04 18:13 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\browser.dll 2012-08-15 10:18 - 2012-07-04 18:13 - 00059392 ____A (Microsoft Corporation) C:\Windows\System32\browcli.dll 2012-08-15 10:18 - 2012-07-04 17:16 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll 2012-08-15 10:18 - 2012-07-04 17:14 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll 2012-08-15 10:18 - 2012-05-14 01:26 - 00956928 ____A (Microsoft Corporation) C:\Windows\System32\localspl.dll 2012-08-15 10:18 - 2012-05-05 04:36 - 00503808 ____A (Microsoft Corporation) C:\Windows\System32\srcore.dll 2012-08-15 10:18 - 2012-05-05 03:46 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2012-08-15 10:18 - 2012-02-11 02:43 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll 2012-08-15 10:18 - 2012-02-11 02:36 - 00559104 ____A (Microsoft Corporation) C:\Windows\System32\spoolsv.exe 2012-08-15 10:18 - 2012-02-11 02:36 - 00067072 ____A (Microsoft Corporation) C:\Windows\splwow64.exe 2012-08-15 10:18 - 2012-02-11 01:43 - 00492032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll 2012-08-12 16:28 - 2012-08-12 16:29 - 00000000 ____D C:\Program Files (x86)\Jo's Dream - Organic Coffee ==================== 3 Months Modified Files ================================ 2012-09-05 00:17 - 2012-08-28 23:16 - 00000448 ____A C:\Windows\setupact.log 2012-09-05 00:17 - 2009-11-07 20:56 - 00000072 ____A C:\Windows\SysWOW64\ToasterLauncherLog.log 2012-09-05 00:17 - 2009-07-14 01:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT 2012-09-05 00:00 - 2012-09-05 00:00 - 01454599 ____A (Farbar) C:\Users\Amanda\Desktop\FRST64.exe 2012-09-05 00:00 - 2009-07-14 01:13 - 00726270 ____A C:\Windows\System32\PerfStringBackup.INI 2012-09-04 23:59 - 2009-07-14 00:45 - 00014240 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2012-09-04 23:59 - 2009-07-14 00:45 - 00014240 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2012-09-04 23:53 - 2009-07-14 01:10 - 01276736 ____A C:\Windows\WindowsUpdate.log 2012-09-04 23:45 - 2012-08-28 23:16 - 00006534 ____A C:\Windows\PFRO.log 2012-09-04 23:12 - 2012-03-29 21:58 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job 2012-09-04 16:50 - 2012-09-04 16:50 - 00002747 ____A C:\Users\Amanda\Desktop\RKreport[1].txt 2012-09-04 16:48 - 2012-09-04 16:48 - 01378816 ____A C:\Users\Amanda\Desktop\RogueKiller.exe 2012-09-04 16:43 - 2012-09-04 16:43 - 00607260 ____R (Swearware) C:\Users\Amanda\Desktop\dds.scr 2012-09-04 16:42 - 2012-09-04 16:42 - 00607260 ____R (Swearware) C:\Users\Amanda\Desktop\dds.com 2012-09-04 16:30 - 2012-09-04 16:30 - 00001115 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2012-09-04 16:30 - 2012-09-04 16:30 - 00001115 ____A C:\Users\All Users\Desktop\Malwarebytes Anti-Malware.lnk 2012-09-04 16:29 - 2012-09-04 16:29 - 10652120 ____A (Malwarebytes Corporation ) C:\Users\Amanda\Desktop\mbam-setup-1.62.0.1300.exe 2012-08-31 22:58 - 2012-05-01 22:28 - 00000824 ____A C:\Users\Public\Desktop\CCleaner.lnk 2012-08-31 22:58 - 2012-05-01 22:28 - 00000824 ____A C:\Users\All Users\Desktop\CCleaner.lnk 2012-08-29 23:29 - 2012-03-29 21:58 - 00696520 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2012-08-29 23:29 - 2011-06-10 19:10 - 00073416 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2012-08-29 23:27 - 2010-12-29 09:02 - 00000322 ____A C:\Windows\Tasks\At1.job 2012-08-28 23:16 - 2012-08-28 23:16 - 00000000 ____A C:\Windows\setuperr.log 2012-08-28 23:16 - 2011-05-28 12:05 - 00000564 ____A C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job 2012-08-28 21:55 - 2012-08-28 21:55 - 00000356 ____A C:\Users\Amanda\Desktop\songs.txt 2012-08-28 13:21 - 2010-03-24 17:44 - 00000712 ____A C:\Users\Amanda\Application Data\wklnhst.dat 2012-08-28 13:21 - 2010-03-24 17:44 - 00000712 ____A C:\Users\Amanda\AppData\Roaming\wklnhst.dat 2012-08-25 18:04 - 2012-08-25 18:04 - 00001276 ____A C:\Users\Public\Desktop\More Great Games.lnk 2012-08-25 18:04 - 2012-08-25 18:04 - 00001276 ____A C:\Users\All Users\Desktop\More Great Games.lnk 2012-08-16 04:27 - 2009-07-14 00:45 - 00343576 ____A C:\Windows\System32\FNTCACHE.DAT 2012-08-16 04:01 - 2010-03-25 07:48 - 62134624 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe 2012-07-18 14:15 - 2012-08-15 10:18 - 03148800 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys 2012-07-06 15:07 - 2012-07-05 17:37 - 00013312 ____A C:\Users\Amanda\My Documents\july meal planner 2012.xlr 2012-07-06 15:07 - 2012-07-05 17:37 - 00013312 ____A C:\Users\Amanda\Documents\july meal planner 2012.xlr 2012-07-04 18:16 - 2012-08-15 10:18 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\netapi32.dll 2012-07-04 18:13 - 2012-08-15 10:18 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\browser.dll 2012-07-04 18:13 - 2012-08-15 10:18 - 00059392 ____A (Microsoft Corporation) C:\Windows\System32\browcli.dll 2012-07-04 17:16 - 2012-08-15 10:18 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll 2012-07-04 17:14 - 2012-08-15 10:18 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll 2012-07-03 14:46 - 2012-09-04 16:29 - 00024904 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys 2012-06-29 00:55 - 2012-08-16 04:06 - 17809920 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2012-06-29 00:09 - 2012-08-16 04:06 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2012-06-28 23:56 - 2012-08-16 04:06 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2012-06-28 23:49 - 2012-08-16 04:06 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2012-06-28 23:49 - 2012-08-16 04:06 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2012-06-28 23:48 - 2012-08-16 04:06 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2012-06-28 23:47 - 2012-08-16 04:06 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll 2012-06-28 23:45 - 2012-08-16 04:06 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2012-06-28 23:44 - 2012-08-16 04:06 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2012-06-28 23:43 - 2012-08-16 04:06 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2012-06-28 23:42 - 2012-08-16 04:06 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2012-06-28 23:40 - 2012-08-16 04:06 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2012-06-28 23:39 - 2012-08-16 04:06 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2012-06-28 23:35 - 2012-08-16 04:06 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2012-06-28 20:52 - 2012-08-16 04:06 - 12317184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2012-06-28 20:27 - 2012-08-16 04:06 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2012-06-28 20:16 - 2012-08-16 04:06 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2012-06-28 20:09 - 2012-08-16 04:06 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2012-06-28 20:09 - 2012-08-16 04:06 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2012-06-28 20:08 - 2012-08-16 04:06 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2012-06-28 20:07 - 2012-08-16 04:06 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2012-06-28 20:06 - 2012-08-16 04:06 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2012-06-28 20:04 - 2012-08-16 04:06 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2012-06-28 20:04 - 2012-08-16 04:06 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2012-06-28 20:01 - 2012-08-16 04:06 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2012-06-28 20:01 - 2012-08-16 04:06 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2012-06-28 20:00 - 2012-08-16 04:06 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2012-06-28 19:57 - 2012-08-16 04:06 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2012-06-25 14:46 - 2012-06-25 14:46 - 00000057 ____A C:\Users\All Users\Application Data\Ament.ini 2012-06-25 14:46 - 2012-06-25 14:46 - 00000057 ____A C:\Users\All Users\Ament.ini 2012-06-12 12:38 - 2012-06-12 12:38 - 00001785 ____A C:\Users\Public\Desktop\iTunes.lnk 2012-06-12 12:38 - 2012-06-12 12:38 - 00001785 ____A C:\Users\All Users\Desktop\iTunes.lnk 2012-06-09 01:43 - 2012-07-11 19:44 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll 2012-06-09 00:41 - 2012-07-11 19:44 - 12873728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll ZeroAccess: C:\Windows\Installer\{d39a077a-0fd1-8d59-16d6-4aea672bad8e} C:\Windows\Installer\{d39a077a-0fd1-8d59-16d6-4aea672bad8e}\@ C:\Windows\Installer\{d39a077a-0fd1-8d59-16d6-4aea672bad8e}\L C:\Windows\Installer\{d39a077a-0fd1-8d59-16d6-4aea672bad8e}\U C:\Windows\Installer\{d39a077a-0fd1-8d59-16d6-4aea672bad8e}\L\00000004.@ C:\Windows\Installer\{d39a077a-0fd1-8d59-16d6-4aea672bad8e}\L\201d3dde C:\Windows\Installer\{d39a077a-0fd1-8d59-16d6-4aea672bad8e}\U\00000004.@ C:\Windows\Installer\{d39a077a-0fd1-8d59-16d6-4aea672bad8e}\U\00000008.@ C:\Windows\Installer\{d39a077a-0fd1-8d59-16d6-4aea672bad8e}\U\000000cb.@ C:\Windows\Installer\{d39a077a-0fd1-8d59-16d6-4aea672bad8e}\U\80000000.@ C:\Windows\Installer\{d39a077a-0fd1-8d59-16d6-4aea672bad8e}\U\80000032.@ C:\Windows\Installer\{d39a077a-0fd1-8d59-16d6-4aea672bad8e}\U\80000064.@ ZeroAccess: C:\Users\Amanda\AppData\Local\{d39a077a-0fd1-8d59-16d6-4aea672bad8e} C:\Users\Amanda\AppData\Local\{d39a077a-0fd1-8d59-16d6-4aea672bad8e}\@ C:\Users\Amanda\AppData\Local\{d39a077a-0fd1-8d59-16d6-4aea672bad8e}\L C:\Users\Amanda\AppData\Local\{d39a077a-0fd1-8d59-16d6-4aea672bad8e}\n C:\Users\Amanda\AppData\Local\{d39a077a-0fd1-8d59-16d6-4aea672bad8e}\U ZeroAccess: C:\Windows\assembly\GAC_32\Desktop.ini ZeroAccess: C:\Windows\assembly\GAC_64\Desktop.ini ==================== Known DLLs (Whitelisted) ================= ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe 014A9CB92514E27C0107614DF764BC06 ZeroAccess <==== ATTENTION!. C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== EXE ASSOCIATION ===================== HKLM\...\.exe: exefile => OK HKLM\...\exefile\DefaultIcon: %1 => OK HKLM\...\exefile\open\command: "%1" %* => OK ==================== Restore Points ========================= Restore point made on: 2012-08-19 23:23:29 Restore point made on: 2012-08-21 20:31:22 Restore point made on: 2012-08-28 23:47:03 Restore point made on: 2012-09-01 09:52:52 Restore point made on: 2012-09-02 22:39:12 Restore point made on: 2012-09-04 23:47:45 ==================== Memory info =========================== Percentage of memory in use: 25% Total physical RAM: 2008.36 MB Available physical RAM: 1496.88 MB Total Pagefile: 2008.36 MB Available Pagefile: 1493.24 MB Total Virtual: 8192 MB Available Virtual: 8191.9 MB ==================== Partitions ============================ 1 Drive c: (OS) (Fixed) (Total:218.2 GB) (Free:145.58 GB) NTFS 2 Drive d: (RECOVERY) (Fixed) (Total:14.65 GB) (Free:10.26 GB) NTFS ==>[system with boot components (obtained from reading drive)] 3 Drive e: (USB DISK) (Removable) (Total:3.73 GB) (Free:1.78 GB) FAT32 6 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS Disk ### Status Size Free Dyn Gpt -------- ------------- ------- ------- --- --- Disk 0 Online 232 GB 0 B Disk 1 No Media 0 B 0 B Disk 2 Online 3824 MB 0 B Partitions of Disk 0: =============== Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 OEM 39 MB 31 KB Partition 2 Primary 14 GB 40 MB Partition 3 Primary 218 GB 14 GB ================================================================================== Disk: 0 Partition 1 Type : DE Hidden: Yes Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 5 FAT Partition 39 MB Healthy Hidden ================================================================================== Disk: 0 Partition 2 Type : 07 Hidden: No Active: Yes Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 1 D RECOVERY NTFS Partition 14 GB Healthy ================================================================================== Disk: 0 Partition 3 Type : 07 Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 2 C OS NTFS Partition 218 GB Healthy ================================================================================== Partitions of Disk 2: =============== Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Primary 3820 MB 4032 KB ================================================================================== Disk: 2 Partition 1 Type : 0C Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 4 E USB DISK FAT32 Removable 3820 MB Healthy ================================================================================== Last Boot: 2012-08-27 18:47 ==================== End Of Log =============================
-
RogueKiller V8.0.2 [08/31/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Amanda [Admin rights] Mode : Scan -- Date : 09/04/2012 15:50:05 ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 7 ¤¤¤ [TASK][sUSP PATH] At1.job : C:\Windows\hhh.exe -> FOUND [TASK][sUSP PATH] At1 : C:\Windows\hhh.exe -> FOUND [HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [HJ INPROC][ZeroAccess] HKCR\[...]\InprocServer32 : (C:\Users\Amanda\AppData\Local\{d39a077a-0fd1-8d59-16d6-4aea672bad8e}\n.) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ [ZeroAccess][FILE] @ : C:\Windows\Installer\{d39a077a-0fd1-8d59-16d6-4aea672bad8e}\@ --> FOUND [ZeroAccess][FOLDER] U : C:\Windows\Installer\{d39a077a-0fd1-8d59-16d6-4aea672bad8e}\U --> FOUND [ZeroAccess][FOLDER] L : C:\Windows\Installer\{d39a077a-0fd1-8d59-16d6-4aea672bad8e}\L --> FOUND [ZeroAccess][FILE] n : C:\Users\Amanda\AppData\Local\{d39a077a-0fd1-8d59-16d6-4aea672bad8e}\n --> FOUND [ZeroAccess][FILE] @ : C:\Users\Amanda\AppData\Local\{d39a077a-0fd1-8d59-16d6-4aea672bad8e}\@ --> FOUND [ZeroAccess][FOLDER] U : C:\Users\Amanda\AppData\Local\{d39a077a-0fd1-8d59-16d6-4aea672bad8e}\U --> FOUND [ZeroAccess][FOLDER] L : C:\Users\Amanda\AppData\Local\{d39a077a-0fd1-8d59-16d6-4aea672bad8e}\L --> FOUND [ZeroAccess][FILE] Desktop.ini : C:\Windows\Assembly\GAC_32\Desktop.ini --> FOUND [ZeroAccess][FILE] Desktop.ini : C:\Windows\Assembly\GAC_64\Desktop.ini --> FOUND [susp.ASLR][FILE] services.exe : C:\Windows\system32\services.exe --> FOUND ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ Infection : ZeroAccess ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: WDC WD2500BEVT-75ZCT2 +++++ --- User --- [MBR] 2dbc9862d931294e7119278110e1b0c1 [bSP] f2554e82efed46df96eec1d04c45713e : Windows Vista MBR Code Partition table: 0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 15000 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 30801920 | Size: 223434 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1].txt >> RKreport[1].txt
-
. UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 3/24/2010 3:10:08 PM System Uptime: 9/3/2012 8:25:31 AM (31 hours ago) . Motherboard: Dell Inc. | | 0G848F Processor: Pentium® Dual-Core CPU T4300 @ 2.10GHz | Microprocessor | 1197/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 218 GiB total, 145.683 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Photosmart Premium C309g-m Device ID: ROOT\MULTIFUNCTION\0000 Manufacturer: HP Name: Photosmart Premium C309g-m PNP Device ID: ROOT\MULTIFUNCTION\0000 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Deskjet 3050A J611 series Device ID: ROOT\MULTIFUNCTION\0001 Manufacturer: HP Name: Deskjet 3050A J611 series PNP Device ID: ROOT\MULTIFUNCTION\0001 Service: . Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f} Description: Photosmart Premium C309g-m Device ID: ROOT\IMAGE\0000 Manufacturer: HP Name: Photosmart Premium C309g-m PNP Device ID: ROOT\IMAGE\0000 Service: StillCam . ==== System Restore Points =================== . RP277: 8/19/2012 10:23:07 PM - Windows Backup RP278: 8/21/2012 7:30:59 PM - Windows Update RP279: 8/28/2012 10:46:48 PM - Scheduled Checkpoint RP280: 9/1/2012 8:52:31 AM - Installed Java 6 Update 35 RP281: 9/2/2012 9:38:22 PM - Windows Backup . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) µTorrent Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader 9.1.2 Apple Application Support Apple Software Update Avery Template - U_0332_01_L Big Fish Games: Game Manager BufferChm Build-a-lot: Fairy Tales Burger Bustle: Ellie's Organics C309g-m Campgrounds Cisco EAP-FAST Module Cisco LEAP Module Cisco PEAP Module Compatibility Pack for the 2007 Office system Cooking Academy 2: World Cuisine Cooking Academy 3: Recipe for Success Dell DataSafe Local Backup Dell DataSafe Local Backup - Support Software Dell Getting Started Guide Destinations DeviceDiscovery EA Download Manager GoToAssist 8.0.0.514 GPBaseService2 HP Deskjet 3050A J611 series Help HP Photo Creations HP Update HPPhotoGadget hpPrintProjects HPProductAssistant hpWLPGInstaller Island Tribe 3 Java Auto Updater Jo's Dream: Organic Coffee Junk Mail filter update Katy and Bob: Way Back Home kSolo Recorder LeapFrog Connect LeapFrog My Pals Plugin LeapFrog MyOwnLeaptop Plugin Malwarebytes Anti-Malware version 1.62.0.1300 MarketResearch Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Home and Student 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Search Enhancement Pack Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft Works Microsoft WSE 3.0 Runtime Microsoft XNA Framework Redistributable 3.1 Monument Builders: Eiffel Tower MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) PowerDVD DX PS_AIO_06_C309g-m_SW_Min QuickTime RCA Detective™ 2.0.0.99 RCA easyRip 2.3.9.0 Roxio Burn Roxio Update Manager Scan Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition Shop-n-Spree: Shopping Paradise SmartWebPrinting Snow Globe: Farm World SolutionCenter Status System Requirements Lab The Promised Land The Sims™ 3 Toolbox TrayApp Unity Web Player Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) Use the entry named LeapFrog Connect to uninstall (LeapFrog My Pals Plugin) Use the entry named LeapFrog Connect to uninstall (LeapFrog MyOwnLeaptop Plugin) Virtual City 2: Paradise Resort Weather Lord WebReg Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Mail Windows Live Messenger Windows Live Movie Maker Windows Live Photo Gallery Windows Live Sync Windows Live Writer . ==== Event Viewer Messages From Past Week ======== . 9/4/2012 9:32:59 AM, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-2147024891 9/4/2012 9:32:59 AM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-2147024891 8/31/2012 10:07:54 PM, Error: Service Control Manager [7023] - The PnP-X IP Bus Enumerator service terminated with the following error: %%-2147023728 8/31/2012 10:06:44 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect. 8/31/2012 10:06:44 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 8/31/2012 10:06:44 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 8/31/2012 10:06:33 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 8/31/2012 10:06:26 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. 8/31/2012 10:06:26 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535. 8/31/2012 10:05:49 PM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed. 8/31/2012 10:05:47 PM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed. 8/31/2012 10:05:46 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service. 8/29/2012 10:47:15 PM, Error: Virtual Disk Service [9] - Unexpected provider failure. Restarting the service may fix the problem. Error code: 8007001F@02000014 8/28/2012 8:46:00 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SysMain service. . ==== End Of File ===========================