cmp007

Oh ok. Thanks alot man I really appreciate it! Nice to be able to use this thing again

Well it says 2 threats detected but has those 4 as deleted

Status: Deleted (events: 4) 10/1/2012 11:59:30 PM Deleted Trojan program Rootkit.Boot.Pihar.b C:\TDSSKiller_Quarantine\28.09.2012_21.30.47\mbr0000\mbr0000\tsk0000.dta High 10/1/2012 11:59:30 PM Deleted Trojan program Rootkit.Boot.Pihar.b C:\TDSSKiller_Quarantine\28.09.2012_21.30.47\mbr0000\mbr0000\tsk0000.dta//HDDImage High 10/1/2012 11:59:52 PM Deleted Trojan program Rootkit.Boot.Pihar.b C:\TDSSKiller_Quarantine\28.09.2012_21.30.47\mbr0000\mbr0000\tsk0001.dta High 10/1/2012 11:59:52 PM Deleted Trojan program Rootkit.Boot.Pihar.b C:\TDSSKiller_Quarantine\28.09.2012_21.30.47\mbr0000\mbr0000\tsk0001.dta//vbr0 High It deleted a few of the trojans I had in this folder dunno why it didnt finish off these

everything seems to be running smooth. Do i need to run something again to make sure its all gone? If I dont delete quarantine are all those viruses just gonna sit there?

Also do I need to remove items from quarantine?

This is all that comes up in the log ESETSmartInstaller@High as CAB hook log: OnlineScanner64.ocx - registred OK OnlineScanner.ocx - registred OK But here the "List of found threats" that it shows C:\Program Files (x86)\FoxTabAudioConverter\AudioConverter.exe a variant of Win32/InstallCore.A application cleaned by deleting - quarantined C:\Program Files (x86)\Trojan SVCHOSTRemoval Tool\TrojanSVCHOSTRemovalTool.exe probably a variant of Win32/SecurityStronghold application cleaned by deleting - quarantined C:\TDSSKiller_Quarantine\28.09.2012_21.30.47\mbr0000\tdlfs0000\tsk0000.dta Win32/Olmarik.AYI trojan cleaned by deleting - quarantined C:\TDSSKiller_Quarantine\28.09.2012_21.30.47\mbr0000\tdlfs0000\tsk0001.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined C:\TDSSKiller_Quarantine\28.09.2012_21.30.47\mbr0000\tdlfs0000\tsk0002.dta a variant of Win32/Rootkit.Kryptik.OU trojan cleaned by deleting - quarantined C:\TDSSKiller_Quarantine\28.09.2012_21.30.47\mbr0000\tdlfs0000\tsk0003.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined C:\TDSSKiller_Quarantine\28.09.2012_21.30.47\mbr0000\tdlfs0000\tsk0007.dta Win32/Olmarik.AFK trojan cleaned by deleting - quarantined C:\TDSSKiller_Quarantine\28.09.2012_21.30.47\mbr0000\tdlfs0000\tsk0008.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined C:\TDSSKiller_Quarantine\28.09.2012_21.44.23\tdlfs0000\tsk0000.dta Win32/Olmarik.AYI trojan cleaned by deleting - quarantined C:\TDSSKiller_Quarantine\28.09.2012_21.44.23\tdlfs0000\tsk0001.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined C:\TDSSKiller_Quarantine\28.09.2012_21.44.23\tdlfs0000\tsk0002.dta a variant of Win32/Rootkit.Kryptik.OU trojan cleaned by deleting - quarantined C:\TDSSKiller_Quarantine\28.09.2012_21.44.23\tdlfs0000\tsk0003.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined C:\TDSSKiller_Quarantine\28.09.2012_21.44.23\tdlfs0000\tsk0007.dta Win32/Olmarik.AFK trojan cleaned by deleting - quarantined C:\TDSSKiller_Quarantine\28.09.2012_21.44.23\tdlfs0000\tsk0008.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined C:\Users\Caleb\AppData\Local\AIM\Adobe\caeybfx.dll Win32/TrojanDownloader.Tracur.N.Gen trojan cleaned by deleting - quarantined C:\Users\Caleb\Downloads\Setup_FreeConverter.exe Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined C:\Users\Caleb\Downloads\TrojanSVCHOSTRemovalTool.exe probably a variant of Win32/SecurityStronghold application cleaned by deleting - quarantined C:\Windows\System32\ipxindir.dll a variant of Win32/Urlbot.NAO trojan cleaned by deleting - quarantined C:\Windows\System32\vbanatxt.exe a variant of Win32/Urlbot.NAT trojan cleaned by deleting - quarantined

ComboFix 12-09-27.03 - Caleb 09/29/2012 17:41:06.1.1 - x64 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3999.2436 [GMT -5:00] Running from: c:\users\Caleb\Downloads\ComboFix.exe AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C} SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Caleb\AppData\Roaming\Mozilla\Firefox\Profiles\9vo7hubf.default\searchplugins\bing-zugo.xml c:\windows\cr2gui32.dll c:\windows\javexisa.dll c:\windows\javexisb.dll c:\windows\km32hlpr.dll c:\windows\msrresmap.dll c:\windows\stdensrv.dll c:\windows\wnsperf32.dll . . ((((((((((((((((((((((((( Files Created from 2012-08-28 to 2012-09-29 ))))))))))))))))))))))))))))))) . . 2012-09-29 23:04 . 2012-09-29 23:04 -------- d-----w- c:\users\Mcx1-LEESCOMPUTER\AppData\Local\temp 2012-09-29 23:04 . 2012-09-29 23:04 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-09-29 05:18 . 2009-10-10 03:17 14336 ----a-w- c:\windows\system32\drivers\sffp_sd.sys 2012-09-29 05:18 . 2009-10-10 02:41 109056 ----a-w- c:\windows\system32\drivers\sdbus.sys 2012-09-29 05:04 . 2012-08-30 05:27 9308616 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{73988734-2150-406A-9071-DCE67F30DB51}\mpengine.dll 2012-09-29 04:41 . 2012-09-29 04:41 -------- d-----w- c:\program files (x86)\Microsoft Security Client 2012-09-29 04:40 . 2012-09-29 04:41 -------- d-----w- c:\program files\Microsoft Security Client 2012-09-29 04:09 . 2010-04-09 11:06 374664 ----a-w- c:\windows\system32\drivers\netio.sys 2012-09-29 02:40 . 2012-09-29 02:54 -------- d-----w- C:\TDSSKiller_Quarantine 2012-09-28 19:34 . 2012-08-30 07:27 9308616 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A5DD793D-E29F-4582-8B1E-A396C580BC9F}\mpengine.dll 2012-09-26 16:07 . 2012-09-29 05:41 -------- d-----w- c:\program files (x86)\Trojan SVCHOSTRemoval Tool 2012-09-26 16:07 . 2011-02-17 23:26 81920 ----a-w- c:\windows\eSellerateControl350.dll 2012-09-26 16:07 . 2011-02-17 23:26 356352 ----a-w- c:\windows\eSellerateEngine.dll 2012-09-26 16:00 . 2012-09-26 16:00 -------- d-----w- c:\users\Caleb\AppData\Roaming\Uniblue 2012-09-26 16:00 . 2012-09-26 16:00 -------- d-----w- c:\program files (x86)\Uniblue 2012-09-26 13:36 . 2012-09-26 13:37 -------- d-----w- c:\program files\IDT 2012-09-26 01:30 . 2012-09-26 01:30 -------- d-----w- c:\program files (x86)\Security Task Manager 2012-09-25 20:18 . 2012-09-25 20:18 -------- d-----w- c:\users\Caleb\AppData\Roaming\SUPERAntiSpyware.com 2012-09-25 20:17 . 2012-09-25 20:17 -------- d-----w- c:\users\Caleb\AppData\Roaming\Malwarebytes 2012-09-25 20:16 . 2012-09-25 20:16 -------- d-----w- c:\programdata\Malwarebytes 2012-09-25 20:16 . 2012-09-07 22:04 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-09-25 20:16 . 2012-09-25 20:16 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-09-25 20:13 . 2012-09-28 23:29 -------- d-----w- c:\program files\SUPERAntiSpyware 2012-09-25 20:13 . 2012-09-25 20:13 -------- d-----w- c:\programdata\SUPERAntiSpyware.com 2012-09-25 02:53 . 2012-09-25 02:53 -------- d-----w- c:\windows\Hewlett-Packard 2012-09-25 02:37 . 2012-09-25 02:37 -------- d-----w- c:\windows\Downloaded Program Files 2012-09-25 01:09 . 2010-03-23 19:53 564224 ----a-w- c:\windows\system32\idt64mp1.exe 2012-09-25 01:09 . 2010-03-23 19:53 12772352 ----a-w- c:\windows\system32\idtcpl64.cpl 2012-09-25 00:48 . 2012-09-25 00:48 -------- d-----w- C:\TB 1.2 2012-09-24 21:17 . 2012-09-24 21:17 -------- d-----w- c:\program files (x86)\Common Files\ParetoLogic 2012-09-24 21:17 . 2012-09-24 21:17 -------- d-----w- c:\program files (x86)\ParetoLogic 2012-09-24 20:59 . 2012-09-25 03:47 -------- d--h--w- c:\program files (x86)\Temp 2012-09-24 20:58 . 2012-05-25 23:06 1706640 ----a-w- c:\windows\RtlExUpd.dll 2012-09-24 20:16 . 2012-09-24 20:16 -------- d-----w- c:\users\Caleb\AppData\Roaming\ParetoLogic 2012-09-24 20:16 . 2012-09-24 20:16 -------- d-----w- c:\users\Caleb\AppData\Roaming\DriverCure 2012-09-24 20:07 . 2012-09-24 21:17 -------- d-----w- c:\programdata\ParetoLogic 2012-09-24 19:42 . 2006-02-07 20:44 65024 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ISBEW64.exe 2012-09-24 19:42 . 2006-02-07 20:40 204800 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iuser.dll 2012-09-24 19:42 . 2006-02-07 20:45 757760 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iKernel.dll 2012-09-24 19:42 . 2006-02-07 20:40 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ctor.dll 2012-09-24 19:42 . 2006-02-07 20:40 274432 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iscript.dll 2012-09-24 19:42 . 2005-11-14 04:19 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe 2012-09-24 19:42 . 2012-09-24 19:42 200836 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iGdi.dll 2012-09-24 19:42 . 2012-09-24 19:42 331908 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\setup.dll 2012-09-21 21:51 . 2012-09-26 16:04 -------- d-----w- C:\78bf37ac6a556141b8 2012-09-21 00:42 . 2012-09-21 00:42 477168 ----a-w- c:\windows\SysWow64\npdeployJava1.dll 2012-09-20 23:37 . 2012-09-20 23:37 -------- d-----w- c:\windows\Sun 2012-09-12 08:06 . 2012-08-02 17:55 574464 ----a-w- c:\windows\system32\d3d10level9.dll 2012-09-12 08:06 . 2012-08-02 17:05 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll 2012-09-11 17:41 . 2012-09-11 17:41 -------- d-----w- c:\users\Caleb\AppData\Local\LogMeIn 2012-09-11 17:41 . 2012-07-05 23:10 59808 ----a-w- c:\windows\system32\Spool\prtprocs\x64\LMIproc.dll 2012-09-11 17:41 . 2012-07-05 23:10 34720 ----a-w- c:\windows\system32\LMIport.dll 2012-09-11 17:41 . 2012-07-05 23:11 87488 ----a-w- c:\windows\system32\LMIRfsClientNP.dll 2012-09-11 17:41 . 2012-06-08 17:06 72216 ----a-w- c:\windows\system32\drivers\LMIRfsDriver.sys 2012-09-11 17:41 . 2012-07-05 23:10 80800 ----a-w- c:\windows\system32\LMIinit.dll 2012-09-11 17:41 . 2012-09-29 05:10 -------- d-----w- c:\programdata\LogMeIn 2012-09-11 17:41 . 2012-09-11 17:47 -------- d-----w- c:\program files (x86)\LogMeIn 2012-09-10 21:09 . 2012-09-10 21:09 -------- d-----w- c:\users\Caleb\AppData\Roaming\Wireshark 2012-09-01 13:50 . 2012-09-26 16:04 -------- d-----w- c:\programdata\SecTaskMan 2012-09-01 05:43 . 2012-06-05 07:37 256904 ----a-w- c:\windows\SysWow64\drivers\tmcomm.sys 2012-09-01 04:09 . 2012-09-01 04:17 -------- d-----w- c:\windows\system32\movuphex 2012-08-31 03:03 . 2012-08-31 03:03 228768 ----a-w- c:\windows\system32\drivers\MpFilter.sys 2012-08-31 03:03 . 2012-08-31 03:03 128456 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-09-21 00:42 . 2010-07-30 17:36 473072 ----a-w- c:\windows\SysWow64\deployJava1.dll 2012-08-31 05:43 . 2009-12-08 16:18 64462936 ----a-w- c:\windows\system32\MRT.exe 2012-08-25 04:32 . 2012-08-25 04:32 224256 ----a-w- c:\windows\svcreng.dll 2012-08-25 04:32 . 2012-08-25 04:32 590848 ----a-w- c:\windows\utimcache.exe 2012-08-25 04:32 . 2012-08-25 04:32 420352 ----a-w- c:\windows\stidraw32.exe 2012-08-25 04:32 . 2012-08-25 04:32 646144 ----a-w- c:\windows\sysnadr64.exe 2012-08-25 04:32 . 2012-08-25 04:32 3339264 ----a-w- c:\windows\diskediag.exe 2012-07-18 17:31 . 2012-08-15 09:27 3146752 ----a-w- c:\windows\system32\win32k.sys 2012-07-04 22:04 . 2012-08-15 09:27 73216 ----a-w- c:\windows\system32\netapi32.dll 2012-07-04 22:01 . 2012-08-15 09:27 58880 ----a-w- c:\windows\system32\browcli.dll 2012-07-04 22:01 . 2012-08-15 09:27 136704 ----a-w- c:\windows\system32\browser.dll 2012-07-04 21:23 . 2012-08-15 09:27 41472 ----a-w- c:\windows\SysWow64\browcli.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Uniblue SpeedUpMyPC"="c:\program files (x86)\Uniblue\SpeedUpMyPC\SpeedUpMyPC.exe" [2006-11-02 4763648] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "QPService"="c:\program files (x86)\HP\QuickPlay\QPService.exe" [2009-06-24 468264] "QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2010-02-25 323640] "UpdatePRCShortCut"="c:\program files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008] "WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2010-03-23 500792] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240] "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-01-21 91520] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] "HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "MySpaceIM"="c:\program files (x86)\MySpace\IM\MySpaceIM.exe" [2009-12-01 6373376] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system] "WallpaperStyle"= 2 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 30963576] R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-10 114144] R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-31 128456] R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-13 368896] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x] R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x] R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864] R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312] R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-08-02 51712] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-02-24 1255736] R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2008-05-06 14464] R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-06-10 389120] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] S0 xmlatole;xmlatole;c:\windows\system32\DRIVERS\xmlatole.sys [2011-07-16 58896] S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928] S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2012-09-25 140672] S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [2009-03-02 89600] S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072] S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264] S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2012-07-05 375208] S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [2012-06-08 15928] S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-07 399432] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-07 676936] S3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-02-25 227896] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-07 25928] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-03-02 187392] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - WS2IFSL . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2010-01-22 16:06 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe . Contents of the 'Scheduled Tasks' folder . 2012-09-20 c:\windows\Tasks\HPCeeScheduleForCaleb.job - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 04:15] . 2012-09-29 c:\windows\Tasks\ParetoLogic Registration3.job - c:\windows\system32\rundll32.exe [2009-07-13 01:14] . 2012-09-24 c:\windows\Tasks\ParetoLogic Update Version3.job - c:\program files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2011-11-25 02:25] . 2012-09-29 c:\windows\Tasks\RegCure Pro.job - c:\program files (x86)\ParetoLogic\RegCure Pro\RegCurePro.exe [2012-09-24 17:34] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-08-14 171520] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-02-18 165912] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-02-18 387608] "Persistence"="c:\windows\system32\igfxpers.exe" [2010-02-18 365592] "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-03-23 487424] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-13 1289704] . ------- Supplementary Scan ------- . uStart Page = hxxp://www.faulknerstate.edu/students/elearning uLocal Page = c:\windows\system32\blank.htm mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cnnb mLocal Page = c:\windows\system32\blank.htm uInternet Settings,ProxyOverride = *.local TCP: DhcpNameServer = 97.64.209.36 97.64.168.13 TCP: Interfaces\{E594B859-29A2-4BDA-8A82-769A065BB562}: DhcpNameServer = 97.64.209.36 97.64.168.13 FF - ProfilePath - c:\users\Caleb\AppData\Roaming\Mozilla\Firefox\Profiles\9vo7hubf.default\ FF - prefs.js: browser.search.selectedEngine - Yahoo FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/ . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) Wow6432Node-HKLM-Run-<NO NAME> - (no file) SafeBoot-27667504.sys SafeBoot-92328399.sys HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2012-09-29 18:57:03 ComboFix-quarantined-files.txt 2012-09-29 23:56 . Pre-Run: 27,379,621,888 bytes free Post-Run: 27,019,739,136 bytes free . - - End Of File - - 81CF04DCC9141F1C69A5285EB8C14CFB

Ok I wasnt sure since I got different screens and since it said error in writing that file.

Ok went to download combo fix. I downloaded it and when I goto run it I dont get the sane screen as it shows on the install page. And half way through install says 1 file couldnt be installed and rety doesnt work. Click ignore it finished and nothing happens and its not installed on my computer. Heres some screen shots.

Give me a minute to get the next log. Also when my computer restart my systray is like it is in safe mode and some msg popped up about windows security not starting or something like that

# AdwCleaner v2.003 - Logfile created 09/29/2012 at 16:27:16 # Updated 23/09/2012 by Xplode # Operating system : Windows 7 Home Premium (64 bits) # User : Caleb - LEESCOMPUTER # Boot Mode : Normal # Running from : C:\Users\Caleb\Downloads\adwcleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.xpt File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.xpt File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk Folder Deleted : C:\Program Files (x86)\Common Files\Software Update Utility Folder Deleted : C:\Users\Caleb\AppData\LocalLow\BitTorrentBar Folder Deleted : C:\Users\Caleb\AppData\LocalLow\Conduit Folder Deleted : C:\Users\Caleb\AppData\LocalLow\ConduitEngine ***** [Registry] ***** Key Deleted : HKCU\Software\AppDataLow\Software\BitTorrentBar Key Deleted : HKCU\Software\AppDataLow\Software\Conduit Key Deleted : HKCU\Software\AppDataLow\Software\conduitEngine Key Deleted : HKCU\Software\AppDataLow\Toolbar Key Deleted : HKCU\Software\Zugo Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Deleted : HKLM\Software\BitTorrentBar Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1} Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1 Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2790392 Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA} Key Deleted : HKLM\Software\Conduit Key Deleted : HKLM\Software\conduitEngine Key Deleted : HKLM\Software\Freeze.com Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E5C3FBCE-29D2-4F08-9D3E-51D2871ED2FD} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{88C7F2AA-F93F-432C-8F0E-B7D85967A527} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E5C3FBCE-29D2-4F08-9D3E-51D2871ED2FD} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{19B9E463-AD33-40D8-9571-BEAD842F9669} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2747F4A6-CC4C-4B19-A227-A72CBC096285} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90} Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{88C7F2AA-F93F-432C-8F0E-B7D85967A527}] Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}] Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{88C7F2AA-F93F-432C-8F0E-B7D85967A527}] ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16421 Restored : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope] Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope] Restored : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope] Restored : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope] Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope] Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope] Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope] -\\ Mozilla Firefox v15.0 (en-US) Profile name : default File : C:\Users\Caleb\AppData\Roaming\Mozilla\Firefox\Profiles\9vo7hubf.default\prefs.js C:\Users\Caleb\AppData\Roaming\Mozilla\Firefox\Profiles\9vo7hubf.default\user.js ... Deleted ! Deleted : user_pref("browser.search.defaultthis.engineName", "Conduit Engine Customized Web Search"); Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=ConduitEngine[...] Deleted : user_pref("extensions.enabledAddons", "DivXWebPlayer@divx.com:2.0.2.039,SQLiteManager@mrinalkant.blo[...] Deleted : user_pref("keyword.URL", "hxxp://lf.startnow.com/s/?src=addrbar&provider=bing&provider_name=bing&pro[...] ************************* AdwCleaner[R1].txt - [5636 octets] - [29/09/2012 09:48:53] AdwCleaner[s2].txt - [5930 octets] - [29/09/2012 16:27:16] ########## EOF - C:\AdwCleaner[s2].txt - [5990 octets] ##########

theres all the logs. Just let me know how that looks and where to go now

. UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 12/7/2009 8:56:44 AM System Uptime: 9/29/2012 1:02:15 AM (9 hours ago) . Motherboard: Quanta | | 306B Processor: Intel® Celeron® CPU 900 @ 2.20GHz | CPU | 2194/800mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 286 GiB total, 23.849 GiB free. D: is FIXED (NTFS) - 12 GiB total, 2.041 GiB free. E: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP479: 9/28/2012 10:58:11 PM - Windows Update RP480: 9/29/2012 12:17:20 AM - Windows Update RP481: 9/29/2012 7:52:44 AM - Windows Update RP482: 9/29/2012 8:40:46 AM - Windows Update . ==== Installed Programs ====================== . Acrobat.com Adobe AIR Adobe Anchor Service CS3 Adobe Asset Services CS3 Adobe Bridge CS3 Adobe Bridge Start Meeting Adobe Camera Raw 4.0 Adobe CMaps Adobe Color - Photoshop Specific Adobe Color EU Extra Settings Adobe Color JA Extra Settings Adobe Color NA Recommended Settings Adobe Default Language CS3 Adobe Device Central CS3 Adobe Flash Player 10 ActiveX Adobe Fonts All Adobe Help Viewer CS3 Adobe Linguistics CS3 Adobe PDF Library Files Adobe Photoshop CS3 Adobe Reader 9.5.2 MUI Adobe Setup Adobe Stock Photos CS3 Adobe Type Support Adobe Update Manager CS3 Adobe Version Cue CS3 Client Adobe WinSoft Linguistics Plugin Adobe XMP Panels CS3 AIM 7 Apple Application Support Apple Software Update Atheros Driver Installation Program Cisco EAP-FAST Module Cisco LEAP Module Cisco PEAP Module Compatibility Pack for the 2007 Office system CyberLink DVD Suite D3DX10 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Download Updater (AOL LLC) Facebook Plug-In Free Mp3 Wma Converter V 2.2 Hewlett-Packard ACLM.NET v1.1.2.0 Homepage Protection HP Advisor HP Customer Experience Enhancements HP DVD Play 3.7 HP Games HP Quick Launch Buttons HP Setup HP Update HP User Guides 0148 HP Wireless Assistant IDT Audio Java Auto Updater Java 6 Update 35 Junk Mail filter update K-Lite Codec Pack 7.0.0 (Standard) LabelPrint League of Legends LightScribe System Software LogMeIn Malwarebytes Anti-Malware version 1.65.0.1400 Mesh Runtime Messenger Companion Microsoft Live Search Toolbar Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Groove MUI (English) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Office Professional Plus 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Word MUI (English) 2010 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Works Mobile Mouse Server Mozilla Firefox 15.0 (x86 en-US) Mozilla Firefox 15.0.1 (x86 en-US) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) muvee Reveal MySpaceIM NetAssistant NetAssistant for Firefox PDF Settings Power2Go PowerDirector PowerRecover QLBCASL QuickTime Realtek 8136 8168 8169 Ethernet Driver Realtek High Definition Audio Driver Realtek USB 2.0 Card Reader RegCure Pro Security Task Manager 1.8d Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) SmartWebPrinting Trojan SVCHOSTRemoval Tool Uniblue SpeedUpMyPC Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2553092) Update Installer for WildTangent Games App WildTangent Games App (HP Games) Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live Messenger Companion Core Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinZip Driver Updater Xilisoft DVD Creator 6 Yahoo! Detect . ==== Event Viewer Messages From Past Week ======== . 9/29/2012 9:08:38 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Windows 7 Service Pack 1 for x64-based Systems (KB976932). 9/29/2012 8:42:57 AM, Error: Microsoft-Windows-Service Pack Installer [8] - Service Pack installation failed with error code 0x800f0829. 9/29/2012 8:42:48 AM, Error: Microsoft-Windows-Service Pack Installer [6] - The Service Pack cannot be installed when the computer is running on battery power. 9/29/2012 12:57:04 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000050 (0xfffff8a025ece000, 0x0000000000000000, 0xfffff88001e4da38, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 092912-44865-01. 9/29/2012 12:19:00 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070002: Windows 7 Service Pack 1 for x64-based Systems (KB976932). 9/29/2012 12:07:12 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.137.699.0). 9/29/2012 12:07:12 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070002: Qualcomm Atheros Communications Inc. - Network - Qualcomm Atheros AR9285 802.11b/g/n WiFi Adapter. 9/29/2012 12:05:19 AM, Error: Microsoft Antimalware [2003] - Microsoft Antimalware has encountered an error trying to update the engine. New Engine Version: Previous Engine Version: Engine Type: Network Inspection System User: LeesComputer\Caleb Error Code: 0x8007042c Error description: The dependency service or group failed to start. 9/29/2012 12:05:19 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: Update Source: User Update Stage: Install Source Path: Signature Type: Network Inspection System Update Type: Full User: LeesComputer\Caleb Current Engine Version: Previous Engine Version: Error code: 0x8007042c Error description: The dependency service or group failed to start. 9/29/2012 12:04:56 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.137.699.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8800.0 Error code: 0x80070643 Error description: Fatal error during installation. 9/29/2012 12:04:37 AM, Error: Microsoft Antimalware [2003] - Microsoft Antimalware has encountered an error trying to update the engine. New Engine Version: Previous Engine Version: Engine Type: Network Inspection System User: NT AUTHORITY\SYSTEM Error Code: 0x8007042c Error description: The dependency service or group failed to start. 9/29/2012 12:04:37 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: Update Source: User Update Stage: Install Source Path: Signature Type: Network Inspection System Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: Error code: 0x8007042c Error description: The dependency service or group failed to start. 9/29/2012 1:11:43 AM, Error: Service Control Manager [7022] - The Windows Search service hung on starting. 9/28/2012 9:27:23 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 9/28/2012 9:19:29 PM, Error: Service Control Manager [7001] - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start. 9/28/2012 9:18:27 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F} 9/28/2012 9:18:27 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF} 9/28/2012 9:18:00 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 9/28/2012 9:17:56 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 9/28/2012 9:17:49 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 9/28/2012 9:17:41 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 9/28/2012 9:17:37 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\athihvs.dll Error Code: 21 9/28/2012 9:17:29 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache SASDIFSV SASKUTIL spldr Wanarpv6 9/28/2012 9:17:29 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service TermService with arguments "" in order to run the server: {F9A874B6-F8A8-4D73-B5A8-AB610816828B} 9/28/2012 9:17:19 PM, Error: Service Control Manager [7001] - The Media Center Extender Service service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start. 9/28/2012 9:12:22 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 9/28/2012 7:21:43 PM, Error: atapi [11] - The driver detected a controller error on \Device\Ide\IdePort0. 9/28/2012 6:27:32 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89} 9/28/2012 6:27:32 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E} 9/28/2012 6:27:10 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC discache NetBIOS NetBT nsiproxy Psched rdbss SASDIFSV SASKUTIL spldr tdx vwififlt Wanarpv6 WfpLwf 9/28/2012 6:27:09 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 9/28/2012 6:27:09 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 9/28/2012 6:27:09 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning. 9/28/2012 6:27:09 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 9/28/2012 6:27:09 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 9/28/2012 6:27:09 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning. 9/28/2012 6:27:09 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 9/28/2012 6:27:09 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 9/28/2012 6:27:09 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning. 9/28/2012 6:27:09 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 9/28/2012 6:07:24 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000050 (0xfffff8a00c3f1000, 0x0000000000000000, 0xfffff88001c03a38, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 092812-35147-01. 9/28/2012 2:38:24 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334} 9/28/2012 11:09:22 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80246007: Update for Windows 7 for x64-based Systems (KB976422). 9/27/2012 6:38:10 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service stisvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811} 9/26/2012 8:33:56 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046} 9/26/2012 5:58:12 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000096, 0xfffff80002c60a3a, 0x0000000000000000, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 092612-27658-01. 9/26/2012 10:14:46 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000050 (0xfffff8a018cb6000, 0x0000000000000000, 0xfffff88001fc4a38, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 092612-32869-01. 9/25/2012 7:38:03 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. 9/25/2012 7:38:03 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535. 9/25/2012 7:37:00 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache spldr Wanarpv6 9/25/2012 7:34:33 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000050 (0xfffff8a05e7b6000, 0x0000000000000000, 0xfffff88002075a38, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 092512-26707-01. 9/25/2012 6:54:11 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Modules Installer service to connect. 9/25/2012 6:54:11 PM, Error: Service Control Manager [7000] - The Windows Modules Installer service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 9/25/2012 6:30:40 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service TrustedInstaller with arguments "" in order to run the server: {752073A1-23F2-4396-85F0-8FDB879ED0ED} 9/25/2012 6:08:33 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect. 9/25/2012 6:07:13 PM, Error: volsnap [14] - The shadow copies of volume C: were aborted because of an IO failure on volume C:. 9/25/2012 3:20:51 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80246007: Cumulative Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2744842). 9/24/2012 6:52:25 AM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{E594B859-29A2-4BDA-8A82-769A065BB562} because another computer on the network has the same name. The server could not start. 9/24/2012 3:02:34 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8007000d: Cumulative Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2744842). 9/23/2012 5:12:56 PM, Error: Tcpip [4199] - The system detected an address conflict for IP address 0.0.0.0 with the system having network hardware address 00-00-00-00-00-00. Network operations on this system may be disrupted as a result. 9/22/2012 6:26:59 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.137.142.0). 9/22/2012 6:12:57 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service. . ==== End Of File ===========================

. DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_35 Run by Caleb at 10:16:15 on 2012-09-29 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3999.1787 [GMT -5:00] . AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C} SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe C:\Program Files\LSI SoftModem\agr64svc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\taskhost.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\IDT\WDM\sttray64.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Windows\system32\igfxsrvc.exe C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE C:\Program Files (x86)\HP\QuickPlay\QPService.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\system32\wuauclt.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.faulknerstate.edu/students/elearning uSearch Bar = Preserve mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cnnb uInternet Settings,ProxyOverride = *.local mURLSearchHooks: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - mWinlogon: Userinit=userinit.exe, BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll TB: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll uRun: [uniblue SpeedUpMyPC] C:\Program Files (x86)\Uniblue\SpeedUpMyPC\SpeedUpMyPC.exe mRun: [QPService] "C:\Program Files (x86)\HP\QuickPlay\QPService.exe" mRun: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start mRun: [updatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover" mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe mRun: [<NO NAME>] dRun: [MySpaceIM] C:\Program Files (x86)\MySpace\IM\MySpaceIM.exe uPolicies-system: WallpaperStyle = 2 mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) dPolicies-system: WallpaperStyle = 2 IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab DPF: {BEA7310D-06C4-4339-A784-DC3804819809} - hxxp://www.cvsphoto.com/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab TCP: DhcpNameServer = 97.64.209.36 97.64.168.13 TCP: Interfaces\{E594B859-29A2-4BDA-8A82-769A065BB562} : DhcpNameServer = 97.64.209.36 97.64.168.13 TCP: Interfaces\{E594B859-29A2-4BDA-8A82-769A065BB562}\2656C6B696E6534376 : DhcpNameServer = 192.168.2.1 TCP: Interfaces\{E594B859-29A2-4BDA-8A82-769A065BB562}\4516E6765627F57457563747F575962756C6563737F564F6C65697 : DhcpNameServer = 4.2.2.1 4.2.2.1 TCP: Interfaces\{E594B859-29A2-4BDA-8A82-769A065BB562}\C696E6B6379737 : DhcpNameServer = 207.203.159.23 205.152.37.23 192.168.1.1 207.203.159.23 205.152.37.23 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe" BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll BHO-X64: HP Print Enhancer - No File BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL BHO-X64: URLRedirectionBHO - No File BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll BHO-X64: HP Smart BHO Class - No File TB-X64: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - TB-X64: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - TB-X64: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File mRun-x64: [QPService] "C:\Program Files (x86)\HP\QuickPlay\QPService.exe" mRun-x64: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start mRun-x64: [updatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover" mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun-x64: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe mRun-x64: [(Default)] SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Caleb\AppData\Roaming\Mozilla\Firefox\Profiles\9vo7hubf.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=ConduitEngine&SearchSource=3&q={searchTerms} FF - prefs.js: browser.search.selectedEngine - Yahoo FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/ FF - prefs.js: keyword.URL - hxxp://lf.startnow.com/s/?src=addrbar&provider=bing&provider_name=bing&provider_code=Z051&partner_id=276&product_id=709&affiliate_id=&channel=4001&toolbar_id=200&toolbar_version=2.1.0&install_country=US&install_date=20110630&user_guid=2BEB29AA818E433CAA64F3FD7761016E&machine_id=5ca8ce2929ac7cf7023bdaff2a32fb82&browser=FF&os=win&os_version=6.1-x64-SP0&q= FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\components\coFFPlgn.dll FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\IPSFFPlgn\components\IPSFFPl.dll FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll FF - plugin: C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll FF - plugin: C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npbittorrent.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\Caleb\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll FF - plugin: C:\Users\Caleb\AppData\Roaming\Mozilla\Firefox\Profiles\9vo7hubf.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npAclmPlugin.dll FF - plugin: C:\Users\Caleb\AppData\Roaming\Mozilla\Firefox\Profiles\9vo7hubf.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npProductDetectPlugin.dll FF - plugin: C:\Users\Caleb\AppData\Roaming\Mozilla\Firefox\Profiles\9vo7hubf.default\extensions\LogMeInClient@logmein.com\plugins\npLMI64.dll FF - plugin: C:\Users\Caleb\AppData\Roaming\Mozilla\Firefox\Profiles\9vo7hubf.default\extensions\LogMeInClient@logmein.com\plugins\npRACtrl.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll . ---- FIREFOX POLICIES ---- FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(yahoo.homepage.dontask, true ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?] R0 xmlatole;xmlatole;C:\Windows\system32\DRIVERS\xmlatole.sys --> C:\Windows\system32\DRIVERS\xmlatole.sys [?] R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928] R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2011-8-11 140672] R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [2009-3-2 89600] R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072] R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-3-28 94264] R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2012-7-5 375208] R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2012-6-8 15928] R2 LMIRfsDriver;LogMeIn Remote File System Driver;\??\C:\Windows\system32\drivers\LMIRfsDriver.sys --> C:\Windows\system32\drivers\LMIRfsDriver.sys [?] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-9-25 399432] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-9-25 676936] R3 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-8-14 227896] R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?] S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352] S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-1-21 30963576] S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-7 114144] S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?] S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?] S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-9-12 368896] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?] S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?] S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?] S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2012-09-29 05:18:59 14336 ----a-w- C:\Windows\System32\drivers\sffp_sd.sys 2012-09-29 05:18:58 109056 ----a-w- C:\Windows\System32\drivers\sdbus.sys 2012-09-29 05:04:27 9308616 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{73988734-2150-406A-9071-DCE67F30DB51}\mpengine.dll 2012-09-29 04:41:12 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client 2012-09-29 04:40:59 -------- d-----w- C:\Program Files\Microsoft Security Client 2012-09-29 04:09:40 374664 ----a-w- C:\Windows\System32\drivers\netio.sys 2012-09-29 02:40:03 -------- d-----w- C:\TDSSKiller_Quarantine 2012-09-28 19:34:35 9308616 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A5DD793D-E29F-4582-8B1E-A396C580BC9F}\mpengine.dll 2012-09-26 16:07:46 81920 ----a-w- C:\Windows\eSellerateControl350.dll 2012-09-26 16:07:46 356352 ----a-w- C:\Windows\eSellerateEngine.dll 2012-09-26 16:07:46 -------- d-----w- C:\Program Files (x86)\Trojan SVCHOSTRemoval Tool 2012-09-26 16:00:15 -------- d-----w- C:\Users\Caleb\AppData\Roaming\Uniblue 2012-09-26 16:00:05 -------- d-----w- C:\Program Files (x86)\Uniblue 2012-09-26 13:36:53 -------- d-----w- C:\Program Files\IDT 2012-09-26 01:30:10 -------- d-----w- C:\Program Files (x86)\Security Task Manager 2012-09-25 20:18:48 -------- d-----w- C:\Users\Caleb\AppData\Roaming\SUPERAntiSpyware.com 2012-09-25 20:17:05 -------- d-----w- C:\Users\Caleb\AppData\Roaming\Malwarebytes 2012-09-25 20:16:55 -------- d-----w- C:\ProgramData\Malwarebytes 2012-09-25 20:16:54 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-09-25 20:16:53 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-09-25 20:13:13 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com 2012-09-25 20:13:13 -------- d-----w- C:\Program Files\SUPERAntiSpyware 2012-09-25 02:53:09 -------- d-----w- C:\Windows\Hewlett-Packard 2012-09-25 02:37:36 -------- d-----w- C:\Windows\Downloaded Program Files 2012-09-25 01:09:46 564224 ----a-w- C:\Windows\System32\idt64mp1.exe 2012-09-25 01:09:46 12772352 ----a-w- C:\Windows\System32\idtcpl64.cpl 2012-09-25 00:48:11 -------- d-----w- C:\TB 1.2 2012-09-24 21:17:58 -------- d-----w- C:\Program Files (x86)\Common Files\ParetoLogic 2012-09-24 21:17:57 -------- d-----w- C:\Program Files (x86)\ParetoLogic 2012-09-24 20:59:08 -------- d--h--w- C:\Program Files (x86)\Temp 2012-09-24 20:58:39 1706640 ----a-w- C:\Windows\RtlExUpd.dll 2012-09-24 20:16:39 -------- d-----w- C:\Users\Caleb\AppData\Roaming\ParetoLogic 2012-09-24 20:16:39 -------- d-----w- C:\Users\Caleb\AppData\Roaming\DriverCure 2012-09-24 20:07:43 -------- d-----w- C:\ProgramData\ParetoLogic 2012-09-24 19:42:23 65024 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ISBEW64.exe 2012-09-24 19:42:23 204800 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iuser.dll 2012-09-24 19:42:22 757760 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iKernel.dll 2012-09-24 19:42:22 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ctor.dll 2012-09-24 19:42:22 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe 2012-09-24 19:42:22 274432 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iscript.dll 2012-09-24 19:42:21 200836 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iGdi.dll 2012-09-24 19:42:20 331908 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\setup.dll 2012-09-21 22:38:39 -------- d-----w- C:\Windows\pss 2012-09-21 21:51:28 -------- d-----w- C:\78bf37ac6a556141b8 2012-09-21 00:42:31 477168 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll 2012-09-12 08:06:41 574464 ----a-w- C:\Windows\System32\d3d10level9.dll 2012-09-12 08:06:41 490496 ----a-w- C:\Windows\SysWow64\d3d10level9.dll 2012-09-11 17:41:47 -------- d-----w- C:\Users\Caleb\AppData\Local\LogMeIn 2012-09-11 17:41:44 59808 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\LMIproc.dll 2012-09-11 17:41:44 34720 ----a-w- C:\Windows\System32\LMIport.dll 2012-09-11 17:41:43 87488 ----a-w- C:\Windows\System32\LMIRfsClientNP.dll 2012-09-11 17:41:43 72216 ----a-w- C:\Windows\System32\drivers\LMIRfsDriver.sys 2012-09-11 17:41:37 80800 ----a-w- C:\Windows\System32\LMIinit.dll 2012-09-11 17:41:33 -------- d-----w- C:\ProgramData\LogMeIn 2012-09-11 17:41:15 -------- d-----w- C:\Program Files (x86)\LogMeIn 2012-09-10 21:09:23 -------- d-----w- C:\Users\Caleb\AppData\Roaming\Wireshark 2012-09-01 13:50:57 -------- d-----w- C:\ProgramData\SecTaskMan 2012-09-01 05:43:19 256904 ----a-w- C:\Windows\SysWow64\drivers\tmcomm.sys 2012-09-01 04:09:06 -------- d-----w- C:\Windows\System32\movuphex 2012-08-31 03:03:48 228768 ----a-w- C:\Windows\System32\drivers\MpFilter.sys 2012-08-31 03:03:48 128456 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys . ==================== Find3M ==================== . 2012-09-21 00:42:07 473072 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2012-08-27 02:30:52 3634 ----a-w- C:\Windows\memgprep.dll 2012-08-26 14:14:38 27 ----a-w- C:\Windows\msrresmap.dll 2012-08-25 04:44:40 304 ----a-w- C:\Windows\km32hlpr.dll 2012-08-25 04:44:40 0 ----a-w- C:\Windows\wnsperf32.dll 2012-08-25 04:44:40 0 ----a-w- C:\Windows\stdensrv.dll 2012-08-25 04:44:40 0 ----a-w- C:\Windows\javexisb.dll 2012-08-25 04:44:40 0 ----a-w- C:\Windows\javexisa.dll 2012-08-25 04:44:40 0 ----a-w- C:\Windows\cr2gui32.dll 2012-08-25 04:32:58 224256 ----a-w- C:\Windows\svcreng.dll 2012-08-25 04:32:56 590848 ----a-w- C:\Windows\utimcache.exe 2012-08-25 04:32:55 646144 ----a-w- C:\Windows\sysnadr64.exe 2012-08-25 04:32:55 420352 ----a-w- C:\Windows\stidraw32.exe 2012-08-25 04:32:53 3339264 ----a-w- C:\Windows\diskediag.exe 2012-08-24 10:31:32 2312704 ----a-w- C:\Windows\System32\jscript9.dll 2012-08-24 10:21:18 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-08-24 10:20:11 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-08-24 10:14:45 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-08-24 10:13:29 599040 ----a-w- C:\Windows\System32\vbscript.dll 2012-08-24 10:09:42 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-08-24 06:59:17 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-08-24 06:51:27 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-08-24 06:51:02 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-08-24 06:47:26 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-08-24 06:47:12 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll 2012-08-24 06:43:58 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-07-18 17:31:12 3146752 ----a-w- C:\Windows\System32\win32k.sys 2012-07-04 22:01:38 58880 ----a-w- C:\Windows\System32\browcli.dll 2012-07-04 22:01:38 136704 ----a-w- C:\Windows\System32\browser.dll 2012-07-04 21:23:55 41472 ----a-w- C:\Windows\SysWow64\browcli.dll . ============= FINISH: 10:17:34.85 ===============

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software Run date: 2012-09-29 09:53:41 ----------------------------- 09:53:41.167 OS Version: Windows x64 6.1.7600 09:53:41.167 Number of processors: 1 586 0x170A 09:53:41.168 ComputerName: LEESCOMPUTER UserName: Caleb 09:53:45.396 Initialize success 10:01:03.312 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 10:01:03.315 Disk 0 Vendor: ST9320325AS 0005HPM1 Size: 305245MB BusType: 11 10:01:03.325 Disk 0 MBR read successfully 10:01:03.327 Disk 0 MBR scan 10:01:03.330 Disk 0 unknown MBR code 10:01:03.338 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048 10:01:03.347 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 292598 MB offset 409600 10:01:03.387 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 12446 MB offset 599650304 10:01:03.429 Disk 0 scanning C:\Windows\system32\drivers 10:01:13.713 Service scanning 10:01:36.348 Modules scanning 10:01:36.356 Disk 0 trace - called modules: 10:01:36.462 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys 10:01:36.466 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c5f5f0] 10:01:37.018 3 CLASSPNP.SYS[fffff8800105543f] -> nt!IofCallDriver -> [0xfffffa80046ec3f0] 10:01:37.023 5 ACPI.sys[fffff88000f92781] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa800471c060] 10:01:37.028 Scan finished successfully 10:03:24.857 Disk 0 MBR has been saved successfully to "C:\Users\Caleb\Desktop\MBR.dat" 10:03:24.968 The log file has been saved successfully to "C:\Users\Caleb\Desktop\aswMBR.txt"