Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Firefox Browser redirect and Windows Security Center can't start


  • This topic is locked This topic is locked
75 replies to this topic

#1 ahscotty

ahscotty

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Hobart , Tasmania ,Australia
  • Local time:12:14 AM

Posted 24 December 2012 - 07:44 PM

Merry Christmas to everyone,I have posted below, the DDS logs as requested by Boopme in "Am i infected ,what do i do"
I keep getting redirected to "ihavenet.com","livesearch.com","newsbusters.org" and the other odd sites. Also i get a message down the bottom of my desktop in that little flag icon, all the time saying,Windows Security Center is turned off,when i try to turn it back on i get the msg,"Windows Security Center can't start" All this started happening when i mistakenly downloaded and opened a small zip file under the impression that it was from google as some sort of add-on or update.

DDS Log-

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.9.2
Run by Scott at 11:12:11 on 2012-12-25
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.61.1033.18.8174.6221 [GMT 11:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Outdated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Outdated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: AVG Internet Security 2012 *Disabled* {621CC794-9486-F902-D092-0484E8EA828B}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\vcsFPService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\spoolsv.exe
C:\Program Files\DigitalPersona\Bin\DpHostW.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\TVCapSvc.exe
C:\Windows\system32\svchost.exe -k iissvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\DigitalPersona\Bin\DPAgent.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe
C:\Program Files\Hewlett-Packard\HP 3D DriveGuard\accelerometerST.exe
C:\Windows\System32\alg.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Digiarty\Air_Playit\airplayit.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Sidebar\sidebar.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Digiarty\Air_Playit\AirPS.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
C:\Program Files (x86)\AVG\AVG2013\avgcfgex.exe
C:\Program Files (x86)\AVG\AVG2013\avgcfgex.exe
C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
C:\Windows\explorer.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Users\Scott\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe
C:\Windows\system32\taskhost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - LocalServer32 - <no file>
BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - <orphaned>
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [Advanced SystemCare 5] "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart
uRun: [AccelerometerSysTrayApplet] "C:\Program Files\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.Exe"
uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [Digiarty_Software_AirPlayit] "C:\Program Files\Digiarty\Air_Playit\airplayit.exe" -min
uRun: [Google Update] "C:\Users\Scott\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [X-Lite] "C:\Program Files (x86)\CounterPath\X-Lite\X-Lite.exe"
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - LocalServer32 - <no file>
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{05729FFF-8185-4AB0-A74E-274A1360DBFF} : DHCPNameServer = 192.168.42.129
TCP: Interfaces\{7E6A32AE-7AB1-4E37-B1A4-2052ED09E46F} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{7E6A32AE-7AB1-4E37-B1A4-2052ED09E46F}\143535D414E4F5E4564777F627B6 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{7E6A32AE-7AB1-4E37-B1A4-2052ED09E46F}\241627E61636C656 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{7E6A32AE-7AB1-4E37-B1A4-2052ED09E46F}\279636B697 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{7E6A32AE-7AB1-4E37-B1A4-2052ED09E46F}\54C656364727963616C6 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{7E6A32AE-7AB1-4E37-B1A4-2052ED09E46F}\94E4455425E45445D234146454D223 : DHCPNameServer = 101.184.220.1 203.22.23.5
TCP: Interfaces\{7E6A32AE-7AB1-4E37-B1A4-2052ED09E46F}\E49636B6742796767637 : DHCPNameServer = 203.0.178.191 203.215.29.191
TCP: Interfaces\{819F8855-9B50-4E10-A141-310A74360604} : NameServer = 10.143.147.147 10.143.147.148
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
LSA: Notification Packages = DPPassFilter scecli
x64-mWinlogon: Userinit = C:\Windows\System32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe,
x64-BHO: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} -
x64-BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - <orphaned>
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
x64-IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} -
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-STS: FencesShlExt Class - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files\Stardock\Fences Pro\FencesMenu64.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\tnsuyyoj.default-1355635460383\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npsharedview.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Scott\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Users\Scott\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Scott\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2012-11-27 13:35; [email protected]; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - ExtSQL: 2012-12-17 12:06; [email protected]; C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\tnsuyyoj.default-1355635460383\extensions\[email protected]
FF - ExtSQL: 2012-12-20 09:11; jid0-GjwrPchS3Ugt7xydvqVK4DQk8Ls@jetpack; C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\tnsuyyoj.default-1355635460383\extensions\[email protected]
FF - ExtSQL: !HIDDEN! 2012-11-27 13:35; [email protected]; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2012-10-15 63328]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2012-9-21 225120]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2012-10-5 111456]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2012-9-14 40800]
R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\drivers\SMARTDEFRAGDRIVER.SYS [2011-8-12 18232]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2012-10-22 154464]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2012-10-2 185696]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2012-9-21 200032]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-8-20 283200]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-23 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-13 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-12 140672]
R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [2012-5-13 913792]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-4-20 89600]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-9-10 204288]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-6 5814392]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-7-22 103992]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-8-6 291896]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2011-5-13 30520]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2011-6-14 26680]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-16 399432]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-9-18 676936]
R2 TVCapSvc;TV Background Capture Service (TVBCS);C:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\TVCapSvc.exe [2010-6-3 296360]
R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-1-18 450848]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-4-20 2655768]
R2 vcsFPService;Validity VCS Fingerprint Service;C:\Windows\System32\vcsFPService.exe [2010-2-24 2192176]
R3 clwvd;HP Webcam Splitter;C:\Windows\System32\drivers\clwvd.sys [2010-9-4 31088]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2011-9-18 25928]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2011-4-20 1360960]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2011-4-20 246376]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
R3 stdriver;SoundTap Filter Driver v6.05.00;C:\Windows\System32\drivers\stdriverx64.sys [2012-9-8 32536]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-4-20 13336]
S3 LVUVC64;Logitech Webcam 120(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2012-1-18 4865568]
S3 massfilter;MBB Mass Storage Filter Driver;C:\Windows\System32\drivers\massfilter.sys [2011-8-11 11776]
S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-11 5434368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-27 19456]
S3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter;C:\Windows\System32\drivers\RTL8192cu.sys [2010-8-12 748648]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-14 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-14 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-14 740864]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-27 57856]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-8-14 1255736]
S3 WinRing0_1_2_0;WinRing0_1_2_0;C:\Program Files (x86)\IObit\Game Booster\Driver\WinRing0x64.sys [2012-5-1 14544]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-11 389120]
S3 ZTEusbvoice;ZTE VoUSB Port;C:\Windows\System32\drivers\zteusbvoice.sys [2011-8-11 121344]
S3 ZTEusbwwan;ZTE MBN Miniport;C:\Windows\System32\drivers\ZTEusbwwan.sys [2011-4-9 235008]
.
=============== Created Last 30 ================
.
2012-12-18 21:31:55 -------- d-----w- C:\Windows\ERUNT
2012-12-18 21:31:51 -------- d-----w- C:\JRT
2012-12-18 04:42:32 -------- d-----w- C:\Program Files (x86)\ESET
2012-12-17 02:21:57 -------- d-----w- C:\Users\Scott\AppData\Roaming\AVG2013
2012-12-17 02:13:40 -------- d-----w- C:\Users\Scott\AppData\Roaming\TuneUp Software
2012-12-17 02:12:15 -------- d-----w- C:\ProgramData\AVG2013
2012-12-17 01:55:35 -------- d-----w- C:\Users\Scott\AppData\Local\MFAData
2012-12-17 01:55:35 -------- d-----w- C:\Users\Scott\AppData\Local\Avg2013
2012-12-17 01:14:51 1034216 ----a-w- C:\Windows\System32\npDeployJava1.dll
2012-12-17 01:14:45 108008 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2012-12-17 01:14:15 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2012-12-16 23:29:39 -------- d-----w- C:\ProgramData\SecTaskMan
2012-12-16 23:29:34 -------- d-----w- C:\Program Files (x86)\Security Task Manager
2012-12-16 06:07:38 -------- d-sh--w- C:\$RECYCLE.BIN
2012-12-16 05:52:43 98816 ----a-w- C:\Windows\sed.exe
2012-12-16 05:52:43 256000 ----a-w- C:\Windows\PEV.exe
2012-12-16 05:52:43 208896 ----a-w- C:\Windows\MBR.exe
2012-12-16 05:52:41 -------- d-s---w- C:\ComboFix
2012-12-16 05:41:59 -------- d-----w- C:\TDSSKiller_Quarantine
2012-12-16 02:03:27 -------- d-----w- C:\Program Files\Enigma Software Group
2012-12-16 02:03:15 -------- d-----w- C:\Windows\83B952C7F8F34CA3B4C533C85B24E478.TMP
2012-12-16 02:03:13 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2012-12-16 00:36:27 -------- d-----w- C:\Users\Scott\AppData\Roaming\SUPERAntiSpyware.com
2012-12-16 00:36:21 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2012-12-16 00:36:21 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2012-12-15 23:57:28 135168 --sha-r- C:\Windows\SysWow64\olepro323.dll
2012-12-15 00:04:41 -------- d-----w- C:\Windows\Migration
2012-12-14 00:05:05 58368 ----a-w- C:\Windows\System32\ncobjapi.dll
2012-12-14 00:05:01 74240 ----a-w- C:\Windows\System32\wbem\NCProv.dll
2012-12-14 00:05:01 46080 ----a-w- C:\Windows\SysWow64\ncobjapi.dll
2012-12-14 00:00:19 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-12-13 23:59:29 424960 ----a-w- C:\Windows\System32\KernelBase.dll
2012-12-13 22:49:35 96224 ----a-w- C:\Program Files (x86)\Mozilla Firefox\webapprt-stub.exe
2012-12-10 20:46:48 -------- d-----w- C:\ProgramData\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF}
2012-12-04 03:33:57 -------- d-----w- C:\Users\Scott\AppData\Roaming\HpUpdate
2012-11-30 02:24:23 -------- d-----w- C:\Users\Scott\AppData\Local\MetaGeek,_LLC
2012-11-30 02:23:01 -------- d-----w- C:\Program Files (x86)\MetaGeek
2012-11-28 00:06:43 -------- d-----w- C:\Users\Scott\AppData\Roaming\Origin
2012-11-28 00:06:42 -------- d-----w- C:\Users\Scott\AppData\Local\Origin
2012-11-28 00:05:12 -------- d-----w- C:\Program Files (x86)\Origin
2012-11-27 03:04:24 -------- d-----w- C:\Users\Scott\AppData\Local\HP
2012-11-27 02:36:37 -------- d-----w- C:\ProgramData\WEBREG
2012-11-27 02:33:23 -------- d-----w- C:\Program Files (x86)\Common Files\HP
2012-11-27 02:28:26 230400 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\hpzppw71.dll
2012-11-27 02:18:41 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2012-11-27 02:18:41 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2012-11-27 02:18:40 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2012-11-27 02:18:40 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2012-11-27 02:18:40 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2012-11-27 02:18:40 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2012-11-27 02:18:40 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2012-11-27 02:01:56 -------- d-----w- C:\Program Files\HP
2012-11-27 02:00:53 642360 ----a-w- C:\Windows\System32\hpzids40.dll
2012-11-26 03:32:20 -------- d-----w- C:\Users\Scott\.yawcam
2012-11-26 03:32:08 -------- d-----w- C:\Program Files (x86)\Yawcam
2012-11-26 03:30:56 -------- d-----w- C:\ProgramData\Caphyon
2012-11-26 03:30:42 -------- d-----w- C:\ProgramData\regid.2012-03.ch.seiz
2012-11-26 03:30:41 -------- d-----w- C:\ProgramData\Seiz System Engineering
2012-11-26 03:30:41 -------- d-----w- C:\Program Files (x86)\AbelCam
2012-11-26 03:29:33 -------- d-----w- C:\Users\Scott\AppData\Roaming\Seiz System Engineering
2012-11-26 01:27:17 -------- d-----w- C:\Program Files (x86)\TightVNC
2012-11-26 01:14:32 -------- d-----w- C:\Users\Scott\AppData\Roaming\UltraVNC
2012-11-26 00:57:52 -------- d-----w- C:\Program Files\uvnc bvba
.
==================== Find3M ====================
.
2012-12-17 01:14:42 916456 ----a-w- C:\Windows\System32\deployJava1.dll
2012-12-17 01:14:13 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2012-12-17 01:14:13 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-12-12 23:45:31 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-12 23:45:31 697272 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-11-28 05:39:46 561664 ----a-w- C:\Windows\apppatch\AcLayers.dll
2012-11-28 05:39:46 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2012-11-28 05:39:46 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2012-11-22 03:26:40 3149824 ----a-w- C:\Windows\System32\win32k.sys
2012-11-19 10:13:07 217088 ----a-w- C:\Windows\SysWow64\BlueCiucc.dll
2012-11-14 06:11:44 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-11-14 06:04:11 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-11-14 06:02:49 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-11-14 05:57:46 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-11-14 05:57:35 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-11-14 05:52:40 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-11-14 02:09:22 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-11-14 01:58:15 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-11-14 01:57:37 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-11-14 01:49:25 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-11-14 01:48:27 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-11-09 05:45:09 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-11-09 04:42:49 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-11-05 21:35:16 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-11-05 20:41:32 367616 ----a-w- C:\Windows\System32\atmfd.dll
2012-11-05 20:32:16 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-11-05 20:32:09 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-11-02 05:59:11 478208 ----a-w- C:\Windows\System32\dpnet.dll
2012-11-02 05:11:31 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll
2012-10-22 02:02:44 154464 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
2012-10-17 22:10:37 43520 ----a-w- C:\Windows\SysWow64\CmdLineExt03.dll
2012-10-14 16:48:50 63328 ----a-w- C:\Windows\System32\drivers\avgidsha.sys
2012-10-12 23:42:24 1659760 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2012-10-12 23:42:15 245760 ----a-w- C:\Windows\System32\OxpsConverter.exe
2012-10-12 23:42:05 574464 ----a-w- C:\Windows\System32\d3d10level9.dll
2012-10-12 23:42:05 490496 ----a-w- C:\Windows\SysWow64\d3d10level9.dll
2012-10-12 23:41:42 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys
2012-10-12 23:41:42 41472 ----a-w- C:\Windows\System32\drivers\rndismpx.sys
2012-10-12 23:41:42 41472 ----a-w- C:\Windows\System32\drivers\RNDISMP.sys
2012-10-09 18:17:13 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll
2012-10-09 18:17:13 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll
2012-10-09 17:40:31 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40:31 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll
2012-10-04 17:46:16 362496 ----a-w- C:\Windows\System32\wow64win.dll
2012-10-04 17:46:15 243200 ----a-w- C:\Windows\System32\wow64.dll
2012-10-04 17:46:15 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2012-10-04 17:45:55 215040 ----a-w- C:\Windows\System32\winsrv.dll
2012-10-04 17:43:28 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2012-10-04 16:47:41 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2012-10-04 16:47:41 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2012-10-04 16:32:50 111456 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys
2012-10-04 15:21:55 338432 ----a-w- C:\Windows\System32\conhost.exe
2012-10-04 14:46:46 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2012-10-04 14:46:46 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2012-10-04 14:46:44 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2012-10-04 14:46:43 2048 ----a-w- C:\Windows\SysWow64\user.exe
2012-10-04 14:41:50 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-10-04 14:41:50 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-04 14:41:50 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-10-04 14:41:50 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-10-03 17:56:54 1914248 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-10-03 17:44:21 70656 ----a-w- C:\Windows\System32\nlaapi.dll
2012-10-03 17:44:21 303104 ----a-w- C:\Windows\System32\nlasvc.dll
2012-10-03 17:44:17 246272 ----a-w- C:\Windows\System32\netcorehc.dll
2012-10-03 17:44:17 18944 ----a-w- C:\Windows\System32\netevent.dll
2012-10-03 17:44:16 216576 ----a-w- C:\Windows\System32\ncsi.dll
2012-10-03 17:42:16 569344 ----a-w- C:\Windows\System32\iphlpsvc.dll
2012-10-03 16:42:24 18944 ----a-w- C:\Windows\SysWow64\netevent.dll
2012-10-03 16:42:24 175104 ----a-w- C:\Windows\SysWow64\netcorehc.dll
2012-10-03 16:42:23 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll
2012-10-03 16:07:26 45568 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys
2012-10-01 16:30:38 185696 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
2012-09-29 08:54:26 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
.
============= FINISH: 11:12:46.83 ===============

----------------------------------------------------------------------------------------------------------------------------------------

Thank-you to anyone that is prepared to read this and give me a hand in trying to correct this issue,as i am sure there are more important things to be doing at this time of year! merry christmas all and stay safe!

Attached Files



BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,178 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:10:14 AM

Posted 26 December 2012 - 12:45 AM

Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your malware problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.




These are the programs I would like you to run next, if you have any problems with these just skip it and run the next one.

-Security Check-

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

-AdwCleaner-

  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

--RogueKiller--

  • Download & SAVE to your Desktop RogueKiller or from here
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic


Please Only Copy And Paste Reports Into Topic - Do Not Attach

My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 ahscotty

ahscotty
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Hobart , Tasmania ,Australia
  • Local time:12:14 AM

Posted 30 December 2012 - 08:05 PM

Hi Gringo ,thanks for your fast response,unfortunately i have been away for a few days,but i have replied asap ! ;here are the results/logs that you asked for, i did not run into any problems along the way so thankyou.

----------------------------------------------------------------------------------------
security checkup result:

Results of screen317's Security Check version 0.99.56
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Security Center service is not running! This report may not be accurate!
Windows Firewall Enabled!
AVG Anti-Virus Free Edition 2012
Antivirus out of date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.65.1.1000
JavaFX 2.1.1
Java™ 6 Update 26
Java 7 Update 9
Adobe Flash Player 11.5.502.135
Adobe Reader 10.1.4 Adobe Reader out of Date!
Mozilla Firefox (17.0.1)
Mozilla Thunderbird (6.0). Thunderbird out of Date!
````````Process Check: objlist.exe by Laurent````````
AVG avgwdsvc.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````


---------------------------------------------------------------------------------------

AdwCleaner result :


# AdwCleaner v2.104 - Logfile created 12/31/2012 at 11:44:38
# Updated 29/12/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Scott - ASSMAN
# Boot Mode : Normal
# Running from : C:\Users\Scott\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Folder Deleted : C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc

***** [Registry] *****

Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\Google\Chrome\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{76C45B18-A29E-43EA-AAF8-AF55C2E1AE17}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7CD74AFF-3433-4E34-92E2-D98DFDB30754}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{96EF404C-24C7-43D0-9096-4CCC8BB7CCAC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97720195-206A-42AE-8E65-260B9BA5589F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{986F7A5A-9676-47E1-8642-F41F8C3FCF82}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B18788A4-92BD-440E-A4D1-380C36531119}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v17.0.1 (en-US)

File : C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\tnsuyyoj.default-1355635460383\prefs.js

[OK] File is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [2550 octets] - [31/12/2012 11:44:38]

########## EOF - C:\AdwCleaner[S1].txt - [2610 octets] ##########



--------------------------------------------------------------------------------------

Rogue Killer Report :


RogueKiller V8.4.1 [Dec 28 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Scott [Admin rights]
Mode : Remove -- Date : 12/31/2012 11:56:47

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 12 ¤¤¤
[TASK][SUSP PATH] {352145AC-E5AC-4019-96BB-6ECBC7E6DCC6} : C:\Users\Scott\Desktop\pinsetup.exe -> DELETED
[TASK][SUSP PATH] {4147FE3D-4DA2-48AA-892E-1F1E2581D338} : C:\Users\Scott\Desktop\pinsetup.exe -> DELETED
[TASK][SUSP PATH] {48013AC3-AD20-4634-8606-812C160F598A} : C:\Users\Scott\Desktop\pinsetup.exe -> DELETED
[TASK][SUSP PATH] {59FF3B93-72B9-44F3-9647-F66168174E3E} : C:\Users\Scott\Desktop\pinsetup.exe -> DELETED
[TASK][SUSP PATH] {7C9389BB-E3FF-4518-8DEE-2D6718F9811B} : C:\Users\Scott\Desktop\pinsetup.exe -> DELETED
[TASK][SUSP PATH] {F02F955C-7692-4573-88BD-BFE384CF7206} : C:\Users\Scott\Desktop\pinsetup.exe -> DELETED
[DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{819F8855-9B50-4E10-A141-310A74360604} : NameServer (10.143.147.147 10.143.147.148) -> NOT REMOVED, USE DNSFIX
[DNS] HKLM\[...]\ControlSet002\Services\Tcpip\Interfaces\{819F8855-9B50-4E10-A141-310A74360604} : NameServer (10.143.147.147 10.143.147.148) -> NOT REMOVED, USE DNSFIX
[HJPOL] HKCU\[...]\System : DisableTaskMgr (0) -> DELETED
[HJPOL] HKCU\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts



¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST9320325AS +++++
--- User ---
[MBR] a07fa2e107140eab2397167f346fd2f9
[BSP] 29e9958209a7a88caa24cab209830685 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 282050 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 578048000 | Size: 22891 Mo
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 624928768 | Size: 103 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: SD Card +++++
--- User ---
[MBR] e7c4811166bab12f5c19592cc9af1009
[BSP] df4f83c1f72e36823a12b0dfc7617313 : MBR Code unknown
Partition table:
0 - [XXXXXX] FAT16 (0x06) [VISIBLE] Offset (sectors): 129 | Size: 1909 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Finished : << RKreport[2]_D_12312012_02d1156.txt >>
RKreport[1]_S_12312012_02d1156.txt ; RKreport[2]_D_12312012_02d1156.txt



-----------------------------------------------------------------------------------

Thanks again Gringo ,you rock !

#4 ahscotty

ahscotty
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Hobart , Tasmania ,Australia
  • Local time:12:14 AM

Posted 30 December 2012 - 08:27 PM

I have just done a few searches using Google in Firefox ,and i don't seem to be getting redirected ,i am over the moon,hope it doesn't come back! I still have the problem of the little flag down the bottom of the desktop saying "solve PC issue" ,Turn on Windows Security Center, then when i try, it says "the Windows Security Center service can't be started" i don't know if this is harmful or not ?
Great stuff Gringo ,thanks ,
Kind regards ,Ahscotty.

#5 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,178 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:10:14 AM

Posted 30 December 2012 - 09:07 PM

Hello

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic


Please Only Copy And Paste Reports Into Topic - Do Not Attach

My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#6 ahscotty

ahscotty
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Hobart , Tasmania ,Australia
  • Local time:12:14 AM

Posted 31 December 2012 - 06:55 PM

Hi gringo,I ran combofix as per your instructions,then when the PC restarted,I couldn't find a log/report anywhere. Also I can connect to my wifi but it says limited access /the connection was unsuccessful, then when I troubleshoot problem ,it says troubleshooting couldn't identify the problem. So I am posting this from my phone as my PC has no internet connection now, I have restarted the PC several times but to no avail. The network and sharing center seems to be stuck at "Identifying" under view your active networks. Windows Security Center service still can't start,I don't know what to do now ,please help! Thanks,ahscotty.

#7 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,178 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:10:14 AM

Posted 31 December 2012 - 08:42 PM

use system restore to right before we ran combofix


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic


Please Only Copy And Paste Reports Into Topic - Do Not Attach

My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#8 ahscotty

ahscotty
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Hobart , Tasmania ,Australia
  • Local time:12:14 AM

Posted 01 January 2013 - 12:51 AM

The only restore point listed is "11/08/2011 8:03:44 pm System Image Restore Point, Backup ",this restore point is on an external hdd and is named "WindowsImageBackup". I can open this folder but when I use system recovery it says "the backup drive could not be found. System Restore is looking for restore points on your backup. Make sure the drive is on and connected to this computer and then click ok". The hdd is all connected and running fine, so I don't understand why it's not working or why there is no other restore points listed. What do I do now?

#9 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,178 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:10:14 AM

Posted 01 January 2013 - 01:03 AM

I want you to navigate to this file - C:\Windows\ERDNT\hiv-backup\erdnt.exe right click on it and select run as admin
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic


Please Only Copy And Paste Reports Into Topic - Do Not Attach

My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#10 ahscotty

ahscotty
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Hobart , Tasmania ,Australia
  • Local time:12:14 AM

Posted 01 January 2013 - 01:13 AM

Ok I have done that and I have a window called ERD for Windows NT.

#11 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,178 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:10:14 AM

Posted 01 January 2013 - 01:17 AM

did it run?
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic


Please Only Copy And Paste Reports Into Topic - Do Not Attach

My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#12 ahscotty

ahscotty
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Hobart , Tasmania ,Australia
  • Local time:12:14 AM

Posted 01 January 2013 - 01:50 AM

Yes, I ran it with just the default boxes ticked and it said one file/reg entry, was missing do I want to restore it,I clicked yes and it said all was successful. I rebooted, but unfortunately still no internet connection! ?

#13 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,178 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:10:14 AM

Posted 01 January 2013 - 03:12 AM

Please download MiniToolBox, save it to your desktop and run it.Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic


Please Only Copy And Paste Reports Into Topic - Do Not Attach

My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#14 ahscotty

ahscotty
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Hobart , Tasmania ,Australia
  • Local time:12:14 AM

Posted 01 January 2013 - 03:46 AM

Couldn't download mini toolbox as I don't have an internet connection, but I already have a copy saved. I have run it and I am using my wife's pc to post this as I saved the result to sd card. The result is below. Thank you.

MiniToolBox by Farbar Version: 25-11-2012
Ran by Scott (administrator) on 01-01-2013 at 19:30:49
Running from "C:\Users\Scott\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Ralink RT5390 802.11b/g/n WiFi Adapter = Wireless Network Connection (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add route prefix=0.0.0.0/0 interface="Mobile Broadband Connection" nexthop=101.116.116.249 metric=1 publish=Yes
add address name="Mobile Broadband Connection" address=120.19.244.41 mask=255.255.255.252
add address name="Mobile Broadband Connection" address=120.17.76.41 mask=255.255.255.252
add address name="Mobile Broadband Connection" address=101.116.116.250 mask=255.255.255.252


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Assman
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 00-1B-10-00-2A-EC
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Ralink RT5390 802.11b/g/n WiFi Adapter
Physical Address. . . . . . . . . : 90-00-4E-23-22-57
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::91e1:3501:8179:5569%12(Preferred)
Autoconfiguration IPv4 Address. . : 169.254.85.105(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 2C-27-D7-C1-90-AA
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{7E6A32AE-7AB1-4E37-B1A4-2052ED09E46F}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{AE7259E5-06F5-4D3F-8697-279B2ADA9C4D}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.0.1

Ping request could not find host google.com. Please check the name and try again.
Server: UnKnown
Address: 192.168.0.1

Ping request could not find host yahoo.com. Please check the name and try again.

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
26...00 1b 10 00 2a ec ......Bluetooth Device (Personal Area Network)
12...90 00 4e 23 22 57 ......Ralink RT5390 802.11b/g/n WiFi Adapter
10...2c 27 d7 c1 90 aa ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
11...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
169.254.0.0 255.255.0.0 On-link 169.254.85.105 286
169.254.85.105 255.255.255.255 On-link 169.254.85.105 286
169.254.255.255 255.255.255.255 On-link 169.254.85.105 286
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 169.254.85.105 286
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 169.254.85.105 286
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
0.0.0.0 0.0.0.0 101.116.116.249 1
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
12 286 fe80::/64 On-link
12 286 fe80::91e1:3501:8179:5569/128
On-link
1 306 ff00::/8 On-link
12 286 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 09 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 09 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/01/2013 07:20:29 PM) (Source: Schedule) (User: )
Description: Schedule error: 10050Initialize call failed, bailing out

Error: (01/01/2013 05:42:13 PM) (Source: Schedule) (User: )
Description: Schedule error: 10050Initialize call failed, bailing out

Error: (01/01/2013 05:08:35 PM) (Source: Schedule) (User: )
Description: Schedule error: 10050Initialize call failed, bailing out

Error: (01/01/2013 04:14:38 PM) (Source: Schedule) (User: )
Description: Schedule error: 10050Initialize call failed, bailing out

Error: (01/01/2013 04:02:36 PM) (Source: Schedule) (User: )
Description: Schedule error: 10050Initialize call failed, bailing out

Error: (01/01/2013 04:00:19 PM) (Source: Schedule) (User: )
Description: Schedule error: 10050Initialize call failed, bailing out

Error: (01/01/2013 02:53:51 PM) (Source: Schedule) (User: )
Description: Schedule error: 10050Initialize call failed, bailing out

Error: (01/01/2013 11:55:48 AM) (Source: Schedule) (User: )
Description: Schedule error: 10050Initialize call failed, bailing out

Error: (01/01/2013 11:20:01 AM) (Source: Schedule) (User: )
Description: Schedule error: 10050Initialize call failed, bailing out

Error: (01/01/2013 10:22:55 AM) (Source: Schedule) (User: )
Description: Schedule error: 10050Initialize call failed, bailing out


System errors:
=============
Error: (01/01/2013 07:30:57 PM) (Source: Service Control Manager) (User: )
Description: The HTTP service failed to start due to the following error:
%%22

Error: (01/01/2013 07:28:20 PM) (Source: Service Control Manager) (User: )
Description: The SSDP Discovery service depends on the HTTP service which failed to start because of the following error:
%%22

Error: (01/01/2013 07:28:20 PM) (Source: Service Control Manager) (User: )
Description: The HTTP service failed to start due to the following error:
%%22

Error: (01/01/2013 07:28:09 PM) (Source: Service Control Manager) (User: )
Description: The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error:
%%1075

Error: (01/01/2013 07:28:09 PM) (Source: Service Control Manager) (User: )
Description: The DHCP Client service depends the following service: Afd. This service might not be installed.

Error: (01/01/2013 07:28:04 PM) (Source: Service Control Manager) (User: )
Description: The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error:
%%1075

Error: (01/01/2013 07:28:04 PM) (Source: Service Control Manager) (User: )
Description: The DHCP Client service depends the following service: Afd. This service might not be installed.

Error: (01/01/2013 07:28:04 PM) (Source: Service Control Manager) (User: )
Description: The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error:
%%1075

Error: (01/01/2013 07:28:04 PM) (Source: Service Control Manager) (User: )
Description: The DHCP Client service depends the following service: Afd. This service might not be installed.

Error: (01/01/2013 07:27:59 PM) (Source: Service Control Manager) (User: )
Description: The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error:
%%1075


Microsoft Office Sessions:
=========================
Error: (01/01/2013 07:20:29 PM) (Source: Schedule)(User: )
Description: Schedule error: 10050Initialize call failed, bailing out

Error: (01/01/2013 05:42:13 PM) (Source: Schedule)(User: )
Description: Schedule error: 10050Initialize call failed, bailing out

Error: (01/01/2013 05:08:35 PM) (Source: Schedule)(User: )
Description: Schedule error: 10050Initialize call failed, bailing out

Error: (01/01/2013 04:14:38 PM) (Source: Schedule)(User: )
Description: Schedule error: 10050Initialize call failed, bailing out

Error: (01/01/2013 04:02:36 PM) (Source: Schedule)(User: )
Description: Schedule error: 10050Initialize call failed, bailing out

Error: (01/01/2013 04:00:19 PM) (Source: Schedule)(User: )
Description: Schedule error: 10050Initialize call failed, bailing out

Error: (01/01/2013 02:53:51 PM) (Source: Schedule)(User: )
Description: Schedule error: 10050Initialize call failed, bailing out

Error: (01/01/2013 11:55:48 AM) (Source: Schedule)(User: )
Description: Schedule error: 10050Initialize call failed, bailing out

Error: (01/01/2013 11:20:01 AM) (Source: Schedule)(User: )
Description: Schedule error: 10050Initialize call failed, bailing out

Error: (01/01/2013 10:22:55 AM) (Source: Schedule)(User: )
Description: Schedule error: 10050Initialize call failed, bailing out


CodeIntegrity Errors:
===================================
Date: 2012-12-16 17:01:00.889
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-12-16 17:01:00.748
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


=========================== Installed Programs ============================

64 Bit HP CIO Components Installer (Version: 7.2.8)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
AbelCam (Version: 4.2.802)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.135)
Adobe Flash Player 11 Plugin (Version: 11.5.502.135)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Adobe Shockwave Player 11.5 (Version: 11.5.8.612)
Adobe Shockwave Player 11.6 (Version: 11.6.8.638)
Advanced SystemCare 5 (Version: 5.4.0)
Air Playit 2.0.0
ASIO4ALL (Version: 2.10)
Astro Avenger 2 (Version: 1.0.0.0)
ATI Catalyst Install Manager (Version: 3.0.790.0)
µTorrent (Version: 3.0.0)
AVG 2013 (Version: 13.0.2637)
AVG 2013 (Version: 13.0.2805)
AVG 2013 (Version: 2013.0.2805)
Bejeweled 2 Deluxe (Version: 2.2.0.95)
Bluetooth OBEX File Transfer (Version: 1.2.1.1)
Bluetooth Radar (Version: 2.2)
BufferChm (Version: 130.0.331.000)
Canon G.726 WMP-Decoder (Version: 1.1.0.4)
Canon MovieEdit Task for ZoomBrowser EX (Version: 2.6.0.4)
Canon RAW Image Task for ZoomBrowser EX (Version: 2.6.0.13)
Canon Utilities CameraWindow (Version: 7.1.0.2)
Canon Utilities CameraWindow DC (Version: 7.1.0.7)
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (Version: 6.4.2.16)
Canon Utilities Digital Photo Professional 3.0 (Version: 3.0.2.6)
Canon Utilities EOS Utility (Version: 2.0.2.26)
Canon Utilities MyCamera (Version: 6.4.0.5)
Canon Utilities MyCamera DC (Version: 7.0.1.8)
Canon Utilities PhotoStitch (Version: 3.1.21.45)
Canon Utilities RemoteCapture Task for ZoomBrowser EX (Version: 1.7.1.9)
Canon Utilities WFT-E1/E2 Utility (Version: 3.0.1.14)
Canon Utilities ZoomBrowser EX (Version: 6.1.0.20)
Canon ZoomBrowser EX Memory Card Utility (Version: 1.1.0.8)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2010.0909.1412.23625)
Catalyst Control Center Graphics Previews Vista (Version: 2010.0909.1412.23625)
Catalyst Control Center InstallProxy (Version: 2010.0909.1412.23625)
Catalyst Control Center Localization All (Version: 2010.0909.1412.23625)
ccc-core-static (Version: 2010.0909.1412.23625)
ccc-utility64 (Version: 2010.0909.1412.23625)
CCC Help Chinese Standard (Version: 2010.0909.1411.23625)
CCC Help Chinese Traditional (Version: 2010.0909.1411.23625)
CCC Help Czech (Version: 2010.0909.1411.23625)
CCC Help Danish (Version: 2010.0909.1411.23625)
CCC Help Dutch (Version: 2010.0909.1411.23625)
CCC Help English (Version: 2010.0909.1411.23625)
CCC Help Finnish (Version: 2010.0909.1411.23625)
CCC Help French (Version: 2010.0909.1411.23625)
CCC Help German (Version: 2010.0909.1411.23625)
CCC Help Greek (Version: 2010.0909.1411.23625)
CCC Help Hungarian (Version: 2010.0909.1411.23625)
CCC Help Italian (Version: 2010.0909.1411.23625)
CCC Help Japanese (Version: 2010.0909.1411.23625)
CCC Help Korean (Version: 2010.0909.1411.23625)
CCC Help Norwegian (Version: 2010.0909.1411.23625)
CCC Help Polish (Version: 2010.0909.1411.23625)
CCC Help Portuguese (Version: 2010.0909.1411.23625)
CCC Help Russian (Version: 2010.0909.1411.23625)
CCC Help Spanish (Version: 2010.0909.1411.23625)
CCC Help Swedish (Version: 2010.0909.1411.23625)
CCC Help Thai (Version: 2010.0909.1411.23625)
CCC Help Turkish (Version: 2010.0909.1411.23625)
CCleaner (Version: 3.25)
Classic FTP
D3DX10 (Version: 15.4.2368.0902)
D5300 (Version: 130.0.365.000)
D5300_Help (Version: 100.0.206.000)
DAEMON Tools Lite (Version: 4.45.4.0315)
DeepBurner v1.9.0.228
DeviceDiscovery (Version: 130.0.465.000)
DirectX Media Runtime 5.1
Doxillion Document Converter
DVD Decrypter (Remove Only)
DVD Menu Pack for HP MediaSmart Video (Version: 4.2.4412)
DVD Shrink 3.2
EA Download Manager (Version: 7.2.0.32)
Energy Star Digital Logo (Version: 1.0.1)
ESET Online Scanner v3
ESU for Microsoft Windows 7 (Version: 1.0.0)
Express Rip
Fences Pro (Version: 1.0.1.312)
Fences Pro (Version: 1.0.1.312.19219)
ffdshow [rev 3154] [2009-12-09] (Version: 1.0)
Final Drive Nitro (Version: 2.2.0.95)
FL Studio 10
FMS
Free AVI MPEG WMV MP4 FLV Video Joiner 4.1.5
Free Fire Screensaver
Game Booster 3 (Version: 3.5)
Gamer Toolkit (Version: 2.1.3)
GLSetup
Google Earth (Version: 6.2.2.6613)
Google Talk Plugin (Version: 3.10.2.10212)
Google Update Helper (Version: 1.3.21.123)
GPBaseService2 (Version: 130.0.371.000)
Grand Master Chess 3
Guitar Pro 4.0
Guitar Pro 6
HP 3D DriveGuard (Version: 4.0.10.1)
HP Auto (Version: 1.0.12494.3472)
HP Client Services (Version: 1.0.12656.3472)
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Documentation (Version: 1.2.0.0)
HP DVB-T TV Tuner 8.0.64.43 (Version: 8.0.64.43)
HP Games (Version: 1.0.1.5)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP MediaSmart DVD (Version: 4.2.4521)
HP MediaSmart Live TV (Version: 3.1.3003)
HP MediaSmart Movies and TV (Version: 1.0.1.2)
HP MediaSmart Music (Version: 4.2.4604)
HP MediaSmart Photo (Version: 4.2.4513)
HP MediaSmart SmartMenu (Version: 3.1.2.2)
HP MediaSmart Video (Version: 4.2.4522)
HP MediaSmart Webcam (Version: 4.2.3303)
HP Photo Creations (Version: 1.0.0.4042)
HP Photosmart Essential 3.5 (Version: 3.5)
HP Photosmart Printer Driver Software 13.0 Rel. 2 (Version: 13.0)
HP Power Manager (Version: 1.2.3)
HP Product Detection (Version: 11.14.0004)
HP Quick Launch (Version: 2.4.4)
HP Setup (Version: 8.4.4400.3525)
HP Setup Manager (Version: 1.0.12844.3519)
HP SimplePass Identity Protection (Version: 5.20.205)
HP Smart Web Printing 4.51 (Version: 4.51)
HP Software Framework (Version: 4.1.6.1)
HP Solution Center 13.0 (Version: 13.0)
HP Support Assistant (Version: 6.1.12.1)
HP Update (Version: 5.003.001.001)
HP Wireless Assistant (Version: 4.0.10.0)
HPPhotoGadget (Version: 130.0.282.000)
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000)
HPPhotosmartEssential (Version: 2.04.0000)
HPProductAssistant (Version: 130.0.371.000)
HPSSupply (Version: 130.0.371.000)
IDT Audio (Version: 1.0.6292.0)
IL Download Manager
ImgBurn (Version: 2.5.5.0)
inSSIDer (Version: 2.1.6)
Intel® Management Engine Components (Version: 7.0.0.1118)
Intel® Rapid Storage Technology (Version: 10.0.0.1046)
Java 7 Update 9 (64-bit) (Version: 7.0.90)
Java 7 Update 9 (Version: 7.0.90)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 26 (Version: 6.0.260)
Java™ 6 Update 31 (64-bit) (Version: 6.0.310)
JavaFX 2.1.1 (Version: 2.1.1)
Junk Mail filter update (Version: 15.4.3502.0922)
LabelPrint (Version: 2.5.3220)
LADSPA_plugins-win-0.4.15
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
MarketResearch (Version: 130.0.374.000)
Max Payne 3 (Version: 1.0.0.0)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Camera Codec Pack (Version: 16.0.0652.0621)
Microsoft Expression Encoder 4 (Version: 4.0.3205.0)
Microsoft Expression Encoder 4 Screen Capture Codec (Version: 4.0.3205.0)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Office Word Viewer 2003 (Version: 11.0.8173.0)
Microsoft PowerPoint Viewer (Version: 14.0.6029.1000)
Microsoft SharedView (Version: 8.0.5725.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (Version: 3.5.8080.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual J# 2.0 Redistributable Package
Microsoft Visual J# 2.0 Redistributable Package (Version: 2.0.50727)
Movie Theme Pack for HP MediaSmart Video (Version: 4.2.4412)
Mozilla Firefox 17.0.1 (x86 en-US) (Version: 17.0.1)
Mozilla Maintenance Service (Version: 17.0.1)
Mozilla Thunderbird (6.0) (Version: 6.0 (en-US))
MSVC80_x64_v2 (Version: 1.0.3.0)
MSVC80_x86_v2 (Version: 1.0.3.0)
MSVC90_x64 (Version: 1.0.1.2)
MSVC90_x86 (Version: 1.0.1.2)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
Network64 (Version: 130.0.572.000)
Network64 (Version: 140.0.221.000)
Nokia Connectivity Cable Driver (Version: 7.1.45.0)
OpenAL
Origin (Version: 9.0.15.65)
Paint.NET v3.10 (Version: 3.10.0)
PC Connectivity Solution (Version: 11.4.21.0)
PC Suite (Version: 12.08.134)
PictureMover (Version: 3.5.0.33)
PitchPerfect Musical Instrument Tuner
Player
Power Tab Editor 1.7 (Version: 1.7.0)
Power2Go (Version: 6.1.4419)
PowerDirector (Version: 8.0.3320)
PS_SF_02_ProductContext (Version: 130.0.365.000)
PS_SF_02_Software (Version: 130.0.365.000)
PS_SF_02_Software_Min (Version: 130.0.365.000)
PunkBuster Services (Version: 0.986)
PX Profile Update (Version: 1.00.1.)
Quick Media Converter
Ralink RT5390 802.11b/g/n WiFi Adapter (Version: 3.01.18.0)
RC Helicopter (Version: 1.0)
Realtek Ethernet Controller Driver For Windows 7 (Version: 7.23.623.2010)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30122)
Recovery Manager (Version: 5.5.3223)
Rockstar Games Social Club (Version: 1.0.9.5)
Sauerbraten
Security Task Manager 1.8d (Version: 1.8d)
Shop for HP Supplies (Version: 13.0)
Smart Defrag 2 (Version: 2.1)
SmartWebPrinting (Version: 130.0.457.000)
SoftStylus (Version: 2.2.135.3)
SolutionCenter (Version: 130.0.373.000)
Sony USB Driver
Sony Vegas Pro 8.0 (Version: 8.0.260)
Sothink SWF Editor version 1.0 (Version: 1.0)
SoundTap Streaming Audio Recorder
Status (Version: 130.0.469.000)
Steam (Version: 1.0.0.0)
Streamripper (Remove only)
SUPERAntiSpyware (Version: 5.6.1014)
SWF Decompiler Premium Free Version 2.2.2.15
Switch Sound File Converter
swMSM (Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 15.3.29.0)
t6config
TempoPerfect Metronome Software
TheSkyX First Light Edition (Version: 10.0.2)
TightVNC 1.3.10 (Version: 1.3.10)
Toolbox (Version: 130.0.648.000)
TrayApp (Version: 130.0.422.000)
Trials 2 Second Edition
Ubisoft Game Launcher (Version: 1.0.0.0)
Ultra Video Joiner 6.1.0108
Unified Remote (Version: 2.6.1.0)
UnloadSupport (Version: 11.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Validity Sensors DDK (Version: 4.1.139.0)
Vidis Lite (Version: 1.3)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
VLC media player 2.0.4 (Version: 2.0.4)
WavePad Sound Editor
WCL Phone Explorer 2.0.2.0 (Version: 2.0.2.0)
WebReg (Version: 130.0.132.017)
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0) (Version: 08/22/2008 7.0.0.0)
Windows Driver Package - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (Version: 09/09/2009 1.0.0.0)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR 4.01 (64-bit) (Version: 4.01.0)
X-Lite (Version: 50.6.7284)
Xfire (remove only)
Yahoo! Detect
Yawcam 0.3.9

========================= Devices: ================================

Name: Communications Port (COM18)
Description: Communications Port
Class Guid: {4d36e978-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard port types)
Service: Serial
Problem: : Windows cannot determine the settings for this device. Consult the documentation that came with this device and use the Resource tab to set the configuration. (Code 34)
Resolution: The device requires manual configuration. See the hardware documentation or contact the hardware vendor for instructions on manually configuring the device. After you configure the device itself, you can use the "Resources" tab in Device Manager to configure the resource settings in Windows.

Name: Communications Port (COM19)
Description: Communications Port
Class Guid: {4d36e978-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard port types)
Service: Serial
Problem: : Windows cannot determine the settings for this device. Consult the documentation that came with this device and use the Resource tab to set the configuration. (Code 34)
Resolution: The device requires manual configuration. See the hardware documentation or contact the hardware vendor for instructions on manually configuring the device. After you configure the device itself, you can use the "Resources" tab in Device Manager to configure the resource settings in Windows.

Name: HTTP
Description: HTTP
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: HTTP
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


========================= Memory info: ===================================

Percentage of memory in use: 25%
Total physical RAM: 8173.86 MB
Available physical RAM: 6054.27 MB
Total Pagefile: 23172.05 MB
Available Pagefile: 20674.66 MB
Total Virtual: 4095.88 MB
Available Virtual: 3966.64 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:275.44 GB) (Free:46.82 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:22.35 GB) (Free:3.26 GB) NTFS
5 Drive g: () (Fixed) (Total:931.51 GB) (Free:331.34 GB) NTFS
6 Drive k: () (Removable) (Total:1.86 GB) (Free:0.98 GB) FAT

========================= Users: ========================================

User accounts for \\

Administrator ASPNET Guest
Scott

========================= Minidump Files ==================================

No minidump file found


**** End of log ****

#15 ahscotty

ahscotty
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Hobart , Tasmania ,Australia
  • Local time:12:14 AM

Posted 01 January 2013 - 03:54 AM

Sorry,I just noticed that it seems to have fixed the "Windows Security Center can't start " problem (awesome! ), as the action center (the flag icon) has no current issues detected. I still have no internet connection though!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users