Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Getting constant BSOD occurrances and can only boot in safe mode


  • This topic is locked This topic is locked
3 replies to this topic

#1 Lyssfrgr

Lyssfrgr

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:45 PM

Posted 14 July 2011 - 07:37 PM

I have been having major problems with my computer. I had the BSOD twice yesterday, as well as a few other times. I am now unable to boot in normal mode, and am stuck in safe mode. When I try to boot in normal mode, my desktop shows up, but I am unable to do anything and then the screen goes black with an error code I wish I had written down. I can not get into a lot of my files as they are locked and even when I take ownership and change privileges, it still says access denied. I will admit up front that I did/do have p2p programs on my system. I have tried uninstalling them, but nothing happens! Below is the DDS log I just ran. I have not included a GMER log since the last time I tried to run it, my computer crashed. I can try again, but I really wanted to get this posted as soon as I could to start somewhere. Any help would be greatly appreciated. Thank you so much in advance!

DDS (Ver_2011-07-14.01) - NTFS_AMD64 NETWORK
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_26
Run by Alyssa at 20:15:36 on 2011-07-14
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3933.2370 [GMT -4:00]
.
AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
AV: AVG Internet Security 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Internet Security 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
FW: AVG Firewall *Enabled* {621CC794-9486-F902-D092-0484E8EA828B}
.
============== Running Processes ===============
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
C:\windows\Explorer.EXE
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
C:\windows\system32\ctfmon.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SmcGui.exe
C:\windows\system32\wbem\unsecapp.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\ProtectionUtilSurrogate.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AWSC.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Sophos\Sophos Anti-Rootkit\sargui.exe
C:\windows\SysWOW64\DllHost.exe
C:\Users\Alyssa\AppData\Local\Temp\~nsu.tmp\Au_.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\windows\SysWOW64\NOTEPAD.EXE
C:\windows\explorer.exe
C:\windows\explorer.exe
C:\windows\explorer.exe
C:\windows\SysWOW64\NOTEPAD.EXE
C:\windows\system32\NOTEPAD.EXE
C:\Program Files (x86)\Cobian Backup 10\Cobian.exe
C:\Program Files (x86)\Cobian Backup 10\cbInterface.exe
C:\Users\Alyssa\Downloads\Defogger(2).exe
C:\windows\system32\conhost.exe
C:\windows\system32\conhost.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
uURLSearchHooks: AVG Security Toolbar BHO: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll
mURLSearchHooks: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - <orphaned>
dURLSearchHooks: AVG Security Toolbar BHO: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar BHO: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} -
TB: AVG Security Toolbar: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll
TB: AVG Security Toolbar: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe
mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
mRun: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
mRunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
TCP: NameServer = 192.168.15.1
TCP: Interfaces\{8685EAEB-7A9D-44DF-91C1-93DDA2A53965} : DHCPNameServer = 192.168.15.1
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg pku2u livessp
x64-mSearchAssistant = hxxp://www.yahoo.com
x64-mCustomizeSearch = hxxp://www.yahoo.com
x64-BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - <orphaned>
x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgppa.dll
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Alyssa\AppData\Roaming\Mozilla\Firefox\Profiles\2bqv3bnc.default\
FF - prefs.js: browser.search.selectedEngine - AVG Secure Search
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4e02b478&v=7.005.030.004&i=26&tp=ab&iy=&ychte=us&lng=en-US&q=
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;C:\windows\System32\drivers\AVGIDSEH.sys [2011-2-22 26704]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\windows\System32\drivers\avgrkx64.sys [2011-3-16 37456]
R0 Lbd;Lbd;C:\windows\System32\drivers\Lbd.sys [2011-7-14 69376]
R0 PxHlpa64;PxHlpa64;C:\windows\System32\drivers\PxHlpa64.sys [2011-4-30 55856]
R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\windows\System32\drivers\tos_sps64.sys [2011-4-30 482384]
R1 Avgfwfd;AVG network filter service;C:\windows\System32\drivers\avgfwd6a.sys [2010-7-12 57696]
R1 Avgtdia;AVG TDI Driver;C:\windows\System32\drivers\avgtdia.sys [2011-4-5 377936]
R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\System32\drivers\vwififlt.sys [2009-7-13 59904]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-5-4 128384]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-6-20 2151640]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2011-4-30 215040]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11bg 54Mbps USB 2.0 Network Adapter;C:\windows\System32\drivers\RTL8187B.sys [2011-4-30 446976]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\windows\System32\drivers\vwifimp.sys [2009-7-13 17920]
R4 Symantec AntiVirus;Symantec Endpoint Protection;C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe [2011-5-4 2440632]
S0 TfFsMon;TfFsMon;C:\windows\System32\drivers\TfFsMon.sys [2011-7-14 65072]
S0 TfSysMon;TfSysMon;C:\windows\System32\drivers\TfSysMon.sys [2011-7-14 74824]
S1 Avgldx64;AVG AVI Loader Driver;C:\windows\System32\drivers\avgldx64.sys [2011-1-7 304720]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\windows\System32\drivers\avgmfx64.sys [2011-3-1 41552]
S1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2010-2-17 14920]
S1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2010-2-17 12360]
S2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG10\avgfws.exe [2011-3-9 2708024]
S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2011-4-18 7398752]
S2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [2011-2-8 269520]
S2 cbVSCService;Cobian Backup 10 Volume Shadow Copy service;C:\Program Files (x86)\Cobian Backup 10\cbVSCService.exe [2011-7-14 67584]
S2 cfWiMAXService;ConfigFree WiMAX Service;C:\Program Files (x86)\Toshiba\ConfigFree\CFIWmxSvcs64.exe [2009-8-10 248688]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 ConfigFree Gadget Service;ConfigFree Gadget Service;C:\Program Files (x86)\Toshiba\ConfigFree\CFProcSRVC.exe [2009-7-14 42368]
S2 ConfigFree Service;ConfigFree Service;C:\Program Files (x86)\Toshiba\ConfigFree\CFSvcs.exe [2009-3-10 46448]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-4-30 135664]
S2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-5-28 1153368]
S2 ThreatFire;ThreatFire;C:\Program Files (x86)\ThreatFire\TFService.exe service --> C:\Program Files (x86)\ThreatFire\TFService.exe service [?]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [2011-6-22 1025352]
S3 AVGIDSDriver;AVGIDSDriver;C:\windows\System32\drivers\AVGIDSDriver.sys [2011-4-14 118864]
S3 AVGIDSFilter;AVGIDSFilter;C:\windows\System32\drivers\AVGIDSFilter.sys [2011-2-10 29264]
S3 COH_Mon;COH_Mon;C:\windows\System32\drivers\COH_Mon.sys [2011-5-4 25424]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-5-21 136824]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-4-30 135664]
S3 MEMSWEEP2;MEMSWEEP2;C:\windows\System32\78F9.tmp [2011-7-14 6144]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2011-4-30 222208]
S3 TfNetMon;TfNetMon;C:\windows\System32\drivers\TfNetMon.sys [2011-7-14 41888]
S3 TMachInfo;TMachInfo;C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe [2011-4-30 54136]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-8-3 137560]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2011-5-10 51712]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2011-5-2 1255736]
.
=============== Created Last 30 ================
.
2011-07-15 00:10:02 -------- d-----w- C:\Users\Alyssa\AppData\Local\Safe mirror
2011-07-15 00:07:18 -------- d-----w- C:\Program Files (x86)\Cobian Backup 10
2011-07-14 22:51:14 6144 ------w- C:\windows\System32\78F9.tmp
2011-07-14 22:37:24 6144 ------w- C:\windows\System32\CD5D.tmp
2011-07-14 22:37:03 -------- d-----w- C:\Program Files (x86)\Sophos
2011-07-14 05:19:46 69376 ----a-w- C:\windows\System32\drivers\Lbd.sys
2011-07-14 05:19:39 -------- d-----w- C:\Program Files (x86)\Lavasoft
2011-07-14 05:18:56 74824 ----a-w- C:\windows\System32\drivers\TfSysMon.sys
2011-07-14 05:18:56 65072 ----a-w- C:\windows\System32\drivers\TfFsMon.sys
2011-07-14 05:18:56 41888 ----a-w- C:\windows\System32\drivers\TfNetMon.sys
2011-07-14 05:18:54 -------- d-----w- C:\ProgramData\PC Tools
2011-07-14 05:18:54 -------- d-----w- C:\Program Files (x86)\ThreatFire
2011-07-14 01:13:14 -------- d-----w- C:\Program Files (x86)\ESET
2011-07-13 23:20:50 -------- d-----w- C:\ProgramData\SecTaskMan
2011-07-13 23:20:45 -------- d-----w- C:\Program Files (x86)\Security Task Manager
2011-07-13 03:36:12 696832 ----a-w- C:\windows\System32\xvidcore.dll
2011-07-13 03:36:12 645632 ----a-w- C:\windows\SysWow64\xvidcore.dll
2011-07-13 03:36:12 255488 ----a-w- C:\windows\System32\xvidvfw.dll
2011-07-13 03:36:12 240640 ----a-w- C:\windows\SysWow64\xvidvfw.dll
2011-07-13 03:36:12 173568 ----a-w- C:\windows\System32\xvid.ax
2011-07-13 03:36:12 153088 ----a-w- C:\windows\SysWow64\xvid.ax
2011-07-12 23:24:59 338944 ----a-w- C:\windows\System32\conhost.exe
2011-07-12 23:24:59 25600 ----a-w- C:\windows\SysWow64\setup16.exe
2011-07-12 23:24:59 243200 ----a-w- C:\windows\System32\wow64.dll
2011-07-12 23:24:59 214528 ----a-w- C:\windows\System32\winsrv.dll
2011-07-12 23:24:58 7680 ----a-w- C:\windows\SysWow64\instnm.exe
2011-07-12 23:24:58 5120 ----a-w- C:\windows\SysWow64\wow32.dll
2011-07-12 23:24:58 16384 ----a-w- C:\windows\System32\ntvdm64.dll
2011-07-12 23:24:58 14336 ----a-w- C:\windows\SysWow64\ntvdm64.dll
2011-07-12 23:24:58 13312 ----a-w- C:\windows\System32\wow64cpu.dll
2011-07-12 23:24:50 2048 ----a-w- C:\windows\SysWow64\user.exe
2011-07-09 19:04:02 -------- d-----w- C:\Program Files (x86)\SelectRebates
2011-07-09 06:36:47 -------- d-----w- C:\Users\Alyssa\AppData\Local\DDMSettings
2011-07-09 06:29:24 -------- d-----w- C:\Program Files\DivX
2011-07-09 06:29:14 -------- d-----w- C:\Program Files (x86)\Common Files\DivX Shared
2011-07-09 06:24:40 -------- d-----w- C:\Program Files (x86)\DivX
2011-07-09 06:23:43 -------- d-----w- C:\ProgramData\DivX
2011-07-06 05:26:18 -------- d-----w- C:\Program Files\iPod
2011-07-06 05:26:17 -------- d-----w- C:\Program Files\iTunes
2011-07-06 05:26:17 -------- d-----w- C:\Program Files (x86)\iTunes
2011-07-06 03:50:02 2106216 ----a-w- C:\Program Files (x86)\Mozilla Firefox\D3DCompiler_43.dll
2011-07-06 03:50:02 1998168 ----a-w- C:\Program Files (x86)\Mozilla Firefox\d3dx9_43.dll
2011-07-06 02:00:21 -------- d-----w- C:\Program Files (x86)\Driver-Soft
2011-07-06 01:59:09 -------- d-----w- C:\Program Files (x86)\Superfish
2011-07-06 01:59:09 -------- d-----w- C:\Program Files (x86)\StartNow Toolbar
2011-07-05 17:26:45 -------- d--h--w- C:\$AVG
2011-07-01 05:59:16 -------- d-----w- C:\Users\Alyssa\AppData\Local\{BA044584-419F-4DAE-B429-728D628D9B77}
2011-07-01 05:59:16 -------- d-----w- C:\Users\Alyssa\AppData\Local\{23EF4BFB-E0FC-4988-B27C-C36EC63BB863}
2011-06-28 04:33:53 -------- d-----w- C:\Program Files (x86)\Common Files\eSellerate
2011-06-28 04:33:49 -------- d-----w- C:\Program Files (x86)\Chess Buddy Yahoo
2011-06-26 08:19:36 -------- d-----w- C:\Users\Alyssa\AppData\Roaming\SoMud
2011-06-25 02:20:05 -------- d-----w- C:\Users\Alyssa\AppData\Local\{34FFC964-C03F-4CC4-83BE-D73EEB18BF3D}
2011-06-25 02:18:53 -------- d-----w- C:\Users\Alyssa\AppData\Local\{104246FD-1D01-4B7D-AA7F-E4AE823BA70A}
2011-06-25 02:18:19 -------- d-----w- C:\Users\Alyssa\AppData\Local\{E3851C12-EF11-42CA-A58E-52F547670602}
2011-06-24 07:33:07 -------- d-----w- C:\Users\Alyssa\AppData\Local\{78CB17B6-B9B7-4383-96B5-6466562B7BFE}
2011-06-24 04:08:55 -------- d-----w- C:\Program Files (x86)\Conduit
2011-06-24 04:08:49 0 ----a-w- C:\windows\SysWow64\ConduitEngine.tmp
2011-06-24 04:08:49 -------- d-----w- C:\Program Files (x86)\ConduitEngine
2011-06-24 04:08:48 -------- d-----w- C:\Users\Alyssa\AppData\Local\Conduit
2011-06-24 04:08:46 -------- d-----w- C:\Program Files (x86)\uTorrentBar
2011-06-24 01:58:59 -------- d-----w- C:\Program Files (x86)\Coupons
2011-06-24 01:33:41 -------- d-----w- C:\REMEMBER_ME
2011-06-23 22:12:41 -------- d-----w- C:\Users\Alyssa\AppData\Local\{7F5FF291-8D4D-4F4E-B50F-E89AF11A20CB}
2011-06-23 22:04:43 -------- d-----w- C:\Users\Alyssa\AppData\Roaming\HandBrake
2011-06-23 22:04:43 -------- d-----w- C:\Users\Alyssa\AppData\Local\HandBrake
2011-06-23 22:04:31 -------- d-----w- C:\Program Files (x86)\Handbrake
2011-06-23 21:56:42 -------- d-----w- C:\Users\Alyssa\AppData\Roaming\AVS4YOU
2011-06-23 21:55:16 10833920 ----a-w- C:\windows\SysWow64\libmfxsw32.dll
2011-06-23 21:55:15 10915840 ----a-w- C:\windows\SysWow64\libmfxhw32.dll
2011-06-23 21:55:07 -------- d-----w- C:\Program Files (x86)\Common Files\AVSMedia
2011-06-23 21:54:41 24576 ----a-w- C:\windows\SysWow64\msxml3a.dll
2011-06-23 21:54:41 1700352 ----a-w- C:\windows\SysWow64\GdiPlus.dll
2011-06-23 21:54:40 -------- d-----w- C:\ProgramData\AVS4YOU
2011-06-23 21:54:40 -------- d-----w- C:\Program Files (x86)\AVS4YOU
2011-06-23 20:34:30 -------- d-----w- C:\HANNIBAL
2011-06-23 03:42:25 -------- d-----w- C:\Users\Alyssa\AppData\Local\AVG Security Toolbar
2011-06-23 03:36:27 -------- d-----w- C:\Users\Alyssa\AppData\Roaming\AVG10
2011-06-23 03:35:20 -------- d-----w- C:\ProgramData\AVG Security Toolbar
2011-06-23 03:35:03 -------- d-----w- C:\windows\SysWow64\drivers\AVG
2011-06-23 03:34:06 -------- d-----w- C:\windows\System32\drivers\AVG
2011-06-23 03:34:06 -------- d-----w- C:\ProgramData\AVG10
2011-06-23 03:33:21 -------- d-----w- C:\Program Files (x86)\AVG
2011-06-23 01:44:13 -------- d--h--w- C:\ProgramData\Common Files
2011-06-23 00:12:33 -------- d-----w- C:\ProgramData\MFAData
2011-06-21 22:40:22 -------- d-----w- C:\Users\Alyssa\AppData\Local\Windows Live Writer
2011-06-21 22:40:21 -------- d-----w- C:\Users\Alyssa\AppData\Roaming\Windows Live Writer
2011-06-21 20:05:50 -------- d-----w- C:\windows\en
2011-06-21 20:03:45 69464 ----a-w- C:\windows\SysWow64\XAPOFX1_3.dll
2011-06-21 20:03:45 523088 ----a-w- C:\windows\System32\d3dx10_42.dll
2011-06-21 20:03:45 515416 ----a-w- C:\windows\SysWow64\XAudio2_5.dll
2011-06-21 20:03:45 453456 ----a-w- C:\windows\SysWow64\d3dx10_42.dll
2011-06-21 06:27:54 -------- d-sh--w- C:\$RECYCLE.BIN
2011-06-21 06:09:20 98816 ----a-w- C:\windows\sed.exe
2011-06-21 06:09:20 256512 ----a-w- C:\windows\PEV.exe
2011-06-21 06:09:20 208896 ----a-w- C:\windows\MBR.exe
2011-06-21 06:04:31 -------- d-----w- C:\ComboFix
2011-06-21 05:53:08 -------- d-----w- C:\Users\Alyssa\AppData\Roaming\SUPERAntiSpyware.com
2011-06-21 05:53:08 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2011-06-21 05:47:56 -------- d-----w- C:\ProgramData\!SASCORE
2011-06-21 05:47:50 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2011-06-21 05:21:29 55384 ----a-w- C:\windows\System32\drivers\SBREDrv.sys
2011-06-21 05:16:19 388096 ----a-r- C:\Users\Alyssa\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-06-21 05:16:19 -------- d-----w- C:\Program Files (x86)\Trend Micro
2011-06-21 03:56:15 -------- d-----w- C:\Users\Alyssa\AppData\Local\NPE
2011-06-21 03:41:21 -------- d-----w- C:\Program Files (x86)\Xvid
2011-06-20 17:02:17 -------- d-----w- C:\ProgramData\Nero
2011-06-20 16:40:06 -------- d-----w- C:\Program Files (x86)\Free Offers from Freeze.com
2011-06-19 00:15:48 -------- d-----w- C:\Users\Alyssa\AppData\Roaming\IrfanView
2011-06-19 00:15:47 -------- d-----w- C:\Program Files (x86)\IrfanView
2011-06-18 01:57:55 476904 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
2011-06-18 01:57:55 472808 ----a-w- C:\windows\SysWow64\deployJava1.dll
2011-06-18 01:38:24 -------- d-----w- C:\ProgramData\AIM
2011-06-18 01:38:20 -------- d-----w- C:\Program Files (x86)\AIM
2011-06-18 01:38:19 -------- d-----w- C:\Program Files (x86)\Common Files\Software Update Utility
2011-06-18 01:20:24 -------- d-----w- C:\Users\Alyssa\AppData\Roaming\AOL
2011-06-18 01:20:00 -------- d-----w- C:\ProgramData\Viewpoint
2011-06-18 01:19:58 -------- d-----w- C:\Program Files (x86)\Viewpoint
2011-06-18 01:19:57 58696 ----a-w- C:\windows\SysWow64\AOLParconLink.exe
2011-06-18 01:18:58 24064 ----a-w- C:\windows\System32\drivers\wanatw64.sys
2011-06-18 01:18:02 -------- d-----w- C:\Program Files (x86)\Common Files\AOL
2011-06-18 01:18:01 -------- d-----w- C:\Program Files (x86)\Common Files\aolshare
2011-06-18 01:18:01 -------- d-----w- C:\Program Files (x86)\AOL Desktop 9.6
2011-06-18 00:28:47 -------- d-----w- C:\Users\Alyssa\AppData\Roaming\mIRC
2011-06-18 00:28:46 -------- d-----w- C:\Program Files (x86)\mIRC
2011-06-16 20:03:00 -------- d-sh--w- C:\windows\SysWow64\%APPDATA%
2011-06-16 06:01:40 91568 ----a-w- C:\windows\System32\drivers\scdemu.sys
2011-06-16 06:01:40 -------- d-----w- C:\Program Files (x86)\PowerISO
2011-06-16 05:54:59 -------- d-----w- C:\Program Files (x86)\SlySoft
2011-06-16 05:02:56 -------- d-----w- C:\Party_Monster
2011-06-16 04:39:49 102400 ----a-w- C:\windows\System32\drivers\dfsc.sys
2011-06-16 04:39:48 499712 ----a-w- C:\windows\System32\drivers\afd.sys
2011-06-16 04:39:48 1896832 ----a-w- C:\windows\System32\drivers\tcpip.sys
2011-06-16 04:39:32 287744 ----a-w- C:\windows\System32\drivers\mrxsmb10.sys
2011-06-16 04:39:31 157696 ----a-w- C:\windows\System32\drivers\mrxsmb.sys
2011-06-16 04:39:31 126464 ----a-w- C:\windows\System32\drivers\mrxsmb20.sys
2011-06-16 04:38:00 197120 ----a-w- C:\windows\System32\d3d10_1.dll
2011-06-16 04:38:00 161792 ----a-w- C:\windows\SysWow64\d3d10_1.dll
2011-06-16 04:37:58 461312 ----a-w- C:\windows\System32\drivers\srv.sys
2011-06-16 04:37:58 399872 ----a-w- C:\windows\System32\drivers\srv2.sys
2011-06-16 04:37:58 161792 ----a-w- C:\windows\System32\drivers\srvnet.sys
2011-06-16 04:37:52 861184 ----a-w- C:\windows\System32\oleaut32.dll
2011-06-16 04:37:51 571904 ----a-w- C:\windows\SysWow64\oleaut32.dll
2011-06-16 04:37:50 976896 ----a-w- C:\windows\System32\inetcomm.dll
2011-06-16 04:37:50 740864 ----a-w- C:\windows\SysWow64\inetcomm.dll
2011-06-16 03:31:15 -------- d-----w- C:\NO_LABEL
2011-06-16 03:13:24 -------- d-----w- C:\Party Monster
2011-06-16 03:12:16 -------- d-----w- C:\Program Files (x86)\DVD Decrypter
2011-06-16 03:09:20 -------- d-----w- C:\Users\Alyssa\AppData\Roaming\RipIt4Me
.
==================== Find3M ====================
.
2011-07-06 23:52:42 41272 ----a-w- C:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-07-06 23:52:42 25912 ----a-w- C:\windows\System32\drivers\mbam.sys
2011-07-06 03:53:38 404640 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-06-11 02:56:44 3134464 ----a-w- C:\windows\System32\win32k.sys
2011-06-02 17:53:02 94208 ----a-w- C:\windows\SysWow64\dpl100.dll
2011-06-02 06:45:22 362496 ----a-w- C:\windows\System32\wow64win.dll
2011-06-02 06:39:54 422400 ----a-w- C:\windows\System32\KernelBase.dll
2011-06-02 05:56:28 44032 ----a-w- C:\windows\apppatch\acwow64.dll
2011-06-02 05:54:50 272384 ----a-w- C:\windows\SysWow64\KernelBase.dll
2011-06-02 03:45:49 6144 ---ha-w- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2011-06-02 03:45:49 4608 ---ha-w- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2011-06-02 03:45:49 3584 ---ha-w- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2011-06-02 03:45:49 3072 ---ha-w- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2011-05-24 11:21:59 404992 ----a-w- C:\windows\System32\umpnpmgr.dll
2011-05-24 10:34:20 64512 ----a-w- C:\windows\SysWow64\devobj.dll
2011-05-24 10:34:20 44544 ----a-w- C:\windows\SysWow64\devrtl.dll
2011-05-24 10:34:00 145920 ----a-w- C:\windows\SysWow64\cfgmgr32.dll
2011-05-24 10:32:46 252928 ----a-w- C:\windows\SysWow64\drvinst.exe
2011-05-10 12:06:08 51712 ----a-w- C:\windows\System32\drivers\usbaapl64.sys
2011-05-10 12:06:08 4517664 ----a-w- C:\windows\System32\usbaaplrc.dll
2011-05-04 22:00:49 172080 ----a-w- C:\windows\System32\drivers\SYMEVENT64x86.SYS
2011-05-04 15:31:04 52784 ----a-w- C:\windows\System32\drivers\WPSDRVnt.sys
2011-05-04 15:31:04 137544 ----a-w- C:\windows\SysWow64\SymVPN.dll
2011-05-04 15:31:04 137544 ----a-w- C:\windows\System32\SymVPN.dll
2011-05-04 15:31:02 89088 ----a-w- C:\windows\SysWow64\atl71.dll
2011-05-04 15:31:02 49480 ----a-w- C:\windows\SysWow64\FwsVpn.dll
2011-05-04 15:31:01 480304 ----a-w- C:\windows\SysWow64\drivers\srtspl64.sys
2011-05-04 15:31:01 480304 ----a-w- C:\windows\System32\drivers\srtspl64.sys
2011-05-04 15:31:01 441904 ----a-w- C:\windows\SysWow64\drivers\srtsp64.sys
2011-05-04 15:31:01 441904 ----a-w- C:\windows\System32\drivers\srtsp64.sys
2011-05-04 15:31:01 32304 ----a-w- C:\windows\SysWow64\drivers\srtspx64.sys
2011-05-04 15:31:01 32304 ----a-w- C:\windows\System32\drivers\srtspx64.sys
2011-05-04 15:30:56 62512 ----a-w- C:\windows\System32\drivers\Teefer2.sys
2011-05-04 15:30:48 25424 ----a-w- C:\windows\System32\drivers\COH_Mon.sys
2011-05-04 05:30:38 2326016 ----a-w- C:\windows\System32\tquery.dll
2011-05-04 05:28:07 779264 ----a-w- C:\windows\System32\mssvp.dll
2011-05-04 05:28:07 2228224 ----a-w- C:\windows\System32\mssrch.dll
2011-05-04 05:28:06 75264 ----a-w- C:\windows\System32\msscntrs.dll
2011-05-04 05:28:06 491520 ----a-w- C:\windows\System32\mssph.dll
2011-05-04 05:28:06 288256 ----a-w- C:\windows\System32\mssphtb.dll
2011-05-04 05:24:09 593408 ----a-w- C:\windows\System32\SearchIndexer.exe
2011-05-04 05:24:09 249856 ----a-w- C:\windows\System32\SearchProtocolHost.exe
2011-05-04 05:24:09 113664 ----a-w- C:\windows\System32\SearchFilterHost.exe
2011-05-04 04:53:10 1553920 ----a-w- C:\windows\SysWow64\tquery.dll
2011-05-04 04:52:59 666624 ----a-w- C:\windows\SysWow64\mssvp.dll
2011-05-04 04:52:59 59392 ----a-w- C:\windows\SysWow64\msscntrs.dll
2011-05-04 04:52:59 337408 ----a-w- C:\windows\SysWow64\mssph.dll
2011-05-04 04:52:59 197120 ----a-w- C:\windows\SysWow64\mssphtb.dll
2011-05-04 04:52:59 1401856 ----a-w- C:\windows\SysWow64\mssrch.dll
2011-05-04 04:52:12 86528 ----a-w- C:\windows\SysWow64\SearchFilterHost.exe
2011-05-04 04:52:12 428032 ----a-w- C:\windows\SysWow64\SearchIndexer.exe
2011-05-04 04:52:12 164352 ----a-w- C:\windows\SysWow64\SearchProtocolHost.exe
2011-04-22 20:18:47 27008 ----a-w- C:\windows\System32\drivers\Diskdump.sys
.
============= FINISH: 20:16:01.07 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,726 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:12:45 AM

Posted 17 July 2011 - 04:35 PM

Hi Lyssfrgr and welcome to Bleeping Computer.

If you have not resolved the issue please update me on the current condition of your computer.

#3 Lyssfrgr

Lyssfrgr
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:45 PM

Posted 17 July 2011 - 05:33 PM

Thank you for getting back to me, but I had to restore back to factory settings. Whatever was infecting my system made it so I couldn't boot in safe mode or normal mode. Also, when I tried to restore to a previous date, it informed me that all of my drivers would be gone. I wish I knew what it was, but it's too late now :(

#4 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,726 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:12:45 AM

Posted 17 July 2011 - 05:42 PM

Thanks for letting me know and glad it is resolved anyway.:)

This thread will now be closed since the issue seems to be resolved.

If you should have a new issue, please start a new topic.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users