Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer will only start with desktop background, nothing will load


  • This topic is locked This topic is locked
41 replies to this topic

#1 Chelle2006

Chelle2006

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:05:35 PM

Posted 18 March 2013 - 12:02 AM

I have been having multiple problems with my computer hanging on shut down and start up. I recently ran malware bytes and it came back with 1 item which I removed. About 10 minutes later my computer froze and I had to hard restart. Upon start up the screen was completely blank. The cursor moves but the desktop icons, task bar, and start up are all gone. control alt delete does not bring up the task manager. I loaded in safe mode to pull of the task manager and tried explorer.exe but nothing happened. 

 

I have run diagnostics and nothing comes up. I have tried last good known configuration and still it just loads a background and cursor with nothing else. 

 

I think there is some malware involved but I am pretty new to this so I thought I would try this. I went through the preparation guide and I am crossing my fingers that someone has a solution. Thank you!

 

Here is the DDS text

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 NETWORK
Internet Explorer: 8.0.7601.17514  BrowserJavaVersion: 10.7.2
Run by Michelle at 0:45:48 on 2013-03-18
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.8046.6796 [GMT 
 
-4:00]
.
AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {9FF26384-70D4-
 
CE6B-3ECB-E759A6A40116}
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-
 
8DC619EFD8BF}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-
 
B6B462689202}
SP: Lavasoft Ad-Watch Live! *Enabled/Updated* {24938260-56EE-C1E5-047B-
 
DC2BDD234BAB}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-
 
24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AWSC.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?
 
brand=SNNT&bmod=SNNT
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?
 
brand=SNNT&bmod=SNNT
mWinlogon: Userinit = userinit.exe
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program 
 
Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:
 
\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:
 
\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program 
 
Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll
BHO: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - 
 
C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ips
 
\ipsbho.dll
BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files 
 
(x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - 
 
C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program 
 
Files\Alwil Software\Avast5\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - 
 
C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live
 
\WindowsLiveLogin.dll
BHO: {9D425283-D487-4337-BAB6-AB8354A81457} - <orphaned>
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:
 
\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-
 
0445EE161910} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX
 
\AcroIEFavClient.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:
 
\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - 
 
C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - 
 
C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: MSN Toolbar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program 
 
Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - 
 
C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - c:\Program 
 
Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program 
 
Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files 
 
(x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\Program Files 
 
(x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files 
 
(x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\Program Files 
 
(x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files 
 
(x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll
TB: MSN Toolbar: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files 
 
(x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files
 
\Alwil Software\Avast5\aswWebRepIE.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files 
 
(x86)\Google\Google Toolbar\GoogleToolbar_32.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:
 
\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:
 
\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier
 
\GoogleToolbarNotifier.exe"
uRun: [CAHeadless] c:\Program Files (x86)\Adobe\Elements Organizer 
 
8.0\CAHeadless\ElementsAutoAnalyzer.exe
mRun: [WD Drive Unlocker] C:\Program Files (x86)\Western Digital\WD Security
 
\WDDriveAutoUnlock.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM
 
\1.0\AdobeARM.exe"
mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' 
 
Anti-Malware\mbamgui.exe /install /silent
StartupFolder: C:\Users\Michelle\AppData\Roaming\MICROS~1\Windows
 
\STARTM~1\Programs\Startup\FACEBO~1.LNK - C:\Users\Michelle\AppData\Local
 
\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: HideFastUserSwitching = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: Append Link Target to Existing PDF - c:\Program Files (x86)\Common Files
 
\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\Program Files (x86)\Common Files\Adobe
 
\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\Program Files (x86)\Common Files
 
\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\Program Files (x86)\Common Files\Adobe\Acrobat
 
\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth 
 
Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth 
 
Software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-
 
E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer
 
\WriterBrowserExtension.dll
IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-
 
Packard\SmartPrint\smartprintsetup.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-
 
F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-
 
5D6374584B52} - C:\Program Files (x86)\Microsoft Office
 
\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-
 
AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer
 
\skypeieplugin.dll
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM
 
\Bluetooth Software\btsendto_ie.htm
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-
 
2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing
 
\hpswp_BHO.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-
 
206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - 
 
hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} - 
 
hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
DPF: {5D6F45B3-9043-443D-A792-115447494D24} - 
 
hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/uno1/
 
GAME_UNO1.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - 
 
hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - 
 
hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - 
 
hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - 
 
hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - 
 
hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{597649FD-27A4-4D35-AFDB-8328C72AAAD8} : DHCPNameServer = 
 
192.168.0.2
TCP: Interfaces\{F1AB48D3-620A-412A-B77D-05020B395317} : DHCPNameServer = 
 
75.75.75.75 75.75.76.76
TCP: Interfaces\{F1AB48D3-620A-412A-B77D-05020B395317}\14D234550505 : 
 
DHCPNameServer = 192.168.1.1
TCP: Interfaces\{F1AB48D3-620A-412A-B77D-05020B395317}\C656F6E6075726C69636 : 
 
DHCPNameServer = 198.180.240.3 204.194.36.14
TCP: Interfaces\{F1AB48D3-620A-412A-B77D-05020B395317}\E6564776561627 : 
 
DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files 
 
(x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:
 
\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program 
 
Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files 
 
(x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: VESWinlogon - VESWinlogon.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files 
 
(x86)\Google\Chrome\Application\25.0.1364.172\Installer\chrmstp.exe" --
 
configure-user-settings --verbose-logging --system-level --multi-install --
 
chrome
x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program 
 
Files\Alwil Software\Avast5\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-
 
5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live
 
\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:
 
\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} 
 
- C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-
 
42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-
 
9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program 
 
Files\Alwil Software\Avast5\aswWebRepIE64.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program 
 
Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-
 
F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-
 
5D6374584B52} - C:\Program Files\Microsoft Office
 
\Office14\ONBttnIELinkedNotes.dll
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM
 
\Bluetooth Software\btsendto_ie.htm
x64-DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - 
 
hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - 
 
hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program 
 
Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - 
 
<orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Michelle\AppData\Roaming\Mozilla\Firefox
 
\Profiles\488w7m44.default\
FF - prefs.js: browser.search.defaulturl - 
 
hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2611275&SearchSource=3&q=
 
{searchTerms}
FF - prefs.js: browser.search.selectedEngine -  
FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/?ref=hp
FF - prefs.js: keyword.URL - chrome://browser-region/locale/region.properties
FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-
 
85EF591126E7}\NIS_18.5.0.125\coFFPlgn\components\coFFPlgn.dll
FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-
 
85EF591126E7}\NIS_18.5.0.125\IPSFFPlgn\components\IPSFFPl.dll
FF - component: C:\Users\Michelle\AppData\Roaming\Mozilla\Firefox\Profiles
 
\488w7m44.default\extensions\{7b13ec3e-999a-4b70-b9cb-
 
2617b8323822}\components\FFExternalAlert.dll
FF - component: C:\Users\Michelle\AppData\Roaming\Mozilla\Firefox\Profiles
 
\488w7m44.default\extensions\{7b13ec3e-999a-4b70-b9cb-
 
2617b8323822}\components\RadioWMPCore.dll
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update
 
\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin
 
\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight
 
\5.1.10516.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins
 
\npCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins
 
\npMozCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\MSN Toolbar\Platform
 
\4.0.0357.1\npwinext.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Michelle\AppData\Local\Facebook\Messenger
 
\2.1.4651.0\npFbDesktopPlugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: !HIDDEN! 2012-01-08 19:41; smartwebprinting@hp.com; C:\Program 
 
Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false
============= SERVICES / DRIVERS ===============
.
R0 Lbd;Lbd;C:\Windows\System32\drivers\Lbd.sys [2010-9-1 69152]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-8-18 
 
55280]
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers
 
\NISx64\1207020.003\symds64.sys [2012-6-11 450680]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers
 
\NISx64\1207020.003\symefa64.sys [2012-6-11 912504]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files 
 
(x86)\Lavasoft\Ad-Aware\AAWService.exe [2010-8-12 1737728]
R2 rimspci;rimspci;C:\Windows\System32\drivers\rimssne64.sys [2010-4-26 
 
93696]
R2 risdsnpe;risdsnpe;C:\Windows\System32\drivers\risdsne64.sys [2010-4-26 
 
75776]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers
 
\HECIx64.sys [2010-4-26 56344]
R3 SFEP;Sony Firmware Extension Parser;C:\Windows\System32\drivers\SFEP.sys 
 
[2010-4-26 11392]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:
 
\Windows\System32\drivers\yk62x64.sys [2010-4-26 395264]
S1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2011-4-18 984144]
S1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2010-10-27 364096]
S1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-
 
85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20110430.001\BHDrvx64.sys 
 
[2011-5-2 1127032]
S1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-
 
85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20110429.002\IDSviA64.sys 
 
[2011-4-30 476792]
S1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers
 
\NISx64\1207020.003\ironx64.sys [2012-6-11 171128]
S1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers
 
\NISx64\1207020.003\symnets.sys [2012-6-11 386168]
S2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;C:\Program Files 
 
(x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-9-6 
 
169312]
S2 AMD External Events Utility;AMD External Events Utility;C:\Windows
 
\System32\atiesrxx.exe [2010-10-8 202752]
S2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2010-10-27 
 
25232]
S2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2010-10-27 
 
71600]
S2 avast! Antivirus;avast! Antivirus;C:\Program Files\Alwil Software
 
\Avast5\AvastSvc.exe [2012-10-25 44808]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN 
 
v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 
 
[2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN 
 
v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 
 
[2010-3-18 138576]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files 
 
(x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-4-26 
 
13336]
S2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-
 
Malware\mbamscheduler.exe [2013-3-17 398184]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware
 
\mbamservice.exe [2013-3-17 682344]
S2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet 
 
Security\Engine\18.7.2.3\ccsvchst.exe [2012-6-11 130008]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony
 
\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224]
S2 regi;regi;C:\Windows\System32\drivers\regi.sys [2010-8-18 14112]
S2 Roxio Upnp Server 10;Roxio Upnp Server 10;C:\Program Files (x86)\Roxio
 
\Digital Home 10\RoxioUpnpService10.exe [2009-8-31 362992]
S2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot 
 
- Search & Destroy\SDWinSec.exe [2010-8-25 1153368]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe 
 
[2012-7-13 160944]
S2 SOHCImp;VAIO Media plus Content Importer;C:\Program Files (x86)\Common 
 
Files\Sony Shared\SOHLib\SOHCImp.exe [2010-8-18 120104]
S2 SOHDBSvr;VAIO Media plus Database Manager;C:\Program Files (x86)\Common 
 
Files\Sony Shared\SOHLib\SOHDBSvr.exe [2010-8-18 70952]
S2 SOHDms;VAIO Media plus Digital Media Server;C:\Program Files (x86)\Common 
 
Files\Sony Shared\SOHLib\SOHDms.exe [2010-8-18 427304]
S2 SOHDs;VAIO Media plus Device Searcher;C:\Program Files (x86)\Common Files
 
\Sony Shared\SOHLib\SOHDs.exe [2010-8-18 75048]
S2 SOHPlMgr;VAIO Media plus Playlist Manager;C:\Program Files (x86)\Common 
 
Files\Sony Shared\SOHLib\SOHPlMgr.exe [2010-8-18 91432]
S2 uCamMonitor;CamMonitor;C:\Program Files (x86)\ArcSoft\Magic-i Visual 
 
Effects 2\uCamMonitor.exe [2010-8-18 104960]
S2 UNS;Intel® Management & Security Application User Notification 
 
Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components
 
\UNS\UNS.exe [2010-4-26 2320920]
S2 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony 
 
Shared\VAIO Content Folder Watcher\VCFw.exe [2009-9-14 642416]
S2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program 
 
Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-8-18 
 
480624]
S2 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;C:
 
\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe 
 
[2010-8-18 361840]
S2 WDBackup;WD Backup;C:\Program Files (x86)\Western Digital\WD SmartWare
 
\WDBackupEngine.exe [2012-9-19 1157056]
S2 WDDriveService;WD Drive Manager;C:\Program Files (x86)\Western Digital\WD 
 
Drive Manager\WDDriveService.exe [2012-9-6 248248]
S2 WDRulesService;WD Rules;C:\Program Files (x86)\Western Digital\WD 
 
SmartWare\WDRulesEngine.exe [2012-9-19 1177536]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows
 
\System32\drivers\ArcSoftKsUFilter.sys [2010-8-18 19968]
S3 btusbflt;Bluetooth USB Filter;C:\Windows\System32\drivers\btusbflt.sys 
 
[2010-4-26 52264]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys 
 
[2010-4-26 35104]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common 
 
Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-5-2 132656]
S3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-4-26 151936]
S3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys 
 
[2010-4-26 244736]
S3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-3-
 
17 24176]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows
 
\System32\drivers\rdpvideominiport.sys [2012-11-28 19456]
S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;C:\Program Files 
 
(x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-8-31 313840]
S3 SampleCollector;Intel® Sample Collector;C:\Program Files\Sony\VAIO Care
 
\collsvc.exe [2010-8-18 167424]
S3 Sockblkd;Sockblkd;C:\Program Files\Extegrity\Exam4\Sockblkd.sys [2010-11-
 
26 6784]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-28 
 
57856]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers
 
\usbaapl64.sys [2012-2-15 52736]
S3 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO 
 
Power Management\SPMService.exe [2010-8-18 571248]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common 
 
Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-8-18 110960]
S3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update Common\VUAgent.exe 
 
[2011-9-23 1429608]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows
 
\System32\Wat\WatAdminSvc.exe [2010-8-28 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys 
 
[2008-5-6 14464]
.
=============== Created Last 30 ================
.
2013-03-18 04:24:28 76232 ----a-w- C:\ProgramData\Microsoft
 
\Windows Defender\Definition Updates\{77B6AA6B-853A-4714-A627-
 
5ED1FAD07CBD}\offreg.dll
2013-03-18 03:21:30 0 ----a-w- C:\Windows
 
\System32\winlog.exe
2013-03-17 22:46:19 -------- d-----w- C:\Users\Michelle
 
\AppData\Roaming\Malwarebytes
2013-03-17 22:46:09 -------- d-----w- C:\ProgramData
 
\Malwarebytes
2013-03-17 22:46:07 24176 ----a-w- C:\Windows\System32\drivers
 
\mbam.sys
2013-03-17 22:46:07 -------- d-----w- C:\Program Files 
 
(x86)\Malwarebytes' Anti-Malware
2013-03-17 22:35:34 9162192 ----a-w- C:\ProgramData\Microsoft
 
\Windows Defender\Definition Updates\{77B6AA6B-853A-4714-A627-
 
5ED1FAD07CBD}\mpengine.dll
2013-02-27 08:01:31 2284544 ----a-w- C:\Windows
 
\SysWow64\msmpeg2vdec.dll
.
==================== Find3M  ====================
.
2013-03-13 04:14:22 73432 ----a-w- C:\Windows
 
\SysWow64\FlashPlayerCPLApp.cpl
2013-03-13 04:14:22 693976 ----a-w- C:\Windows
 
\SysWow64\FlashPlayerApp.exe
2013-02-28 13:57:26 1188864 ----a-w- C:\Windows
 
\System32\wininet.dll
2013-02-28 13:37:29 981504 ----a-w- C:\Windows
 
\SysWow64\wininet.dll
2013-02-28 12:03:52 1638912 ----a-w- C:\Windows
 
\System32\mshtml.tlb
2013-02-28 11:38:43 1638912 ----a-w- C:\Windows
 
\SysWow64\mshtml.tlb
2013-02-12 05:45:24 135168 ----a-w- C:\Windows\apppatch
 
\AppPatch64\AcXtrnal.dll
2013-02-12 05:45:22 350208 ----a-w- C:\Windows\apppatch
 
\AppPatch64\AcLayers.dll
2013-02-12 05:45:22 308736 ----a-w- C:\Windows\apppatch
 
\AppPatch64\AcGenral.dll
2013-02-12 05:45:22 111104 ----a-w- C:\Windows\apppatch
 
\AppPatch64\acspecfc.dll
2013-02-12 04:48:31 474112 ----a-w- C:\Windows\apppatch
 
\AcSpecfc.dll
2013-02-12 04:48:26 2176512 ----a-w- C:\Windows\apppatch
 
\AcGenral.dll
2013-01-17 06:28:58 273840 ------w- C:\Windows
 
\System32\MpSigStub.exe
2013-01-13 21:17:03 9728 ---ha-w- C:\Windows\SysWow64\api-ms-
 
win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 21:17:02 2560 ---ha-w- C:\Windows\SysWow64\api-ms-
 
win-downlevel-normaliz-l1-1-0.dll
2013-01-13 21:16:42 10752 ---ha-w- C:\Windows\SysWow64\api-ms-
 
win-downlevel-advapi32-l1-1-0.dll
2013-01-13 21:12:46 3584 ---ha-w- C:\Windows\SysWow64\api-ms-
 
win-downlevel-advapi32-l2-1-0.dll
2013-01-13 21:11:21 4096 ---ha-w- C:\Windows\SysWow64\api-ms-
 
win-downlevel-user32-l1-1-0.dll
2013-01-13 21:11:08 5632 ---ha-w- C:\Windows\SysWow64\api-ms-
 
win-downlevel-ole32-l1-1-0.dll
2013-01-13 21:11:07 5632 ---ha-w- C:\Windows\SysWow64\api-ms-
 
win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 21:11:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-
 
win-downlevel-version-l1-1-0.dll
2013-01-13 21:11:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-
 
win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:35:31 9728 ---ha-w- C:\Windows\System32\api-ms-
 
win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 20:35:31 2560 ---ha-w- C:\Windows\System32\api-ms-
 
win-downlevel-normaliz-l1-1-0.dll
2013-01-13 20:35:18 10752 ---ha-w- C:\Windows\System32\api-ms-
 
win-downlevel-advapi32-l1-1-0.dll
2013-01-13 20:32:07 3584 ---ha-w- C:\Windows\System32\api-ms-
 
win-downlevel-advapi32-l2-1-0.dll
2013-01-13 20:31:48 4096 ---ha-w- C:\Windows\System32\api-ms-
 
win-downlevel-user32-l1-1-0.dll
2013-01-13 20:31:41 5632 ---ha-w- C:\Windows\System32\api-ms-
 
win-downlevel-ole32-l1-1-0.dll
2013-01-13 20:31:40 5632 ---ha-w- C:\Windows\System32\api-ms-
 
win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 20:31:40 3072 ---ha-w- C:\Windows\System32\api-ms-
 
win-downlevel-version-l1-1-0.dll
2013-01-13 20:31:40 3072 ---ha-w- C:\Windows\System32\api-ms-
 
win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:31:00 1247744 ----a-w- C:\Windows
 
\SysWow64\DWrite.dll
2013-01-13 20:22:22 1988096 ----a-w- C:\Windows
 
\SysWow64\d3d10warp.dll
2013-01-13 20:20:31 293376 ----a-w- C:\Windows\SysWow64\dxgi.dll
2013-01-13 20:09:00 249856 ----a-w- C:\Windows
 
\SysWow64\d3d10_1core.dll
2013-01-13 20:08:43 220160 ----a-w- C:\Windows
 
\SysWow64\d3d10core.dll
2013-01-13 20:08:35 1504768 ----a-w- C:\Windows\SysWow64\d3d11.dll
2013-01-13 19:59:04 1643520 ----a-w- C:\Windows
 
\System32\DWrite.dll
2013-01-13 19:58:28 1175552 ----a-w- C:\Windows
 
\System32\FntCache.dll
2013-01-13 19:54:01 604160 ----a-w- C:\Windows
 
\SysWow64\d3d10level9.dll
2013-01-13 19:53:58 207872 ----a-w- C:\Windows
 
\SysWow64\WindowsCodecsExt.dll
2013-01-13 19:53:14 187392 ----a-w- C:\Windows
 
\SysWow64\UIAnimation.dll
2013-01-13 19:51:30 2565120 ----a-w- C:\Windows
 
\System32\d3d10warp.dll
2013-01-13 19:49:17 363008 ----a-w- C:\Windows\System32\dxgi.dll
2013-01-13 19:48:47 161792 ----a-w- C:\Windows
 
\SysWow64\d3d10_1.dll
2013-01-13 19:46:25 1080832 ----a-w- C:\Windows\SysWow64\d3d10.dll
2013-01-13 19:43:21 1230336 ----a-w- C:\Windows
 
\SysWow64\WindowsCodecs.dll
2013-01-13 19:38:39 333312 ----a-w- C:\Windows
 
\System32\d3d10_1core.dll
2013-01-13 19:38:32 1887232 ----a-w- C:\Windows\System32\d3d11.dll
2013-01-13 19:38:21 296960 ----a-w- C:\Windows
 
\System32\d3d10core.dll
2013-01-13 19:37:57 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll
2013-01-13 19:25:04 245248 ----a-w- C:\Windows
 
\System32\WindowsCodecsExt.dll
2013-01-13 19:24:33 648192 ----a-w- C:\Windows
 
\System32\d3d10level9.dll
2013-01-13 19:24:30 221184 ----a-w- C:\Windows
 
\System32\UIAnimation.dll
2013-01-13 19:20:42 194560 ----a-w- C:\Windows
 
\System32\d3d10_1.dll
2013-01-13 19:20:04 1238528 ----a-w- C:\Windows\System32\d3d10.dll
2013-01-13 19:15:40 1424384 ----a-w- C:\Windows
 
\System32\WindowsCodecs.dll
2013-01-13 19:10:36 3928064 ----a-w- C:\Windows\System32\d2d1.dll
2013-01-13 19:02:06 417792 ----a-w- C:\Windows
 
\SysWow64\WMPhoto.dll
2013-01-13 18:34:58 364544 ----a-w- C:\Windows
 
\SysWow64\XpsGdiConverter.dll
2013-01-13 18:32:43 465920 ----a-w- C:\Windows
 
\System32\WMPhoto.dll
2013-01-13 18:09:52 522752 ----a-w- C:\Windows
 
\System32\XpsGdiConverter.dll
2013-01-13 17:26:42 1158144 ----a-w- C:\Windows
 
\SysWow64\XpsPrint.dll
2013-01-13 17:05:09 1682432 ----a-w- C:\Windows
 
\System32\XpsPrint.dll
2013-01-05 05:53:43 5553512 ----a-w- C:\Windows
 
\System32\ntoskrnl.exe
2013-01-05 05:00:15 3967848 ----a-w- C:\Windows
 
\SysWow64\ntkrnlpa.exe
2013-01-05 05:00:11 3913064 ----a-w- C:\Windows
 
\SysWow64\ntoskrnl.exe
2013-01-04 06:11:13 2776576 ----a-w- C:\Windows
 
\System32\msmpeg2vdec.dll
2013-01-04 05:46:09 215040 ----a-w- C:\Windows
 
\System32\winsrv.dll
2013-01-04 04:51:16 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-01-04 04:43:21 44032 ----a-w- C:\Windows\apppatch
 
\acwow64.dll
2013-01-04 03:26:48 3153408 ----a-w- C:\Windows
 
\System32\win32k.sys
2013-01-04 02:47:35 25600 ----a-w- C:\Windows
 
\SysWow64\setup16.exe
2013-01-04 02:47:34 7680 ----a-w- C:\Windows
 
\SysWow64\instnm.exe
2013-01-04 02:47:34 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-01-04 02:47:33 14336 ----a-w- C:\Windows
 
\SysWow64\ntvdm64.dll
2013-01-03 06:00:54 1913192 ----a-w- C:\Windows\System32\drivers
 
\tcpip.sys
2013-01-03 06:00:42 288088 ----a-w- C:\Windows\System32\drivers
 
\FWPKCLNT.SYS
.
============= FINISH:  0:47:13.57 ===============
 


BC AdBot (Login to Remove)

 


#2 satchfan

satchfan

  • Malware Response Team
  • 2,918 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Devon, UK
  • Local time:09:35 PM

Posted 19 March 2013 - 10:31 AM

Hello Chelle2006 and welcome to Bleeping Computer.

My name is Satchfan and I would be glad to help you with your computer problem.

Please read the following guidelines which will help to make cleaning your machine easier:

  • please follow all instructions in the order posted
  • please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear
  • all logs/reports, etc. must be posted in Notepad. Please ensure that word wrap is unchecked. In Notepad click Format, uncheck Word wrap if it is checked
  • if you don't understand something, please don't hesitate to ask for clarification before proceeding
  • the fixes are specific to your problem and should only be used for this issue on this machine.
  • please reply within 3 days. If you do not reply within this period I will post a reminder but topics with no reply in 4 days will be closed!

 IMPORTANT:

Please DO NOT install/uninstall any programs unless asked to.
Please DO NOT run any scans other than those requested

I am looking at your log now and will reply with instructions shortly.


My help is always free of charge. If you are happy with the help provided, if you wish you can make a donation to buy me a beer.


#3 satchfan

satchfan

  • Malware Response Team
  • 2,918 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Devon, UK
  • Local time:09:35 PM

Posted 19 March 2013 - 11:02 AM

Hello again Chelle2006

You have all of these programs installed on your computer which you cannot do and expect it to work:

Avast! Antivirus
Windows Defender
Norton Internet Security
Lavasoft\Ad-Aware


You must uninstall two of these three, (If Norton Internet Security has expired I suggest you uninstall that and Ad-Aware and keep Avast):

Avast! Antivirus
Norton Internet Security
Lavasoft\Ad-Aware


Next

Disable Windows Defender

You have Windows Defender running. Apart from the fact that it is useless, it will conflict with your antivirus, (AV), as they will be both looking for the same things.

To disable Windows Defender:

  • open Windows Defender
  • click on Tools, General Settings
  • scroll down and uncheck Turn on real-time protection (recommended)
  • after you uncheck this, click on the Save button and close Windows Defender.

===================================================

Run RogueKiller

IMPORTANT: Please remove any usb or external drives from the computer before you run this scan!

Close all running programs.
Download RogueKiller to your desktop.

  • close all running programs
  • for Windows Vista/Seven, right click -> run as administrator, for XP simply double-click on RogueKiller.exe
  • when the pre-scan is finished, click on Scan
  • click on Report and copy/paste the content in your next post
  • NOTE: DO NOT attempt to remove anything that the scan detects –everything that is reported is not necessarily bad

If the program is blocked, continue to try it several times. If it still doesn’t work, (it could happen), rename it to winlogon.exe.Please post the contents of the RKreport.txt in your next reply.

 

Also, please post the Attach.txt which should be in the same location as the DDS txt log.

Thanks

Satchfan


My help is always free of charge. If you are happy with the help provided, if you wish you can make a donation to buy me a beer.


#4 Chelle2006

Chelle2006
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:05:35 PM

Posted 19 March 2013 - 12:11 PM

Thank you. Working on this now. I knew I would have to uninstall some programs I just didn't want to do it until I got a response. I'll post as soon as possible.

#5 satchfan

satchfan

  • Malware Response Team
  • 2,918 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Devon, UK
  • Local time:09:35 PM

Posted 19 March 2013 - 12:29 PM

:thumbup2:


My help is always free of charge. If you are happy with the help provided, if you wish you can make a donation to buy me a beer.


#6 Chelle2006

Chelle2006
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:05:35 PM

Posted 19 March 2013 - 01:04 PM

I can't get ad-aware to uninstall in safe mode. It says the uninstall is running but it has been running for 55 minutes and making no progress?



#7 Chelle2006

Chelle2006
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:05:35 PM

Posted 19 March 2013 - 01:33 PM

in the mean time, here is the post of the attach.txt that was with the dds txt log. 

 

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium 
Boot Device: \Device\HarddiskVolume2
Install Date: 8/25/2010 8:38:12 PM
System Uptime: 3/18/2013 12:36:52 AM (0 hours ago)
.
Motherboard: Sony Corporation |  | VAIO
Processor: Intel® Core™ i5 CPU       M 540  @ 2.53GHz | N/A | 2527/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 451 GiB total, 322.315 GiB free.
E: is Removable
F: is Removable
G: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP LaserJet P3010 Series
Device ID: ROOT\MULTIFUNCTION\0074
Manufacturer: Hewlett-Packard
Name: HP LaserJet P3010 Series
PNP Device ID: ROOT\MULTIFUNCTION\0074
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP LaserJet P2055dn
Device ID: ROOT\MULTIFUNCTION\0145
Manufacturer: Hewlett-Packard
Name: HP LaserJet P2055dn
PNP Device ID: ROOT\MULTIFUNCTION\0145
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Deskjet 3050A J611 series
Device ID: ROOT\MULTIFUNCTION\0035
Manufacturer: HP
Name: Deskjet 3050A J611 series
PNP Device ID: ROOT\MULTIFUNCTION\0035
Service: 
.
Class GUID: 
Description: HP Color LaserJet 2820
Device ID: ROOT\MULTIFUNCTION\0094
Manufacturer: 
Name: HP Color LaserJet 2820
PNP Device ID: ROOT\MULTIFUNCTION\0094
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP LaserJet CM1415fnw
Device ID: ROOT\MULTIFUNCTION\0055
Manufacturer: Hewlett-Packard
Name: HP LaserJet CM1415fnw
PNP Device ID: ROOT\MULTIFUNCTION\0055
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: hp color LaserJet 4600
Device ID: ROOT\MULTIFUNCTION\0116
Manufacturer: Hewlett-Packard
Name: hp color LaserJet 4600
PNP Device ID: ROOT\MULTIFUNCTION\0116
Service: 
.
Class GUID: 
Description: HP Color LaserJet CP4020 Series
Device ID: ROOT\MULTIFUNCTION\0016
Manufacturer: 
Name: HP Color LaserJet CP4020 Series
PNP Device ID: ROOT\MULTIFUNCTION\0016
Service: 
.
Class GUID: 
Description: HP Color LaserJet CM2320fxi MFP
Device ID: ROOT\MULTIFUNCTION\0075
Manufacturer: 
Name: HP Color LaserJet CM2320fxi MFP
PNP Device ID: ROOT\MULTIFUNCTION\0075
Service: 
.
Class GUID: 
Description: HP LaserJet 4 Plus
Device ID: ROOT\MULTIFUNCTION\0036
Manufacturer: 
Name: HP LaserJet 4 Plus
PNP Device ID: ROOT\MULTIFUNCTION\0036
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP LaserJet 4000 Series
Device ID: ROOT\MULTIFUNCTION\0095
Manufacturer: Hewlett-Packard
Name: HP LaserJet 4000 Series
PNP Device ID: ROOT\MULTIFUNCTION\0095
Service: 
.
Class GUID: 
Description: HP Color LaserJet 4730mfp
Device ID: ROOT\MULTIFUNCTION\0056
Manufacturer: 
Name: HP Color LaserJet 4730mfp
PNP Device ID: ROOT\MULTIFUNCTION\0056
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP LaserJet 8000 Series
Device ID: ROOT\MULTIFUNCTION\0117
Manufacturer: Hewlett-Packard
Name: HP LaserJet 8000 Series
PNP Device ID: ROOT\MULTIFUNCTION\0117
Service: 
.
Class GUID: 
Description: hp LaserJet 4300
Device ID: ROOT\MULTIFUNCTION\0017
Manufacturer: 
Name: hp LaserJet 4300
PNP Device ID: ROOT\MULTIFUNCTION\0017
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: hp LaserJet 1320 series
Device ID: ROOT\MULTIFUNCTION\0076
Manufacturer: Hewlett-Packard
Name: hp LaserJet 1320 series
PNP Device ID: ROOT\MULTIFUNCTION\0076
Service: 
.
Class GUID: 
Description: HP LaserJet 8100 Series
Device ID: ROOT\MULTIFUNCTION\0037
Manufacturer: 
Name: HP LaserJet 8100 Series
PNP Device ID: ROOT\MULTIFUNCTION\0037
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP LaserJet 600 M601
Device ID: ROOT\MULTIFUNCTION\0096
Manufacturer: Hewlett-Packard
Name: HP LaserJet 600 M601
PNP Device ID: ROOT\MULTIFUNCTION\0096
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP LaserJet P4515
Device ID: ROOT\MULTIFUNCTION\0057
Manufacturer: Hewlett-Packard
Name: HP LaserJet P4515
PNP Device ID: ROOT\MULTIFUNCTION\0057
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP LaserJet 4000 Series
Device ID: ROOT\MULTIFUNCTION\0118
Manufacturer: Hewlett-Packard
Name: HP LaserJet 4000 Series
PNP Device ID: ROOT\MULTIFUNCTION\0118
Service: 
.
Class GUID: 
Description: HP LaserJet P2055dn
Device ID: ROOT\MULTIFUNCTION\0018
Manufacturer: 
Name: HP LaserJet P2055dn
PNP Device ID: ROOT\MULTIFUNCTION\0018
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: hp LaserJet 1320 series
Device ID: ROOT\MULTIFUNCTION\0077
Manufacturer: Hewlett-Packard
Name: hp LaserJet 1320 series
PNP Device ID: ROOT\MULTIFUNCTION\0077
Service: 
.
Class GUID: 
Description: HP LaserJet P4015
Device ID: ROOT\MULTIFUNCTION\0038
Manufacturer: 
Name: HP LaserJet P4015
PNP Device ID: ROOT\MULTIFUNCTION\0038
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP LaserJet 2100 Series
Device ID: ROOT\MULTIFUNCTION\0097
Manufacturer: Hewlett-Packard
Name: HP LaserJet 2100 Series
PNP Device ID: ROOT\MULTIFUNCTION\0097
Service: 
.
Class GUID: 
Description: hp LaserJet 4200
Device ID: ROOT\MULTIFUNCTION\0058
Manufacturer: 
Name: hp LaserJet 4200
PNP Device ID: ROOT\MULTIFUNCTION\0058
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: hp LaserJet 2300 series
Device ID: ROOT\MULTIFUNCTION\0119
Manufacturer: Hewlett-Packard
Name: hp LaserJet 2300 series
PNP Device ID: ROOT\MULTIFUNCTION\0119
Service: 
.
Class GUID: 
Description: HP LaserJet P2055dn
Device ID: ROOT\MULTIFUNCTION\0019
Manufacturer: 
Name: HP LaserJet P2055dn
PNP Device ID: ROOT\MULTIFUNCTION\0019
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: hp LaserJet 1320 series
Device ID: ROOT\MULTIFUNCTION\0078
Manufacturer: Hewlett-Packard
Name: hp LaserJet 1320 series
PNP Device ID: ROOT\MULTIFUNCTION\0078
Service: 
.
Class GUID: 
Description: HP LaserJet P4015
Device ID: ROOT\MULTIFUNCTION\0039
Manufacturer: 
Name: HP LaserJet P4015
PNP Device ID: ROOT\MULTIFUNCTION\0039
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP LaserJet 600 M602
Device ID: ROOT\MULTIFUNCTION\0098
Manufacturer: Hewlett-Packard
Name: HP LaserJet 600 M602
PNP Device ID: ROOT\MULTIFUNCTION\0098
Service: 
.
Class GUID: 
Description: HP LaserJet 5200
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer: 
Name: HP LaserJet 5200
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP Color LaserJet CP2025n
Device ID: ROOT\MULTIFUNCTION\0059
Manufacturer: Hewlett-Packard
Name: HP Color LaserJet CP2025n
PNP Device ID: ROOT\MULTIFUNCTION\0059
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP LaserJet 600 M603
Device ID: ROOT\MULTIFUNCTION\0120
Manufacturer: Hewlett-Packard
Name: HP LaserJet 600 M603
PNP Device ID: ROOT\MULTIFUNCTION\0120
Service: 
.
Class GUID: 
Description: hp LaserJet 4300
Device ID: ROOT\MULTIFUNCTION\0020
Manufacturer: 
Name: hp LaserJet 4300
PNP Device ID: ROOT\MULTIFUNCTION\0020
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP LaserJet P2055dn
Device ID: ROOT\MULTIFUNCTION\0079
Manufacturer: Hewlett-Packard
Name: HP LaserJet P2055dn
PNP Device ID: ROOT\MULTIFUNCTION\0079
Service: 
.
Class GUID: 
Description: HP LaserJet 2200
Device ID: ROOT\MULTIFUNCTION\0040
Manufacturer: 
Name: HP LaserJet 2200
PNP Device ID: ROOT\MULTIFUNCTION\0040
Service: 
.
Class GUID: 
Description: HP LaserJet P4515
Device ID: ROOT\MULTIFUNCTION\0099
Manufacturer: 
Name: HP LaserJet P4515
PNP Device ID: ROOT\MULTIFUNCTION\0099
Service: 
.
Class GUID: 
Description: HP LaserJet 8000 Series
Device ID: ROOT\MULTIFUNCTION\0001
Manufacturer: 
Name: HP LaserJet 8000 Series
PNP Device ID: ROOT\MULTIFUNCTION\0001
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP LaserJet P2055dn
Device ID: ROOT\MULTIFUNCTION\0060
Manufacturer: Hewlett-Packard
Name: HP LaserJet P2055dn
PNP Device ID: ROOT\MULTIFUNCTION\0060
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP Designjet T1200 PostScript
Device ID: ROOT\MULTIFUNCTION\0121
Manufacturer: Hewlett-Packard
Name: HP Designjet T1200 PostScript
PNP Device ID: ROOT\MULTIFUNCTION\0121
Service: 
.
Class GUID: 
Description: HP Color LaserJet 3600
Device ID: ROOT\MULTIFUNCTION\0021
Manufacturer: 
Name: HP Color LaserJet 3600
PNP Device ID: ROOT\MULTIFUNCTION\0021
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP LaserJet P4015
Device ID: ROOT\MULTIFUNCTION\0080
Manufacturer: Hewlett-Packard
Name: HP LaserJet P4015
PNP Device ID: ROOT\MULTIFUNCTION\0080
Service: 
.
Class GUID: 
Description: DesignJet 500PS (C7770C)
Device ID: ROOT\MULTIFUNCTION\0041
Manufacturer: 
Name: DesignJet 500PS (C7770C)
PNP Device ID: ROOT\MULTIFUNCTION\0041
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP Color LaserJet CP5225dn
Device ID: ROOT\MULTIFUNCTION\0101
Manufacturer: Hewlett-Packard
Name: HP Color LaserJet CP5225dn
PNP Device ID: ROOT\MULTIFUNCTION\0101
Service: 
.
Class GUID: 
Description: hp LaserJet 4250
Device ID: ROOT\MULTIFUNCTION\0002
Manufacturer: 
Name: hp LaserJet 4250
PNP Device ID: ROOT\MULTIFUNCTION\0002
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: hp LaserJet 4200
Device ID: ROOT\MULTIFUNCTION\0061
Manufacturer: Hewlett-Packard
Name: hp LaserJet 4200
PNP Device ID: ROOT\MULTIFUNCTION\0061
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: deskjet 6122
Device ID: ROOT\MULTIFUNCTION\0122
Manufacturer: hp
Name: deskjet 6122
PNP Device ID: ROOT\MULTIFUNCTION\0122
Service: 
.
Class GUID: 
Description: hp LaserJet 4300
Device ID: ROOT\MULTIFUNCTION\0022
Manufacturer: 
Name: hp LaserJet 4300
PNP Device ID: ROOT\MULTIFUNCTION\0022
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP LaserJet P2055dn
Device ID: ROOT\MULTIFUNCTION\0081
Manufacturer: Hewlett-Packard
Name: HP LaserJet P2055dn
PNP Device ID: ROOT\MULTIFUNCTION\0081
Service: 
.
Class GUID: 
Description: HP Color LaserJet 4700
Device ID: ROOT\MULTIFUNCTION\0042
Manufacturer: 
Name: HP Color LaserJet 4700
PNP Device ID: ROOT\MULTIFUNCTION\0042
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP Color LaserJet 3600
Device ID: ROOT\MULTIFUNCTION\0102
Manufacturer: Hewlett-Packard
Name: HP Color LaserJet 3600
PNP Device ID: ROOT\MULTIFUNCTION\0102
Service: 
.
Class GUID: 
Description: hp LaserJet 1300n
Device ID: ROOT\MULTIFUNCTION\0003
Manufacturer: 
Name: hp LaserJet 1300n
PNP Device ID: ROOT\MULTIFUNCTION\0003
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: hp color LaserJet 4600
Device ID: ROOT\MULTIFUNCTION\0062
Manufacturer: Hewlett-Packard
Name: hp color LaserJet 4600
PNP Device ID: ROOT\MULTIFUNCTION\0062
Service: 
.
Class GUID: 
Description: HP LaserJet 400 color M451nw
Device ID: ROOT\MULTIFUNCTION\0123
Manufacturer: 
Name: HP LaserJet 400 color M451nw
PNP Device ID: ROOT\MULTIFUNCTION\0123
Service: 
.
Class GUID: 
Description: HP LaserJet 4000 Series
Device ID: ROOT\MULTIFUNCTION\0023
Manufacturer: 
Name: HP LaserJet 4000 Series
PNP Device ID: ROOT\MULTIFUNCTION\0023
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP LaserJet 4050 Series
Device ID: ROOT\MULTIFUNCTION\0082
Manufacturer: Hewlett-Packard
Name: HP LaserJet 4050 Series
PNP Device ID: ROOT\MULTIFUNCTION\0082
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP LaserJet P2055dn
Device ID: ROOT\MULTIFUNCTION\0043
Manufacturer: Hewlett-Packard
Name: HP LaserJet P2055dn
PNP Device ID: ROOT\MULTIFUNCTION\0043
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP LaserJet 5200
Device ID: ROOT\MULTIFUNCTION\0103
Manufacturer: Hewlett-Packard
Name: HP LaserJet 5200
PNP Device ID: ROOT\MULTIFUNCTION\0103
Service: 
.
Class GUID: 
Description: HP LaserJet P2055dn
Device ID: ROOT\MULTIFUNCTION\0004
Manufacturer: 
Name: HP LaserJet P2055dn
PNP Device ID: ROOT\MULTIFUNCTION\0004
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP LaserJet P1505n
Device ID: ROOT\MULTIFUNCTION\0063
Manufacturer: Hewlett-Packard
Name: HP LaserJet P1505n
PNP Device ID: ROOT\MULTIFUNCTION\0063
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: hp LaserJet 4250
Device ID: ROOT\MULTIFUNCTION\0124
Manufacturer: Hewlett-Packard
Name: hp LaserJet 4250
PNP Device ID: ROOT\MULTIFUNCTION\0124
Service: 
.
Class GUID: 
Description: Bidirectional Printer/Plotter
Device ID: ROOT\MULTIFUNCTION\0024
Manufacturer: 
Name: Bidirectional Printer/Plotter
PNP Device ID: ROOT\MULTIFUNCTION\0024
Service: 
.
Class GUID: 
Description: HP Color LaserJet CP5225dn
Device ID: ROOT\MULTIFUNCTION\0083
Manufacturer: 
Name: HP Color LaserJet CP5225dn
PNP Device ID: ROOT\MULTIFUNCTION\0083
Service: 
.
Class GUID: 
Description: HP Color LaserJet CP4020 Series
Device ID: ROOT\MULTIFUNCTION\0044
Manufacturer: 
Name: HP Color LaserJet CP4020 Series
PNP Device ID: ROOT\MULTIFUNCTION\0044
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: DesignJet 800PS (C7780C)
Device ID: ROOT\MULTIFUNCTION\0104
Manufacturer: Hewlett-Packard
Name: DesignJet 800PS (C7780C)
PNP Device ID: ROOT\MULTIFUNCTION\0104
Service: 
.
Class GUID: 
Description: HP Color LaserJet CM2320fxi MFP
Device ID: ROOT\MULTIFUNCTION\0005
Manufacturer: 
Name: HP Color LaserJet CM2320fxi MFP
PNP Device ID: ROOT\MULTIFUNCTION\0005
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP LaserJet P2055dn
Device ID: ROOT\MULTIFUNCTION\0064
Manufacturer: Hewlett-Packard
Name: HP LaserJet P2055dn
PNP Device ID: ROOT\MULTIFUNCTION\0064
Service: 
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Security Processor Loader Driver
Device ID: ROOT\LEGACY_SPLDR\0000
Manufacturer: 
Name: Security Processor Loader Driver
PNP Device ID: ROOT\LEGACY_SPLDR\0000
Service: spldr
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP Color LaserJet CP2025dn
Device ID: ROOT\MULTIFUNCTION\0125
Manufacturer: Hewlett-Packard
Name: HP Color LaserJet CP2025dn
PNP Device ID: ROOT\MULTIFUNCTION\0125
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP LaserJet P2055dn
Device ID: ROOT\MULTIFUNCTION\0025
Manufacturer: Hewlett-Packard
Name: HP LaserJet P2055dn
PNP Device ID: ROOT\MULTIFUNCTION\0025
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP LaserJet 400 MFP M425dn
Device ID: ROOT\MULTIFUNCTION\0084
Manufacturer: Hewlett-Packard
Name: HP LaserJet 400 MFP M425dn
PNP Device ID: ROOT\MULTIFUNCTION\0084
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP LaserJet P2055dn
Device ID: ROOT\MULTIFUNCTION\0045
Manufacturer: Hewlett-Packard
Name: HP LaserJet P2055dn
PNP Device ID: ROOT\MULTIFUNCTION\0045
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP LaserJet 600 M601
Device ID: ROOT\MULTIFUNCTION\0105
Manufacturer: Hewlett-Packard
Name: HP LaserJet 600 M601
PNP Device ID: ROOT\MULTIFUNCTION\0105
Service: 
.
Class GUID: 
Description: HP Color LaserJet CP5225dn
Device ID: ROOT\MULTIFUNCTION\0006
Manufacturer: 
Name: HP Color LaserJet CP5225dn
PNP Device ID: ROOT\MULTIFUNCTION\0006
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP LaserJet 4000 Series
Device ID: ROOT\MULTIFUNCTION\0065
Manufacturer: Hewlett-Packard
Name: HP LaserJet 4000 Series
PNP Device ID: ROOT\MULTIFUNCTION\0065
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP LaserJet 4100 Series
Device ID: ROOT\MULTIFUNCTION\0126
Manufacturer: Hewlett-Packard
Name: HP LaserJet 4100 Series
PNP Device ID: ROOT\MULTIFUNCTION\0126
Service: 
.
Class GUID: 
Description: HP LaserJet 8150 Series
Device ID: ROOT\MULTIFUNCTION\0026
Manufacturer: 
Name: HP LaserJet 8150 Series
PNP Device ID: ROOT\MULTIFUNCTION\0026
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: hp LaserJet 4200
Device ID: ROOT\MULTIFUNCTION\0085
Manufacturer: Hewlett-Packard
Name: hp LaserJet 4200
PNP Device ID: ROOT\MULTIFUNCTION\0085
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP LaserJet P1505n
Device ID: ROOT\MULTIFUNCTION\0046
Manufacturer: Hewlett-Packard
Name: HP LaserJet P1505n
PNP Device ID: ROOT\MULTIFUNCTION\0046
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP LaserJet 2100 Series
Device ID: ROOT\MULTIFUNCTION\0106
Manufacturer: Hewlett-Packard
Name: HP LaserJet 2100 Series
PNP Device ID: ROOT\MULTIFUNCTION\0106
Service: 
.
Class GUID: 
Description: hp LaserJet 4300
Device ID: ROOT\MULTIFUNCTION\0007
Manufacturer: 
Name: hp LaserJet 4300
PNP Device ID: ROOT\MULTIFUNCTION\0007
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: hp LaserJet 4250
Device ID: ROOT\MULTIFUNCTION\0066
Manufacturer: Hewlett-Packard
Name: hp LaserJet 4250
PNP Device ID: ROOT\MULTIFUNCTION\0066
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP Color LaserJet CP2025dn
Device ID: ROOT\MULTIFUNCTION\0127
Manufacturer: Hewlett-Packard
Name: HP Color LaserJet CP2025dn
PNP Device ID: ROOT\MULTIFUNCTION\0127
Service: 
.
Class GUID: 
Description: hp designjet 130nr (C7791D)
Device ID: ROOT\MULTIFUNCTION\0027
Manufacturer: 
Name: hp designjet 130nr (C7791D)
PNP Device ID: ROOT\MULTIFUNCTION\0027
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP LaserJet 4050 Series
Device ID: ROOT\MULTIFUNCTION\0086
Manufacturer: Hewlett-Packard
Name: HP LaserJet 4050 Series
PNP Device ID: ROOT\MULTIFUNCTION\0086
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP Color LaserJet 3600
Device ID: ROOT\MULTIFUNCTION\0047
Manufacturer: Hewlett-Packard
Name: HP Color LaserJet 3600
PNP Device ID: ROOT\MULTIFUNCTION\0047
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: hp LaserJet 4200
Device ID: ROOT\MULTIFUNCTION\0107
Manufacturer: Hewlett-Packard
Name: hp LaserJet 4200
PNP Device ID: ROOT\MULTIFUNCTION\0107
Service: 
.
Class GUID: 
Description: HP LaserJet P4515
Device ID: ROOT\MULTIFUNCTION\0008
Manufacturer: 
Name: HP LaserJet P4515
PNP Device ID: ROOT\MULTIFUNCTION\0008
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP LaserJet P2055dn
Device ID: ROOT\MULTIFUNCTION\0067
Manufacturer: Hewlett-Packard
Name: HP LaserJet P2055dn
PNP Device ID: ROOT\MULTIFUNCTION\0067
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP LaserJet P2015 Series
Device ID: ROOT\MULTIFUNCTION\0128
Manufacturer: Hewlett-Packard
Name: HP LaserJet P2015 Series
PNP Device ID: ROOT\MULTIFUNCTION\0128
Service: 
.
Class GUID: 
Description: Photosmart D110 series
Device ID: ROOT\MULTIFUNCTION\0028
Manufacturer: 
Name: Photosmart D110 series
PNP Device ID: ROOT\MULTIFUNCTION\0028
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP LaserJet 4000 Series
Device ID: ROOT\MULTIFUNCTION\0087
Manufacturer: Hewlett-Packard
Name: HP LaserJet 4000 Series
PNP Device ID: ROOT\MULTIFUNCTION\0087
Service: 
.
Class GUID: 
Description: hp LaserJet 4200
Device ID: ROOT\MULTIFUNCTION\0048
Manufacturer: 
Name: hp LaserJet 4200
PNP Device ID: ROOT\MULTIFUNCTION\0048
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP Color LaserJet CM2320fxi MFP
Device ID: ROOT\MULTIFUNCTION\0108
Manufacturer: Hewlett-Packard
Name: HP Color LaserJet CM2320fxi MFP
PNP Device ID: ROOT\MULTIFUNCTION\0108
Service: 
.
Class GUID: 
Description: HP LaserJet 5200
Device ID: ROOT\MULTIFUNCTION\0009
Manufacturer: 
Name: HP LaserJet 5200
PNP Device ID: ROOT\MULTIFUNCTION\0009
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: hp LaserJet 1320 series
Device ID: ROOT\MULTIFUNCTION\0068
Manufacturer: Hewlett-Packard
Name: hp LaserJet 1320 series
PNP Device ID: ROOT\MULTIFUNCTION\0068
Service: 
.
Class GUID: 
Description: HP LaserJet 4050 Series
Device ID: ROOT\MULTIFUNCTION\0129
Manufacturer: 
Name: HP LaserJet 4050 Series
PNP Device ID: ROOT\MULTIFUNCTION\0129
Service: 
.
Class GUID: 
Description: hp color LaserJet 2550 series
Device ID: ROOT\MULTIFUNCTION\0029
Manufacturer: 
Name: hp color LaserJet 2550 series
PNP Device ID: ROOT\MULTIFUNCTION\0029
Service: 
.
Class GUID: 
Description: HP LaserJet P4014
Device ID: ROOT\MULTIFUNCTION\0088
Manufacturer: 
Name: HP LaserJet P4014
PNP Device ID: ROOT\MULTIFUNCTION\0088
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: hp LaserJet 4200
Device ID: ROOT\MULTIFUNCTION\0049
Manufacturer: Hewlett-Packard
Name: hp LaserJet 4200
PNP Device ID: ROOT\MULTIFUNCTION\0049
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP LaserJet 600 M602
Device ID: ROOT\MULTIFUNCTION\0109
Manufacturer: Hewlett-Packard
Name: HP LaserJet 600 M602
PNP Device ID: ROOT\MULTIFUNCTION\0109
Service: 
.
Class GUID: 
Description: Photosmart Prem C410 series
Device ID: ROOT\MULTIFUNCTION\0010
Manufacturer: 
Name: Photosmart Prem C410 series
PNP Device ID: ROOT\MULTIFUNCTION\0010
Service: 
.
Class GUID: 
Description: HP LaserJet 4050 Series
Device ID: ROOT\MULTIFUNCTION\0069
Manufacturer: 
Name: HP LaserJet 4050 Series
PNP Device ID: ROOT\MULTIFUNCTION\0069
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP LaserJet 600 M603
Device ID: ROOT\MULTIFUNCTION\0130
Manufacturer: Hewlett-Packard
Name: HP LaserJet 600 M603
PNP Device ID: ROOT\MULTIFUNCTION\0130
Service: 
.
Class GUID: 
Description: HP LaserJet 2100 Series
Device ID: ROOT\MULTIFUNCTION\0030
Manufacturer: 
Name: HP LaserJet 2100 Series
PNP Device ID: ROOT\MULTIFUNCTION\0030
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: hp color LaserJet 5550
Device ID: ROOT\MULTIFUNCTION\0089
Manufacturer: Hewlett-Packard
Name: hp color LaserJet 5550
PNP Device ID: ROOT\MULTIFUNCTION\0089
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP LaserJet P4015
Device ID: ROOT\MULTIFUNCTION\0050
Manufacturer: Hewlett-Packard
Name: HP LaserJet P4015
PNP Device ID: ROOT\MULTIFUNCTION\0050
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: DesignJet 500PS (C7770C)
Device ID: ROOT\MULTIFUNCTION\0110
Manufacturer: Hewlett-Packard
Name: DesignJet 500PS (C7770C)
PNP Device ID: ROOT\MULTIFUNCTION\0110
Service: 
.
Class GUID: 
Description: HP LaserJet 2200
Device ID: ROOT\MULTIFUNCTION\0011
Manufacturer: 
Name: HP LaserJet 2200
PNP Device ID: ROOT\MULTIFUNCTION\0011
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP LaserJet Professional M1217nfw MFP
Device ID: ROOT\MULTIFUNCTION\0070
Manufacturer: Hewlett-Packard
Name: HP LaserJet Professional M1217nfw MFP
PNP Device ID: ROOT\MULTIFUNCTION\0070
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: hp LaserJet 4200
Device ID: ROOT\MULTIFUNCTION\0131
Manufacturer: Hewlett-Packard
Name: hp LaserJet 4200
PNP Device ID: ROOT\MULTIFUNCTION\0131
Service: 
.
Class GUID: 
Description: HP Color LaserJet 2820
Device ID: ROOT\MULTIFUNCTION\0031
Manufacturer: 
Name: HP Color LaserJet 2820
PNP Device ID: ROOT\MULTIFUNCTION\0031
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: hp LaserJet 4300
Device ID: ROOT\MULTIFUNCTION\0090
Manufacturer: Hewlett-Packard
Name: hp LaserJet 4300
PNP Device ID: ROOT\MULTIFUNCTION\0090
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Photosmart D110 series
Device ID: ROOT\MULTIFUNCTION\0051
Manufacturer: HP
Name: Photosmart D110 series
PNP Device ID: ROOT\MULTIFUNCTION\0051
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP Color LaserJet 4500
Device ID: ROOT\MULTIFUNCTION\0111
Manufacturer: Hewlett-Packard
Name: HP Color LaserJet 4500
PNP Device ID: ROOT\MULTIFUNCTION\0111
Service: 
.
Class GUID: 
Description: hp LaserJet 4300
Device ID: ROOT\MULTIFUNCTION\0012
Manufacturer: 
Name: hp LaserJet 4300
PNP Device ID: ROOT\MULTIFUNCTION\0012
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP LaserJet 2200
Device ID: ROOT\MULTIFUNCTION\0071
Manufacturer: 
Name: HP LaserJet 2200
PNP Device ID: ROOT\MULTIFUNCTION\0071
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP LaserJet 4000 Series
Device ID: ROOT\MULTIFUNCTION\0132
Manufacturer: Hewlett-Packard
Name: HP LaserJet 4000 Series
PNP Device ID: ROOT\MULTIFUNCTION\0132
Service: 
.
Class GUID: 
Description: HP LaserJet 4050 Series
Device ID: ROOT\MULTIFUNCTION\0032
Manufacturer: 
Name: HP LaserJet 4050 Series
PNP Device ID: ROOT\MULTIFUNCTION\0032
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP LaserJet M1522nf MFP
Device ID: ROOT\MULTIFUNCTION\0091
Manufacturer: Hewlett-Packard
Name: HP LaserJet M1522nf MFP
PNP Device ID: ROOT\MULTIFUNCTION\0091
Service: 
.
Class GUID: 
Description: hp LaserJet 4250
Device ID: ROOT\MULTIFUNCTION\0052
Manufacturer: 
Name: hp LaserJet 4250
PNP Device ID: ROOT\MULTIFUNCTION\0052
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP LaserJet 2200
Device ID: ROOT\MULTIFUNCTION\0112
Manufacturer: 
Name: HP LaserJet 2200
PNP Device ID: ROOT\MULTIFUNCTION\0112
Service: 
.
Class GUID: 
Description: HP Color LaserJet CP4020 Series
Device ID: ROOT\MULTIFUNCTION\0013
Manufacturer: 
Name: HP Color LaserJet CP4020 Series
PNP Device ID: ROOT\MULTIFUNCTION\0013
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP LaserJet 600 M602
Device ID: ROOT\MULTIFUNCTION\0072
Manufacturer: Hewlett-Packard
Name: HP LaserJet 600 M602
PNP Device ID: ROOT\MULTIFUNCTION\0072
Service: 
.
Class GUID: 
Description: hp LaserJet 4240
Device ID: ROOT\MULTIFUNCTION\0133
Manufacturer: 
Name: hp LaserJet 4240
PNP Device ID: ROOT\MULTIFUNCTION\0133
Service: 
.
Class GUID: 
Description: HP LaserJet 2100 Series
Device ID: ROOT\MULTIFUNCTION\0033
Manufacturer: 
Name: HP LaserJet 2100 Series
PNP Device ID: ROOT\MULTIFUNCTION\0033
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP LaserJet P2055dn
Device ID: ROOT\MULTIFUNCTION\0092
Manufacturer: Hewlett-Packard
Name: HP LaserJet P2055dn
PNP Device ID: ROOT\MULTIFUNCTION\0092
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: deskjet 5800
Device ID: ROOT\MULTIFUNCTION\0053
Manufacturer: hp
Name: deskjet 5800
PNP Device ID: ROOT\MULTIFUNCTION\0053
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP LaserJet P4014
Device ID: ROOT\MULTIFUNCTION\0113
Manufacturer: Hewlett-Packard
Name: HP LaserJet P4014
PNP Device ID: ROOT\MULTIFUNCTION\0113
Service: 
.
Class GUID: 
Description: HP LaserJet P4015
Device ID: ROOT\MULTIFUNCTION\0014
Manufacturer: 
Name: HP LaserJet P4015
PNP Device ID: ROOT\MULTIFUNCTION\0014
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP LaserJet 400 color M451dn
Device ID: ROOT\MULTIFUNCTION\0073
Manufacturer: Hewlett-Packard
Name: HP LaserJet 400 color M451dn
PNP Device ID: ROOT\MULTIFUNCTION\0073
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP LaserJet 4000 Series
Device ID: ROOT\MULTIFUNCTION\0134
Manufacturer: Hewlett-Packard
Name: HP LaserJet 4000 Series
PNP Device ID: ROOT\MULTIFUNCTION\0134
Service: 
.
Class GUID: 
Description: HP LaserJet P4515
Device ID: ROOT\MULTIFUNCTION\0034
Manufacturer: 
Name: HP LaserJet P4515
PNP Device ID: ROOT\MULTIFUNCTION\0034
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP LaserJet P2015 Series
Device ID: ROOT\MULTIFUNCTION\0093
Manufacturer: Hewlett-Packard
Name: HP LaserJet P2015 Series
PNP Device ID: ROOT\MULTIFUNCTION\0093
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP Color LaserJet CP4520 Series
Device ID: ROOT\MULTIFUNCTION\0054
Manufacturer: Hewlett-Packard
Name: HP Color LaserJet CP4520 Series
PNP Device ID: ROOT\MULTIFUNCTION\0054
Service: 
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP LaserJet 600 M602
Device ID: ROOT\MULTIFUNCTION\0115
Manufacturer: Hewlett-Packard
Name: HP LaserJet 600 M602
PNP Device ID: ROOT\MULTIFUNCTION\0115
Service: 
.
Class GUID: 
Description: HP LaserJet CM1415fnw
Device ID: ROOT\MULTIFUNCTION\0015
Manufacturer: 
Name: HP LaserJet CM1415fnw
PNP Device ID: ROOT\MULTIFUNCTION\0015
Service: 
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: avast! Network Shield Support
Device ID: ROOT\LEGACY_ASWTDI\0000
Manufacturer: 
Name: avast! Network Shield Support
PNP Device ID: ROOT\LEGACY_ASWTDI\0000
Service: aswTdi
.
==== System Restore Points ===================
.
RP376: 3/12/2013 6:02:31 PM - Scheduled Checkpoint
RP377: 3/12/2013 6:12:17 PM - Windows Update
RP378: 3/13/2013 1:10:15 AM - Windows Update
RP379: 3/17/2013 6:26:44 PM - Windows Update
RP380: 3/17/2013 7:03:08 PM - Windows Backup
.
==== Installed Programs ======================
.
64 Bit HP CIO Components Installer
AccuWeather.com Cirrus
Ad-Aware
Adobe Acrobat  9 Standard
Adobe Acrobat 9.5.3 - CPSID_83708
Adobe AIR
Adobe Digital Editions
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop Elements 8.0
Adobe Photoshop.com Inspiration Browser
Adobe Premiere Elements 8.0
Adobe Reader X (10.1.6)
AIM 7
Alps Pointing-device for VAIO
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Application Manager for VAIO
ArcSoft Magic-i Visual Effects 2
ArcSoft WebCam Companion 3
ATI Catalyst Install Manager
Audible Download Manager
avast! Free Antivirus
Bonjour
Bonjour Print Services
BufferChm
calibre
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Click to Call with Skype
Corel WinDVD
Coupon Printer for Windows
D110
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Destinations
DeviceDiscovery
Download Updater (AOL LLC)
Extegrity Exam 4.0
Extegrity Exam4
Facebook Messenger 2.1.4814.0
FileOpen Client
Flixster Collections
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
GPBaseService2
Graboid Video 1.73
HP Customer Participation Program 14.0
HP Deskjet 3050A J611 series Basic Device Software
HP Deskjet 3050A J611 series Help
HP Deskjet 3050A J611 series Product Improvement Study
HP Imaging Device Functions 14.0
HP Photo Creations
HP Photosmart D110 All-In-One Driver Software 14.0 Rel. 7
HP Smart Web Printing 4.60
HP Solution Center 14.0
HP Update
HPAppStudio
HPPhotoGadget
HPProductAssistant
HPSSupply
Intel® Control Center
Intel® Management Engine Components
Intel® Rapid Storage Technology
iTunes
Java 7 Update 7
Java Auto Updater
Java™ 6 Update 18 (64-bit)
Java™ 6 Update 29
Junk Mail filter update
Lexis® for Microsoft® Office
Malwarebytes Anti-Malware version 1.70.0.1100
MarketResearch
Media Gallery
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Default Manager
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Student 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
MobileMe Control Panel
Mozilla Firefox 11.0 (x86 en-US)
MSN Toolbar
MSN Toolbar Platform
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nancy Drew: Alibi in Ashes
Network64
Norton Internet Security
OOBE
OverDrive Media Console
Pharos
Picasa 3
PlayReady PC Runtime amd64
PMB
PMB VAIO Edition Guide
PMB VAIO Edition plug-in (Click to Disc)
PMB VAIO Edition plug-in (VAIO Image Optimizer)
PMB VAIO Edition plug-in (VAIO Movie Story)
PS_AIO_07_D110_SW_Min
QuickTime
QuickTransfer
Realtek HDMI Audio Driver for ATI
Realtek High Definition Audio Driver
Roxio Central Audio
Roxio Central Copy
Roxio Central Core
Roxio Central Data
Roxio Central Tools
Roxio Easy Media Creator 10 LJ
Roxio Easy Media Creator Home
Safari
Scan
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition
Setting Utility Series
Shop for HP Supplies
Skype™ 5.10
SmartSound Quicktracks for Premiere Elements 8.0
SmartWebPrinting
SmartWi Connection Utility
SolutionCenter
Sony Home Network Library
Spybot - Search & Destroy
Status
Toolbox
TrayApp
TweetDeck
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
VAIO Care
VAIO Content Metadata Intelligent Analyzing Manager
VAIO Content Metadata Intelligent Network Service Manager
VAIO Content Metadata Manager Settings
VAIO Content Metadata XML Interface Library
VAIO Content Monitoring Settings
VAIO Control Center
VAIO Data Restore Tool
VAIO DVD Menu Data
VAIO Entertainment Platform
VAIO Event Service
VAIO Hardware Diagnostics
VAIO Help and Support
VAIO Media plus
VAIO Media plus Opening Movie
VAIO Movie Story Template Data
VAIO Original Function Settings
VAIO Personalization Manager
VAIO Power Management
VAIO Quick Web Access
VAIO Survey
VAIO Transfer Support
VAIO Update
VAIO Update Merge Module x64
VAIO Wallpaper Contents
VD64Inst
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
Visual C++ 8.0 Runtime Setup Package (x64)
VLC media player 1.0.1
WD Drive Utilities
WD Security
WD SmartWare
WebReg
WIDCOMM Bluetooth Software
Windows Driver Package - Broadcom Bluetooth  (09/09/2009 6.2.0.9405)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800)
Windows Installer Clean Up
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Xvid 1.2.1 final uninstall
.
==== Event Viewer Messages From Past Week ========
.
3/18/2013 12:39:42 AM, Error: Service Control Manager [7001]  - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error:  The dependency service or group failed to start.
3/18/2013 12:37:58 AM, Error: Service Control Manager [7001]  - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:  The dependency service or group failed to start.
3/18/2013 12:37:57 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
3/18/2013 12:37:57 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
3/18/2013 12:37:56 AM, Error: Service Control Manager [7001]  - The Computer Browser service depends on the Server service which failed to start because of the following error:  The dependency service or group failed to start.
3/18/2013 12:37:54 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
3/18/2013 12:37:42 AM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  aswSnx aswSP aswTdi BHDrvx64 discache eeCtrl IDSVia64 spldr SRTSPX SymIRON SymNetS Wanarpv6
3/18/2013 12:37:42 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
3/18/2013 12:28:13 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
3/18/2013 12:27:47 AM, Error: Service Control Manager [7001]  - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:  The dependency service or group failed to start.
3/18/2013 12:27:36 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
3/18/2013 12:09:43 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service defragsvc with arguments "" in order to run the server: {D20A3293-3341-4AE8-9AAF-8E397CB63C34}
3/18/2013 12:02:01 AM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AFD aswRdr aswSnx aswSP aswTdi BHDrvx64 DfsC discache eeCtrl IDSVia64 NetBIOS NetBT nsiproxy Psched rdbss spldr SRTSPX SymIRON SymNetS tdx vwififlt Wanarpv6 WfpLwf
3/18/2013 12:02:01 AM, Error: Service Control Manager [7001]  - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
3/18/2013 12:02:01 AM, Error: Service Control Manager [7001]  - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error:  A device attached to the system is not functioning.
3/18/2013 12:02:01 AM, Error: Service Control Manager [7001]  - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:  The dependency service or group failed to start.
3/18/2013 12:02:01 AM, Error: Service Control Manager [7001]  - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:  The dependency service or group failed to start.
3/18/2013 12:02:01 AM, Error: Service Control Manager [7001]  - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
3/18/2013 12:02:01 AM, Error: Service Control Manager [7001]  - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
3/18/2013 12:01:55 AM, Error: Service Control Manager [7001]  - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning.
3/18/2013 12:01:55 AM, Error: Service Control Manager [7001]  - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error:  A device attached to the system is not functioning.
3/18/2013 12:01:55 AM, Error: Service Control Manager [7001]  - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error:  A device attached to the system is not functioning.
3/18/2013 12:01:55 AM, Error: Service Control Manager [7001]  - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning.
3/17/2013 9:41:30 PM, Error: Service Control Manager [7009]  - A timeout was reached (180000 milliseconds) while waiting for the Windows Image Acquisition (WIA) service to connect.
3/17/2013 9:41:30 PM, Error: Service Control Manager [7000]  - The Windows Image Acquisition (WIA) service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
3/17/2013 9:22:50 PM, Error: Application Popup [1060]  - \??\C:\Windows\TEMP\mc25F2F.tmp has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
3/17/2013 9:04:30 PM, Error: Application Popup [1060]  - \??\C:\Windows\TEMP\mc25A5E.tmp has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
3/17/2013 8:59:25 PM, Error: Service Control Manager [7011]  - A timeout (180000 milliseconds) was reached while waiting for a transaction response from the NIS service.
3/17/2013 6:34:15 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.145.1873.0).
3/17/2013 6:29:55 PM, Error: Service Control Manager [7022]  - The VAIO Content Folder Watcher service hung on starting.
3/17/2013 6:26:37 PM, Error: Service Control Manager [7022]  - The Intel® Management & Security Application User Notification Service service hung on starting.
3/17/2013 6:20:38 PM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID  {C97FCC79-E628-407D-AE68-A06AD6D8B4D1}  and APPID  {344ED43D-D086-4961-86A6-1106F4ACAD9B}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
3/17/2013 6:18:56 PM, Error: Application Popup [1060]  - \??\C:\Windows\TEMP\mc273D7.tmp has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
3/17/2013 11:57:16 PM, Error: Service Control Manager [7009]  - A timeout was reached (180000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect.
3/17/2013 11:54:15 PM, Error: Application Popup [1060]  - \??\C:\Windows\TEMP\mc23C06.tmp has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
3/17/2013 11:51:31 PM, Error: Ntfs [55]  - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume Windows.
3/17/2013 11:22:41 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
3/17/2013 11:04:29 PM, Error: Service Control Manager [7009]  - A timeout was reached (180000 milliseconds) while waiting for the Skype Updater service to connect.
3/17/2013 11:01:29 PM, Error: Application Popup [1060]  - \??\C:\Windows\TEMP\mc23D5D.tmp has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
3/17/2013 10:46:31 PM, Error: Application Popup [1060]  - \??\C:\Windows\TEMP\mc24C89.tmp has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
3/17/2013 10:19:18 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service BITS with arguments "" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097}
3/14/2013 7:57:48 PM, Error: iaStor [9]  - The device, \Device\Ide\iaStor0, did not respond within the timeout period.
3/14/2013 3:55:41 PM, Error: Application Popup [1060]  - \??\C:\Windows\TEMP\mc2784A.tmp has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
3/13/2013 11:32:10 AM, Error: Service Control Manager [7022]  - The Windows Update service hung on starting.
3/13/2013 11:21:33 AM, Error: Application Popup [1060]  - \??\C:\Windows\TEMP\mc28AFF.tmp has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
3/11/2013 7:46:21 PM, Error: Application Popup [1060]  - \??\C:\Windows\TEMP\mc27BE3.tmp has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
3/11/2013 11:47:01 AM, Error: Application Popup [1060]  - \??\C:\Windows\TEMP\mc27500.tmp has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
.
==== End Of File ===========================


#8 satchfan

satchfan

  • Malware Response Team
  • 2,918 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Devon, UK
  • Local time:09:35 PM

Posted 19 March 2013 - 04:19 PM

Apart from Ad-Aware, have you tried uninstalling either Norton or Avast and disabling Windows Defender as I suggested?


My help is always free of charge. If you are happy with the help provided, if you wish you can make a donation to buy me a beer.


#9 Chelle2006

Chelle2006
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:05:35 PM

Posted 19 March 2013 - 05:52 PM

I uninstalled Norton and kept avast. Then my computer restarted and needed to check for a disk consistency. I rebooted it in safe mode and checked all the programs and the control panel but I can't find windows defender. I know it is a standard program on my computer but I searched programs as well as the control panel and it is not coming up and I can't find it. Should I continue to the roguekiller or do I still need to uninstall other things?



#10 satchfan

satchfan

  • Malware Response Team
  • 2,918 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Devon, UK
  • Local time:09:35 PM

Posted 19 March 2013 - 06:04 PM

Windows Defender is part of Windows and can't be uninstalled, just disabled.

 

Please continue to run RogueKiller.


My help is always free of charge. If you are happy with the help provided, if you wish you can make a donation to buy me a beer.


#11 Chelle2006

Chelle2006
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:05:35 PM

Posted 19 March 2013 - 06:07 PM

here are the results from roguekiller. 

 

 

RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
 
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Safe mode with network support
User : Michelle [Admin rights]
Mode : Scan -- Date : 03/19/2013 19:03:47
| ARK || FAK || MBR |
 
¤¤¤ Bad processes : 0 ¤¤¤
 
¤¤¤ Registry Entries : 4 ¤¤¤
[HJPOL] HKLM\[...]\System : DisableTaskMgr (0) -> FOUND
[HJPOL] HKLM\[...]\Wow6432Node\System : DisableTaskMgr (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
 
¤¤¤ Particular Files / Folders: ¤¤¤
 
¤¤¤ Driver : [NOT LOADED] ¤¤¤
 
¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
 
 
 
¤¤¤ MBR Check: ¤¤¤
 
+++++ PhysicalDrive0: ST9500420AS +++++
--- User ---
[MBR] 07870ff984005921c2d6d267a42ffb14
[BSP] 83f72e6c6aaf317485ee3879cf5b74cd : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 14528 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 29755392 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 29960192 | Size: 462310 Mo
User = LL1 ... OK!
User = LL2 ... OK!
 
Finished : << RKreport[2]_S_03192013_02d1903.txt >>
RKreport[1]_S_03192013_02d1902.txt ; RKreport[2]_S_03192013_02d1903.txt


#12 satchfan

satchfan

  • Malware Response Team
  • 2,918 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Devon, UK
  • Local time:09:35 PM

Posted 19 March 2013 - 06:21 PM

Please try to start in normal mode to run these.

 

Run Security Check

 

Download Security Check by screen317 from here or here.

  • save it to your Desktop
  • double click SecurityCheck.exe and follow the onscreen instructions inside of the black box
  • a Notepad document should open automatically called checkup.txt; please post the contents of that document.

===================================================

 

Run aswMBR

  • download aswMBR.exe to your desktop.
  • double click the aswMBR.exe to run it
  • if asked, accept the AVAST virus definition download
  • click the "Scan" button to start scan
  • on completion of the scan click Save log, save it to your desktop and post in your next reply.

Logs to include with next post:

 

checkup.txt

aswMBR log

 

Thanks

 

Satchfan


Edited by satchfan, 19 March 2013 - 06:28 PM.

My help is always free of charge. If you are happy with the help provided, if you wish you can make a donation to buy me a beer.


#13 Chelle2006

Chelle2006
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:05:35 PM

Posted 19 March 2013 - 06:39 PM

I'm sorry but I can't run anything in normal mode. My desktop, task bar, task manager, and start menus are all missing and I have no way to pull anything up in normal mode. 

 

here are the results from safe mode

 

 

 Results of screen317's Security Check version 0.99.61  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 8 Out of date! 
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Security Center service is not running! This report may not be accurate! 
 Windows Firewall Enabled!  
Lavasoft Ad-Watch Live! Anti-Virus   
avast! Antivirus                     
Norton Internet Security             
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Ad-Aware 
 Malwarebytes Anti-Malware version 1.70.0.1100  
 Java™ 6 Update 29  
 Java 7 Update 7  
 Java version out of Date! 
 Adobe Flash Player 10 Flash Player out of Date! 
 Adobe Flash Player 11.6.602.180  
 Adobe Reader 10.1.6 Adobe Reader out of Date!  
 Mozilla Firefox 11.0 Firefox out of Date!  
 Google Chrome 25.0.1364.152  
 Google Chrome 25.0.1364.172  
````````Process Check: objlist.exe by Laurent````````  
 Ad-Aware AAWService.exe is disabled! 
 Ad-Aware AAWTray.exe is disabled! 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log`````````````````````` 
 
 

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-03-19 19:34:27
-----------------------------
19:34:27.754    OS Version: Windows x64 6.1.7601 Service Pack 1
19:34:27.754    Number of processors: 4 586 0x2502
19:34:27.754    ComputerName: MICHELLE-VAIO  UserName: Michelle
19:34:28.950    Initialize success
19:34:30.566    AVAST engine defs: 13031701
19:34:40.109    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
19:34:40.111    Disk 0 Vendor: ST950042 0001 Size: 476940MB BusType: 3
19:34:40.112    Disk 1  \Device\Harddisk1\DR1 -> \Device\000000ee
19:34:40.114    Disk 1 Vendor: RICOH 02 Size: 476940MB BusType: 0
19:34:40.116    Disk 2  \Device\Harddisk2\DR2 -> \Device\000000ef
19:34:40.118    Disk 2 Vendor: RICOH 02 Size: 476940MB BusType: 0
19:34:40.232    Disk 0 MBR read successfully
19:34:40.235    Disk 0 MBR scan
19:34:40.980    Disk 0 Windows 7 default MBR code
19:34:41.000    Disk 0 Partition 1 00     27 Hidden NTFS WinRE NTFS        14528 MB offset 2048
19:34:41.364    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 29755392
19:34:41.377    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       462310 MB offset 29960192
19:34:41.792    Disk 0 scanning C:\Windows\system32\drivers
19:34:58.996    Service scanning
19:35:19.546    Modules scanning
19:35:19.550    Disk 0 trace - called modules:
19:35:19.568    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll 
19:35:19.586    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80083e8060]
19:35:19.590    3 CLASSPNP.SYS[fffff88001ad343f] -> nt!IofCallDriver -> [0xfffffa80073f1480]
19:35:19.594    5 ACPI.sys[fffff88000fa77a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80073f4050]
19:35:20.491    AVAST engine scan C:\Windows
19:35:22.792    AVAST engine scan C:\Windows\system32
19:38:03.510    AVAST engine scan C:\Windows\system32\drivers
19:38:16.183    AVAST engine scan C:\Users\Michelle
19:39:10.355    Disk 0 MBR has been saved successfully to "C:\Users\Michelle\Desktop\MBR.dat"
19:39:10.359    The log file has been saved successfully to "C:\Users\Michelle\Desktop\aswMBR.txt"
 
 
 
thank you so much for all of your help!


#14 satchfan

satchfan

  • Malware Response Team
  • 2,918 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Devon, UK
  • Local time:09:35 PM

Posted 19 March 2013 - 06:48 PM

You are welcome for the help but it is nearly time for me to get some beauty sleep, (early strts all this week).

 

Run RogueKiller

 

IMPORTANT: Do not reboot your computer if at all possible otherwise the malware will reactivate and you will have to run RogueKiller again

  • close all programs
  • double-click RogueKiller.exe
  • after it has completed it's prescan click Shortcut Fix
  • when the scan is complete click Report

Can you reboot and tell me if there are any changes.


My help is always free of charge. If you are happy with the help provided, if you wish you can make a donation to buy me a beer.


#15 Chelle2006

Chelle2006
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:05:35 PM

Posted 19 March 2013 - 07:14 PM

I ran rogueKiller without rebooting and got the same report as before. Then I rebooted as you asked and ran it again. Same report. 

 

 

RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
 
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Safe mode with network support
User : Michelle [Admin rights]
Mode : Scan -- Date : 03/19/2013 20:12:16
| ARK || FAK || MBR |
 
¤¤¤ Bad processes : 0 ¤¤¤
 
¤¤¤ Registry Entries : 4 ¤¤¤
[HJPOL] HKLM\[...]\System : DisableTaskMgr (0) -> FOUND
[HJPOL] HKLM\[...]\Wow6432Node\System : DisableTaskMgr (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
 
¤¤¤ Particular Files / Folders: ¤¤¤
 
¤¤¤ Driver : [NOT LOADED] ¤¤¤
 
¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
 
 
 
¤¤¤ MBR Check: ¤¤¤
 
+++++ PhysicalDrive0: ST9500420AS +++++
--- User ---
[MBR] 07870ff984005921c2d6d267a42ffb14
[BSP] 83f72e6c6aaf317485ee3879cf5b74cd : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 14528 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 29755392 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 29960192 | Size: 462310 Mo
User = LL1 ... OK!
User = LL2 ... OK!
 
Finished : << RKreport[4]_S_03192013_02d2012.txt >>
RKreport[1]_S_03192013_02d1902.txt ; RKreport[2]_S_03192013_02d1903.txt ; RKreport[3]_S_03192013_02d2005.txt ; RKreport[4]_S_03192013_02d2012.txt
 
 
 
 
Thank you for your help and I hope you sleep well. 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users