Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Unexpected Display Color Depth Change

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Unexpected Display Color Depth Change

Unread postby RKBrumbelow » March 7th, 2012, 4:36 pm

My across the hall neighbour is running Vista 32-bit Basic SP2. HAving set his display colour depth to 32 bit, something changes it to 8 bit and maxes out the processor for a minute or so. I updated his graphics drivers and made certain his copy of windows is up to date. Can you help me help him figure out what is happening please.

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421
Run by chad at 15:25:57 on 2012-03-07
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.1918.496 [GMT -5:00]
.
AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
.
============== Running Processes ===============
.
C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\rundll32.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Program Files\Microsoft\BingBar\7.1.364.0\BBSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Nero\Update\NASvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\AIM95\aim.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\Program Files\AVG\AVG10\avgemcx.exe
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files\EarthLink\ISP\ISP8400\Browser\Bartshel.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\EarthLink\ISP\ISP8400\Browser\PPShared.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\PROGRA~1\AVG\AVG10\avgrsx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\Users\chad\Desktop\HijackThis (1).exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Microsoft\BingBar\7.1.364.0\SeaPort.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32Info.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/?ilc=1
uSearch Page =
uWindow Title = Internet Explorer, optimized for Bing and MSN
uSearch Bar = hxxp://toolbar.inbox.com/search/dispatc ... p=aus&qkw=%s&tbid=%tb_id&%language
mStart Page = hxxp://www.yahoo.com/
mDefault_Page_URL = hxxp://google-s.alltalkspectrum.net
uURLSearchHooks: H - No File
uURLSearchHooks: YTNavAssist.YTNavAssistPlugin Class: {81017ea9-9aa8-4a6a-9734-7af40e7d593f} - c:\program files\yahoo!\companion\installs\cpn4\YTNavAssist.dll
uURLSearchHooks: H - No File
mURLSearchHooks: H - No File
mURLSearchHooks: H - No File
mURLSearchHooks: H - No File
mURLSearchHooks: H - No File
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn4\yt.dll
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: {040f45cc-08ca-4bc7-87f7-523bc39df89c} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dll
BHO: ElnkPubBHO Class: {512acf1b-64d9-4928-b382-a80556f28db4} - c:\program files\earthlink\toolbar\ElnkPuB.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No File
BHO: Accelerator Plugin: {656ec4b7-072b-4698-b504-2a414c1f0037} - c:\progra~1\earthl~3\PRPL_I~1.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: ToolbarBHO Class: {9519af7e-638d-4933-bad6-d33d23c79fe5} - c:\progra~1\arcsoft\rawthu~1\EXIFToolBar.dll
BHO: ElnkProtectionBHO Class: {9579d574-d4d8-4335-9560-fe8641a013bd} - c:\program files\earthlink\toolbar\ProtctIE.dll
BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\10.0.0.7\AVG Secure Search_toolbar.dll
BHO: {9D425283-D487-4337-BAB6-AB8354A81457} - No File
BHO: {9ee802e8-c931-47ab-b570-aa8f791598ca} - No File
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll
BHO: {CC3C8D60-29D6-4880-B9D8-443C4CBA2BEC} - No File
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\microsoft\bingbar\7.1.364.0\BingExt.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: ElnkLegacyUninstBHO Class: {e713904c-df05-4c79-bbad-02db923253be} - c:\program files\earthlink\toolbar\uninsttb.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn4\YTSingleInstance.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn4\yt.dll
TB: EarthLink Toolbar: {c7768536-96f8-4001-b1a2-90ee21279187} - c:\program files\earthlink\toolbar\Toolbar.dll
TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\10.0.0.7\AVG Secure Search_toolbar.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: {D0523BB4-21E7-11DD-9AB7-415B56D89593} - No File
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB: {CE0C2586-DA36-452B-ACDB-320D9BCB19BF} - No File
TB: RadioBar Toolbar: {5b291e6c-9a74-4034-971b-a4b007a0b315} -
TB: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB: GameBox Toolbar: {0fef2d2c-cda6-45e4-b2ed-9df7c50c95ff} -
TB: {9D425283-D487-4337-BAB6-AB8354A81457} - No File
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
EB: {A7CDDCDC-BEEB-4685-A062-978F5E07CEEE} - No File
uRun: [HPAdvisor] c:\program files\hewlett-packard\hp advisor\HPAdvisor.exe autorun=AUTORUN
uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messen~1\YahooMessenger.exe" -quiet
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [AIM] c:\program files\aim95\aim.exe -cnetwait.odl
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe
mRun: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
mRun: [DPService] "c:\program files\hp\dvdplay\DPService.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [NBKeyScan] "c:\program files\nero\nero8\nero backitup\NBKeyScan.exe"
mRun: [QuickTime Task] "d:\program files\quicktime\QTTask.exe" -atboottime
mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe
mRun: [Bart Station] c:\program files\earthlink\isp\isp8400\bin\PPCOLink.exe -STATION
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
StartupFolder: c:\users\chad\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: EarthLink Google Search - c:\program files\earthlink\toolbar\SearchUI.dll/search.html
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
IE: Read EXIF - c:\program files\arcsoft\raw thumbnail viewer\ArcEXIFM.htm
IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - c:\program files\aim95\aim.exe
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
DPF: {4F29DE54-5EB7-4D76-B610-A86B5CD2A234} - hxxp://archives.gametap.com/static/cab_ ... Player.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - hxxp://gfx1.hotmail.com/mail/w4/pr01/ph ... den-us.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{2058ABE3-0B7D-4978-A86E-673F575ACF9D} : DhcpNameServer = 192.168.1.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\10.0.6\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
Hosts: 127.0.0.1 http://www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R?2 cvhsvc;Client Virtualization Handler;c:\program files\common files\microsoft shared\virtualization handler\CVHSVC.EXE [2012-1-4 822624]
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-2-22 22992]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-3-16 32592]
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2012-3-6 64512]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-1-7 248656]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-3-1 34896]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-4-4 297168]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [2012-1-31 7391072]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg10\avgwdsvc.exe [2011-2-8 269520]
R2 BBSvc;BingBar Service;c:\program files\microsoft\bingbar\7.1.364.0\BBSvc.EXE [2012-2-20 193816]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-3-6 652360]
R2 NAUpdate;Nero Update;c:\program files\nero\update\NASvc.exe [2010-3-25 490280]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2012-3-6 1153368]
R2 sftlist;Application Virtualization Client;c:\program files\microsoft application virtualization client\sftlist.exe [2011-10-1 508776]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-5-27 134480]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-2-10 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-2-10 28624]
R3 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\7.1.364.0\SeaPort.EXE [2012-2-20 240408]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-3-6 20464]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-3-6 40776]
R3 Sftfs;Sftfs;c:\windows\system32\drivers\Sftfslh.sys [2011-10-1 579944]
R3 Sftplay;Sftplay;c:\windows\system32\drivers\Sftplaylh.sys [2011-10-1 194408]
R3 Sftredir;Sftredir;c:\windows\system32\drivers\Sftredirlh.sys [2011-10-1 21864]
R3 Sftvol;Sftvol;c:\windows\system32\drivers\Sftvollh.sys [2011-10-1 19304]
R3 sftvsa;Application Virtualization Service Agent;c:\program files\microsoft application virtualization client\sftvsa.exe [2011-10-1 219496]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg10\toolbar\ToolbarBroker.exe [2011-5-7 167264]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2010-10-24 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2011-5-13 1492840]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2011-12-23 2152152]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\lavasoft\ad-aware\kernexplorer.sys [2011-12-23 15232]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S4 vToolbarUpdater;vToolbarUpdater;c:\program files\common files\avg secure search\vtoolbarupdater\10.0.6\ToolbarUpdater.exe [2012-2-16 909152]
S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]
.
=============== Created Last 30 ================
.
2012-03-07 20:10:35 -------- d-----w- c:\users\chad\appdata\roaming\Malwarebytes
2012-03-07 19:20:44 -------- d-----w- c:\users\chad\appdata\local\{C2919113-C4B9-4EA1-A84E-53D00F2C1159}
2012-03-07 19:20:29 -------- d-----w- c:\users\chad\appdata\local\{6E3EF341-E583-4BEA-9B0F-97A97DCEDB1F}
2012-03-07 09:18:17 16432 ----a-w- c:\windows\system32\lsdelete.exe
2012-03-06 23:23:53 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2012-03-06 23:05:16 64512 ----a-w- c:\windows\system32\drivers\Lbd.sys
2012-03-06 23:04:37 -------- d-----w- c:\program files\Lavasoft
2012-03-06 23:00:24 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2012-03-06 23:00:24 -------- d-----w- c:\program files\Spybot - Search & Destroy
2012-03-06 22:50:51 5679896 ----a-w- c:\programdata\microsoft\bingbar\bbsvc\7.1.364.0oemBingBarSetup-Partner.EXE
2012-03-06 22:48:42 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2012-03-06 22:48:29 -------- d-----w- c:\programdata\Malwarebytes
2012-03-06 22:48:28 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-06 22:48:28 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-03-06 21:44:03 -------- d-----w- c:\windows\pss
2012-03-06 21:11:25 -------- d-----w- c:\programdata\NVIDIA Corporation
2012-03-06 21:05:02 61248 ----a-w- c:\windows\system32\OpenCL.dll
2012-03-06 21:05:01 881984 ----a-w- c:\windows\system32\nvgenco32.dll
2012-03-06 21:05:00 1000256 ----a-w- c:\windows\system32\nvdispco32.dll
2012-03-06 21:04:59 5892928 ----a-w- c:\windows\system32\nvcuda.dll
2012-03-06 21:04:59 2517312 ----a-w- c:\windows\system32\nvcuvid.dll
2012-03-06 21:04:59 2437440 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-03-06 21:04:58 17543488 ----a-w- c:\windows\system32\nvcompiler.dll
2012-03-06 21:04:19 -------- d-----w- c:\program files\NVIDIA Corporation
2012-03-06 21:03:39 -------- d-----w- C:\NVIDIA
2012-03-06 20:47:02 6552120 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{859e4ff6-d615-44bf-a1b3-d8bf43c63c77}\mpengine.dll
2012-03-06 10:35:12 -------- d-----w- c:\users\chad\appdata\local\{63267AEB-AB47-4031-BEBB-FC9FD7A1C6CF}
2012-03-05 22:32:44 -------- d-----w- c:\users\chad\appdata\local\{C17C6B38-E9ED-46BD-9566-14D3B5268C6D}
2012-03-05 22:30:24 -------- d-----w- c:\users\chad\appdata\local\{2C507F55-8D8F-49DE-A0CB-ED386FFC30A6}
2012-03-05 01:17:02 -------- d-----w- c:\programdata\2C6
2012-03-04 18:49:14 -------- d-----w- c:\users\chad\appdata\local\{410B417B-8939-4F91-8F9C-5394658248CE}
2012-03-04 18:46:11 -------- d-----w- c:\users\chad\appdata\local\{70589E6C-FCDF-4F56-938A-953F3E937AA9}
2012-03-03 21:59:18 -------- d-----w- c:\users\chad\appdata\local\{98294797-A32C-464B-ADAE-08BC9AB96E39}
2012-03-03 21:57:22 -------- d-----w- c:\users\chad\appdata\local\{1B1F5AB8-399D-47B8-AB60-AA86B1B40CAD}
2012-03-03 02:13:10 -------- d-----w- c:\users\chad\appdata\local\{ABDDEA9F-400E-4AB0-BDD8-47704707B713}
2012-03-03 02:11:25 -------- d-----w- c:\users\chad\appdata\local\{29922CC2-F0B4-400D-A060-0D88E5D677D0}
2012-03-02 08:26:02 -------- d-----w- c:\users\chad\appdata\local\{009AC267-BE71-4F2B-828C-87049D551EB1}
2012-03-01 20:25:25 -------- d-----w- c:\users\chad\appdata\local\{5394D33A-598F-43CD-A2C9-D73AEB0520A9}
2012-03-01 20:23:57 -------- d-----w- c:\users\chad\appdata\local\{51A069AD-4AA2-4453-942C-D8CC3D1F72F4}
2012-02-29 22:02:30 -------- d-----w- c:\users\chad\appdata\local\{1D76549D-5F8F-4436-A31F-CB8397062871}
2012-02-29 22:00:52 -------- d-----w- c:\users\chad\appdata\local\{F07D5EB3-50FB-42AA-89F3-861E1FFAA50E}
2012-02-28 22:11:31 -------- d-----w- c:\users\chad\appdata\local\{C38EB579-46F1-49F1-B722-778FDA581755}
2012-02-28 22:11:21 -------- d-----w- c:\users\chad\appdata\local\{D7194B06-C532-4685-9375-751D30E8568D}
2012-02-28 20:54:51 -------- d-----w- c:\users\chad\appdata\local\{9E8B9DDF-3ED9-4F7E-9DBA-923C86447466}
2012-02-27 23:24:02 -------- d-----w- c:\program files\Object
2012-02-27 19:18:04 -------- d-----w- c:\users\chad\appdata\local\{82C2955E-DCA9-4174-A661-3343FAF5C149}
2012-02-26 19:28:05 -------- d-----w- c:\users\chad\appdata\local\{44C7EA82-B748-49CA-A207-85D13018F5D6}
2012-02-26 19:26:42 -------- d-----w- c:\users\chad\appdata\local\{7C7B556D-AF36-4C89-A912-DD3A8CEF02C5}
2012-02-26 06:57:17 -------- d-----w- c:\programdata\Ask
2012-02-25 19:57:07 -------- d-----w- c:\users\chad\appdata\local\{4E836B91-EFF7-491D-8A56-E63148B28E44}
2012-02-25 19:55:30 -------- d-----w- c:\users\chad\appdata\local\{9B0E2346-3E47-46E0-9ABA-76EB18BF3726}
2012-02-24 23:08:36 -------- d-----w- c:\users\chad\appdata\local\{89CDA753-D79F-48B8-B1E3-E0172FC96C5B}
2012-02-23 22:22:25 -------- d-----w- c:\users\chad\appdata\local\{29ACA6DD-8A70-4B78-8E99-D6AE4235A868}
2012-02-23 22:21:07 -------- d-----w- c:\users\chad\appdata\local\{D3E8AA56-EB50-4B3B-83E7-AEF68744ACF1}
2012-02-23 09:24:25 -------- d-----w- c:\users\chad\appdata\local\{89066FD4-184D-4214-A52F-4E821DC79056}
2012-02-22 21:23:13 -------- d-----w- c:\users\chad\appdata\local\{BEEC70C8-2177-426F-B6CE-A6221A398E10}
2012-02-22 21:21:33 -------- d-----w- c:\users\chad\appdata\local\{C0712B1A-D852-4B9D-9800-37CE482DB008}
2012-02-22 07:42:59 -------- d-----w- c:\users\chad\appdata\local\{581C7895-F3E9-440D-BAE5-856F1AEAA2C3}
2012-02-22 07:42:49 -------- d-----w- c:\users\chad\appdata\local\{3A38839B-7C8F-4E12-A4DC-EF30F2EB244C}
2012-02-21 10:05:15 -------- d-----w- c:\users\chad\appdata\local\{27BD2749-8FE8-4727-BAA5-4609062F670D}
2012-02-20 22:04:28 -------- d-----w- c:\users\chad\appdata\local\{3101AF60-86DA-4864-AE34-B657C6F477C6}
2012-02-20 22:02:40 -------- d-----w- c:\users\chad\appdata\local\{88987332-D594-4975-9392-951FB444D15D}
2012-02-20 04:48:29 -------- d-----w- c:\users\chad\appdata\local\{F2A76A3C-8A72-4081-A6C3-4341AED9A2CD}
2012-02-20 04:48:18 -------- d-----w- c:\users\chad\appdata\local\{CD068214-6673-4BF8-BBE8-9DDB0BA7E041}
2012-02-19 16:47:47 -------- d-----w- c:\users\chad\appdata\local\{3FC41F0E-4FC4-46FD-924B-68521B084D0D}
2012-02-19 16:46:02 -------- d-----w- c:\users\chad\appdata\local\{A0EC1639-CF75-4BA8-B202-5F7DF0EFA92E}
2012-02-18 21:32:02 -------- d-----w- c:\users\chad\appdata\local\{130355D9-0763-4E0B-8F6E-D8824BD0A11A}
2012-02-17 22:38:27 -------- d-----w- c:\users\chad\appdata\local\{67475892-A6EB-4DCD-B317-25C59B1D56E9}
2012-02-17 22:37:11 -------- d-----w- c:\users\chad\appdata\local\{DED96E23-C0E8-4CF2-B66F-FDC8A9666579}
2012-02-17 06:56:48 -------- d-----w- c:\users\chad\appdata\local\{E39C99E8-D0D2-476D-9D27-57C0947D73BC}
2012-02-17 06:56:37 -------- d-----w- c:\users\chad\appdata\local\{F22FB790-A3D6-41B3-AF68-21FACC491CC0}
2012-02-16 19:37:23 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2012-02-16 19:37:17 2044416 ----a-w- c:\windows\system32\win32k.sys
2012-02-16 19:37:05 680448 ----a-w- c:\windows\system32\msvcrt.dll
2012-02-16 18:56:02 -------- d-----w- c:\users\chad\appdata\local\{BA0D8B75-E115-4E62-A098-1A496836DE28}
2012-02-16 18:54:35 -------- d-----w- c:\users\chad\appdata\local\{A4EA0D76-0DA3-46E2-BC36-BE6D201BA736}
2012-02-16 05:55:12 -------- d-----w- c:\windows\system32\cache
2012-02-15 22:57:28 -------- d-----w- c:\users\chad\appdata\local\{98164E13-A7D4-485D-88AA-F04D270FDAD6}
2012-02-15 22:54:58 -------- d-----w- c:\users\chad\appdata\local\{47DC0533-1986-4E0C-A76E-52A8155E4422}
2012-02-15 06:06:29 -------- d-----w- c:\programdata\AVG Secure Search
2012-02-15 06:06:10 -------- d-----w- c:\program files\common files\AVG Secure Search
2012-02-15 06:06:06 -------- d-----w- c:\program files\AVG Secure Search
2012-02-15 06:01:48 -------- d-----w- c:\users\chad\appdata\local\{159B89F1-CFCA-4AAF-90BC-ECA5322D4AF6}
2012-02-15 06:01:38 -------- d-----w- c:\users\chad\appdata\local\{C10A84CF-CDC0-4F3B-82F8-7AB8C51300ED}
2012-02-15 02:50:29 -------- d-----w- c:\users\chad\appdata\local\{A20B7AD8-2D6D-4487-B2EA-4CE0DCBC0F0B}
2012-02-14 15:59:05 -------- d-----w- c:\users\chad\appdata\local\{73805E3A-CDF3-4C52-BCA3-6BEEACE0B2B9}
2012-02-13 22:50:12 -------- d-----w- c:\users\chad\appdata\local\{2FB8C6BA-ADF2-468C-A0A6-23B117B8303D}
2012-02-13 22:48:20 -------- d-----w- c:\users\chad\appdata\local\{DE177E0B-CD70-4B1B-A5A0-B57BB28E5F87}
2012-02-13 09:27:28 -------- d-----w- c:\users\chad\appdata\local\{938A15D2-0950-4C2C-82B5-537815CA3542}
2012-02-13 09:27:17 -------- d-----w- c:\users\chad\appdata\local\{06586431-A101-4082-8639-1D56F7573ABC}
2012-02-12 21:26:34 -------- d-----w- c:\users\chad\appdata\local\{32B4AEC3-4C35-4F0D-8F51-80C7AED90818}
2012-02-12 21:24:55 -------- d-----w- c:\users\chad\appdata\local\{FA6C923C-8447-48B0-8178-4B5BB9B7085D}
2012-02-12 06:48:25 -------- d-----w- c:\users\chad\appdata\local\{88C99528-C095-42CC-AB04-D05C7A79173A}
2012-02-12 06:45:51 -------- d-----w- c:\users\chad\appdata\local\{5BE553D2-A7CD-4E7F-BD95-1F18DB113A59}
2012-02-11 18:18:24 -------- d-----w- c:\users\chad\appdata\local\{F846F044-121D-417E-ADBC-D6F8966B50BA}
2012-02-10 19:03:03 -------- d-----w- c:\users\chad\appdata\local\{7766EB66-18DC-4B83-94A6-1D8E68C7F184}
2012-02-10 19:01:19 -------- d-----w- c:\users\chad\appdata\local\{6887B061-9750-4035-ADF5-022B1E23FD5C}
2012-02-10 05:11:57 -------- d-----w- c:\users\chad\appdata\local\{9FB589B7-F73D-4D25-9522-09C070C63489}
2012-02-10 05:11:46 -------- d-----w- c:\users\chad\appdata\local\{975458F9-9C79-4535-AC9D-F78BD1B8073A}
2012-02-10 04:55:40 -------- d-----w- c:\program files\TelevisionFanaticEI
2012-02-09 17:10:55 -------- d-----w- c:\users\chad\appdata\local\{3E38C97C-3CAB-4C25-8E51-B2E049BB8E2B}
2012-02-09 17:09:12 -------- d-----w- c:\users\chad\appdata\local\{624EB4B4-5032-4CF1-BE08-32144DC19BA5}
2012-02-08 08:22:57 -------- d-----w- c:\users\chad\appdata\local\{42E2BE4B-73EB-4979-A361-C71A8F1DA8F0}
2012-02-08 08:22:44 -------- d-----w- c:\users\chad\appdata\local\{CE63904D-DCFB-4692-A28D-5B5D2E3CAEF6}
2012-02-07 20:21:36 -------- d-----w- c:\users\chad\appdata\local\{86403476-440D-4F83-8FA6-C60BA661DD3B}
2012-02-07 20:19:58 -------- d-----w- c:\users\chad\appdata\local\{43484A4E-ABD2-4E63-B40D-CD1E3FA60122}
2012-02-07 20:14:46 -------- d-----w- c:\users\chad\appdata\local\{5BF4FC25-8B01-4C44-94F9-0F404E3809BD}
2012-02-07 17:27:07 -------- d-----w- c:\users\chad\appdata\local\{2B5AA606-6E73-4CDB-983B-7DFA41891754}
2012-02-07 05:26:53 -------- d-----w- c:\users\chad\appdata\local\{5753129D-323E-486A-B540-00632DE9A8AF}
2012-02-07 05:26:43 -------- d-----w- c:\users\chad\appdata\local\{C2FF6877-E5CE-4DB0-AECB-3F80A79CF61E}
.
==================== Find3M ====================
.
2012-03-06 03:34:35 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-26 06:56:29 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-02-23 14:18:36 237072 ------w- c:\windows\system32\MpSigStub.exe
2011-12-14 03:04:54 1798656 ----a-w- c:\windows\system32\jscript9.dll
2011-12-14 02:57:18 1127424 ----a-w- c:\windows\system32\wininet.dll
2011-12-14 02:56:58 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-12-14 02:50:04 2382848 ----a-w- c:\windows\system32\mshtml.tlb
.
============= FINISH: 15:32:50.26 ===============



.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Basic
Boot Device: \Device\HarddiskVolume1
Install Date: 9/4/2009 7:29:37 PM
System Uptime: 3/7/2012 3:08:19 PM (0 hours ago)
.
Motherboard: ASUSTek Computer INC. | | IVY8
Processor: AMD Sempron(tm) Processor LE-1250 | Socket AM2 | 2200/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 140 GiB total, 62.258 GiB free.
D: is FIXED (NTFS) - 9 GiB total, 1.092 GiB free.
E: is CDROM ()
F: is CDROM ()
G: is Removable
H: is Removable
I: is Removable
J: is Removable
K: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
32 Bit HP CIO Components Installer
Acrobat.com
Activation Assistant for the 2007 Microsoft Office suites
Ad-Aware
Adobe AIR
Adobe Flash Player 10 Plugin
Adobe Flash Player 11 ActiveX
Adobe Reader 9.5.0
Advertising Center
aioprnt
AOL Instant Messenger
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft MediaImpression 2
ArcSoft Panorama Maker 4
ArcSoft Photo Book Screen Saver
ArcSoft PhotoStudio Darkroom 2
ArcSoft Print Creations
ArcSoft Print Creations - Brochures & Flyers
ArcSoft RAW Thumbnail Viewer
ArcSoft Scan-n-Stitch Deluxe
AVG 2011
Bing Bar
Bloxxi version 1.01
Bonjour
BufferChm
Cards_Calendar_OrderGift_DoMorePlugout
CCScore
Compaq Demo
Compatibility Pack for the 2007 Office system
Coupon Printer for Windows
D110
D3DX10
Destinations
DeviceDiscovery
DVD Play
DVD Shrink 3.2
EarthLink Access Software
EarthLink Common Authentication
EarthLink Simple Switch
EarthLink Toolbar
ESSBrwr
ESSCDBK
ESScore
ESSgui
ESSini
ESSPCD
ESSPDock
ESSSONIC
ESSTOOLS
essvatgt
Farm Frenzy 3 - Russian Roulette
fflink
FrostWire 4.21.2
GPBaseService2
Hardware Diagnostic Tools
Hewlett-Packard Active Check
Hewlett-Packard Asset Agent for Health Check
High-Definition Video Playback 10
HijackThis 1.99.1
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Customer Experience Enhancements
HP Customer Feedback
HP Customer Participation Program 14.0
HP Easy Setup - Frontend
HP Imaging Device Functions 14.0
HP On-Screen Cap/Num/Scroll Lock Indicator
HP Photo Creations
HP Photosmart D110 All-In-One Driver Software 14.0 Rel. 7
HP Photosmart Essential 2.5
HP Smart Web Printing 4.60
HP Solution Center 14.0
HP Update
HPAppStudio
HPDiagnosticAlert
HPPhotoGadget
HPPhotoSmartPhotobookWebPack1
HPProductAssistant
HPSSupply
ImagXpress
iMesh
Java Auto Updater
Java(TM) 6 Update 31
Java(TM) SE Runtime Environment 6 Update 1
Junk Mail filter update
kgcbaby
kgcbase
kgchday
kgchlwn
kgcinvt
kgckids
kgcmove
kgcvday
Kodak EasyShare software
LightScribe System Software
Malwarebytes Anti-Malware version 1.60.1.1000
MarketResearch
Marooned
Matchmaker - Joining Hearts
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access database engine 2007 (English)
Microsoft Office Click-to-Run 2010
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Primary Interoperability Assemblies 2005
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable - KB2467175
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable Package
Microsoft Works
Microsoft XML Parser
Monopoly by Parker Brothers
MP3 Rocket
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero 10 Menu TemplatePack Basic
Nero 10 Movie ThemePack Basic
Nero 9 Lite
Nero BackItUp 10 Help (CHM)
Nero BurningROM 10 Help (CHM)
Nero BurnRights 10
Nero BurnRights 10 Help (CHM)
Nero Control Center 10
Nero ControlCenter
Nero ControlCenter 10 Help (CHM)
Nero Core Components 10
Nero CoverDesigner 10
Nero CoverDesigner 10 Help (CHM)
Nero DiscCopy Gadget 10
Nero DiscCopyGadget 10 Help (CHM)
Nero DiscSpeed 10 Help (CHM)
Nero Dolby Files 10
Nero Express 10 Help (CHM)
Nero InfoTool 10 Help (CHM)
Nero Installer
Nero MediaHub 10 Help (CHM)
Nero Multimedia Suite 10
Nero Online Upgrade
Nero Recode 10 Help (CHM)
Nero RescueAgent 10 Help (CHM)
Nero SoundTrax 10 Help (CHM)
Nero StartSmart
Nero StartSmart 10 Help (CHM)
Nero Update
Nero Vision 10 Help (CHM)
Nero WaveEditor 10
Nero WaveEditor 10 Help (CHM)
neroxml
netbrdg
Network
NTI Backup Now 5.5
NTI Digital Flix 2.5.0.4
NTI Media Maker 9 Premium
NVIDIA Drivers
OfotoXMI
OGA Notifier 2.0.0048.0
PowerDirector
PreReq
PS_AIO_07_D110_SW_Min
PSSWCORE
Python 2.5
QuickTime
QuickTransfer
Realtek High Definition Audio Driver
Royal Envoy
Scan
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Segoe UI
SFR
SHASTA
Shop for HP Supplies
skin0001
SKINXSDK
SmartWebPrinting
Soft Data Fax Modem with SmartCP
SolutionCenter
Spybot - Search & Destroy
staticcr
Status
The Inquisitor
Toolbox
tooltips
TrayApp
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VideoToolkit01
Viewpoint Media Player
VPRINTOL
WavePad Sound Editor
WeatherBug Gadget
WebReg
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinRAR 4.01 (32-bit)
WIRELESS
Yahoo! Install Manager
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
.
==== Event Viewer Messages From Past Week ========
.
3/7/2012 3:11:05 PM, Error: Service Control Manager [7022] - The Client Virtualization Handler service hung on starting.
3/7/2012 3:09:11 PM, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
3/7/2012 2:16:34 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.1.33 for the Network Card with network address 001FC62A116B has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
3/6/2012 5:47:57 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} to the user chad-PC\Admin SID (S-1-5-21-875617719-3315711752-3794647318-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
3/6/2012 4:53:22 PM, Error: Service Control Manager [7001] - The NVIDIA Display Driver Service service depends on the nvlddmkm service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
3/6/2012 4:35:03 PM, Error: Service Control Manager [7034] - The PremierOpinion service terminated unexpectedly. It has done this 1 time(s).
3/6/2012 4:32:12 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Image Acquisition (WIA) service to connect.
3/6/2012 4:32:12 PM, Error: Service Control Manager [7000] - The Windows Image Acquisition (WIA) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
3/6/2012 3:05:47 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the QuestDns Service service to connect.
3/6/2012 3:04:15 PM, Error: EventLog [6008] - The previous system shutdown at 7:33:40 AM on 3/6/2012 was unexpected.
3/4/2012 2:32:26 PM, Error: cdrom [11] - The driver detected a controller error on \Device\CdRom1.
2/29/2012 10:08:02 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {A47979D2-C419-11D9-A5B4-001185AD2B89} to the user chad-PC\chad SID (S-1-5-21-875617719-3315711752-3794647318-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
.
==== End Of File ===========================
RKBrumbelow
Active Member
 
Posts: 3
Joined: March 7th, 2012, 4:21 pm
Advertisement
Register to Remove

Re: Unexpected Display Color Depth Change

Unread postby maxi » March 8th, 2012, 8:10 am

Hello RKBrumbelow,

Welcome to the forum!

My name is maxi and I'll be helping you with any malware problems.

Currently I am working under the guidance of the MRU teachers and everything I post to you, must first be approved by them.
This additional review process can add some extra time to my responses, but I will post back with instructions for you as soon as possible.


Before we begin, please read and follow these important guidelines, so things will proceed smoothly.
  1. The instructions being given are for YOUR computer and system only!
    Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable!
  2. You must have Administrator rights, permissions for this computer.
  3. DO NOT run any other fix or removal tools unless instructed to do so!
  4. DO NOT install any other software (or hardware) during the cleaning process. This adds more items to be researched.
  5. Only post your problem at (1) one help site. Applying fixes from multiple help sites can cause problems.
  6. Print each set of instructions if possible - your Internet connection will not be available during some fix processes.
  7. Only reply to this thread, do not start another one. Please, continue responding, until I give you the "All Clean!"
    Absence of symptoms does not mean that everything is clear.

I am currently reviewing your log and will return, as soon as possible, with additional instructions. In the meantime...
Please take time to read the Malware Removal Forum Guidelines and Rules where the conditions for receiving help at this forum are explained.

Please read all instructions carefully before executing and perform the steps, in the order given.
lf, you have any questions or problems, executing these instructions, <<STOP>> do not proceed, post back with the question or problem.

Regards maxi :)
User avatar
maxi
Retired Graduate
 
Posts: 1262
Joined: September 25th, 2009, 10:17 am
Location: Cork, Ireland.

Re: Unexpected Display Color Depth Change

Unread postby RKBrumbelow » March 8th, 2012, 1:18 pm

Thank you Maxi,
I await your insight and instruction.
RKBrumbelow
Active Member
 
Posts: 3
Joined: March 7th, 2012, 4:21 pm

Re: Unexpected Display Color Depth Change

Unread postby maxi » March 11th, 2012, 4:53 pm

Hi RKBrumbelow,

Remove P2P Programs

  • I notice there are signs of one or more P2P (Person to Person) File Sharing Programs on your computer.

    FrostWire 4.21.2

  • Please read the Guidelines for P2P Programs where we explain why it's not a good idea to have them.
  • Note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares.

  • Click on Start > All programs > Accessories > Run.
  • In the open text box copy/paste appwiz.cpl Then click Ok.
  • Uninstall the programs listed above (in red) and any other P2P you have installed NOW.
  • Take care when answering any questions posed by an uninstaller. Some questions may be worded to deceive you into keeping the program.

In your next reply please include:
A fresh DDS log (after the removal of the p2p program)

Regards maxi :)
User avatar
maxi
Retired Graduate
 
Posts: 1262
Joined: September 25th, 2009, 10:17 am
Location: Cork, Ireland.

Re: Unexpected Display Color Depth Change

Unread postby RKBrumbelow » March 14th, 2012, 12:26 am

Maxi, Sorry for the delay in getting you the new scan results. Had some family issues come up. It will be a few more hours before I can rerun the test, but you will have them today.

Thank you again.
RKBrumbelow
Active Member
 
Posts: 3
Joined: March 7th, 2012, 4:21 pm

Re: Unexpected Display Color Depth Change

Unread postby maxi » March 14th, 2012, 11:55 am

No problem, Thanks for the update :)
User avatar
maxi
Retired Graduate
 
Posts: 1262
Joined: September 25th, 2009, 10:17 am
Location: Cork, Ireland.

Re: Unexpected Display Color Depth Change

Unread postby deltalima » March 16th, 2012, 3:17 pm

Due to a lack of response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 41 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware