DDS File
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31
Run by Dad at 23:35:35 on 2012-07-25
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.2558.384 [GMT -4:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\rundll32.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\I8kfanGUI\I8kfanGUI.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Citrix\GoToAssist Express Expert\363\g2ax_start.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Citrix\GoToAssist Express Expert\363\g2ax_comm_expert.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Citrix\GoToAssist Express Expert\363\g2ax_user_expert.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Nero\Update\NASvc.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\conhost.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.searchnu.com/406
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: H - No File
uURLSearchHooks: H - No File
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn0\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - c:\program files\avg\avg2012\avgdtiex.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\progra~1\search~1\datamngr\toolbar\searchqudtx.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Yontoo: {fd72061e-9fde-484d-a58a-0bab4151cad8} - c:\program files\yontoo\YontooIEClient.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn0\yt.dll
TB: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\progra~1\search~1\datamngr\toolbar\searchqudtx.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB: {687578B9-7132-4A7A-80E4-30EE31099E03} - No File
TB: {EBD898F8-FCF6-4694-BC3B-EABC7271EEB1} - No File
uRun: [i8kfangui] c:\program files\i8kfangui\I8kfanGUI.exe /startup
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [GoToAssist Express Expert] "c:\program files\citrix\gotoassist express expert\363\g2ax_start.exe" "/Trigger RunAtLogon"
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [RESTART_STICKY_NOTES] c:\windows\system32\StikyNot.exe
uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messenger\YahooMessenger.exe" -quiet
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NVHotkey] rundll32.exe c:\windows\system32\nvHotkey.dll,Start
mRun: [nwiz] nwiz.exe /install
mRun: [TrueImageMonitor.exe] "c:\program files\acronis\trueimagehome\TrueImageMonitor.exe"
mRun: [Acronis Scheduler2 Service] "c:\program files\common files\acronis\schedule2\schedhlp.exe"
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [EvtMgr6] c:\program files\logitech\setpointp\SetPoint.exe /launchGaming
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
StartupFolder: c:\users\dad\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\kodake~1.lnk - c:\program files\kodak\kodak easyshare software\bin\EasyShare.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office12\EXCEL.EXE/3000
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~1\office12\ONBttnIE.dll
IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - c:\program files\avg\avg2012\avgdtiex.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~1\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
TCP: DhcpNameServer = 192.168.11.1
TCP: Interfaces\{3B44AA32-4E3A-4B0C-B36E-972416B69767} : DhcpNameServer = 192.168.11.1
TCP: Interfaces\{F4587C63-D925-4209-AB90-0E4554E042E9} : DhcpNameServer = 192.168.11.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\dad\appdata\roaming\mozilla\firefox\profiles\febeprof.charlie\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.rr.com/
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=Z144&form ... 0111115&q=
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\progra~1\common~1\nero\browse~1\npBrowserPlugin.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\amazon\mp3 downloader\npAmazonMP3DownloaderPlugin.dll
FF - plugin: c:\program files\common files\oberon media\ncadapter\1.0.0.8\npapicomadapter.dll
FF - plugin: c:\program files\foxit software\foxit reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.0.61118.0\npctrlui.dll
FF - plugin: c:\program files\retrogamer_4wei\installr\1.bin\NP4wEISb.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_265.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
FF - user.js: extensions.autoDisableScopes - 14
.
.
FF - user.js: extentions.y2layers.installId - b22580ad-cd3a-48bc-8cbf-f23a57b8fc6b
FF - user.js: extentions.y2layers.defaultEnableAppsList - twittube,ezLooker,pagerage,buzzdock,toprelatedtopics
.
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 24896]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-1-31 31952]
R0 vididr;Acronis Virtual Disk;c:\windows\system32\drivers\vididr.sys [2011-12-20 125472]
R0 vidsflt53;Acronis Disk Storage Filter (53);c:\windows\system32\drivers\vsflt53.sys [2011-12-20 83392]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-2-22 235216]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-12-23 41040]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-3-19 301248]
R1 fanio;FanIO driver;c:\windows\system32\drivers\fanio.sys [2011-12-22 14464]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-1-3 63928]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\avgidsagent.exe [2012-7-4 5160568]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2012-2-14 193288]
R2 NAUpdate;Nero Update;c:\program files\nero\update\NASvc.exe [2011-11-25 687400]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2012-2-23 1153368]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 139856]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [2011-12-23 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 17232]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-13 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2012-6-23 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2012-3-8 1492840]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-5-3 113120]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504]
S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-12-21 52224]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-8-12 1343400]
S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]
.
=============== Created Last 30 ================
.
2012-07-25 17:35:38 -------- d-----w- c:\users\dad\appdata\local\{A77D68F9-609F-4D3C-84E5-774ACCC6F2A0}
2012-07-25 17:35:16 -------- d-----w- c:\users\dad\appdata\local\{F321FCAD-FF1A-413A-8676-8F9B3AC4AF35}
2012-07-25 04:23:26 -------- d-----w- c:\users\dad\appdata\local\{D6285447-177A-40F5-91BC-1233FED0E4CA}
2012-07-24 16:22:55 -------- d-----w- c:\users\dad\appdata\local\{B6839429-4311-4AA2-83CB-D8C53DE6649C}
2012-07-24 16:22:42 -------- d-----w- c:\users\dad\appdata\local\{AEA9869E-EE3B-4637-AA37-23CB8C6D76B2}
2012-07-24 04:20:18 -------- d-----w- c:\users\dad\appdata\local\{EDF7901D-5191-44B0-B721-9722E8C9F259}
2012-07-24 04:20:06 -------- d-----w- c:\users\dad\appdata\local\{598647B2-C269-477C-8AC5-47086B9F877A}
2012-07-24 02:02:10 -------- d-----w- c:\users\dad\appdata\local\Ilivid Player
2012-07-24 01:59:27 -------- d-----w- c:\programdata\boost_interprocess
2012-07-23 23:36:25 -------- d-----w- c:\users\dad\appdata\local\CRE
2012-07-23 23:36:06 -------- d-----w- c:\program files\Conduit
2012-07-23 23:36:03 -------- d-----w- c:\users\dad\appdata\local\Conduit
2012-07-23 23:22:17 -------- d-----w- c:\program files\Yontoo
2012-07-23 23:21:29 -------- d-----w- c:\program files\1ClickDownload
2012-07-23 23:17:58 -------- d-----w- c:\program files\wxDownload Fast
2012-07-23 23:17:57 -------- d-----w- c:\programdata\Premium
2012-07-23 23:17:48 -------- d-----w- c:\programdata\WxDFastUpdater
2012-07-23 23:16:40 -------- d-----w- c:\programdata\InstallMate
2012-07-23 16:19:28 -------- d-----w- c:\users\dad\appdata\local\{B6313C20-6E86-4388-8449-A65292DB8E02}
2012-07-23 16:19:15 -------- d-----w- c:\users\dad\appdata\local\{CE2601C9-B3DA-4CC2-BE17-A79238A54B3A}
2012-07-23 16:13:22 -------- d-----w- c:\program files\RobotBoom_60EI
2012-07-23 04:18:36 -------- d-----w- c:\users\dad\appdata\local\{306C2CB3-E380-41B9-95FF-31648262D41E}
2012-07-22 16:17:42 -------- d-----w- c:\users\dad\appdata\local\{2199E04E-482F-4187-A58E-86FC94A3651F}
2012-07-22 04:17:17 -------- d-----w- c:\users\dad\appdata\local\{B1D1277E-BE7D-427A-B03E-2045C9162A14}
2012-07-21 16:22:42 -------- d-----w- c:\users\dad\appdata\local\Nero_AG
2012-07-21 16:21:47 -------- d-----w- c:\users\dad\appdata\local\Nero
2012-07-21 16:18:55 -------- d-----w- c:\program files\Nero
2012-07-21 16:18:00 -------- d-----w- c:\programdata\Nero
2012-07-21 16:16:39 -------- d-----w- c:\users\dad\appdata\local\{4B400713-A274-4038-AA26-1F798210C616}
2012-07-21 16:16:20 -------- d-----w- c:\users\dad\appdata\local\{829D06E3-67F6-464F-9A4E-AFCC434CC630}
2012-07-21 16:04:56 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2012-07-21 16:04:35 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2012-07-21 16:04:10 470880 ----a-w- c:\windows\system32\d3dx10_43.dll
2012-07-21 16:03:36 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2012-07-21 16:03:04 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
2012-07-21 16:02:20 4379984 ----a-w- c:\windows\system32\D3DX9_40.dll
2012-07-21 16:01:13 1868128 ----a-w- c:\windows\system32\d3dcsx_43.dll
2012-07-21 15:59:42 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll
2012-07-21 15:58:54 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2012-07-21 15:57:57 3497832 ----a-w- c:\windows\system32\d3dx9_34.dll
2012-07-17 18:43:36 -------- d-----w- c:\users\dad\appdata\local\{624A0B98-F388-4FB5-B920-F54A0AE52CA4}
2012-07-17 18:43:13 -------- d-----w- c:\users\dad\appdata\local\{7F742AD6-2969-4B8B-92AB-177CDA3674E0}
2012-07-16 11:47:21 -------- d-----w- c:\users\dad\appdata\local\{79FB95C0-FCD4-4288-AF3B-9A461FE9F451}
2012-07-15 23:46:50 -------- d-----w- c:\users\dad\appdata\local\{65C39CD0-4F95-41AD-A83C-93F5CB598A75}
2012-07-15 11:45:46 -------- d-----w- c:\users\dad\appdata\local\{B86F3CBA-DC3D-4FB5-83D8-E1752855920D}
2012-07-14 23:44:33 -------- d-----w- c:\users\dad\appdata\local\{0311955A-011F-423B-A71B-81477B9F14A2}
2012-07-14 11:44:08 -------- d-----w- c:\users\dad\appdata\local\{1D235B01-C8BC-4B56-A1D7-0ED7C22ED457}
2012-07-13 23:43:11 -------- d-----w- c:\users\dad\appdata\local\{D4935920-CF01-4E7E-A084-E3E766D82725}
2012-07-13 11:41:58 -------- d-----w- c:\users\dad\appdata\local\{493996EA-1EDF-4C4E-B05F-E4DB76AC2015}
2012-07-13 11:41:47 -------- d-----w- c:\users\dad\appdata\local\{C946B5CD-6B73-4619-88A2-CE16EB27A48E}
2012-07-12 23:41:20 -------- d-----w- c:\users\dad\appdata\local\{AEB28F79-47A4-4B0E-ABB3-C4880E1D04C1}
2012-07-12 11:40:16 -------- d-----w- c:\users\dad\appdata\local\{2EFB0560-1AF3-4824-B797-DC57E9136228}
2012-07-11 23:39:15 -------- d-----w- c:\users\dad\appdata\local\{BF68EB17-F548-4C52-BC59-68DEAA2B5E8E}
2012-07-11 23:39:03 -------- d-----w- c:\users\dad\appdata\local\{7380E6E6-F55E-4BE8-A9E4-DD91615989D9}
2012-07-11 11:38:33 -------- d-----w- c:\users\dad\appdata\local\{C93E859A-E638-4E77-88CF-524B6ED1DCE9}
2012-07-11 11:38:18 -------- d-----w- c:\users\dad\appdata\local\{A2B0BDF8-6AB5-4772-BE8D-254BC2370C99}
2012-07-10 23:37:47 -------- d-----w- c:\users\dad\appdata\local\{59C38A7D-C6E7-4E89-BD1E-0731BE2BFC21}
2012-07-10 23:37:36 -------- d-----w- c:\users\dad\appdata\local\{5E680B55-E491-43E9-A36B-0737F18FE46B}
2012-07-10 22:19:05 -------- d-----w- c:\program files\common files\Blizzard Entertainment
2012-07-10 22:18:53 -------- d-----w- c:\programdata\Blizzard Entertainment
2012-07-10 11:37:05 -------- d-----w- c:\users\dad\appdata\local\{2784A28E-A653-4AD1-9301-153A4C90FD29}
2012-07-10 11:36:52 -------- d-----w- c:\users\dad\appdata\local\{09087DC1-F399-45CA-8889-1C83AF3F2BB9}
2012-07-09 23:36:09 -------- d-----w- c:\users\dad\appdata\local\{F6E7394C-3453-4D12-B829-DD5B191EE0C2}
2012-07-09 23:35:48 -------- d-----w- c:\users\dad\appdata\local\{E084C7BA-26E1-4525-9974-D8D6B7BF0365}
2012-07-09 11:34:55 -------- d-----w- c:\users\dad\appdata\local\{4FB4BF7C-4B07-41A9-B41E-D9E1CAD61AE5}
2012-07-09 11:34:44 -------- d-----w- c:\users\dad\appdata\local\{5C80CF8B-BD9D-4F13-B4FE-1B4DDE5DAB92}
2012-07-08 23:34:18 -------- d-----w- c:\users\dad\appdata\local\{7FA3F4F6-B43F-47DB-AE1F-E537B1704CC7}
2012-07-08 11:33:54 -------- d-----w- c:\users\dad\appdata\local\{AF67523D-9203-4A95-9716-4231BB128389}
2012-07-08 11:33:43 -------- d-----w- c:\users\dad\appdata\local\{23E0BACC-26DE-459F-B961-C69F8F0AAC83}
2012-07-07 23:33:16 -------- d-----w- c:\users\dad\appdata\local\{D7568DB3-299B-416A-BE4D-05088BAA0F83}
2012-07-07 11:32:52 -------- d-----w- c:\users\dad\appdata\local\{2D782D66-4819-4D22-971D-2F2CE0F9D0BF}
2012-07-06 23:31:52 -------- d-----w- c:\users\dad\appdata\local\{F449525A-A119-4D29-9833-E425A079E502}
2012-07-06 11:30:51 -------- d-----w- c:\users\dad\appdata\local\{AE8A6991-961B-4D2A-AD06-21231FE900B4}
2012-07-05 23:30:07 -------- d-----w- c:\users\dad\appdata\local\{43783025-A08B-4420-8E12-49F8505C46B7}
2012-07-05 11:29:41 -------- d-----w- c:\users\dad\appdata\local\{724667D3-B62C-42F0-89FE-130450FD40DB}
2012-07-04 23:28:45 -------- d-----w- c:\users\dad\appdata\local\{1A9E4DA8-A451-4FDF-BF86-79B377D1F8A7}
2012-07-04 23:28:31 -------- d-----w- c:\users\dad\appdata\local\{D6DD029E-474D-4A25-AB15-3C65AE8FAB23}
2012-07-04 19:25:59 -------- d-----w- c:\program files\iTunes
2012-07-04 19:25:59 -------- d-----w- c:\program files\iPod
2012-07-04 19:21:10 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll
2012-07-04 19:21:10 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll
2012-07-04 19:21:10 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll
2012-07-04 19:21:10 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll
2012-07-04 19:21:10 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll
2012-07-04 19:21:10 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll
2012-07-04 19:21:10 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll
2012-07-04 11:28:05 -------- d-----w- c:\users\dad\appdata\local\{138A25DE-B9F3-42E9-9CB4-060BC53F10DA}
2012-07-03 23:27:41 -------- d-----w- c:\users\dad\appdata\local\{D3D12D47-A4A4-4257-AAE4-495754F10A41}
2012-07-03 11:26:52 -------- d-----w- c:\users\dad\appdata\local\{D6044834-AA31-4B8A-9408-80597DD3B5B6}
2012-07-02 23:25:38 -------- d-----w- c:\users\dad\appdata\local\{24BFDAF3-1F8A-41AA-B938-2F938C584995}
2012-07-02 11:25:00 -------- d-----w- c:\users\dad\appdata\local\{584CF7FB-FD14-4895-818C-142F702ECBD1}
2012-07-01 23:24:35 -------- d-----w- c:\users\dad\appdata\local\{960A6577-1403-4C16-BE05-FF1CE707E739}
2012-07-01 11:23:31 -------- d-----w- c:\users\dad\appdata\local\{9E04C4F8-2EEF-448D-B996-99CDEBE47B62}
2012-07-01 11:23:20 -------- d-----w- c:\users\dad\appdata\local\{460D4579-8CA8-4F99-A82F-399CA942738C}
2012-06-30 23:22:36 -------- d-----w- c:\users\dad\appdata\local\{631E9E3C-5CF0-4A38-AFE4-A14FF01FBEE6}
2012-06-30 11:22:11 -------- d-----w- c:\users\dad\appdata\local\{7C9F22A1-850A-4EEE-AA07-7D036512149F}
2012-06-30 11:21:57 -------- d-----w- c:\users\dad\appdata\local\{FC457680-3701-4C1D-8975-E169B3748177}
2012-06-29 23:19:41 -------- d-----w- c:\users\dad\appdata\local\{2E6BA506-FAFE-4E57-8D61-01F2B4EDEE18}
2012-06-29 11:19:09 -------- d-----w- c:\users\dad\appdata\local\{08DA4092-BBF7-4637-9F32-12411A5BA7DD}
2012-06-28 23:18:15 -------- d-----w- c:\users\dad\appdata\local\{40A23E2F-EB5B-42EE-84C3-8CC7689CD130}
2012-06-28 11:17:07 -------- d-----w- c:\users\dad\appdata\local\{7B62E1EB-1469-4ACC-A39E-7F64B9283F41}
2012-06-27 23:16:07 -------- d-----w- c:\users\dad\appdata\local\{78711C55-2423-460D-B192-E7F1910B07E8}
2012-06-27 23:15:55 -------- d-----w- c:\users\dad\appdata\local\{957A9122-AB8A-4E79-B3F8-CEE1C6886DE9}
2012-06-27 11:15:25 -------- d-----w- c:\users\dad\appdata\local\{1B9AA96F-FA3A-49E7-9E4B-A6AED632DD9D}
2012-06-26 23:14:19 -------- d-----w- c:\users\dad\appdata\local\{B398C61A-CD04-4742-980D-991443CD93A2}
2012-06-26 11:13:15 -------- d-----w- c:\users\dad\appdata\local\{B96166D9-C67F-4E32-974F-4746914E950C}
2012-06-26 11:13:04 -------- d-----w- c:\users\dad\appdata\local\{7B856668-4F68-4850-926E-42DE5CE1DB3B}
.
==================== Find3M ====================
.
2012-07-17 18:43:14 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-17 18:43:14 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-07-03 17:46:44 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-02 22:12:32 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:12:13 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 19:19:42 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 19:12:20 33792 ----a-w- c:\windows\system32\wuapp.exe
2011-12-22 18:44:36 447 ----a-w- c:\program files\1222201113443591.bat
.
============= FINISH: 23:37:21.64 ===============
Attach file:
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 8/12/2010 8:16:20 PM
System Uptime: 7/25/2012 9:05:29 PM (2 hours ago)
.
Motherboard: Dell Inc. | |
Processor: Intel(R) Core(TM)2 CPU T7200 @ 2.00GHz | Microprocessor | 1660/166mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 298 GiB total, 222.992 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Acronis True Image WD Edition
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.3)
Amazon MP3 Downloader 1.0.15
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft MediaImpression
ArcSoft Print Creations
ArcSoft Print Creations - Album Page
ArcSoft Print Creations - Funhouse
ArcSoft Print Creations - Greeting Card
ArcSoft Print Creations - Photo Book
ArcSoft Print Creations - Photo Calendar
ArcSoft Print Creations - Scrapbook
ArcSoft Print Creations - Slimline Card
AVG 2012
Bonjour
CCScore
CDBurnerXP
Conexant HDA D110 MDC V.92 Modem
Core Temp version 0.99.7
D3DX10
eReg
ESSBrwr
ESSCDBK
ESScore
ESSgui
ESSini
ESSPCD
ESSPDock
ESSTOOLS
essvatgt
Express Burn
FileZilla Client 3.5.3
Foxit Reader
GoToManage Expert 1.6.0.363
High-Definition Video Playback
I8kfanGUI V3.1
iTunes
Java Auto Updater
Java(TM) 6 Update 31
Junk Mail filter update
Kodak EasyShare software
Logitech SetPoint 6.32
Malwarebytes Anti-Malware version 1.62.0.1300
MEGA PIXEL DSC
Memorex exPressit Label Design Studio
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Mozilla Firefox 14.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero 11 Kwik Themes Basic
Nero Audio Pack 1
Nero Core Components 11
Nero Kwik Media
Nero Kwik Media Help (CHM)
Nero SharedVideoCodecs
Nero Update
nero.prerequisites.msi
netbrdg
NVIDIA Drivers
NVIDIA nView Desktop Manager
OfotoXMI
QuickTime
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
SFR
SHASTA
skin0001
SKINXSDK
SpeedFan (remove only)
Spybot - Search & Destroy
staticcr
TeamSpeak 3 Client
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2598306) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VPRINTOL
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WIRELESS
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
Yontoo 1.10.02
.
==== Event Viewer Messages From Past Week ========
.
7/25/2012 9:09:50 PM, Error: Microsoft-Windows-Smartcard-Server [610] - Smart Card Reader 'O2Micro CCID SC Reader 0' rejected IOCTL GET_STATE: The device has been removed. If this error persists, your smart card or reader may not be functioning correctly. Command Header: XX XX XX XX
7/25/2012 9:03:28 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
7/25/2012 9:03:27 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
7/25/2012 9:03:17 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
7/25/2012 9:03:09 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
7/25/2012 9:03:04 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Avgldx86 Avgmfx86 discache spldr Wanarpv6
7/25/2012 6:45:09 PM, Error: Microsoft-Windows-HAL [12] - The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.
7/25/2012 1:05:07 AM, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control.
.
==== End Of File ===========================