Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Cannot seem to shake this malware, major redirect issues

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Cannot seem to shake this malware, major redirect issues

Unread postby Christian1911 » August 9th, 2012, 7:04 pm

I have been having some big issues since I inadvertently downloaded ilivid. I thought I had gotten rid of it ages ago, but it managed to install searchqu, sweetim, babylon, the works. It got to the point where my laptop would rarely turn on and it would only stay on for maybe a few hours. I made enough of a dent to get it to run again, but i'm afraid of screwing something up by trying to get rid of the rest on my own, so I thought I'd ask for an experts assistance. Below are my two text results, thanks a lot



.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.1
Run by christian at 17:44:22 on 2012-08-09
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3836.975 [GMT -5:00]
.
AV: AVG Internet Security 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Internet Security 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: AVG Internet Security 2012 *Enabled* {621CC794-9486-F902-D092-0484E8EA828B}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2012\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_5ea32181aefd3364\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_5ea32181aefd3364\AESTSr64.exe
C:\Program Files (x86)\AVG\AVG2012\avgfws.exe
C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\SPLASH.SYS\config\DVMExportService.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskeng.exe
c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\christian\Downloads\SystemLook_x64 (1).exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
mStart Page = hxxp://www.google.com
mSearchAssistant = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=c0ebe55b000000000000002713867e29&tlver=1.4.19.19&affID=17160
uURLSearchHooks: H - No File
uURLSearchHooks: SweetIM ToolbarURLSearchHook Class: {eee6c35d-6118-11dc-9c72-001320c79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
uURLSearchHooks: H - No File
mURLSearchHooks: H - No File
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
BHO: SweetIM Toolbar Helper: {eee6c35c-6118-11dc-9c72-001320c79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: SweetIM Toolbar for Internet Explorer: {eee6c35b-6118-11dc-9c72-001320c79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
TB: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll
TB: !{472734EA-242A-422B-ADF8-83D1E48CC825} - No File
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}
{555d4d79-4bd2-4094-a395-cfc534424a05}
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [<NO NAME>]
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
IE: Search the Web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 208.180.42.68 208.180.42.100
TCP: Interfaces\{CBF7164C-7D40-4A46-B8ED-4D3ECF8BD8F5} : DhcpNameServer = 208.180.42.68 208.180.42.100
TCP: Interfaces\{CBF7164C-7D40-4A46-B8ED-4D3ECF8BD8F5}\2656C6B696E6E2231643 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{CBF7164C-7D40-4A46-B8ED-4D3ECF8BD8F5}\3434370234F66666565686F6573756 : DhcpNameServer = 68.105.28.12 68.105.29.11
TCP: Interfaces\{CBF7164C-7D40-4A46-B8ED-4D3ECF8BD8F5}\4586560294E6475627E65647 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{CBF7164C-7D40-4A46-B8ED-4D3ECF8BD8F5}\C696E6B6379737 : DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
TCP: Interfaces\{D6C84B92-85CA-4AFF-9A22-4297683D84CB} : DhcpNameServer = 208.180.42.68 208.180.42.100
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
BHO-X64: AVG Do Not Track - No File
BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll
BHO-X64: Searchqu Toolbar - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
BHO-X64: SweetIM Toolbar Helper: {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
BHO-X64: SWEETIE - No File
TB-X64: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB-X64: SweetIM Toolbar for Internet Explorer: {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
TB-X64: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll
TB-X64: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
mRun-x64: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun-x64: [(Default)]
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\christian\AppData\Roaming\Mozilla\Firefox\Profiles\l2mtc1je.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - about:blank
FF - prefs.js: keyword.URL - hxxp://dts.search-results.com/sr?src=ff ... 06&sr=0&q=
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
---- FIREFOX POLICIES ----
FF - user.js: google.toolbar.linkdoctor.enabled - false
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\system32\DRIVERS\avgidsha.sys --> C:\Windows\system32\DRIVERS\avgidsha.sys [?]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]
R1 Avgfwfd;AVG network filter service;C:\Windows\system32\DRIVERS\avgfwd6a.sys --> C:\Windows\system32\DRIVERS\avgfwd6a.sys [?]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]
R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]
R1 DVMIO;DVMIO;C:\SPLASH.SYS\config\dvmio.sys [2009-9-27 21624]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_5ea32181aefd3364\AESTSr64.exe [2010-2-11 89600]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG2012\avgfws.exe [2012-6-13 2321560]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [2012-7-4 5160568]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-2-14 193288]
R2 DvmMDES;DeviceVM Meta Data Export Service;C:\SPLASH.SYS\config\DVMExportService.exe [2009-7-8 323584]
R2 hpsrv;HP Service;C:\Windows\system32\Hpservice.exe --> C:\Windows\system32\Hpservice.exe [?]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-7-23 655944]
R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\avgidsdrivera.sys --> C:\Windows\system32\DRIVERS\avgidsdrivera.sys [?]
R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\avgidsfiltera.sys --> C:\Windows\system32\DRIVERS\avgidsfiltera.sys [?]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-6-25 135664]
S3 androidusb;ADB Interface Driver;C:\Windows\system32\Drivers\androidusb.sys --> C:\Windows\system32\Drivers\androidusb.sys [?]
S3 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-11-26 228408]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-6-25 135664]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-8-9 113120]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
.
=============== Created Last 30 ================
.
2012-08-09 18:56:11 -------- d-----w- C:\Users\christian\AppData\Roaming\AVG2012
2012-08-09 18:55:43 -------- d-----w- C:\Windows\SysWow64\drivers\AVG
2012-08-09 18:55:02 -------- d--h--w- C:\$AVG
2012-08-09 16:54:54 -------- d-----w- C:\Windows\pss
2012-08-09 11:20:52 -------- d-----w- C:\Users\christian\AppData\Local\HuluDesktop
2012-08-09 10:23:12 -------- d-----w- C:\Program Files (x86)\PC Tools
2012-08-09 10:12:50 251560 ----a-w- C:\Windows\System32\drivers\PCTSD64.sys
2012-08-09 10:12:50 -------- d-----w- C:\Program Files (x86)\Common Files\PC Tools
2012-08-09 10:11:41 -------- d-----w- C:\ProgramData\PC Tools
2012-08-09 10:11:38 -------- d-----w- C:\Users\christian\AppData\Roaming\TestApp
2012-08-09 09:30:18 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service
2012-08-09 09:30:02 68576 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
2012-08-09 09:30:02 573920 ----a-w- C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll
2012-08-09 09:30:02 157608 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice_installer.exe
2012-08-09 09:30:02 113120 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice.exe
2012-08-09 09:30:01 421200 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll
2012-08-09 09:30:00 770384 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll
2012-07-24 02:21:19 -------- d-----w- C:\Program Files\iPod
2012-07-24 02:21:18 -------- d-----w- C:\Program Files\iTunes
2012-07-24 02:21:18 -------- d-----w- C:\Program Files (x86)\iTunes
2012-07-24 01:43:18 -------- d-----w- C:\Program Files (x86)\Oracle
2012-07-24 01:42:33 772544 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2012-07-23 23:58:05 -------- d-----w- C:\ProgramData\AVG2012
2012-07-23 23:46:17 3148800 ----a-w- C:\Windows\System32\win32k.sys
2012-07-23 23:00:11 -------- d-----w- C:\Windows\System32\SPReview
2012-07-23 22:54:58 429056 ----a-w- C:\Windows\SysWow64\localsec.dll
2012-07-23 22:50:57 320352 ----a-w- C:\Windows\System32\PresentationHost.exe
2012-07-23 22:49:58 501248 ----a-w- C:\Windows\System32\WinSATAPI.dll
2012-07-23 22:48:58 624128 ----a-w- C:\Windows\System32\qedit.dll
2012-07-23 22:47:50 625664 ----a-w- C:\Windows\System32\mscms.dll
2012-07-23 22:47:28 13312 ----a-w- C:\Windows\System32\C_ISCII.DLL
2012-07-23 22:47:04 780800 ----a-w- C:\Windows\System32\ActionCenter.dll
2012-07-23 22:47:04 332288 ----a-w- C:\Windows\System32\hgcpl.dll
2012-07-23 22:47:04 27136 ----a-w- C:\Windows\System32\HotStartUserAgent.dll
2012-07-23 22:47:04 232448 ----a-w- C:\Windows\System32\ListSvc.dll
2012-07-23 22:47:04 187904 ----a-w- C:\Windows\System32\provsvc.dll
2012-07-23 22:47:03 549888 ----a-w- C:\Windows\System32\ActionCenterCPL.dll
2012-07-23 20:14:56 -------- d-----w- C:\Windows\System32\EventProviders
2012-07-23 20:08:29 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-07-23 20:08:28 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-07-23 20:08:26 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-07-23 20:08:24 3216384 ----a-w- C:\Windows\System32\msi.dll
2012-07-23 20:08:23 2342400 ----a-w- C:\Windows\SysWow64\msi.dll
2012-07-23 20:08:12 209920 ----a-w- C:\Windows\System32\profsvc.dll
2012-07-23 20:06:22 1499136 ----a-w- C:\Program Files\Common Files\System\ado\msado15.dll
2012-07-23 20:06:22 1019904 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msado15.dll
2012-07-23 20:06:21 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll
2012-07-23 20:06:21 495616 ----a-w- C:\Program Files\Common Files\System\ado\msadox.dll
2012-07-23 20:06:21 466944 ----a-w- C:\Program Files\Common Files\System\ado\msadomd.dll
2012-07-23 20:06:21 258048 ----a-w- C:\Program Files\Common Files\System\msadc\msadco.dll
2012-07-23 20:06:20 61440 ----a-w- C:\Program Files\Common Files\System\ado\msador15.dll
2012-07-23 20:06:20 57344 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msador15.dll
2012-07-23 20:06:20 372736 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadox.dll
2012-07-23 20:06:20 352256 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadomd.dll
2012-07-23 20:06:20 212992 ----a-w- C:\Program Files (x86)\Common Files\System\msadc\msadco.dll
2012-07-23 20:06:20 143360 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msjro.dll
2012-07-23 20:06:19 1133568 ----a-w- C:\Windows\System32\cdosys.dll
2012-07-23 20:05:45 1462272 ----a-w- C:\Windows\System32\crypt32.dll
2012-07-23 20:05:45 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll
2012-07-23 20:05:44 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2012-07-23 20:05:44 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2012-07-23 20:05:44 140288 ----a-w- C:\Windows\System32\cryptnet.dll
2012-07-23 20:05:44 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2012-07-23 19:54:33 -------- d-sh--w- C:\found.000
2012-07-23 19:41:28 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-07-23 19:40:52 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-07-23 19:40:25 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-07-23 19:40:25 186752 ----a-w- C:\Windows\System32\wuwebv.dll
.
==================== Find3M ====================
.
2012-07-23 23:15:51 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2012-07-23 23:15:50 175616 ----a-w- C:\Windows\System32\msclmd.dll
2012-07-06 03:06:20 687544 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-07-03 18:46:44 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-06-06 06:06:16 2004480 ----a-w- C:\Windows\System32\msxml6.dll
2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll
2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll
2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2012-06-02 12:12:17 2311680 ----a-w- C:\Windows\System32\jscript9.dll
2012-06-02 12:05:28 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-06-02 12:04:50 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-06-02 12:01:40 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-06-02 11:57:08 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-06-02 08:33:25 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-06-02 08:25:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-06-02 08:25:03 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-06-02 08:20:33 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-06-02 08:16:52 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys
2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll
2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll
2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
.
============= FINISH: 17:45:11.44 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 6/22/2010 10:25:28 AM
System Uptime: 8/9/2012 1:57:48 PM (4 hours ago)
.
Motherboard: Hewlett-Packard | | 3656
Processor: AMD Athlon(tm) Neo X2 Dual Core Processor L335 | Socket AM2/S1G2 | 1600/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 283 GiB total, 202.686 GiB free.
D: is FIXED (NTFS) - 15 GiB total, 2.394 GiB free.
E: is FIXED (FAT32) - 0 GiB total, 0.091 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: MAC Bridge Miniport
Device ID: ROOT\MS_BRIDGEMP\0000
Manufacturer: Microsoft
Name: MAC Bridge Miniport
PNP Device ID: ROOT\MS_BRIDGEMP\0000
Service: BridgeMP
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Virtual WiFi Miniport Adapter
Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&26B41892&0&01
Manufacturer: Microsoft
Name: Microsoft Virtual WiFi Miniport Adapter
PNP Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&26B41892&0&01
Service: vwifimp
.
==== System Restore Points ===================
.
RP147: 7/25/2012 1:53:58 PM - Windows Update
RP148: 8/2/2012 3:02:17 PM - Windows Update
RP149: 8/8/2012 3:00:14 AM - Windows Update
RP150: 8/9/2012 3:00:32 AM - Windows Update
RP151: 8/9/2012 4:46:41 AM - Removed Ask Toolbar.
RP152: 8/9/2012 5:31:05 AM - Removed Bonjour
RP153: 8/9/2012 5:33:13 AM - Removed Apple Mobile Device Support
RP154: 8/9/2012 10:22:27 AM - Removed SweetIM for Messenger 3.6
RP155: 8/9/2012 10:52:40 AM - Removed Norton Online Backup
RP156: 8/9/2012 10:54:58 AM - Removed Windows Live Sync
RP157: 8/9/2012 10:57:29 AM - Removed AVG 2012
RP158: 8/9/2012 10:59:27 AM - Removed AVG 2012
RP159: 8/9/2012 11:00:30 AM - Removed Visual Studio 2008 x64 Redistributables
RP160: 8/9/2012 11:45:52 AM - Windows Update
RP161: 8/9/2012 11:47:25 AM - Windows Update
RP162: 8/9/2012 1:42:22 PM - Removed Facebook Video Calling 1.2.0.159
RP163: 8/9/2012 1:53:56 PM - Installed AVG 2012
RP164: 8/9/2012 1:54:27 PM - Installed AVG 2012
RP165: 8/9/2012 2:53:43 PM - Removed SweetIM for Messenger 3.6
RP166: 8/9/2012 3:00:35 PM - Removed SweetIM Toolbar for Internet Explorer 4.2
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Acrobat.com
ActiveCheck component for HP Active Support Library
Adobe AIR
Adobe Reader 9.5.1
Adobe Shockwave Player
Adobe Shockwave Player 11.6
Alcor Micro USB Card Reader
AMD USB Filter Driver
Apple Application Support
Apple Software Update
Atheros Driver Installation Program
AVS Audio Editor version 6.1
AVS Update Manager 1.0
AVS4YOU Software Navigator 1.4
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Compatibility Pack for the 2007 Office system
CyberLink DVD Suite
DVD Menu Pack for HP MediaSmart Video
ESU for Microsoft Windows 7
GIMP 2.6.11
Google Chrome
Google Earth
Google Update Helper
HP Advisor
HP Customer Experience Enhancements
HP Games
HP MediaSmart Internet TV
HP MediaSmart Music/Photo/Video
HP MediaSmart SlingPlayer
HP MediaSmart Software Notebook Demo
HP MediaSmart Webcam
HP MediaSmart/TouchSmart Netflix
HP Quick Launch Buttons
HP QuickWeb
HP Setup
HP Support Assistant
HP Update
HP User Guides 0174
HP Wireless Assistant
HPAsset component for HP Active Support Library
IDT Audio
Java Auto Updater
Java(TM) 6 Update 20
Java(TM) 7 Update 5
JavaFX 2.1.1
Junk Mail filter update
LabelPrint
Malwarebytes Anti-Malware version 1.62.0.1300
Microsoft Choice Guard
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
Movie Theme Pack for HP MediaSmart Video
Mozilla Firefox 14.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
Norton Online Backup
Power2Go
PowerDirector
QLBCASL
QuickTime
Realtek Ethernet Controller Driver For Windows Vista and Later
Recovery Manager
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft Office 2007 suites (KB2596666) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition
Skype™ 4.2
Steam
swMSM
Team Fortress 2
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VC80CRTRedist - 8.0.50727.6195
Visual Studio 2008 x64 Redistributables
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
Windows Media Player Firefox Plugin
.
==== Event Viewer Messages From Past Week ========
.
8/9/2012 7:02:48 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running.
8/9/2012 7:02:48 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Computer Browser service, but this action failed with the following error: An instance of the service is already running.
8/9/2012 7:01:48 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Server service, but this action failed with the following error: An instance of the service is already running.
8/9/2012 7:00:48 AM, Error: Service Control Manager [7034] - The Application Information service terminated unexpectedly. It has done this 1 time(s).
8/9/2012 7:00:48 AM, Error: Service Control Manager [7031] - The Windows Update service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
8/9/2012 7:00:48 AM, Error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
8/9/2012 7:00:48 AM, Error: Service Control Manager [7031] - The User Profile Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
8/9/2012 7:00:48 AM, Error: Service Control Manager [7031] - The Themes service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
8/9/2012 7:00:48 AM, Error: Service Control Manager [7031] - The Task Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
8/9/2012 7:00:48 AM, Error: Service Control Manager [7031] - The System Event Notification Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
8/9/2012 7:00:48 AM, Error: Service Control Manager [7031] - The Shell Hardware Detection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
8/9/2012 7:00:48 AM, Error: Service Control Manager [7031] - The Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
8/9/2012 7:00:48 AM, Error: Service Control Manager [7031] - The Remote Desktop Configuration service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
8/9/2012 7:00:48 AM, Error: Service Control Manager [7031] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
8/9/2012 7:00:48 AM, Error: Service Control Manager [7031] - The IP Helper service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
8/9/2012 7:00:48 AM, Error: Service Control Manager [7031] - The IKE and AuthIP IPsec Keying Modules service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
8/9/2012 7:00:48 AM, Error: Service Control Manager [7031] - The Group Policy Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
8/9/2012 7:00:48 AM, Error: Service Control Manager [7031] - The Extensible Authentication Protocol service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
8/9/2012 7:00:48 AM, Error: Service Control Manager [7031] - The Computer Browser service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
8/9/2012 7:00:48 AM, Error: Service Control Manager [7031] - The Certificate Propagation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
8/9/2012 7:00:48 AM, Error: Service Control Manager [7031] - The Background Intelligent Transfer Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
8/9/2012 7:00:48 AM, Error: Service Control Manager [7031] - The Application Experience service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
8/9/2012 5:34:09 AM, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
8/9/2012 5:28:02 AM, Error: PCTCore [280] -
8/9/2012 5:00:00 AM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{CBF7164C-7D40-4A46-B8ED-4D3ECF8BD8F5} because another computer on the network has the same name. The server could not start.
8/9/2012 12:55:37 PM, Error: Service Control Manager [7001] - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
8/9/2012 12:53:59 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
8/9/2012 12:53:59 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
8/9/2012 12:53:59 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
8/9/2012 12:53:59 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
8/9/2012 12:53:59 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
8/9/2012 12:53:58 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
8/9/2012 12:53:52 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
8/9/2012 12:53:37 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD cdrom DfsC discache DVMIO NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf
8/9/2012 12:53:37 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service TermService with arguments "" in order to run the server: {F9A874B6-F8A8-4D73-B5A8-AB610816828B}
8/9/2012 12:53:36 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
8/9/2012 12:53:36 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
8/9/2012 12:53:36 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
8/9/2012 12:53:36 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
8/9/2012 12:53:36 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
8/9/2012 12:53:36 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
8/9/2012 12:53:36 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
8/9/2012 12:53:36 PM, Error: Service Control Manager [7001] - The Media Center Extender Service service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
8/9/2012 12:53:36 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
8/9/2012 12:53:36 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
8/9/2012 12:53:36 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
8/9/2012 12:36:14 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B68-F52A-11D8-B9A5-505054503030}
8/9/2012 11:48:17 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2667402).
8/9/2012 11:17:44 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Reboot the machine) after the unexpected termination of the Power service, but this action failed with the following error: A system shutdown has already been scheduled.
8/9/2012 11:17:44 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Reboot the machine) after the unexpected termination of the DCOM Server Process Launcher service, but this action failed with the following error: A system shutdown has already been scheduled.
8/9/2012 11:17:44 AM, Error: Service Control Manager [7031] - The Power service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Reboot the machine.
8/9/2012 11:17:44 AM, Error: Service Control Manager [7031] - The Plug and Play service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Reboot the machine.
8/9/2012 11:17:44 AM, Error: Service Control Manager [7031] - The DCOM Server Process Launcher service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Reboot the machine.
8/9/2012 1:58:52 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cdrom
8/9/2012 1:58:34 PM, Error: atikmdag [52236] - CPLIB :: General - Invalid Parameter
8/9/2012 1:23:05 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SysMain service.
8/9/2012 1:13:23 PM, Error: Service Control Manager [7034] - The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 3 time(s).
8/9/2012 1:12:36 PM, Error: Service Control Manager [7031] - The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
8/9/2012 1:11:24 PM, Error: Service Control Manager [7031] - The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
8/8/2012 9:54:04 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service.
8/8/2012 5:00:50 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
8/7/2012 4:22:27 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
.
==== End Of File ===========================
Christian1911
Active Member
 
Posts: 6
Joined: August 9th, 2012, 6:40 pm
Advertisement
Register to Remove

Re: Cannot seem to shake this malware, major redirect issues

Unread postby deltalima » August 10th, 2012, 2:41 am

User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 56 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware