My Internet Explorer has been being redirected for over a week. I thought I had fixed the problem, but it popped up again the other day. When I ran MalwareBytes it said it didn't find any threats but when I went to the quarantine section there were 25 all created on 9/12/12. Among the names listed were Trojan.Vundo, PUP.MyWebSearch, PUP.Funmoods Rogue.AntiVirus, and Adware.Minibug. I think these are the same things that I removed the first time I ran the program several days ago.
Here are my logs. Thanks in advance for your help.
Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org
Database version: v2012.09.15.05
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Cynthia :: CYNTHIA-PC [administrator]
9/17/2012 11:11:47 AM
mbam-log-2012-09-17 (11-11-47).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 186042
Time elapsed: 5 minute(s), 48 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2012-09-17 17:33:06
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 WDC_WD16 rev.04.0
Running: gmer.exe; Driver: C:\Users\Cynthia\AppData\Local\Temp\fxliafow.sys
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
---- EOF - GMER 1.0.15 ----
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421
Run by Cynthia at 17:34:20 on 2012-09-17
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2037.1134 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\real\realplayer\Update\realsched.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Users\Cynthia\AppData\Roaming\Spotify\spotify.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_11_4_402_265_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://my.yahoo.com/?_bc=1
uSearch Page =
uWindow Title = Internet Explorer, optimized for Bing and MSN
mStart Page = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
uInternet Settings,ProxyOverride = <local>
mSearchAssistant =
uURLSearchHooks: H - No File
mURLSearchHooks: H - No File
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\google\BAE.dll
BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [imscr] "c:\windows\system32\rundll32.exe" "c:\users\cynthia\appdata\roaming\imscr.dll",get_gAMA_fixed
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [Spotify] "c:\users\cynthia\appdata\roaming\spotify\Spotify.exe" /uri spotify:autostart
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [EKAIO2StatusMonitor] c:\windows\system32\spool\drivers\w32x86\3\EKAiO2MUI.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
StartupFolder: c:\users\cynthia\appdata\roaming\micros~1\windows\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
Trusted Zone: mlxchange.com\mfr
Trusted Zone: yahoo.com\cm.my
DPF: Microsoft XML Parser for Java - file:///C:/Windows/Java/classes/xmldso.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76 192.168.1.1
TCP: Interfaces\{0A283A52-1221-4105-ABD3-9F51AEF85DAC} : DhcpNameServer = 75.75.75.75 75.75.76.76 192.168.1.1
Notify: igfxcui - igfxdev.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2012-3-20 171064]
R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2009-1-16 214664]
R1 MpKsl7fac1549;MpKsl7fac1549;c:\programdata\microsoft\microsoft antimalware\definition updates\{5c42ac65-eac4-47f5-ac76-f8e2cbfb4b68}\MpKsl7fac1549.sys [2012-9-17 29904]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-9-11 21504]
R3 RTL8187;Trust USB WiFi Adapter;c:\windows\system32\drivers\rtl8187.sys [2007-2-14 288256]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-2-1 136176]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-2-1 136176]
S3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2009-1-16 79816]
S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2009-1-16 35272]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2009-1-16 34248]
S3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2009-1-16 40552]
S3 NETw2v32;Intel(R) PRO/Wireless 2200BG Network Connection Driver for Windows Vista;c:\windows\system32\drivers\NETw2v32.sys [2006-11-2 2589184]
S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2012-3-20 74112]
S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2012-3-26 214952]
S3 SWDUMon;SWDUMon;c:\windows\system32\drivers\SWDUMon.sys [2012-8-31 13024]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== File Associations ===============
.
scrfile="%1" /S "%3"
.
=============== Created Last 30 ================
.
2012-09-17 21:32:51 29904 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{5c42ac65-eac4-47f5-ac76-f8e2cbfb4b68}\MpKsl7fac1549.sys
2012-09-16 21:36:28 7022536 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{5c42ac65-eac4-47f5-ac76-f8e2cbfb4b68}\mpengine.dll
2012-09-16 15:44:01 -------- d-----w- c:\users\cynthia\appdata\local\Spotify
2012-09-16 15:42:32 -------- d-----w- c:\users\cynthia\appdata\roaming\Spotify
2012-09-16 15:41:57 -------- d-----w- c:\users\cynthia\appdata\local\Deployment
2012-09-16 15:41:57 -------- d-----w- c:\users\cynthia\appdata\local\Apps
2012-09-15 19:54:32 7022536 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2012-09-13 01:08:19 -------- d-----w- c:\program files\CCleaner
2012-09-12 19:23:03 -------- d-----w- c:\users\cynthia\appdata\roaming\Malwarebytes
2012-09-12 19:22:45 -------- d-----w- c:\programdata\Malwarebytes
2012-09-12 19:22:42 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-12 19:22:42 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-09-10 18:37:11 696520 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-09-10 18:37:10 73416 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-09-07 03:57:37 713784 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{7f0ccf80-75a9-46e1-9182-73b4e5928ae6}\gapaengine.dll
2012-09-07 03:49:51 -------- d-----w- c:\program files\Microsoft Security Client
2012-09-04 17:01:28 -------- d-----w- c:\program files\WinDirStat
2012-08-31 22:00:11 -------- d-----w- c:\program files\Defraggler
2012-08-31 21:35:46 288256 ----a-w- c:\windows\system\rtl8187.sys
2012-08-31 21:35:43 -------- d-----w- c:\program files\Trust USB WiFi Adapter Driver
2012-08-31 21:19:54 329752 ----a-w- c:\windows\system32\drivers\iaStor.sys
2012-08-31 21:03:52 1601024 ----a-w- c:\users\cynthia\appdata\roaming\imscr.dll
2012-08-31 20:56:13 -------- d-----w- c:\users\cynthia\appdata\local\Downloaded Installations
2012-08-31 19:55:11 -------- d-----w- c:\program files\IDT
2012-08-31 19:41:53 13024 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2012-08-31 19:41:44 -------- d-----w- c:\program files\SlimDrivers
2012-08-25 08:04:16 -------- d-----w- c:\program files\Windows Portable Devices
2012-08-25 07:32:05 5120 ----a-w- c:\windows\system32\wmi.dll
2012-08-25 07:32:05 172032 ----a-w- c:\windows\system32\wintrust.dll
2012-08-25 07:32:05 157696 ----a-w- c:\windows\system32\imagehlp.dll
2012-08-25 07:32:05 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-08-25 07:25:42 2047488 ----a-w- c:\windows\system32\win32k.sys
2012-08-23 13:12:02 914304 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-08-23 13:12:02 31232 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2012-08-23 13:12:01 1218048 ----a-w- c:\program files\windows journal\NBDoc.DLL
2012-08-23 13:12:00 983040 ----a-w- c:\program files\windows journal\JNTFiltr.dll
2012-08-23 13:12:00 964608 ----a-w- c:\program files\windows journal\JNWDRV.dll
2012-08-23 13:12:00 936960 ----a-w- c:\program files\common files\microsoft shared\ink\journal.dll
2012-08-23 13:12:00 1404928 ----a-w- c:\program files\common files\microsoft shared\ink\InkObj.dll
2012-08-23 13:11:59 47104 ----a-w- c:\program files\windows journal\PDIALOG.exe
2012-08-23 13:11:54 797696 ----a-w- c:\windows\system32\FntCache.dll
2012-08-23 13:11:53 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2012-08-23 13:10:10 984064 ----a-w- c:\windows\system32\crypt32.dll
2012-08-23 13:10:09 98304 ----a-w- c:\windows\system32\cryptnet.dll
2012-08-23 13:10:09 133120 ----a-w- c:\windows\system32\cryptsvc.dll
2012-08-23 13:09:54 69632 ----a-w- c:\windows\system32\Mpeg2Data.ax
2012-08-23 13:09:54 57856 ----a-w- c:\windows\system32\MSDvbNP.ax
2012-08-23 13:09:54 293376 ----a-w- c:\windows\system32\psisdecd.dll
2012-08-23 13:09:54 217088 ----a-w- c:\windows\system32\psisrndr.ax
2012-08-23 13:09:49 23552 ----a-w- c:\windows\system32\mciseq.dll
2012-08-23 13:09:49 189952 ----a-w- c:\windows\system32\winmm.dll
2012-08-23 13:09:46 623616 ----a-w- c:\windows\system32\localspl.dll
2012-08-23 13:09:04 1205064 ----a-w- c:\windows\system32\ntdll.dll
2012-08-23 13:08:44 429056 ----a-w- c:\windows\system32\EncDec.dll
2012-08-23 13:08:18 53120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-08-23 13:08:16 66560 ----a-w- c:\windows\system32\packager.dll
2012-08-23 13:08:13 376320 ----a-w- c:\windows\system32\winsrv.dll
2012-08-23 13:08:11 680448 ----a-w- c:\windows\system32\msvcrt.dll
2012-08-23 13:08:07 876032 ----a-w- c:\windows\system32\XpsPrint.dll
2012-08-23 13:06:38 1401856 ----a-w- c:\windows\system32\msxml6.dll
2012-08-23 13:06:38 1248768 ----a-w- c:\windows\system32\msxml3.dll
2012-08-23 13:06:19 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-08-23 13:06:16 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-08-23 13:06:16 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-23 13:06:14 707584 ----a-w- c:\program files\common files\system\wab32.dll
2012-08-23 13:04:58 440704 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-08-23 13:04:57 278528 ----a-w- c:\windows\system32\schannel.dll
2012-08-23 13:04:57 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2012-08-23 13:04:56 72704 ----a-w- c:\windows\system32\secur32.dll
2012-08-23 13:04:56 204288 ----a-w- c:\windows\system32\ncrypt.dll
2012-08-23 13:04:55 9728 ----a-w- c:\windows\system32\lsass.exe
2012-08-23 13:04:50 231424 ----a-w- c:\windows\system32\msshsq.dll
2012-08-23 12:37:33 613376 ----a-w- c:\windows\system32\rdpencom.dll
2012-08-23 12:21:08 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-08-23 12:20:27 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-08-23 12:20:16 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-08-23 12:20:16 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-08-23 02:15:33 98816 ----a-w- c:\windows\system32\mfps.dll
2012-08-23 02:13:28 369664 ----a-w- c:\windows\system32\WMPhoto.dll
2012-08-23 02:13:28 252928 ----a-w- c:\windows\system32\dxdiag.exe
2012-08-23 02:13:28 195584 ----a-w- c:\windows\system32\dxdiagn.dll
2012-08-23 02:13:27 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2012-08-23 02:13:27 519680 ----a-w- c:\windows\system32\d3d11.dll
2012-08-23 02:13:27 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2012-08-23 02:13:27 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2012-08-22 20:18:57 221568 ----a-w- c:\windows\system32\drivers\netio.sys
2012-08-22 18:45:55 -------- d-----w- c:\windows\system32\eu-ES
2012-08-22 18:45:55 -------- d-----w- c:\windows\system32\ca-ES
2012-08-22 18:45:54 -------- d-----w- c:\windows\system32\vi-VN
2012-08-22 18:14:59 627712 ----a-w- c:\windows\system32\user32.dll
2012-08-22 18:13:59 842240 ----a-w- c:\windows\system32\systemcpl.dll
2012-08-22 18:12:39 83968 ----a-w- c:\windows\system32\wbem\wmiutils.dll
2012-08-22 18:12:39 744448 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2012-08-22 18:12:39 614912 ----a-w- c:\windows\system32\wbem\fastprox.dll
2012-08-22 18:12:39 30208 ----a-w- c:\windows\system32\wbem\wbemprox.dll
2012-08-22 18:12:39 265728 ----a-w- c:\windows\system32\wbem\repdrvfs.dll
2012-08-22 18:12:39 265728 ----a-w- c:\windows\system32\wbem\esscli.dll
2012-08-22 18:12:39 189440 ----a-w- c:\windows\system32\wbem\mofd.dll
2012-08-22 18:12:38 705536 ----a-w- c:\windows\system32\SmiEngine.dll
2012-08-22 18:12:37 218624 ----a-w- c:\windows\system32\wdscore.dll
2012-08-22 18:12:37 130560 ----a-w- c:\windows\system32\PkgMgr.exe
2012-08-22 18:12:31 247808 ----a-w- c:\windows\system32\drvstore.dll
2012-08-21 14:33:19 53248 ----a-w- c:\windows\system32\CSVer.dll
2012-08-21 14:13:59 -------- d-----w- C:\dell
2012-08-21 13:42:45 -------- d-----w- c:\users\cynthia\appdata\local\SlimWare Utilities Inc
.
==================== Find3M ====================
.
2012-08-23 02:15:33 979456 ----a-w- c:\windows\system32\MFH264Dec.dll
2012-08-23 02:13:29 4096 ----a-w- c:\windows\system32\drivers\en-us\dxgkrnl.sys.mui
.
============= FINISH: 17:35:54.89 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 2/14/2007 3:15:34 AM
System Uptime: 9/17/2012 11:32:04 AM (6 hours ago)
.
Motherboard: Gateway | |
Processor: Genuine Intel(R) CPU T2300 @ 1.66GHz | uFCPGA2 | 1000/667mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 139 GiB total, 112.41 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 3.152 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP813: 9/16/2012 5:33:42 PM - Windows Update
RP814: 9/17/2012 2:02:25 PM - Scheduled Checkpoint
.
==== Installed Programs ======================
.
Activation Assistant for the 2007 Microsoft Office suites
Adobe Download Manager
Adobe Flash Player 11 ActiveX
Adobe Reader 9.5.2
AviSynth 2.5
Browser Address Error Redirector
CCleaner
Defraggler
Encompass Installation Manager
Gateway Recovery Center Installer
getPlus(R) for Adobe
Google Toolbar for Internet Explorer
Google Update Helper
Google Updater
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Intel(R) Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
Malwarebytes Anti-Malware version 1.65.0.1400
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Digital Image Library 9 - Blocker
Microsoft Digital Image Starter Edition 2006
Microsoft Digital Image Starter Edition 2006 Editor
Microsoft Digital Image Starter Edition 2006 Library
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft WSE 2.0 SP3 Runtime
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
OGA Notifier 2.0.0048.0
OpenOffice.org 3.3
Point
QuickTime
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
REALTEK RTL8187 Wireless LAN Driver
RealUpgrade 1.1
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Spotify
SupportSoft Assisted Service
Synaptics Pointing Device Driver
Texas Instruments PCIxx21/x515/xx12 drivers.
TIPCI
Trust USB WiFi Adapter Driver
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
WinDirStat 1.1.2
.
==== Event Viewer Messages From Past Week ========
.
9/15/2012 7:23:59 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: On Access Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions.
9/13/2012 12:07:51 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the PlugPlay service.
9/10/2012 6:57:48 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Adobe Flash Player Update Service service to connect.
9/10/2012 6:57:48 AM, Error: Service Control Manager [7000] - The Adobe Flash Player Update Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
9/10/2012 2:08:35 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} to the user Cynthia-PC\Cynthia SID (S-1-5-21-2100033693-1561413150-3002188466-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
.
==== End Of File ===========================
Here are my logs. Thanks in advance for your help.
Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org
Database version: v2012.09.15.05
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Cynthia :: CYNTHIA-PC [administrator]
9/17/2012 11:11:47 AM
mbam-log-2012-09-17 (11-11-47).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 186042
Time elapsed: 5 minute(s), 48 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2012-09-17 17:33:06
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 WDC_WD16 rev.04.0
Running: gmer.exe; Driver: C:\Users\Cynthia\AppData\Local\Temp\fxliafow.sys
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
---- EOF - GMER 1.0.15 ----
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421
Run by Cynthia at 17:34:20 on 2012-09-17
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2037.1134 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\real\realplayer\Update\realsched.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Users\Cynthia\AppData\Roaming\Spotify\spotify.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_11_4_402_265_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://my.yahoo.com/?_bc=1
uSearch Page =
uWindow Title = Internet Explorer, optimized for Bing and MSN
mStart Page = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
uInternet Settings,ProxyOverride = <local>
mSearchAssistant =
uURLSearchHooks: H - No File
mURLSearchHooks: H - No File
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\google\BAE.dll
BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [imscr] "c:\windows\system32\rundll32.exe" "c:\users\cynthia\appdata\roaming\imscr.dll",get_gAMA_fixed
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [Spotify] "c:\users\cynthia\appdata\roaming\spotify\Spotify.exe" /uri spotify:autostart
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [EKAIO2StatusMonitor] c:\windows\system32\spool\drivers\w32x86\3\EKAiO2MUI.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
StartupFolder: c:\users\cynthia\appdata\roaming\micros~1\windows\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
Trusted Zone: mlxchange.com\mfr
Trusted Zone: yahoo.com\cm.my
DPF: Microsoft XML Parser for Java - file:///C:/Windows/Java/classes/xmldso.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76 192.168.1.1
TCP: Interfaces\{0A283A52-1221-4105-ABD3-9F51AEF85DAC} : DhcpNameServer = 75.75.75.75 75.75.76.76 192.168.1.1
Notify: igfxcui - igfxdev.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2012-3-20 171064]
R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2009-1-16 214664]
R1 MpKsl7fac1549;MpKsl7fac1549;c:\programdata\microsoft\microsoft antimalware\definition updates\{5c42ac65-eac4-47f5-ac76-f8e2cbfb4b68}\MpKsl7fac1549.sys [2012-9-17 29904]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-9-11 21504]
R3 RTL8187;Trust USB WiFi Adapter;c:\windows\system32\drivers\rtl8187.sys [2007-2-14 288256]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-2-1 136176]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-2-1 136176]
S3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2009-1-16 79816]
S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2009-1-16 35272]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2009-1-16 34248]
S3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2009-1-16 40552]
S3 NETw2v32;Intel(R) PRO/Wireless 2200BG Network Connection Driver for Windows Vista;c:\windows\system32\drivers\NETw2v32.sys [2006-11-2 2589184]
S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2012-3-20 74112]
S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2012-3-26 214952]
S3 SWDUMon;SWDUMon;c:\windows\system32\drivers\SWDUMon.sys [2012-8-31 13024]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== File Associations ===============
.
scrfile="%1" /S "%3"
.
=============== Created Last 30 ================
.
2012-09-17 21:32:51 29904 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{5c42ac65-eac4-47f5-ac76-f8e2cbfb4b68}\MpKsl7fac1549.sys
2012-09-16 21:36:28 7022536 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{5c42ac65-eac4-47f5-ac76-f8e2cbfb4b68}\mpengine.dll
2012-09-16 15:44:01 -------- d-----w- c:\users\cynthia\appdata\local\Spotify
2012-09-16 15:42:32 -------- d-----w- c:\users\cynthia\appdata\roaming\Spotify
2012-09-16 15:41:57 -------- d-----w- c:\users\cynthia\appdata\local\Deployment
2012-09-16 15:41:57 -------- d-----w- c:\users\cynthia\appdata\local\Apps
2012-09-15 19:54:32 7022536 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2012-09-13 01:08:19 -------- d-----w- c:\program files\CCleaner
2012-09-12 19:23:03 -------- d-----w- c:\users\cynthia\appdata\roaming\Malwarebytes
2012-09-12 19:22:45 -------- d-----w- c:\programdata\Malwarebytes
2012-09-12 19:22:42 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-12 19:22:42 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-09-10 18:37:11 696520 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-09-10 18:37:10 73416 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-09-07 03:57:37 713784 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{7f0ccf80-75a9-46e1-9182-73b4e5928ae6}\gapaengine.dll
2012-09-07 03:49:51 -------- d-----w- c:\program files\Microsoft Security Client
2012-09-04 17:01:28 -------- d-----w- c:\program files\WinDirStat
2012-08-31 22:00:11 -------- d-----w- c:\program files\Defraggler
2012-08-31 21:35:46 288256 ----a-w- c:\windows\system\rtl8187.sys
2012-08-31 21:35:43 -------- d-----w- c:\program files\Trust USB WiFi Adapter Driver
2012-08-31 21:19:54 329752 ----a-w- c:\windows\system32\drivers\iaStor.sys
2012-08-31 21:03:52 1601024 ----a-w- c:\users\cynthia\appdata\roaming\imscr.dll
2012-08-31 20:56:13 -------- d-----w- c:\users\cynthia\appdata\local\Downloaded Installations
2012-08-31 19:55:11 -------- d-----w- c:\program files\IDT
2012-08-31 19:41:53 13024 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2012-08-31 19:41:44 -------- d-----w- c:\program files\SlimDrivers
2012-08-25 08:04:16 -------- d-----w- c:\program files\Windows Portable Devices
2012-08-25 07:32:05 5120 ----a-w- c:\windows\system32\wmi.dll
2012-08-25 07:32:05 172032 ----a-w- c:\windows\system32\wintrust.dll
2012-08-25 07:32:05 157696 ----a-w- c:\windows\system32\imagehlp.dll
2012-08-25 07:32:05 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-08-25 07:25:42 2047488 ----a-w- c:\windows\system32\win32k.sys
2012-08-23 13:12:02 914304 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-08-23 13:12:02 31232 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2012-08-23 13:12:01 1218048 ----a-w- c:\program files\windows journal\NBDoc.DLL
2012-08-23 13:12:00 983040 ----a-w- c:\program files\windows journal\JNTFiltr.dll
2012-08-23 13:12:00 964608 ----a-w- c:\program files\windows journal\JNWDRV.dll
2012-08-23 13:12:00 936960 ----a-w- c:\program files\common files\microsoft shared\ink\journal.dll
2012-08-23 13:12:00 1404928 ----a-w- c:\program files\common files\microsoft shared\ink\InkObj.dll
2012-08-23 13:11:59 47104 ----a-w- c:\program files\windows journal\PDIALOG.exe
2012-08-23 13:11:54 797696 ----a-w- c:\windows\system32\FntCache.dll
2012-08-23 13:11:53 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2012-08-23 13:10:10 984064 ----a-w- c:\windows\system32\crypt32.dll
2012-08-23 13:10:09 98304 ----a-w- c:\windows\system32\cryptnet.dll
2012-08-23 13:10:09 133120 ----a-w- c:\windows\system32\cryptsvc.dll
2012-08-23 13:09:54 69632 ----a-w- c:\windows\system32\Mpeg2Data.ax
2012-08-23 13:09:54 57856 ----a-w- c:\windows\system32\MSDvbNP.ax
2012-08-23 13:09:54 293376 ----a-w- c:\windows\system32\psisdecd.dll
2012-08-23 13:09:54 217088 ----a-w- c:\windows\system32\psisrndr.ax
2012-08-23 13:09:49 23552 ----a-w- c:\windows\system32\mciseq.dll
2012-08-23 13:09:49 189952 ----a-w- c:\windows\system32\winmm.dll
2012-08-23 13:09:46 623616 ----a-w- c:\windows\system32\localspl.dll
2012-08-23 13:09:04 1205064 ----a-w- c:\windows\system32\ntdll.dll
2012-08-23 13:08:44 429056 ----a-w- c:\windows\system32\EncDec.dll
2012-08-23 13:08:18 53120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-08-23 13:08:16 66560 ----a-w- c:\windows\system32\packager.dll
2012-08-23 13:08:13 376320 ----a-w- c:\windows\system32\winsrv.dll
2012-08-23 13:08:11 680448 ----a-w- c:\windows\system32\msvcrt.dll
2012-08-23 13:08:07 876032 ----a-w- c:\windows\system32\XpsPrint.dll
2012-08-23 13:06:38 1401856 ----a-w- c:\windows\system32\msxml6.dll
2012-08-23 13:06:38 1248768 ----a-w- c:\windows\system32\msxml3.dll
2012-08-23 13:06:19 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-08-23 13:06:16 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-08-23 13:06:16 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-23 13:06:14 707584 ----a-w- c:\program files\common files\system\wab32.dll
2012-08-23 13:04:58 440704 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-08-23 13:04:57 278528 ----a-w- c:\windows\system32\schannel.dll
2012-08-23 13:04:57 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2012-08-23 13:04:56 72704 ----a-w- c:\windows\system32\secur32.dll
2012-08-23 13:04:56 204288 ----a-w- c:\windows\system32\ncrypt.dll
2012-08-23 13:04:55 9728 ----a-w- c:\windows\system32\lsass.exe
2012-08-23 13:04:50 231424 ----a-w- c:\windows\system32\msshsq.dll
2012-08-23 12:37:33 613376 ----a-w- c:\windows\system32\rdpencom.dll
2012-08-23 12:21:08 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-08-23 12:20:27 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-08-23 12:20:16 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-08-23 12:20:16 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-08-23 02:15:33 98816 ----a-w- c:\windows\system32\mfps.dll
2012-08-23 02:13:28 369664 ----a-w- c:\windows\system32\WMPhoto.dll
2012-08-23 02:13:28 252928 ----a-w- c:\windows\system32\dxdiag.exe
2012-08-23 02:13:28 195584 ----a-w- c:\windows\system32\dxdiagn.dll
2012-08-23 02:13:27 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2012-08-23 02:13:27 519680 ----a-w- c:\windows\system32\d3d11.dll
2012-08-23 02:13:27 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2012-08-23 02:13:27 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2012-08-22 20:18:57 221568 ----a-w- c:\windows\system32\drivers\netio.sys
2012-08-22 18:45:55 -------- d-----w- c:\windows\system32\eu-ES
2012-08-22 18:45:55 -------- d-----w- c:\windows\system32\ca-ES
2012-08-22 18:45:54 -------- d-----w- c:\windows\system32\vi-VN
2012-08-22 18:14:59 627712 ----a-w- c:\windows\system32\user32.dll
2012-08-22 18:13:59 842240 ----a-w- c:\windows\system32\systemcpl.dll
2012-08-22 18:12:39 83968 ----a-w- c:\windows\system32\wbem\wmiutils.dll
2012-08-22 18:12:39 744448 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2012-08-22 18:12:39 614912 ----a-w- c:\windows\system32\wbem\fastprox.dll
2012-08-22 18:12:39 30208 ----a-w- c:\windows\system32\wbem\wbemprox.dll
2012-08-22 18:12:39 265728 ----a-w- c:\windows\system32\wbem\repdrvfs.dll
2012-08-22 18:12:39 265728 ----a-w- c:\windows\system32\wbem\esscli.dll
2012-08-22 18:12:39 189440 ----a-w- c:\windows\system32\wbem\mofd.dll
2012-08-22 18:12:38 705536 ----a-w- c:\windows\system32\SmiEngine.dll
2012-08-22 18:12:37 218624 ----a-w- c:\windows\system32\wdscore.dll
2012-08-22 18:12:37 130560 ----a-w- c:\windows\system32\PkgMgr.exe
2012-08-22 18:12:31 247808 ----a-w- c:\windows\system32\drvstore.dll
2012-08-21 14:33:19 53248 ----a-w- c:\windows\system32\CSVer.dll
2012-08-21 14:13:59 -------- d-----w- C:\dell
2012-08-21 13:42:45 -------- d-----w- c:\users\cynthia\appdata\local\SlimWare Utilities Inc
.
==================== Find3M ====================
.
2012-08-23 02:15:33 979456 ----a-w- c:\windows\system32\MFH264Dec.dll
2012-08-23 02:13:29 4096 ----a-w- c:\windows\system32\drivers\en-us\dxgkrnl.sys.mui
.
============= FINISH: 17:35:54.89 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 2/14/2007 3:15:34 AM
System Uptime: 9/17/2012 11:32:04 AM (6 hours ago)
.
Motherboard: Gateway | |
Processor: Genuine Intel(R) CPU T2300 @ 1.66GHz | uFCPGA2 | 1000/667mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 139 GiB total, 112.41 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 3.152 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP813: 9/16/2012 5:33:42 PM - Windows Update
RP814: 9/17/2012 2:02:25 PM - Scheduled Checkpoint
.
==== Installed Programs ======================
.
Activation Assistant for the 2007 Microsoft Office suites
Adobe Download Manager
Adobe Flash Player 11 ActiveX
Adobe Reader 9.5.2
AviSynth 2.5
Browser Address Error Redirector
CCleaner
Defraggler
Encompass Installation Manager
Gateway Recovery Center Installer
getPlus(R) for Adobe
Google Toolbar for Internet Explorer
Google Update Helper
Google Updater
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Intel(R) Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
Malwarebytes Anti-Malware version 1.65.0.1400
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Digital Image Library 9 - Blocker
Microsoft Digital Image Starter Edition 2006
Microsoft Digital Image Starter Edition 2006 Editor
Microsoft Digital Image Starter Edition 2006 Library
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft WSE 2.0 SP3 Runtime
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
OGA Notifier 2.0.0048.0
OpenOffice.org 3.3
Point
QuickTime
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
REALTEK RTL8187 Wireless LAN Driver
RealUpgrade 1.1
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Spotify
SupportSoft Assisted Service
Synaptics Pointing Device Driver
Texas Instruments PCIxx21/x515/xx12 drivers.
TIPCI
Trust USB WiFi Adapter Driver
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
WinDirStat 1.1.2
.
==== Event Viewer Messages From Past Week ========
.
9/15/2012 7:23:59 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: On Access Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions.
9/13/2012 12:07:51 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the PlugPlay service.
9/10/2012 6:57:48 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Adobe Flash Player Update Service service to connect.
9/10/2012 6:57:48 AM, Error: Service Control Manager [7000] - The Adobe Flash Player Update Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
9/10/2012 2:08:35 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} to the user Cynthia-PC\Cynthia SID (S-1-5-21-2100033693-1561413150-3002188466-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
.
==== End Of File ===========================