necee99
Posts: 156 +1
Please help me clean my computer. it is a dell optiplex 745. windows vista. I turned it on today and it said it had trojan virus and to buy some antivirus software. it hacked into microsoft essentials and replaced it with its program. also mozilla firefox is not working. I restored it to an earlier date so the antivirus software would stop popping up. I uninstalled microsoft essentials but could not uninstall firefox. I install avast. it found a virus and supposingly fixed it. please help. thanks.
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Database version: v2013.10.27.06
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
user :: DELL02439 [administrator]
10/27/2013 7:12:15 PM
mbam-log-2013-10-27 (19-12-15).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 201066
Time elapsed: 6 minute(s), 13 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Business
Boot Device: \Device\HarddiskVolume1
Install Date: 1/19/2011 12:36:43 PM
System Uptime: 10/27/2013 5:52:08 PM (3 hours ago)
.
Motherboard: Dell Inc. | | 0MM599
Processor: Intel(R) Pentium(R) D CPU 3.40GHz | Microprocessor | 3391/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 75 GiB total, 34.193 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP282: 10/13/2013 9:14:52 PM - Windows Update
RP283: 10/18/2013 11:24:00 AM - Windows Update
RP284: 10/21/2013 5:35:34 PM - Windows Update
RP285: 10/25/2013 12:36:19 PM - Windows Update
RP286: 10/27/2013 4:24:39 PM - Restore Operation
RP288: 10/27/2013 4:44:04 PM - avast! antivirus system restore point
RP289: 10/27/2013 4:44:17 PM - Windows Update
.
==== Installed Programs ======================
.
32 Bit HP CIO Components Installer
Acrobat.com
Adobe AIR
Adobe Download Assistant
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.8)
Adobe Shockwave Player 11.6
Apple Application Support
Apple Software Update
Ask Toolbar
Ask Toolbar Updater
Audacity 2.0.3
avast! Free Antivirus
BufferChm
Catalina Savings Printer
Chocolatier
Citrix online plug-in - web
Citrix online plug-in (DV)
Citrix online plug-in (HDX)
Citrix online plug-in (USB)
Citrix online plug-in (Web)
Compatibility Pack for the 2007 Office system
Computer Requirements 1.0
Copy
Coupon Printer for Windows
D-Link DWA-130 Wireless N USB Adapter
Destinations
DeviceDiscovery
DJ_AIO_06_F2400_SW_Min
F2400
Fashion Dash
GameFly
Google Chrome
GPBaseService2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Customer Participation Program 13.0
HP Deskjet F2400 All-In-One Driver Software 13.0 Rel .6
HP Imaging Device Functions 13.0
HP Print Projects 1.0
HP Smart Web Printing 4.5
HP Solution Center 13.0
HP Update
HPPhotoGadget
hpPrintProjects
HPProductAssistant
HPSSupply
hpWLPGInstaller
ImgBurn
Intel(R) Graphics Media Accelerator Driver
Java 7 Update 25
Java Auto Updater
Malwarebytes Anti-Malware version 1.75.0.1300
MarketResearch
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Corporation
Microsoft LifeCam
Microsoft Office Excel Viewer
Microsoft Office Live Meeting 2007
Microsoft Office Word Viewer 2003
Microsoft PowerPoint Viewer
Microsoft Silverlight
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Mozilla Firefox 23.0.1 (x86 en-US)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero 8 Essentials
neroxml
OpenOffice.org 3.3
Picasa 3
PowerDVD DX
QuickTime
Rollercoaster Tycoon Deluxe Edition
Scan
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2861188)
Shop for HP Supplies
SmartWebPrinting
SolutionCenter
Status
swMSM
Toolbox
Tourist Trap - Build The Nations Greatest Vacations
TrayApp
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
VCRedistSetup
VLC media player 2.0.1
Wah Assistant
Watchtower Library 2012 - English
Watchtower Library 2012 - español
WebReg
West At Home Gateway V2
WinZip 17.0
.
==== Event Viewer Messages From Past Week ========
.
10/27/2013 4:46:14 PM, Error: Service Control Manager [7030] - The avast! Antivirus service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
10/27/2013 4:32:26 PM, Error: Microsoft Antimalware [2004] -
10/25/2013 12:25:23 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.0.101 for the Network Card with network address 0019B946B69B has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
10/24/2013 6:47:20 PM, Error: Schannel [36874] - An SSL connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.
10/23/2013 6:31:20 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.0.100 for the Network Card with network address 0019B946B69B has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
10/21/2013 5:22:09 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.0.104 for the Network Card with network address 0019B946B69B has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
10/20/2013 6:55:03 AM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.0.102 for the Network Card with network address 0019B946B69B has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
.
==== End Of File ===========================
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16514 BrowserJavaVersion: 10.25.2
Run by user at 20:23:55 on 2013-10-27
Microsoft® Windows Vista™ Business 6.0.6002.2.1252.1.1033.18.2037.834 [GMT -5:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\SLsvc.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\D-Link\DWA-130 revE\WlanWpsSvc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Windows\vVX3000.exe
C:\Windows\WindowsMobile\wmdSync.exe
C:\Program Files\Citrix\ICA Client\concentr.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\WinZip\WZQKPICK32.EXE
C:\Program Files\D-Link\DWA-130 revE\wirelesscm.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Citrix\ICA Client\wfcrun32.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\notepad.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_11_9_900_117_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://home.suddenlink.net/
uURLSearchHooks: UrlSearchHook Class: {00000000-6E41-4FD3-8538-502F5495E5FC} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\nero\lib\NMBgMonitor.exe"
uRun: [Google Update] "c:\users\user\appdata\local\google\update\GoogleUpdate.exe" /c
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"
mRun: [NeroFilterCheck] c:\program files\common files\nero\lib\NeroCheck.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [LifeCam] "c:\program files\microsoft lifecam\LifeExp.exe"
mRun: [VX3000] c:\windows\vVX3000.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [Windows Mobile-based device management] c:\windows\windowsmobile\wmdSync.exe
mRun: [ConnectionCenter] "c:\program files\citrix\ica client\concentr.exe" /startup
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [AvastUI.exe] "c:\program files\avast software\avast\AvastUI.exe" /nogui
StartupFolder: c:\users\user\appdata\roaming\micros~1\windows\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WZQKPICK32.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\wirele~1.lnk - c:\program files\d-link\dwa-130 reve\wirelesscm.exe
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
Trusted Zone: west.com
Trusted Zone: westathome.com
Trusted Zone: westathome.net
Trusted Zone: workathomeagent.net
DPF: {A084A130-28AE-4B32-B51A-1C8CE164BC88} - hxxp://www.convergysworkathome.com/AppHardT.CAB
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{78BC4006-4C18-4DA0-9865-4AF70C2CBF14} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{81EBC82A-76FE-4BFA-A713-9ED45586C876} : DHCPNameServer = 192.168.0.1
Notify: igfxcui - igfxdev.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\user\appdata\roaming\mozilla\firefox\profiles\djcvcjcp.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\browser\plugins\npMozCouponPrinter.dll
FF - plugin: c:\users\user\appdata\local\google\update\1.3.21.165\npGoogleUpdate3.dll
FF - plugin: c:\users\user\appdata\roaming\catali~1\npBcsKtTcHW.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_9_900_117.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
FF - ExtSQL: !HIDDEN! 2012-08-21 14:42; smartwebprinting@hp.com; c:\program files\hp\digital imaging\smart web printing\MozillaAddOn3
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [2013-10-27 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [2013-10-27 178304]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2013-10-27 774392]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2013-10-27 403440]
R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [2009-9-8 65584]
R1 RtlProt;Realtke RtlProt WLAN Utility Protocol Driver;c:\windows\system32\drivers\RtlProt.sys [2012-8-21 25896]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2013-10-27 35656]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-10-27 70384]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2013-10-27 50344]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 WlanWpsSvc;WlanWpsSvc;c:\program files\d-link\dwa-130 reve\WlanWpsSvc.exe [2012-8-21 167936]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2008-1-20 179712]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2013-10-27 40776]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;c:\windows\system32\drivers\RTL8192su.sys [2012-8-21 523264]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-7-20 754856]
.
=============== Created Last 30 ================
.
2013-10-28 00:12:08 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2013-10-27 21:56:05 -------- d-----w- c:\users\user\appdata\roaming\Malwarebytes
2013-10-27 21:55:49 -------- d-----w- c:\programdata\Malwarebytes
2013-10-27 21:55:47 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-10-27 21:55:47 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-10-27 21:49:04 -------- d-----w- c:\users\user\appdata\roaming\AVAST Software
2013-10-27 21:46:23 178304 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-10-27 21:46:21 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-10-27 21:46:20 774392 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-10-27 21:46:19 70384 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-10-27 21:45:53 43152 ----a-w- c:\windows\avastSS.scr
2013-10-27 21:45:46 7796464 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{86524671-0933-456b-8c12-134adfa78d50}\mpengine.dll
2013-10-27 21:44:25 -------- d-----w- c:\program files\AVAST Software
2013-10-27 21:43:21 -------- d-----w- c:\programdata\AVAST Software
2013-10-27 21:03:48 -------- d-----w- c:\programdata\lpgg3rg3
2013-10-17 00:04:53 -------- d-----w- c:\program files\Mozilla Firefox(2)
2013-10-08 23:56:54 73216 ----a-w- c:\windows\system32\drivers\usbccgp.sys
.
==================== Find3M ====================
.
2013-10-08 21:57:59 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-10-08 21:57:59 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-09-22 10:22:59 1800704 ----a-w- c:\windows\system32\jscript9.dll
2013-09-22 10:14:39 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2013-09-22 10:13:22 1129472 ----a-w- c:\windows\system32\wininet.dll
2013-09-22 10:08:41 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2013-09-22 10:06:58 420864 ----a-w- c:\windows\system32\vbscript.dll
2013-09-22 10:03:18 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-09-03 19:35:12 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-08-29 07:36:04 2050048 ----a-w- c:\windows\system32\win32k.sys
2013-08-27 02:47:50 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-08-27 02:47:50 189952 ----a-w- c:\windows\system32\d3d10core.dll
2013-08-27 02:47:50 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2013-08-27 02:47:50 1029120 ----a-w- c:\windows\system32\d3d10.dll
2013-08-27 01:52:08 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2013-08-27 01:50:40 486400 ----a-w- c:\windows\system32\d3d10level9.dll
2013-08-27 01:32:20 683008 ----a-w- c:\windows\system32\d2d1.dll
2013-08-27 01:28:36 1069056 ----a-w- c:\windows\system32\DWrite.dll
2013-08-27 01:28:35 798208 ----a-w- c:\windows\system32\FntCache.dll
2013-08-02 04:09:35 1548288 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-08-01 03:16:32 638400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-08-01 02:49:15 37376 ----a-w- c:\windows\system32\cdd.dll
.
============= FINISH: 20:24:21.09 ===============
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Database version: v2013.10.27.06
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
user :: DELL02439 [administrator]
10/27/2013 7:12:15 PM
mbam-log-2013-10-27 (19-12-15).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 201066
Time elapsed: 6 minute(s), 13 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Business
Boot Device: \Device\HarddiskVolume1
Install Date: 1/19/2011 12:36:43 PM
System Uptime: 10/27/2013 5:52:08 PM (3 hours ago)
.
Motherboard: Dell Inc. | | 0MM599
Processor: Intel(R) Pentium(R) D CPU 3.40GHz | Microprocessor | 3391/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 75 GiB total, 34.193 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP282: 10/13/2013 9:14:52 PM - Windows Update
RP283: 10/18/2013 11:24:00 AM - Windows Update
RP284: 10/21/2013 5:35:34 PM - Windows Update
RP285: 10/25/2013 12:36:19 PM - Windows Update
RP286: 10/27/2013 4:24:39 PM - Restore Operation
RP288: 10/27/2013 4:44:04 PM - avast! antivirus system restore point
RP289: 10/27/2013 4:44:17 PM - Windows Update
.
==== Installed Programs ======================
.
32 Bit HP CIO Components Installer
Acrobat.com
Adobe AIR
Adobe Download Assistant
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.8)
Adobe Shockwave Player 11.6
Apple Application Support
Apple Software Update
Ask Toolbar
Ask Toolbar Updater
Audacity 2.0.3
avast! Free Antivirus
BufferChm
Catalina Savings Printer
Chocolatier
Citrix online plug-in - web
Citrix online plug-in (DV)
Citrix online plug-in (HDX)
Citrix online plug-in (USB)
Citrix online plug-in (Web)
Compatibility Pack for the 2007 Office system
Computer Requirements 1.0
Copy
Coupon Printer for Windows
D-Link DWA-130 Wireless N USB Adapter
Destinations
DeviceDiscovery
DJ_AIO_06_F2400_SW_Min
F2400
Fashion Dash
GameFly
Google Chrome
GPBaseService2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Customer Participation Program 13.0
HP Deskjet F2400 All-In-One Driver Software 13.0 Rel .6
HP Imaging Device Functions 13.0
HP Print Projects 1.0
HP Smart Web Printing 4.5
HP Solution Center 13.0
HP Update
HPPhotoGadget
hpPrintProjects
HPProductAssistant
HPSSupply
hpWLPGInstaller
ImgBurn
Intel(R) Graphics Media Accelerator Driver
Java 7 Update 25
Java Auto Updater
Malwarebytes Anti-Malware version 1.75.0.1300
MarketResearch
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Corporation
Microsoft LifeCam
Microsoft Office Excel Viewer
Microsoft Office Live Meeting 2007
Microsoft Office Word Viewer 2003
Microsoft PowerPoint Viewer
Microsoft Silverlight
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Mozilla Firefox 23.0.1 (x86 en-US)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero 8 Essentials
neroxml
OpenOffice.org 3.3
Picasa 3
PowerDVD DX
QuickTime
Rollercoaster Tycoon Deluxe Edition
Scan
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2861188)
Shop for HP Supplies
SmartWebPrinting
SolutionCenter
Status
swMSM
Toolbox
Tourist Trap - Build The Nations Greatest Vacations
TrayApp
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
VCRedistSetup
VLC media player 2.0.1
Wah Assistant
Watchtower Library 2012 - English
Watchtower Library 2012 - español
WebReg
West At Home Gateway V2
WinZip 17.0
.
==== Event Viewer Messages From Past Week ========
.
10/27/2013 4:46:14 PM, Error: Service Control Manager [7030] - The avast! Antivirus service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
10/27/2013 4:32:26 PM, Error: Microsoft Antimalware [2004] -
10/25/2013 12:25:23 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.0.101 for the Network Card with network address 0019B946B69B has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
10/24/2013 6:47:20 PM, Error: Schannel [36874] - An SSL connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.
10/23/2013 6:31:20 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.0.100 for the Network Card with network address 0019B946B69B has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
10/21/2013 5:22:09 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.0.104 for the Network Card with network address 0019B946B69B has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
10/20/2013 6:55:03 AM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.0.102 for the Network Card with network address 0019B946B69B has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
.
==== End Of File ===========================
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16514 BrowserJavaVersion: 10.25.2
Run by user at 20:23:55 on 2013-10-27
Microsoft® Windows Vista™ Business 6.0.6002.2.1252.1.1033.18.2037.834 [GMT -5:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\SLsvc.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\D-Link\DWA-130 revE\WlanWpsSvc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Windows\vVX3000.exe
C:\Windows\WindowsMobile\wmdSync.exe
C:\Program Files\Citrix\ICA Client\concentr.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\WinZip\WZQKPICK32.EXE
C:\Program Files\D-Link\DWA-130 revE\wirelesscm.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Citrix\ICA Client\wfcrun32.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\notepad.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_11_9_900_117_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://home.suddenlink.net/
uURLSearchHooks: UrlSearchHook Class: {00000000-6E41-4FD3-8538-502F5495E5FC} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\nero\lib\NMBgMonitor.exe"
uRun: [Google Update] "c:\users\user\appdata\local\google\update\GoogleUpdate.exe" /c
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"
mRun: [NeroFilterCheck] c:\program files\common files\nero\lib\NeroCheck.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [LifeCam] "c:\program files\microsoft lifecam\LifeExp.exe"
mRun: [VX3000] c:\windows\vVX3000.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [Windows Mobile-based device management] c:\windows\windowsmobile\wmdSync.exe
mRun: [ConnectionCenter] "c:\program files\citrix\ica client\concentr.exe" /startup
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [AvastUI.exe] "c:\program files\avast software\avast\AvastUI.exe" /nogui
StartupFolder: c:\users\user\appdata\roaming\micros~1\windows\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WZQKPICK32.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\wirele~1.lnk - c:\program files\d-link\dwa-130 reve\wirelesscm.exe
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
Trusted Zone: west.com
Trusted Zone: westathome.com
Trusted Zone: westathome.net
Trusted Zone: workathomeagent.net
DPF: {A084A130-28AE-4B32-B51A-1C8CE164BC88} - hxxp://www.convergysworkathome.com/AppHardT.CAB
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{78BC4006-4C18-4DA0-9865-4AF70C2CBF14} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{81EBC82A-76FE-4BFA-A713-9ED45586C876} : DHCPNameServer = 192.168.0.1
Notify: igfxcui - igfxdev.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\user\appdata\roaming\mozilla\firefox\profiles\djcvcjcp.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\browser\plugins\npMozCouponPrinter.dll
FF - plugin: c:\users\user\appdata\local\google\update\1.3.21.165\npGoogleUpdate3.dll
FF - plugin: c:\users\user\appdata\roaming\catali~1\npBcsKtTcHW.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_9_900_117.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
FF - ExtSQL: !HIDDEN! 2012-08-21 14:42; smartwebprinting@hp.com; c:\program files\hp\digital imaging\smart web printing\MozillaAddOn3
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [2013-10-27 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [2013-10-27 178304]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2013-10-27 774392]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2013-10-27 403440]
R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [2009-9-8 65584]
R1 RtlProt;Realtke RtlProt WLAN Utility Protocol Driver;c:\windows\system32\drivers\RtlProt.sys [2012-8-21 25896]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2013-10-27 35656]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-10-27 70384]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2013-10-27 50344]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 WlanWpsSvc;WlanWpsSvc;c:\program files\d-link\dwa-130 reve\WlanWpsSvc.exe [2012-8-21 167936]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2008-1-20 179712]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2013-10-27 40776]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;c:\windows\system32\drivers\RTL8192su.sys [2012-8-21 523264]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-7-20 754856]
.
=============== Created Last 30 ================
.
2013-10-28 00:12:08 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2013-10-27 21:56:05 -------- d-----w- c:\users\user\appdata\roaming\Malwarebytes
2013-10-27 21:55:49 -------- d-----w- c:\programdata\Malwarebytes
2013-10-27 21:55:47 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-10-27 21:55:47 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-10-27 21:49:04 -------- d-----w- c:\users\user\appdata\roaming\AVAST Software
2013-10-27 21:46:23 178304 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-10-27 21:46:21 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-10-27 21:46:20 774392 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-10-27 21:46:19 70384 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-10-27 21:45:53 43152 ----a-w- c:\windows\avastSS.scr
2013-10-27 21:45:46 7796464 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{86524671-0933-456b-8c12-134adfa78d50}\mpengine.dll
2013-10-27 21:44:25 -------- d-----w- c:\program files\AVAST Software
2013-10-27 21:43:21 -------- d-----w- c:\programdata\AVAST Software
2013-10-27 21:03:48 -------- d-----w- c:\programdata\lpgg3rg3
2013-10-17 00:04:53 -------- d-----w- c:\program files\Mozilla Firefox(2)
2013-10-08 23:56:54 73216 ----a-w- c:\windows\system32\drivers\usbccgp.sys
.
==================== Find3M ====================
.
2013-10-08 21:57:59 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-10-08 21:57:59 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-09-22 10:22:59 1800704 ----a-w- c:\windows\system32\jscript9.dll
2013-09-22 10:14:39 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2013-09-22 10:13:22 1129472 ----a-w- c:\windows\system32\wininet.dll
2013-09-22 10:08:41 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2013-09-22 10:06:58 420864 ----a-w- c:\windows\system32\vbscript.dll
2013-09-22 10:03:18 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-09-03 19:35:12 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-08-29 07:36:04 2050048 ----a-w- c:\windows\system32\win32k.sys
2013-08-27 02:47:50 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-08-27 02:47:50 189952 ----a-w- c:\windows\system32\d3d10core.dll
2013-08-27 02:47:50 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2013-08-27 02:47:50 1029120 ----a-w- c:\windows\system32\d3d10.dll
2013-08-27 01:52:08 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2013-08-27 01:50:40 486400 ----a-w- c:\windows\system32\d3d10level9.dll
2013-08-27 01:32:20 683008 ----a-w- c:\windows\system32\d2d1.dll
2013-08-27 01:28:36 1069056 ----a-w- c:\windows\system32\DWrite.dll
2013-08-27 01:28:35 798208 ----a-w- c:\windows\system32\FntCache.dll
2013-08-02 04:09:35 1548288 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-08-01 03:16:32 638400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-08-01 02:49:15 37376 ----a-w- c:\windows\system32\cdd.dll
.
============= FINISH: 20:24:21.09 ===============