maddeningloop
Posts: 17 +0
Ok, well, I originally managed to contract some horrible scareware ('Antivirus Scan'), and in the process of trying to clean it up more infections arose, so I decided to format my laptop (with original 32-bit Vista OS). Since formatting it, I've had a number of problems which include
- certain webpages only half loading
- a strange file with a random string of letters appearing on my external hard drive
- said hard drive not appearing under device manager
- BSOD
- un responsive script messages when using Firefox
- inability to find drivers for internal camera (obviously a separate issue)
I will paste below MBAM log, DDS & Attach logs, and then I will attach GMER log (it is very large)
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Database version: 5587
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18999
24/01/2011 12:46:16
mbam-log-2011-01-24 (12-46-16).txt
Scan type: Full scan (C:\|)
Objects scanned: 264590
Time elapsed: 1 hour(s), 1 minute(s), 25 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_10-12-12.02)
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 21/01/2011 01:04:39
System Uptime: 24/01/2011 23:16:27 (0 hours ago)
Motherboard: Sony Corporation | | VAIO
Processor: Intel(R) Core(TM)2 Duo CPU T7100 @ 1.80GHz | N/A | 1801/200mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 102 GiB total, 61.798 GiB free.
D: is CDROM ()
E: is FIXED (NTFS) - 931 GiB total, 657.857 GiB free.
==== Disabled Device Manager Items =============
Class GUID:
Description: Mass Storage Controller
Device ID: PCI\VEN_104C&DEV_803B&SUBSYS_9005104D&REV_00\4&382EAD5F&0&1AF0
Manufacturer:
Name: Mass Storage Controller
PNP Device ID: PCI\VEN_104C&DEV_803B&SUBSYS_9005104D&REV_00\4&382EAD5F&0&1AF0
Service:
Class GUID:
Description:
Device ID: ACPI\SNY5001\4&203C7357&0
Manufacturer:
Name:
PNP Device ID: ACPI\SNY5001\4&203C7357&0
Service:
==== System Restore Points ===================
RP8: 22/01/2011 15:26:29 - avast! Free Antivirus Setup
RP9: 22/01/2011 15:44:21 - Installed Sunbelt Personal Firewall.
RP10: 22/01/2011 19:45:45 - Windows Update
RP11: 22/01/2011 19:59:44 - Windows Update
RP12: 22/01/2011 20:19:59 - Windows Update
RP13: 22/01/2011 20:57:46 - Windows Update
RP14: 22/01/2011 21:04:54 - Windows Update
RP15: 22/01/2011 21:54:00 - Device Driver Package Install: Ricoh Imaging devices
RP17: 22/01/2011 22:14:42 - Installed VAIO Camera Capture Utility
RP19: 22/01/2011 22:16:19 - Installed VAIO Camera Utility
RP20: 22/01/2011 22:36:11 - Windows Update
RP21: 23/01/2011 00:43:05 - Windows Update
RP22: 23/01/2011 18:48:06 - Installed Microsoft Fix it 50199
RP23: 24/01/2011 00:56:36 - Installed Java(TM) 6 Update 20
RP24: 24/01/2011 00:58:09 - Installed OpenOffice.org 3.2
RP25: 24/01/2011 13:31:06 - Scheduled Checkpoint
==== Installed Programs ======================
Adobe Flash Player 10 ActiveX
µTorrent
avast! Free Antivirus
CCleaner
CDBurnerXP
ConvertXtoDVD 4.1.2.336
DivX Setup
Google Chrome
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Java Auto Updater
Java(TM) 6 Update 20
Malwarebytes' Anti-Malware
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Mozilla Firefox (3.6.13)
OpenOffice.org 3.2
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Spotify
Spybot - Search & Destroy
Sunbelt Personal Firewall
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
VAIO Camera Capture Utility
VAIO Camera Utility
VC80CRTRedist - 8.0.50727.4053
VLC media player 1.1.5
Windows Driver Package - Ricoh R5U870 (UVC) (02/28/2007 6.1008.207.0)
==== Event Viewer Messages From Past Week ========
24/01/2011 23:17:25, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
24/01/2011 23:16:56, Error: EventLog [6008] - The previous system shutdown at 23:14:13 on 24/01/2011 was unexpected.
23/01/2011 11:44:01, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
23/01/2011 00:46:27, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control.
22/01/2011 20:51:06, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
==== End Of File ===========================
DDS (Ver_10-12-12.02) - NTFSx86
Run by Emma at 23:51:57.68 on 24/01/2011
Internet Explorer: 8.0.6001.18999 BrowserJavaVersion: 1.6.0_20
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.2046.1073 [GMT 0:00]
AV: avast! Antivirus *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Emma\Downloads\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.google.com/
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\npdivx32.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - c:\program files\divx\divx plus web player\npdivx32.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [Google Update] "c:\users\emma\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui
mRun: [VAIOCameraUtility] "c:\program files\sony\vaio camera utility\VCUServe.exe"
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [DivX Download Manager] "c:\program files\divx\divx plus web player\DDmService.exe" start
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
StartupFolder: c:\users\emma\appdata\roaming\micros~1\windows\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
================= FIREFOX ===================
FF - ProfilePath - c:\users\emma\appdata\roaming\mozilla\firefox\profiles\cz3b8fda.default\
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\users\emma\appdata\local\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: DivX Plus Web Player HTML5 <video>: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files\divx\divx plus web player\firefox\html5video
FF - Ext: DivX HiQ: {6904342A-8307-11DF-A508-4AE2DFD72085} - c:\program files\divx\divx plus web player\firefox\wpa
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
============= SERVICES / DRIVERS ===============
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-1-22 294608]
R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [2008-10-31 270888]
R1 sbhips;Sunbelt HIPS Driver;c:\windows\system32\drivers\sbhips.sys [2008-6-21 66600]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-1-22 17744]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-1-22 51280]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2011-1-22 40384]
R2 SbPF.Launcher;SbPF.Launcher;c:\program files\sunbelt software\personal firewall\SbPFLnch.exe [2008-10-31 95528]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2011-1-22 1153368]
R2 SPF4;Sunbelt Personal Firewall 4;c:\program files\sunbelt software\personal firewall\SbPFSvc.exe [2008-10-31 1365288]
R3 R5U870FLx86;R5U870 UVC Lower Filter ;c:\windows\system32\drivers\R5U870FLx86.sys [2007-4-26 74240]
R3 R5U870FUx86;R5U870 UVC Upper Filter ;c:\windows\system32\drivers\R5U870FUx86.sys [2007-4-26 43904]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [2011-1-22 65576]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
=============== Created Last 30 ================
2011-01-24 01:16:09 -------- d-----w- c:\users\emma\appdata\roaming\OpenOffice.org
2011-01-24 00:58:38 -------- d-----w- c:\program files\JRE
2011-01-24 00:58:29 -------- d-----w- c:\program files\OpenOffice.org 3
2011-01-24 00:57:25 411368 ----a-w- c:\windows\system32\deployJava1.dll
2011-01-24 00:57:25 411368 ----a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll
2011-01-24 00:13:35 -------- d-----w- c:\users\emma\appdata\roaming\Malwarebytes
2011-01-24 00:13:31 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-01-24 00:13:30 -------- d-----w- c:\progra~2\Malwarebytes
2011-01-24 00:13:27 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-01-24 00:13:27 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-01-23 19:53:47 -------- d-----w- c:\progra~2\vsosdk
2011-01-23 13:11:28 -------- d-----w- c:\program files\CCleaner
2011-01-23 00:40:00 217127 ----a-w- c:\windows\system32\drv43260.dll
2011-01-23 00:40:00 208935 ----a-w- c:\windows\system32\drv33260.dll
2011-01-23 00:40:00 102439 ----a-w- c:\windows\system32\sipr3260.dll
2011-01-23 00:39:59 65602 ----a-w- c:\windows\system32\cook3260.dll
2011-01-23 00:39:59 176165 ----a-w- c:\windows\system32\drv23260.dll
2011-01-23 00:39:55 626688 ----a-w- c:\windows\system32\vp7vfw.dll
2011-01-23 00:39:53 1184984 ----a-w- c:\windows\system32\wvc1dmod.dll
2011-01-23 00:39:51 -------- d-----w- c:\program files\VSO
2011-01-22 23:59:58 -------- d-----w- c:\program files\VideoLAN
2011-01-22 23:56:28 -------- d-----w- c:\program files\uTorrent
2011-01-22 23:55:46 -------- d-----w- c:\users\emma\appdata\roaming\uTorrent
2011-01-22 23:55:10 -------- d-----w- c:\users\emma\appdata\roaming\Canneverbe Limited
2011-01-22 23:55:10 -------- d-----w- c:\progra~2\Canneverbe Limited
2011-01-22 23:31:45 -------- d-----w- c:\users\emma\appdata\roaming\Spotify
2011-01-22 23:31:45 -------- d-----w- c:\users\emma\appdata\local\Spotify
2011-01-22 23:31:41 -------- d-----w- c:\program files\Spotify
2011-01-22 23:30:27 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-01-22 23:30:27 -------- d-----w- c:\progra~2\Spybot - Search & Destroy
2011-01-22 22:59:31 -------- d-----w- c:\users\emma\appdata\roaming\Local
2011-01-22 22:58:50 -------- d-----w- c:\program files\common files\PX Storage Engine
2011-01-22 22:57:54 -------- d-----w- c:\program files\common files\DivX Shared
2011-01-22 22:56:33 -------- d-----w- c:\program files\DivX
2011-01-22 22:55:52 -------- d-----w- c:\progra~2\DivX
2011-01-22 22:14:51 -------- d-----w- c:\program files\Sony
2011-01-22 22:06:06 757760 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iKernel.dll
2011-01-22 22:06:06 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\ctor.dll
2011-01-22 22:06:06 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\DotNetInstaller.exe
2011-01-22 22:06:06 32768 ----a-w- c:\program files\common files\installshield\professional\runtime\Objectps.dll
2011-01-22 22:06:06 274432 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iscript.dll
2011-01-22 22:06:06 204800 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iuser.dll
2011-01-22 22:06:06 200836 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iGdi.dll
2011-01-22 22:06:05 331908 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\setup.dll
2011-01-22 22:00:04 420352 ----a-w- c:\windows\system32\vbscript.dll
2011-01-22 21:59:59 304128 ----a-w- c:\windows\system32\drivers\srv.sys
2011-01-22 21:59:59 17920 ----a-w- c:\windows\system32\netevent.dll
2011-01-22 21:59:59 145408 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-01-22 21:59:59 125952 ----a-w- c:\windows\system32\srvsvc.dll
2011-01-22 21:59:59 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-01-22 21:59:48 377344 ----a-w- c:\windows\system32\winhttp.dll
2011-01-22 21:59:30 739328 ----a-w- c:\windows\system32\inetcomm.dll
2011-01-22 21:40:05 -------- d-----w- c:\users\emma\appdata\local\Google
2011-01-22 21:39:58 -------- d-----w- c:\users\emma\appdata\local\Deployment
2011-01-22 21:39:58 -------- d-----w- c:\users\emma\appdata\local\Apps
2011-01-22 21:07:36 7680 ----a-w- c:\program files\internet explorer\iecompat.dll
2011-01-22 21:05:45 72704 ----a-w- c:\windows\system32\admparse.dll
2011-01-22 20:50:43 -------- d-----w- c:\program files\Windows Portable Devices
2011-01-22 20:42:15 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2011-01-22 20:42:14 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2011-01-22 20:42:14 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2011-01-22 20:40:55 81920 ----a-w- c:\windows\system32\wpdbusenum.dll
2011-01-22 20:29:47 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-01-22 20:29:47 49472 ----a-w- c:\windows\system32\netfxperf.dll
2011-01-22 20:29:47 297808 ----a-w- c:\windows\system32\mscoree.dll
2011-01-22 20:29:47 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2011-01-22 20:29:47 1130824 ----a-w- c:\windows\system32\dfshim.dll
2011-01-22 20:29:00 293376 ----a-w- c:\windows\system32\browserchoice.exe
2011-01-22 20:24:53 24064 ----a-w- c:\windows\system32\nshhttp.dll
2011-01-22 20:24:52 411648 ----a-w- c:\windows\system32\drivers\http.sys
2011-01-22 20:24:52 30720 ----a-w- c:\windows\system32\httpapi.dll
2011-01-22 20:22:19 168960 ----a-w- c:\program files\windows media player\wmplayer.exe
2011-01-22 20:22:18 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2011-01-22 20:21:53 502272 ----a-w- c:\windows\system32\usp10.dll
2011-01-22 20:21:50 515584 ----a-w- c:\program files\windows mail\wab.exe
2011-01-22 20:21:49 66048 ----a-w- c:\program files\windows mail\wabmig.exe
2011-01-22 20:21:49 33280 ----a-w- c:\program files\windows mail\wabfind.dll
2011-01-22 20:21:09 274944 ----a-w- c:\windows\system32\schannel.dll
2011-01-22 20:19:41 302592 ----a-w- c:\windows\system32\wlansec.dll
2011-01-22 20:18:53 2038272 ----a-w- c:\windows\system32\win32k.sys
2011-01-22 20:17:53 3600768 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-01-22 20:16:53 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2011-01-22 20:16:51 43520 ----a-w- c:\windows\system32\msdxm.tlb
2011-01-22 20:16:51 18432 ----a-w- c:\windows\system32\amcompat.tlb
2011-01-22 20:16:15 471552 ----a-w- c:\windows\system32\secproc_isv.dll
2011-01-22 20:16:15 471552 ----a-w- c:\windows\system32\secproc.dll
2011-01-22 20:16:10 526336 ----a-w- c:\windows\system32\RMActivate_isv.exe
2011-01-22 20:16:05 518144 ----a-w- c:\windows\system32\RMActivate.exe
2011-01-22 20:16:05 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2011-01-22 20:16:05 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2011-01-22 20:16:05 332288 ----a-w- c:\windows\system32\msdrm.dll
2011-01-22 20:16:05 152576 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2011-01-22 20:16:05 152064 ----a-w- c:\windows\system32\secproc_ssp.dll
2011-01-22 20:15:53 60928 ----a-w- c:\windows\system32\msasn1.dll
2011-01-22 20:15:44 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2011-01-22 20:15:41 905088 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-01-22 20:15:41 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2011-01-22 20:15:38 243712 ----a-w- c:\windows\system32\rastls.dll
2011-01-22 20:15:36 355328 ----a-w- c:\windows\system32\WSDApi.dll
2011-01-22 20:15:01 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2011-01-22 20:00:16 2730536 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\backup\mpengine.dll
2011-01-22 20:00:09 5890896 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{b266c226-c0f2-4dad-9294-af8b46643f90}\mpengine.dll
2011-01-22 20:00:04 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-01-22 19:55:16 172032 ----a-w- c:\windows\system32\wintrust.dll
2011-01-22 19:54:35 98304 ----a-w- c:\windows\system32\cabview.dll
2011-01-22 19:51:14 -------- d-----w- c:\users\emma\appdata\local\Mozilla
2011-01-22 19:46:24 2421760 ----a-w- c:\windows\system32\wucltux.dll
2011-01-22 19:46:02 87552 ----a-w- c:\windows\system32\wudriver.dll
2011-01-22 19:45:54 33792 ----a-w- c:\windows\system32\wuapp.exe
2011-01-22 19:45:54 171608 ----a-w- c:\windows\system32\wuwebv.dll
2011-01-22 15:44:40 65576 ----a-w- c:\windows\system32\drivers\SbFwIm.sys
2011-01-22 15:44:33 -------- d-----w- c:\program files\Sunbelt Software
2011-01-22 15:27:26 51280 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-01-22 15:26:49 -------- d-sh--w- c:\windows\Installer
2011-01-22 15:26:45 38848 ----a-w- c:\windows\avastSS.scr
2011-01-22 15:26:36 -------- d-----w- c:\progra~2\Alwil Software
2011-01-21 08:52:38 -------- d-----w- c:\windows\Panther
2011-01-21 08:38:42 -------- d-----w- C:\Windows.old
==================== Find3M ====================
2010-12-28 15:55:03 413696 ----a-w- c:\windows\system32\odbc32.dll
2010-12-14 14:49:23 1169408 ----a-w- c:\windows\system32\sdclt.exe
2010-11-12 00:44:54 94208 ----a-w- c:\windows\system32\dpl100.dll
2010-11-08 22:57:04 353592 ----a-w- c:\windows\system32\DivXControlPanelApplet.cpl
2010-11-04 18:56:07 345600 ----a-w- c:\windows\system32\wmicmiplugin.dll
2010-11-04 18:55:38 352768 ----a-w- c:\windows\system32\taskschd.dll
2010-11-04 18:55:38 270336 ----a-w- c:\windows\system32\taskcomp.dll
2010-11-04 18:55:12 601600 ----a-w- c:\windows\system32\schedsvc.dll
2010-11-04 16:34:06 171520 ----a-w- c:\windows\system32\taskeng.exe
2010-11-02 06:01:54 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-02 05:57:41 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-02 05:57:27 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-11-02 05:57:11 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-11-02 05:57:11 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-11-02 05:01:31 385024 ----a-w- c:\windows\system32\html.iec
2010-11-02 04:26:10 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-11-02 04:24:44 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2010-10-28 15:44:56 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-10-28 13:27:47 292352 ----a-w- c:\windows\system32\atmfd.dll
2010-10-28 13:20:12 2048 ----a-w- c:\windows\system32\tzres.dll
============= FINISH: 23:53:12.20 ===============
Would appreciate any help with this. Been plagued lately, and I am reaching the end of my capabilities/tether!
- certain webpages only half loading
- a strange file with a random string of letters appearing on my external hard drive
- said hard drive not appearing under device manager
- BSOD
- un responsive script messages when using Firefox
- inability to find drivers for internal camera (obviously a separate issue)
I will paste below MBAM log, DDS & Attach logs, and then I will attach GMER log (it is very large)
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Database version: 5587
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18999
24/01/2011 12:46:16
mbam-log-2011-01-24 (12-46-16).txt
Scan type: Full scan (C:\|)
Objects scanned: 264590
Time elapsed: 1 hour(s), 1 minute(s), 25 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_10-12-12.02)
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 21/01/2011 01:04:39
System Uptime: 24/01/2011 23:16:27 (0 hours ago)
Motherboard: Sony Corporation | | VAIO
Processor: Intel(R) Core(TM)2 Duo CPU T7100 @ 1.80GHz | N/A | 1801/200mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 102 GiB total, 61.798 GiB free.
D: is CDROM ()
E: is FIXED (NTFS) - 931 GiB total, 657.857 GiB free.
==== Disabled Device Manager Items =============
Class GUID:
Description: Mass Storage Controller
Device ID: PCI\VEN_104C&DEV_803B&SUBSYS_9005104D&REV_00\4&382EAD5F&0&1AF0
Manufacturer:
Name: Mass Storage Controller
PNP Device ID: PCI\VEN_104C&DEV_803B&SUBSYS_9005104D&REV_00\4&382EAD5F&0&1AF0
Service:
Class GUID:
Description:
Device ID: ACPI\SNY5001\4&203C7357&0
Manufacturer:
Name:
PNP Device ID: ACPI\SNY5001\4&203C7357&0
Service:
==== System Restore Points ===================
RP8: 22/01/2011 15:26:29 - avast! Free Antivirus Setup
RP9: 22/01/2011 15:44:21 - Installed Sunbelt Personal Firewall.
RP10: 22/01/2011 19:45:45 - Windows Update
RP11: 22/01/2011 19:59:44 - Windows Update
RP12: 22/01/2011 20:19:59 - Windows Update
RP13: 22/01/2011 20:57:46 - Windows Update
RP14: 22/01/2011 21:04:54 - Windows Update
RP15: 22/01/2011 21:54:00 - Device Driver Package Install: Ricoh Imaging devices
RP17: 22/01/2011 22:14:42 - Installed VAIO Camera Capture Utility
RP19: 22/01/2011 22:16:19 - Installed VAIO Camera Utility
RP20: 22/01/2011 22:36:11 - Windows Update
RP21: 23/01/2011 00:43:05 - Windows Update
RP22: 23/01/2011 18:48:06 - Installed Microsoft Fix it 50199
RP23: 24/01/2011 00:56:36 - Installed Java(TM) 6 Update 20
RP24: 24/01/2011 00:58:09 - Installed OpenOffice.org 3.2
RP25: 24/01/2011 13:31:06 - Scheduled Checkpoint
==== Installed Programs ======================
Adobe Flash Player 10 ActiveX
µTorrent
avast! Free Antivirus
CCleaner
CDBurnerXP
ConvertXtoDVD 4.1.2.336
DivX Setup
Google Chrome
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Java Auto Updater
Java(TM) 6 Update 20
Malwarebytes' Anti-Malware
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Mozilla Firefox (3.6.13)
OpenOffice.org 3.2
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Spotify
Spybot - Search & Destroy
Sunbelt Personal Firewall
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
VAIO Camera Capture Utility
VAIO Camera Utility
VC80CRTRedist - 8.0.50727.4053
VLC media player 1.1.5
Windows Driver Package - Ricoh R5U870 (UVC) (02/28/2007 6.1008.207.0)
==== Event Viewer Messages From Past Week ========
24/01/2011 23:17:25, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
24/01/2011 23:16:56, Error: EventLog [6008] - The previous system shutdown at 23:14:13 on 24/01/2011 was unexpected.
23/01/2011 11:44:01, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
23/01/2011 00:46:27, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control.
22/01/2011 20:51:06, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
==== End Of File ===========================
DDS (Ver_10-12-12.02) - NTFSx86
Run by Emma at 23:51:57.68 on 24/01/2011
Internet Explorer: 8.0.6001.18999 BrowserJavaVersion: 1.6.0_20
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.2046.1073 [GMT 0:00]
AV: avast! Antivirus *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Emma\Downloads\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.google.com/
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\npdivx32.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - c:\program files\divx\divx plus web player\npdivx32.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [Google Update] "c:\users\emma\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui
mRun: [VAIOCameraUtility] "c:\program files\sony\vaio camera utility\VCUServe.exe"
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [DivX Download Manager] "c:\program files\divx\divx plus web player\DDmService.exe" start
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
StartupFolder: c:\users\emma\appdata\roaming\micros~1\windows\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
================= FIREFOX ===================
FF - ProfilePath - c:\users\emma\appdata\roaming\mozilla\firefox\profiles\cz3b8fda.default\
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\users\emma\appdata\local\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: DivX Plus Web Player HTML5 <video>: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files\divx\divx plus web player\firefox\html5video
FF - Ext: DivX HiQ: {6904342A-8307-11DF-A508-4AE2DFD72085} - c:\program files\divx\divx plus web player\firefox\wpa
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
============= SERVICES / DRIVERS ===============
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-1-22 294608]
R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [2008-10-31 270888]
R1 sbhips;Sunbelt HIPS Driver;c:\windows\system32\drivers\sbhips.sys [2008-6-21 66600]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-1-22 17744]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-1-22 51280]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2011-1-22 40384]
R2 SbPF.Launcher;SbPF.Launcher;c:\program files\sunbelt software\personal firewall\SbPFLnch.exe [2008-10-31 95528]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2011-1-22 1153368]
R2 SPF4;Sunbelt Personal Firewall 4;c:\program files\sunbelt software\personal firewall\SbPFSvc.exe [2008-10-31 1365288]
R3 R5U870FLx86;R5U870 UVC Lower Filter ;c:\windows\system32\drivers\R5U870FLx86.sys [2007-4-26 74240]
R3 R5U870FUx86;R5U870 UVC Upper Filter ;c:\windows\system32\drivers\R5U870FUx86.sys [2007-4-26 43904]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [2011-1-22 65576]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
=============== Created Last 30 ================
2011-01-24 01:16:09 -------- d-----w- c:\users\emma\appdata\roaming\OpenOffice.org
2011-01-24 00:58:38 -------- d-----w- c:\program files\JRE
2011-01-24 00:58:29 -------- d-----w- c:\program files\OpenOffice.org 3
2011-01-24 00:57:25 411368 ----a-w- c:\windows\system32\deployJava1.dll
2011-01-24 00:57:25 411368 ----a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll
2011-01-24 00:13:35 -------- d-----w- c:\users\emma\appdata\roaming\Malwarebytes
2011-01-24 00:13:31 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-01-24 00:13:30 -------- d-----w- c:\progra~2\Malwarebytes
2011-01-24 00:13:27 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-01-24 00:13:27 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-01-23 19:53:47 -------- d-----w- c:\progra~2\vsosdk
2011-01-23 13:11:28 -------- d-----w- c:\program files\CCleaner
2011-01-23 00:40:00 217127 ----a-w- c:\windows\system32\drv43260.dll
2011-01-23 00:40:00 208935 ----a-w- c:\windows\system32\drv33260.dll
2011-01-23 00:40:00 102439 ----a-w- c:\windows\system32\sipr3260.dll
2011-01-23 00:39:59 65602 ----a-w- c:\windows\system32\cook3260.dll
2011-01-23 00:39:59 176165 ----a-w- c:\windows\system32\drv23260.dll
2011-01-23 00:39:55 626688 ----a-w- c:\windows\system32\vp7vfw.dll
2011-01-23 00:39:53 1184984 ----a-w- c:\windows\system32\wvc1dmod.dll
2011-01-23 00:39:51 -------- d-----w- c:\program files\VSO
2011-01-22 23:59:58 -------- d-----w- c:\program files\VideoLAN
2011-01-22 23:56:28 -------- d-----w- c:\program files\uTorrent
2011-01-22 23:55:46 -------- d-----w- c:\users\emma\appdata\roaming\uTorrent
2011-01-22 23:55:10 -------- d-----w- c:\users\emma\appdata\roaming\Canneverbe Limited
2011-01-22 23:55:10 -------- d-----w- c:\progra~2\Canneverbe Limited
2011-01-22 23:31:45 -------- d-----w- c:\users\emma\appdata\roaming\Spotify
2011-01-22 23:31:45 -------- d-----w- c:\users\emma\appdata\local\Spotify
2011-01-22 23:31:41 -------- d-----w- c:\program files\Spotify
2011-01-22 23:30:27 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-01-22 23:30:27 -------- d-----w- c:\progra~2\Spybot - Search & Destroy
2011-01-22 22:59:31 -------- d-----w- c:\users\emma\appdata\roaming\Local
2011-01-22 22:58:50 -------- d-----w- c:\program files\common files\PX Storage Engine
2011-01-22 22:57:54 -------- d-----w- c:\program files\common files\DivX Shared
2011-01-22 22:56:33 -------- d-----w- c:\program files\DivX
2011-01-22 22:55:52 -------- d-----w- c:\progra~2\DivX
2011-01-22 22:14:51 -------- d-----w- c:\program files\Sony
2011-01-22 22:06:06 757760 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iKernel.dll
2011-01-22 22:06:06 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\ctor.dll
2011-01-22 22:06:06 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\DotNetInstaller.exe
2011-01-22 22:06:06 32768 ----a-w- c:\program files\common files\installshield\professional\runtime\Objectps.dll
2011-01-22 22:06:06 274432 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iscript.dll
2011-01-22 22:06:06 204800 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iuser.dll
2011-01-22 22:06:06 200836 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iGdi.dll
2011-01-22 22:06:05 331908 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\setup.dll
2011-01-22 22:00:04 420352 ----a-w- c:\windows\system32\vbscript.dll
2011-01-22 21:59:59 304128 ----a-w- c:\windows\system32\drivers\srv.sys
2011-01-22 21:59:59 17920 ----a-w- c:\windows\system32\netevent.dll
2011-01-22 21:59:59 145408 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-01-22 21:59:59 125952 ----a-w- c:\windows\system32\srvsvc.dll
2011-01-22 21:59:59 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-01-22 21:59:48 377344 ----a-w- c:\windows\system32\winhttp.dll
2011-01-22 21:59:30 739328 ----a-w- c:\windows\system32\inetcomm.dll
2011-01-22 21:40:05 -------- d-----w- c:\users\emma\appdata\local\Google
2011-01-22 21:39:58 -------- d-----w- c:\users\emma\appdata\local\Deployment
2011-01-22 21:39:58 -------- d-----w- c:\users\emma\appdata\local\Apps
2011-01-22 21:07:36 7680 ----a-w- c:\program files\internet explorer\iecompat.dll
2011-01-22 21:05:45 72704 ----a-w- c:\windows\system32\admparse.dll
2011-01-22 20:50:43 -------- d-----w- c:\program files\Windows Portable Devices
2011-01-22 20:42:15 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2011-01-22 20:42:14 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2011-01-22 20:42:14 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2011-01-22 20:40:55 81920 ----a-w- c:\windows\system32\wpdbusenum.dll
2011-01-22 20:29:47 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-01-22 20:29:47 49472 ----a-w- c:\windows\system32\netfxperf.dll
2011-01-22 20:29:47 297808 ----a-w- c:\windows\system32\mscoree.dll
2011-01-22 20:29:47 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2011-01-22 20:29:47 1130824 ----a-w- c:\windows\system32\dfshim.dll
2011-01-22 20:29:00 293376 ----a-w- c:\windows\system32\browserchoice.exe
2011-01-22 20:24:53 24064 ----a-w- c:\windows\system32\nshhttp.dll
2011-01-22 20:24:52 411648 ----a-w- c:\windows\system32\drivers\http.sys
2011-01-22 20:24:52 30720 ----a-w- c:\windows\system32\httpapi.dll
2011-01-22 20:22:19 168960 ----a-w- c:\program files\windows media player\wmplayer.exe
2011-01-22 20:22:18 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2011-01-22 20:21:53 502272 ----a-w- c:\windows\system32\usp10.dll
2011-01-22 20:21:50 515584 ----a-w- c:\program files\windows mail\wab.exe
2011-01-22 20:21:49 66048 ----a-w- c:\program files\windows mail\wabmig.exe
2011-01-22 20:21:49 33280 ----a-w- c:\program files\windows mail\wabfind.dll
2011-01-22 20:21:09 274944 ----a-w- c:\windows\system32\schannel.dll
2011-01-22 20:19:41 302592 ----a-w- c:\windows\system32\wlansec.dll
2011-01-22 20:18:53 2038272 ----a-w- c:\windows\system32\win32k.sys
2011-01-22 20:17:53 3600768 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-01-22 20:16:53 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2011-01-22 20:16:51 43520 ----a-w- c:\windows\system32\msdxm.tlb
2011-01-22 20:16:51 18432 ----a-w- c:\windows\system32\amcompat.tlb
2011-01-22 20:16:15 471552 ----a-w- c:\windows\system32\secproc_isv.dll
2011-01-22 20:16:15 471552 ----a-w- c:\windows\system32\secproc.dll
2011-01-22 20:16:10 526336 ----a-w- c:\windows\system32\RMActivate_isv.exe
2011-01-22 20:16:05 518144 ----a-w- c:\windows\system32\RMActivate.exe
2011-01-22 20:16:05 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2011-01-22 20:16:05 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2011-01-22 20:16:05 332288 ----a-w- c:\windows\system32\msdrm.dll
2011-01-22 20:16:05 152576 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2011-01-22 20:16:05 152064 ----a-w- c:\windows\system32\secproc_ssp.dll
2011-01-22 20:15:53 60928 ----a-w- c:\windows\system32\msasn1.dll
2011-01-22 20:15:44 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2011-01-22 20:15:41 905088 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-01-22 20:15:41 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2011-01-22 20:15:38 243712 ----a-w- c:\windows\system32\rastls.dll
2011-01-22 20:15:36 355328 ----a-w- c:\windows\system32\WSDApi.dll
2011-01-22 20:15:01 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2011-01-22 20:00:16 2730536 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\backup\mpengine.dll
2011-01-22 20:00:09 5890896 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{b266c226-c0f2-4dad-9294-af8b46643f90}\mpengine.dll
2011-01-22 20:00:04 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-01-22 19:55:16 172032 ----a-w- c:\windows\system32\wintrust.dll
2011-01-22 19:54:35 98304 ----a-w- c:\windows\system32\cabview.dll
2011-01-22 19:51:14 -------- d-----w- c:\users\emma\appdata\local\Mozilla
2011-01-22 19:46:24 2421760 ----a-w- c:\windows\system32\wucltux.dll
2011-01-22 19:46:02 87552 ----a-w- c:\windows\system32\wudriver.dll
2011-01-22 19:45:54 33792 ----a-w- c:\windows\system32\wuapp.exe
2011-01-22 19:45:54 171608 ----a-w- c:\windows\system32\wuwebv.dll
2011-01-22 15:44:40 65576 ----a-w- c:\windows\system32\drivers\SbFwIm.sys
2011-01-22 15:44:33 -------- d-----w- c:\program files\Sunbelt Software
2011-01-22 15:27:26 51280 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-01-22 15:26:49 -------- d-sh--w- c:\windows\Installer
2011-01-22 15:26:45 38848 ----a-w- c:\windows\avastSS.scr
2011-01-22 15:26:36 -------- d-----w- c:\progra~2\Alwil Software
2011-01-21 08:52:38 -------- d-----w- c:\windows\Panther
2011-01-21 08:38:42 -------- d-----w- C:\Windows.old
==================== Find3M ====================
2010-12-28 15:55:03 413696 ----a-w- c:\windows\system32\odbc32.dll
2010-12-14 14:49:23 1169408 ----a-w- c:\windows\system32\sdclt.exe
2010-11-12 00:44:54 94208 ----a-w- c:\windows\system32\dpl100.dll
2010-11-08 22:57:04 353592 ----a-w- c:\windows\system32\DivXControlPanelApplet.cpl
2010-11-04 18:56:07 345600 ----a-w- c:\windows\system32\wmicmiplugin.dll
2010-11-04 18:55:38 352768 ----a-w- c:\windows\system32\taskschd.dll
2010-11-04 18:55:38 270336 ----a-w- c:\windows\system32\taskcomp.dll
2010-11-04 18:55:12 601600 ----a-w- c:\windows\system32\schedsvc.dll
2010-11-04 16:34:06 171520 ----a-w- c:\windows\system32\taskeng.exe
2010-11-02 06:01:54 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-02 05:57:41 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-02 05:57:27 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-11-02 05:57:11 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-11-02 05:57:11 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-11-02 05:01:31 385024 ----a-w- c:\windows\system32\html.iec
2010-11-02 04:26:10 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-11-02 04:24:44 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2010-10-28 15:44:56 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-10-28 13:27:47 292352 ----a-w- c:\windows\system32\atmfd.dll
2010-10-28 13:20:12 2048 ----a-w- c:\windows\system32\tzres.dll
============= FINISH: 23:53:12.20 ===============
Would appreciate any help with this. Been plagued lately, and I am reaching the end of my capabilities/tether!