Hank1972
Posts: 18 +0
I have a XP Pro desktop I use for my office, any way on Monday nite, I noticed tha it started to act strange. I then notice that Malware Bytes and Defender no longer work. Malware Bytes refuses to open even though I can see the Icon. I get mbam.exe Unable To Locate Component error message. My sounddriver ctfmon.exe, and Quickbooks all also say they are not there as well. When I try to run Defender I get Shortcut has been removed or changed message. I took out the hard drive and ran a Anti Virus scan from my laptop as the hard drive as an external HD. I for 4 viruses that I removed. When I went back to the desktop, I still had the same issue. I tried to do a system restore and got a "System Restore can not protect your computer at this time" I ran an anti virus scan in safe mode and still nothing. I then tried to install Hijackthis and it did not let me do the install. I read about a Malware bytes fix that I installed and still nothing. I did manage to get a log from DDS note pad which I will add that the end. Can some one please help me fix this?:
DDS LOG:
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702
Run by User at 16:43:49 on 2013-04-17
.
============== Running Processes ================
.
\??\C:\Program Files\AVG\AVG2012\avgrsx.exe
\??\C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\windows\system32\spoolsv.exe
C:\windows\Explorer.EXE
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Xerox\NWWia\XrxFTPLt.exe
C:\Program Files\AVG SafeGuard toolbar\vprot.exe
C:\program files\real\realplayer\update\realsched.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\Program Files\TeamViewer\Version7\TeamViewer.exe
C:\Program Files\TeamViewer\Version7\tv_w32.exe
C:\windows\System32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k WudfServiceGroup
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\svchost.exe -k LocalService
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.google.com/
uDefault_Page_URL = hxxp://www.msn.com
BHO: AutorunsDisabled - <orphaned>
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: {3049C3E9-B461-4BC5-8870-4C09146192CA} - <orphaned>
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - c:\program files\avg\avg2012\avgssie.dll
BHO: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg safeguard toolbar\14.2.0.1\AVG SafeGuard toolbar_toolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - <orphaned>
TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
TB: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg safeguard toolbar\14.2.0.1\AVG SafeGuard toolbar_toolbar.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [IntelAudioStudio] "c:\program files\intel audio studio\IntelAudioStudio.exe" TRAY
mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
mRun: [PaperPort PTD] "c:\program files\scansoft\paperport\pptd40nt.exe"
mRun: [IndexSearch] "c:\program files\scansoft\paperport\IndexSearch.exe"
mRun: [PPort11reminder] "c:\program files\scansoft\paperport\ereg\ereg.exe" -r "c:\documents and settings\all users\application data\scansoft\paperport\11\config\ereg\Ereg.ini
mRun: [SysTrayApp] c:\program files\idt\wdm\sttray.exe
mRun: [SigmatelSysTrayApp] sttray.exe
mRun: [XeroxScannerDaemon] c:\program files\xerox\nwwia\XrxFTPLt.exe
mRun: [vProt] "c:\program files\avg safeguard toolbar\vprot.exe"
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
uPolicies-Explorer: NoDriveTypeAutoRun = dword:0
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1366138758140
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1201810424968
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://systemrequirementslab.com.s3.amazonaws.com/iduu/bin/srldetect_intel.cab
DPF: {D25A9538-F962-4501-9E68-D7C3DDECB148} - hxxp://75.144.211.249:8080/template/xWebView2.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com//activex/ractrl.cab?lmi=972
TCP: Interfaces\{30456D21-770C-43E6-8D40-FDFE622586DD} : DHCPNameServer = 192.168.0.1 72.45.32.147 72.45.32.148
Handler: AutorunsDisabled - <Clsid value has no data>
Handler: intu-help-qb5 - {867FCB77-9823-4cd6-8210-D85F968D466F} - c:\program files\intuit\quickbooks 2009\HelpAsyncPluggableProtocol.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} -
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\14.2.0\ViProtocol.dll
Notify: AutorunsDisabled - <no file>
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - <orphaned>
LSA: Authentication Packages = msv1_0 nwprovau
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
.
============= SERVICES / DRIVERS ===============
.
R? AVGIDSAgent;AVGIDSAgent
R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
R? ControlSe;ControlSe
R? Dri;Dri
R? QBVSS;QBIDPService
R? RoxLiveShare10;LiveShare P2P Server 10
R? SessionLauncher;SessionLauncher
R? ssmirrdr;ssmirrdr
R? WinDefend;Windows Defender
R? WinRM;Windows Remote Management (WS-Management)
R? WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0
S? AVGIDSDriver;AVGIDSDriver
S? AVGIDSFilter;AVGIDSFilter
S? AVGIDSHX;AVGIDSHX
S? AVGIDSShim;AVGIDSShim
S? Avgldx86;AVG AVI Loader Driver
S? Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield
S? Avgrkx86;AVG Anti-Rootkit Driver
S? Avgtdix;AVG TDI Driver
S? avgtp;avgtp
S? avgwd;AVG WatchDog
S? PfFilter;PfFilter
S? RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service
S? TeamViewer7;TeamViewer 7
S? vToolbarUpdater14.2.0;vToolbarUpdater14.2.0
.
=============== Created Last 30 ================
.
2013-04-17 17:08:53 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2013-04-17 17:08:53 21504 ----a-w- c:\windows\system32\hidserv.dll
2013-04-17 17:08:50 14592 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys
2013-04-17 17:08:50 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2013-04-17 17:08:45 32128 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2013-04-17 17:08:45 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-04-17 03:00:54 -------- d-sh--w- C:\$RECYCLE.BIN
2013-04-16 19:05:24 -------- d-----w- c:\documents and settings\user\application data\AVG8
2013-04-16 19:00:07 577048 -c--a-w- c:\windows\system32\dllcache\wuapi.dll
2013-04-16 13:38:42 90112 -c--a-w- c:\windows\system32\dllcache\mycomput.dll
2013-04-16 13:38:42 90112 ----a-w- c:\windows\system32\mycomput.dll
2013-04-15 22:31:08 -------- d-----w- c:\documents and settings\all users\application data\MSScanAppDataDir
2013-03-29 13:17:09 -------- d-----w- C:\$NtUninstallXPSEP$
2013-03-29 13:16:58 14048 ------w- c:\windows\system32\spmsg2.dll
2013-03-28 14:23:23 -------- d-----w- c:\documents and settings\user\application data\RealNetworks
2013-03-28 14:14:35 -------- d-----w- c:\program files\RealNetworks
2013-03-28 14:14:31 -------- d-----w- c:\documents and settings\all users\application data\RealNetworks
2013-03-28 14:14:15 -------- d-----w- c:\program files\common files\xing shared
2013-03-23 14:42:00 -------- d-----w- C:\QuickBooksAutoDataRecovery
2013-03-23 14:36:50 -------- d-----w- C:\Restored_Le Cartier Maintenance_Files
2013-03-21 18:42:41 12928 -c----w- c:\windows\system32\dllcache\usb8023.sys
2013-03-21 18:42:40 12928 -c----w- c:\windows\system32\dllcache\usb8023x.sys
.
==================== Find3M ====================
.
2013-03-28 14:13:44 499712 ----a-w- c:\windows\system32\msvcp71.dll
2013-03-13 16:16:22 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-03-13 16:16:22 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-03-08 08:36:22 293376 ----a-w- c:\windows\system32\winsrv.dll
2013-03-07 01:32:25 2149888 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-07 00:50:30 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-03-02 02:06:31 916480 ----a-w- c:\windows\system32\wininet.dll
2013-03-02 02:06:30 43520 ------w- c:\windows\system32\licmgr10.dll
2013-03-02 02:06:30 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-03-02 01:25:02 1867264 ------w- c:\windows\system32\win32k.sys
2013-03-02 01:08:47 385024 ------w- c:\windows\system32\html.iec
2013-02-27 07:56:51 2067456 ------w- c:\windows\system32\mstscax.dll
2013-02-19 14:39:25 33112 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2013-02-12 00:32:23 12928 ------w- c:\windows\system32\drivers\usb8023x.sys
2013-02-12 00:32:23 12928 ------w- c:\windows\system32\drivers\usb8023.sys
2013-01-26 03:55:44 552448 ------w- c:\windows\system32\oleaut32.dll
.
============= FINISH: 16:45:19.34 ===============
DDS LOG:
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702
Run by User at 16:43:49 on 2013-04-17
.
============== Running Processes ================
.
\??\C:\Program Files\AVG\AVG2012\avgrsx.exe
\??\C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\windows\system32\spoolsv.exe
C:\windows\Explorer.EXE
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Xerox\NWWia\XrxFTPLt.exe
C:\Program Files\AVG SafeGuard toolbar\vprot.exe
C:\program files\real\realplayer\update\realsched.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\Program Files\TeamViewer\Version7\TeamViewer.exe
C:\Program Files\TeamViewer\Version7\tv_w32.exe
C:\windows\System32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k WudfServiceGroup
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\svchost.exe -k LocalService
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.google.com/
uDefault_Page_URL = hxxp://www.msn.com
BHO: AutorunsDisabled - <orphaned>
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: {3049C3E9-B461-4BC5-8870-4C09146192CA} - <orphaned>
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - c:\program files\avg\avg2012\avgssie.dll
BHO: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg safeguard toolbar\14.2.0.1\AVG SafeGuard toolbar_toolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - <orphaned>
TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
TB: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg safeguard toolbar\14.2.0.1\AVG SafeGuard toolbar_toolbar.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [IntelAudioStudio] "c:\program files\intel audio studio\IntelAudioStudio.exe" TRAY
mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
mRun: [PaperPort PTD] "c:\program files\scansoft\paperport\pptd40nt.exe"
mRun: [IndexSearch] "c:\program files\scansoft\paperport\IndexSearch.exe"
mRun: [PPort11reminder] "c:\program files\scansoft\paperport\ereg\ereg.exe" -r "c:\documents and settings\all users\application data\scansoft\paperport\11\config\ereg\Ereg.ini
mRun: [SysTrayApp] c:\program files\idt\wdm\sttray.exe
mRun: [SigmatelSysTrayApp] sttray.exe
mRun: [XeroxScannerDaemon] c:\program files\xerox\nwwia\XrxFTPLt.exe
mRun: [vProt] "c:\program files\avg safeguard toolbar\vprot.exe"
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
uPolicies-Explorer: NoDriveTypeAutoRun = dword:0
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1366138758140
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1201810424968
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://systemrequirementslab.com.s3.amazonaws.com/iduu/bin/srldetect_intel.cab
DPF: {D25A9538-F962-4501-9E68-D7C3DDECB148} - hxxp://75.144.211.249:8080/template/xWebView2.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com//activex/ractrl.cab?lmi=972
TCP: Interfaces\{30456D21-770C-43E6-8D40-FDFE622586DD} : DHCPNameServer = 192.168.0.1 72.45.32.147 72.45.32.148
Handler: AutorunsDisabled - <Clsid value has no data>
Handler: intu-help-qb5 - {867FCB77-9823-4cd6-8210-D85F968D466F} - c:\program files\intuit\quickbooks 2009\HelpAsyncPluggableProtocol.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} -
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\14.2.0\ViProtocol.dll
Notify: AutorunsDisabled - <no file>
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - <orphaned>
LSA: Authentication Packages = msv1_0 nwprovau
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
.
============= SERVICES / DRIVERS ===============
.
R? AVGIDSAgent;AVGIDSAgent
R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
R? ControlSe;ControlSe
R? Dri;Dri
R? QBVSS;QBIDPService
R? RoxLiveShare10;LiveShare P2P Server 10
R? SessionLauncher;SessionLauncher
R? ssmirrdr;ssmirrdr
R? WinDefend;Windows Defender
R? WinRM;Windows Remote Management (WS-Management)
R? WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0
S? AVGIDSDriver;AVGIDSDriver
S? AVGIDSFilter;AVGIDSFilter
S? AVGIDSHX;AVGIDSHX
S? AVGIDSShim;AVGIDSShim
S? Avgldx86;AVG AVI Loader Driver
S? Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield
S? Avgrkx86;AVG Anti-Rootkit Driver
S? Avgtdix;AVG TDI Driver
S? avgtp;avgtp
S? avgwd;AVG WatchDog
S? PfFilter;PfFilter
S? RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service
S? TeamViewer7;TeamViewer 7
S? vToolbarUpdater14.2.0;vToolbarUpdater14.2.0
.
=============== Created Last 30 ================
.
2013-04-17 17:08:53 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2013-04-17 17:08:53 21504 ----a-w- c:\windows\system32\hidserv.dll
2013-04-17 17:08:50 14592 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys
2013-04-17 17:08:50 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2013-04-17 17:08:45 32128 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2013-04-17 17:08:45 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-04-17 03:00:54 -------- d-sh--w- C:\$RECYCLE.BIN
2013-04-16 19:05:24 -------- d-----w- c:\documents and settings\user\application data\AVG8
2013-04-16 19:00:07 577048 -c--a-w- c:\windows\system32\dllcache\wuapi.dll
2013-04-16 13:38:42 90112 -c--a-w- c:\windows\system32\dllcache\mycomput.dll
2013-04-16 13:38:42 90112 ----a-w- c:\windows\system32\mycomput.dll
2013-04-15 22:31:08 -------- d-----w- c:\documents and settings\all users\application data\MSScanAppDataDir
2013-03-29 13:17:09 -------- d-----w- C:\$NtUninstallXPSEP$
2013-03-29 13:16:58 14048 ------w- c:\windows\system32\spmsg2.dll
2013-03-28 14:23:23 -------- d-----w- c:\documents and settings\user\application data\RealNetworks
2013-03-28 14:14:35 -------- d-----w- c:\program files\RealNetworks
2013-03-28 14:14:31 -------- d-----w- c:\documents and settings\all users\application data\RealNetworks
2013-03-28 14:14:15 -------- d-----w- c:\program files\common files\xing shared
2013-03-23 14:42:00 -------- d-----w- C:\QuickBooksAutoDataRecovery
2013-03-23 14:36:50 -------- d-----w- C:\Restored_Le Cartier Maintenance_Files
2013-03-21 18:42:41 12928 -c----w- c:\windows\system32\dllcache\usb8023.sys
2013-03-21 18:42:40 12928 -c----w- c:\windows\system32\dllcache\usb8023x.sys
.
==================== Find3M ====================
.
2013-03-28 14:13:44 499712 ----a-w- c:\windows\system32\msvcp71.dll
2013-03-13 16:16:22 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-03-13 16:16:22 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-03-08 08:36:22 293376 ----a-w- c:\windows\system32\winsrv.dll
2013-03-07 01:32:25 2149888 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-07 00:50:30 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-03-02 02:06:31 916480 ----a-w- c:\windows\system32\wininet.dll
2013-03-02 02:06:30 43520 ------w- c:\windows\system32\licmgr10.dll
2013-03-02 02:06:30 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-03-02 01:25:02 1867264 ------w- c:\windows\system32\win32k.sys
2013-03-02 01:08:47 385024 ------w- c:\windows\system32\html.iec
2013-02-27 07:56:51 2067456 ------w- c:\windows\system32\mstscax.dll
2013-02-19 14:39:25 33112 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2013-02-12 00:32:23 12928 ------w- c:\windows\system32\drivers\usb8023x.sys
2013-02-12 00:32:23 12928 ------w- c:\windows\system32\drivers\usb8023.sys
2013-01-26 03:55:44 552448 ------w- c:\windows\system32\oleaut32.dll
.
============= FINISH: 16:45:19.34 ===============