Inactive Trojan Horse Generic32.EGL

[rabbitxdm40]

Per instructions, here is the following:

Step 1: done



Step 2: Malwarebytes

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.03.13.12

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Rabbit :: RABBIT-LAPTOP [administrator]

3/13/2013 3:30:08 PM
mbam-log-2013-03-13 (15-30-08).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 271173
Time elapsed: 5 minute(s), 14 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



Step 3: DDS

****DDS.txt****

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 8.0.7601.17514
Run by Rabbit at 15:16:31 on 2013-03-13
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3835.1221 [GMT -7:00]
.
AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG10\avgchsva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\system32\vcsFPService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Program Files\DigitalPersona\Bin\DpHostW.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\AVG\AVG10\avgnsa.exe
C:\Windows\system32\taskhost.exe
C:\Windows\System32\atwtusb.exe
C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files\Hewlett-Packard\HPToneControl\HPToneCtl.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Windows\System32\WTMKM.exe
C:\Program Files\Zune\ZuneLauncher.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files\DigitalPersona\Bin\DPAgent.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\AVG\AVG10\avgtray.exe
C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\Monitor.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
C:\PROGRA~2\AVG\AVG10\avgrsa.exe
C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\splwow64.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\atwtusb.exe
C:\Program Files (x86)\AVG\AVG10\avgui.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
mWinlogon: Userinit = userinit.exe
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\Hp\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} -
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\Hp\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\Hp\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\Hp\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
uRun: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
uRun: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
uRun: [ISUSPM] "C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler
uRunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11c_Plugin.exe -update plugin
mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [Ulead AutoDetector v2] C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe
mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
StartupFolder: C:\Users\Rabbit\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\Hp\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {B3E32D88-8E7F-468F-B0E2-3A300FD4A82C} - hxxp://myitlab.pearsoned.com/Pegasus/Modules/SIMIntegration/Resources/ax/stub.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{B749D640-6FB9-4DDC-8658-52B4655772F3} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{B749D640-6FB9-4DDC-8658-52B4655772F3}\2516262696470284F6C656 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{B749D640-6FB9-4DDC-8658-52B4655772F3}\25162626964784F6C656 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{B749D640-6FB9-4DDC-8658-52B4655772F3}\25D4943375 : DHCPNameServer = 198.6.1.122
TCP: Interfaces\{B749D640-6FB9-4DDC-8658-52B4655772F3}\3584D434D27457563747 : DHCPNameServer = 198.185.134.2
TCP: Interfaces\{B749D640-6FB9-4DDC-8658-52B4655772F3}\745756374784F657375694E6E6E45647 : DHCPNameServer = 68.87.69.146 68.87.85.98
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
LSA: Notification Packages = DPPassFilter scecli
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
x64-mWinlogon: Userinit = C:\Windows\System32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe,
x64-BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} -
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
x64-Run: [HP Quick Launch] C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
x64-Run: [HPToneControl] C:\Program Files\Hewlett-Packard\HPToneControl\HPTonectl.exe
x64-Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [MacroKeyManager] WTMKM.exe
x64-Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgppa.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Rabbit\AppData\Roaming\Mozilla\Firefox\Profiles\76k4y3kw.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.bing.com/
FF - prefs.js: network.proxy.type - 0
FF - component: C:\Program Files (x86)\AVG\AVG10\Firefox4\components\avgssff10.dll
FF - component: C:\Program Files (x86)\AVG\AVG10\Firefox4\components\avgssff4.dll
FF - component: C:\Program Files (x86)\AVG\AVG10\Firefox4\components\avgssff5.dll
FF - component: C:\Program Files (x86)\AVG\AVG10\Firefox4\components\avgssff6.dll
FF - component: C:\Program Files (x86)\AVG\AVG10\Firefox4\components\avgssff7.dll
FF - component: C:\Program Files (x86)\AVG\AVG10\Firefox4\components\avgssff8.dll
FF - component: C:\Program Files (x86)\AVG\AVG10\Firefox4\components\avgssff9.dll
FF - component: C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\components\dpffcli.dll
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\npsitesafety.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Rabbit\AppData\Roaming\Mozilla\Firefox\Profiles\76k4y3kw.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - ExtSQL: !HIDDEN! 2010-09-09 22:25; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;C:\Windows\System32\drivers\AVGIDSEH.sys [2011-2-22 26704]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2011-3-16 37456]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2012-11-12 312160]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2011-3-1 41552]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2011-4-5 377936]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-11-8 39768]
R1 DVMIO;DeviceVM IO Service;C:\Windows\System32\drivers\dvmio.sys [2009-11-11 20056]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-2-13 89600]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-2-13 203264]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2012-1-31 7391072]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [2011-2-8 269520]
R2 CinemaNow Service;CinemaNow Service;C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe [2010-2-26 127984]
R2 DvmMDES;DeviceVM Meta Data Export Service;C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe [2010-3-5 338168]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-1-27 102968]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-5-21 103992]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2009-7-8 30520]
R2 HPWMISVC;HPWMISVC;C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-1-18 20480]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2010-9-12 1153368]
R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\AVGIDSDriver.sys [2011-5-27 118864]
R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\System32\drivers\AVGIDSFilter.sys [2011-2-10 29264]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2010-6-21 38528]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-9-18 398184]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-9-18 682344]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [2011-5-2 167264]
S3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-9-18 24176]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-6-21 239136]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-6-21 295424]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-3-9 59392]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
.
=============== Created Last 30 ================
.
2013-03-08 14:39:03 96664 ----a-w- C:\Program Files (x86)\Mozilla Firefox\webapprt-stub.exe
2013-03-08 14:39:03 19352 ----a-w- C:\Program Files (x86)\Mozilla Firefox\xpcom.dll
2013-03-08 14:39:03 17887640 ----a-w- C:\Program Files (x86)\Mozilla Firefox\xul.dll
2013-03-08 14:39:02 272280 ----a-w- C:\Program Files (x86)\Mozilla Firefox\updater.exe
2013-03-08 14:39:02 170232 ----a-w- C:\Program Files (x86)\Mozilla Firefox\webapp-uninstaller.exe
2013-03-08 14:39:01 92056 ----a-w- C:\Program Files (x86)\Mozilla Firefox\smime3.dll
2013-03-08 14:39:01 865744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
2013-03-08 14:39:01 155544 ----a-w- C:\Program Files (x86)\Mozilla Firefox\ssl3.dll
2013-03-08 14:39:01 151960 ----a-w- C:\Program Files (x86)\Mozilla Firefox\softokn3.dll
2013-03-05 15:43:42 -------- d-----w- C:\DDO
2013-02-27 15:09:04 2284544 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll
2013-02-27 15:08:59 2776576 ----a-w- C:\Windows\System32\msmpeg2vdec.dll
2013-02-27 15:08:59 187392 ----a-w- C:\Windows\SysWow64\UIAnimation.dll
2013-02-27 15:08:58 221184 ----a-w- C:\Windows\System32\UIAnimation.dll
2013-02-27 15:08:31 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2013-02-27 15:08:31 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2013-02-13 16:35:32 5553512 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-02-13 16:34:59 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-02-13 16:34:59 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-02-13 16:34:59 215040 ----a-w- C:\Windows\System32\winsrv.dll
2013-02-13 16:34:59 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-02-13 16:34:58 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-02-13 16:34:58 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-02-13 16:34:54 288088 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2013-02-13 16:34:54 1913192 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-02-13 16:34:53 760320 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-13 16:34:52 1111040 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll
.
==================== Find3M ====================
.
2013-02-18 19:03:20 39768 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys
2013-01-13 21:17:03 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 21:17:02 2560 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 21:16:42 10752 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 21:12:46 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 21:11:21 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 21:11:08 5632 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 21:11:07 5632 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 21:11:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 21:11:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:35:31 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 20:35:31 2560 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 20:35:18 10752 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 20:32:07 3584 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 20:31:48 4096 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 20:31:41 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 20:31:40 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 20:31:40 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 20:31:40 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:31:00 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll
2013-01-13 20:22:22 1988096 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2013-01-13 20:20:31 293376 ----a-w- C:\Windows\SysWow64\dxgi.dll
2013-01-13 20:09:00 249856 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll
2013-01-13 20:08:43 220160 ----a-w- C:\Windows\SysWow64\d3d10core.dll
2013-01-13 20:08:35 1504768 ----a-w- C:\Windows\SysWow64\d3d11.dll
2013-01-13 19:59:04 1643520 ----a-w- C:\Windows\System32\DWrite.dll
2013-01-13 19:58:28 1175552 ----a-w- C:\Windows\System32\FntCache.dll
2013-01-13 19:54:01 604160 ----a-w- C:\Windows\SysWow64\d3d10level9.dll
2013-01-13 19:53:58 207872 ----a-w- C:\Windows\SysWow64\WindowsCodecsExt.dll
2013-01-13 19:51:30 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2013-01-13 19:49:17 363008 ----a-w- C:\Windows\System32\dxgi.dll
2013-01-13 19:48:47 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll
2013-01-13 19:46:25 1080832 ----a-w- C:\Windows\SysWow64\d3d10.dll
2013-01-13 19:43:21 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2013-01-13 19:38:39 333312 ----a-w- C:\Windows\System32\d3d10_1core.dll
2013-01-13 19:38:32 1887232 ----a-w- C:\Windows\System32\d3d11.dll
2013-01-13 19:38:21 296960 ----a-w- C:\Windows\System32\d3d10core.dll
2013-01-13 19:37:57 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll
2013-01-13 19:25:04 245248 ----a-w- C:\Windows\System32\WindowsCodecsExt.dll
2013-01-13 19:24:33 648192 ----a-w- C:\Windows\System32\d3d10level9.dll
2013-01-13 19:20:42 194560 ----a-w- C:\Windows\System32\d3d10_1.dll
2013-01-13 19:20:04 1238528 ----a-w- C:\Windows\System32\d3d10.dll
2013-01-13 19:15:40 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2013-01-13 19:10:36 3928064 ----a-w- C:\Windows\System32\d2d1.dll
2013-01-13 18:34:58 364544 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
2013-01-13 18:09:52 522752 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
2013-01-13 17:26:42 1158144 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
2013-01-13 17:05:09 1682432 ----a-w- C:\Windows\System32\XpsPrint.dll
2013-01-05 05:00:15 3967848 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-01-05 05:00:11 3913064 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-01-04 04:43:21 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2013-01-04 03:26:48 3153408 ----a-w- C:\Windows\System32\win32k.sys
2012-12-20 13:59:36 1188864 ----a-w- C:\Windows\System32\wininet.dll
2012-12-20 12:53:51 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-12-20 12:02:26 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2012-12-20 11:20:29 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-12-16 17:11:22 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-16 14:45:03 367616 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-16 14:13:28 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-16 14:13:20 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-15 00:49:28 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys
.
============= FINISH: 15:17:31.77 ===============



****DDS Attach.txt****

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 9/6/2010 10:39:39 PM
System Uptime: 3/10/2013 5:07:28 PM (70 hours ago)
.
Motherboard: Hewlett-Packard | | 147B
Processor: AMD Phenom(tm) II N830 Triple-Core Processor | Socket S1G4 | 2100/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 444 GiB total, 295.332 GiB free.
D: is FIXED (NTFS) - 22 GiB total, 3.183 GiB free.
E: is FIXED (FAT32) - 0 GiB total, 0.087 GiB free.
F: is CDROM (UDF)
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Photosmart C4700 series
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer: HP
Name: Photosmart C4700 series
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service:
.
Class GUID:
Description: Officejet Pro 8500 A909g
Device ID: ROOT\MULTIFUNCTION\0001
Manufacturer:
Name: Officejet Pro 8500 A909g
PNP Device ID: ROOT\MULTIFUNCTION\0001
Service:
.
Class GUID:
Description: Officejet Pro 8500 A909g
Device ID: ROOT\MULTIFUNCTION\0002
Manufacturer:
Name: Officejet Pro 8500 A909g
PNP Device ID: ROOT\MULTIFUNCTION\0002
Service:
.
Class GUID:
Description: Deskjet 3000 J310 series
Device ID: ROOT\MULTIFUNCTION\0003
Manufacturer:
Name: Deskjet 3000 J310 series
PNP Device ID: ROOT\MULTIFUNCTION\0003
Service:
.
Class GUID:
Description: Deskjet 3000 J310 series
Device ID: ROOT\MULTIFUNCTION\0004
Manufacturer:
Name: Deskjet 3000 J310 series
PNP Device ID: ROOT\MULTIFUNCTION\0004
Service:
.
Class GUID:
Description: Deskjet 3050A J611 series
Device ID: ROOT\MULTIFUNCTION\0005
Manufacturer:
Name: Deskjet 3050A J611 series
PNP Device ID: ROOT\MULTIFUNCTION\0005
Service:
.
==== System Restore Points ===================
.
RP244: 2/27/2013 7:06:23 AM - Windows Update
RP245: 3/11/2013 1:25:20 AM - Scheduled Checkpoint
RP246: 3/11/2013 6:41:49 PM - Installed Network64
.
==== Installed Programs ======================
.
µTorrent
64 Bit HP CIO Components Installer
Acrobat.com
ActiveCheck component for HP Active Support Library
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 9.4.6 MUI
Adobe Shockwave Player
Apple Application Support
Apple Software Update
Atheros Driver Installation Program
ATI Catalyst Install Manager
AVG 2011
AVG Security Toolbar
Bejeweled 2 Deluxe
Blackhawk Striker 2
Blasterball 3
BufferChm
Build-a-lot 2
C4700
Cake Mania
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Chuzzle Deluxe
CinemaNow Media Manager
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
ConvertXtoDVD 2.2.3.258
Coupon Printer for Windows
CyberLink DVD Suite
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Destinations
DeviceDiscovery
Diner Dash 2 Restaurant Rescue
Dora's Carnival Adventure
Dungeons & Dragons Online ®: Eberron Unlimited ™ v01.13.04.801
DVD Menu Pack for HP MediaSmart Video
DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.0.6.0
e-Sword
Escape Rosecliff Island
ESU for Microsoft Windows 7
Faerie Solitaire
FATE
GPBaseService2
Guitar Pro 6
HP 3D DriveGuard
HP Customer Experience Enhancements
HP Customer Participation Program 14.0
HP DVB-T TV Tuner 8.0.64.43
HP Game Console
HP Games
HP Imaging Device Functions 14.0
HP MediaSmart CinemaNow 2.0
HP MediaSmart DVD
HP MediaSmart Internet TV
HP MediaSmart Movies and TV
HP MediaSmart Music
HP MediaSmart Photo
HP MediaSmart SmartMenu
HP MediaSmart Video
HP MediaSmart Webcam
HP MediaSmart/TouchSmart Netflix
HP Photo Creations
HP Photosmart C4700 All-in-One Driver Software 14.0 Rel. 6
HP Power Plan Utility
HP Quick Launch
HP QuickWeb Installer
HP Setup
HP SimplePass Identity Protection
HP Smart Web Printing 4.60
HP Software Framework
HP Solution Center 14.0
HP Support Assistant
HP Tone Control
HP Update
HP User Guides 0188
HP Wireless Assistant
HPAsset component for HP Active Support Library
HPDiagnosticAlert
HPPhotoGadget
HPProductAssistant
HPSSupply
IDT Audio
Jewel Quest 3
Jewel Quest Solitaire 2
Junk Mail filter update
LabelPrint
Launchpad Enhanced
LightScribe System Software
MacroKey Manager
Malwarebytes Anti-Malware version 1.70.0.1100
MarketResearch
Microsoft .NET Framework 1.1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Default Manager
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft WSE 3.0 Runtime
Movie Theme Pack for HP MediaSmart Video
Mozilla Firefox 19.0.2 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Mystery P.I. - The New York Fortune
Network64
Penguins!
PG Music DirectX Plugins 2.0.0.0
PhotoNow!
Plants vs. Zombies
Poker Superstars III
Polar Bowler
Polar Golfer
Power Presenter RE
Power2Go
PowerDirector
PS_AIO_06_C4700_SW_Min
QuickTime
QuickTransfer
Realtek Ethernet Controller Driver For Windows 7
Realtek USB 2.0 Card Reader
Recovery Manager
Roxio CinemaNow 2.0
Scan
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687436) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Security Update for Microsoft Visio 2010 (KB2687508) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition
Shop for HP Supplies
ShufflePlusVLOI
Skype™ 5.10
SmartWebPrinting
SolutionCenter
Spybot - Search & Destroy
Star Wars Galaxies
Star Wars: The Old Republic
Status
Synaptics Pointing Device Driver
Tango
TeamSpeak 3 Client
TextTwist 2
TI Connect 1.6
Toolbox
TrayApp
Ulead PhotoImpact 12
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Validity Sensors DDK
Virtual Families
Virtual Villagers - The Secret City
Visual C++ 8.0 Runtime Setup Package (x64)
Visual Studio 2008 x64 Redistributables
WebReg
Wheel of Fortune 2
Windows Driver Package - Texas Instruments Inc. (SilvrLnk) USB (06/11/2009 1.0.0.0)
Windows Driver Package - Texas Instruments Inc. (TIEHDUSB) USB (09/02/2009 1.0.0.1)
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Encoder 9 Series
Windows Media Player Firefox Plugin
Windows Mobile Device Updater Component
WinRAR archiver
Yahoo! Detect
Zuma's Revenge
Zune
Zune Language Pack (CHS)
Zune Language Pack (CHT)
Zune Language Pack (CSY)
Zune Language Pack (DAN)
Zune Language Pack (DEU)
Zune Language Pack (ELL)
Zune Language Pack (ESP)
Zune Language Pack (FIN)
Zune Language Pack (FRA)
Zune Language Pack (HUN)
Zune Language Pack (IND)
Zune Language Pack (ITA)
Zune Language Pack (JPN)
Zune Language Pack (KOR)
Zune Language Pack (MSL)
Zune Language Pack (NLD)
Zune Language Pack (NOR)
Zune Language Pack (PLK)
Zune Language Pack (PTB)
Zune Language Pack (PTG)
Zune Language Pack (RUS)
Zune Language Pack (SVE)
.
==== Event Viewer Messages From Past Week ========
.
3/9/2013 9:50:52 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WTService service.
3/8/2013 1:16:49 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Dnscache service.
3/6/2013 3:00:47 PM, Error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.5. The computer with the IP address 192.168.1.2 did not allow the name to be claimed by this computer.
3/13/2013 1:09:33 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HP Wireless Assistant Service service.
3/12/2013 8:15:22 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NlaSvc service.
3/10/2013 5:44:10 PM, Error: NetBT [4319] - A duplicate name has been detected on the TCP network. The IP address of the computer that sent the message is in the data. Use nbtstat -n in a command window to see which name is in the Conflict state.
3/10/2013 5:09:29 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.
3/10/2013 5:09:29 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
3/10/2013 10:31:49 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the hidserv service.
.
==== End Of File ===========================

 

[Broni]

Welcome aboard

Please, observe following rules:

• Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
• If you're stuck, or you're not sure about certain step, always ask before doing anything else.
• Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
• Never run more than one scan at a time.
• Keep updating me regarding your computer behavior, good, or bad.
• The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
• If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
• I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

===========================

Before we proceed I'd like to know what file and in what location AVG is complaining about.

 

[rabbitxdm40]

Screen shot of AVG Scan results showing file locations is attached as .pdf.

 

[Broni]

It looks to me like possible false positive (AVG likes to do it )
Upload 2-3 of those files here: http://www.virustotal.com/ for security check.
Let me know of results.

 

[rabbitxdm40]

I am scanning the following file:

C:\ProgramData\{657095DF-DBDB-4B17-8245-B38845C97069}

• Detection Ratio: 0/45

** Note, this was the only file I was able to locate that was within the 32MB file size limit to scan.

 

[Broni]

As I said I'm fairly sure it's all false positive.
I can hardly expect some HP Support Assistant files being infected.
Those files were there since you bought your computer and AVG didn't complain.

I suggest you put those files into AVG exceptions and you complain at AVG forum or switch to some other AV program.

 

[rabbitxdm40]

Can you recommend a decent (free) AV program? I have no loyalty to AVG per se.

 

[Broni]

I stopped recommending AVG pretty long time ago.
I use Avast.