I posted a topic a week or two ago about a problem I had with malware on my computer, but yesterday a different computer in the house appears to have been infected with a virus of some sort. Here are the logs:
Malware Bytes:
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org
Database version: v2012.04.04.08
Windows 7 x86 NTFS (Safe Mode/Networking)
Internet Explorer 9.0.8112.16421
Judy :: JUDY-PC [administrator]
6/18/2012 8:38:24 PM
mbam-log-2012-06-18 (21-37-22).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 240416
Time elapsed: 5 minute(s), 52 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 3
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> No action taken.
HKCU\Software\AppDataLow\gvtl (Adware.GameVance) -> No action taken.
Registry Values Detected: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations|bak_Application (Hijacker.Application) -> Data: http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s -> No action taken.
Registry Data Items Detected: 3
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowMyComputer (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowSearch (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations|Application (Hijacker.Application) -> Bad: (http://www.helpmeopen.com/?n=app&ext=%s) Good: (http://shell.windows.com/fileassoc/x/xml/redir.asp?Ext=%s) -> No action taken.
Folders Detected: 1
C:\Program Files\FunWebProducts (PUP.MyWebSearch) -> No action taken.
Files Detected: 2
C:\Users\Judy\AppData\Local\Temp\0.6814292786207503.exe (Exploit.Drop.2) -> No action taken.
C:\Users\Judy\AppData\Local\Temp\0.614036174061378.exe (Exploit.Drop.2) -> No action taken.
(end)
GMER:
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-06-19 00:51:43
Windows 6.1.7600 Harddisk0\DR0 -> \Device\00000061 ST332081 rev.SD23
Running: c4963hmu.exe; Driver: C:\Users\Judy\AppData\Local\Temp\pxldypob.sys
---- Kernel code sections - GMER 1.0.15 ----
.text ntkrnlpa.exe!ZwRollbackTransaction + 13E9 8205C599 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82081092 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\Windows\Explorer.EXE[1324] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [741724FA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.17007_none_72f44f3186198a88\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1324] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [7415565B] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.17007_none_72f44f3186198a88\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1324] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [74155719] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.17007_none_72f44f3186198a88\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1324] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [74172575] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.17007_none_72f44f3186198a88\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1324] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [741685D9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.17007_none_72f44f3186198a88\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1324] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [74164D8D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.17007_none_72f44f3186198a88\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1324] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [74165134] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.17007_none_72f44f3186198a88\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1324] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [74165209] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.17007_none_72f44f3186198a88\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1324] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromHBITMAP] [74166736] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.17007_none_72f44f3186198a88\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1324] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [74168330] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.17007_none_72f44f3186198a88\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1324] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [7416887F] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.17007_none_72f44f3186198a88\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1324] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [741690E0] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.17007_none_72f44f3186198a88\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1324] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [7416E283] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.17007_none_72f44f3186198a88\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1324] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [74164CBF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.17007_none_72f44f3186198a88\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\AVAST Software\Avast\AvastUI.exe[1944] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [6E1DF6A0] C:\Program Files\AVAST Software\Avast\aswCmnBS.dll (Common functions/AVAST Software)
---- Devices - GMER 1.0.15 ----
Device \Driver\ACPI_HAL \Device\00000049 halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume6 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
---- Registry - GMER 1.0.15 ----
Reg HKLM\SOFTWARE\Classes\CLSID\{44131C6E-C08D-D7AE-83C1-BEF0C6BDCC4E}\InProcServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{44131C6E-C08D-D7AE-83C1-BEF0C6BDCC4E}\InProcServer32@fbnghjoapccondnmhenjkjhaipedmnhihppjmnccnlja 0x61 0x65 0x63 0x6D ...
Reg HKLM\SOFTWARE\Classes\CLSID\{44131C6E-C08D-D7AE-83C1-BEF0C6BDCC4E}\InProcServer32@hbnghjoapccondnmhenjkjhaipedmnhihppjmnccnllnjmfi 0x62 0x61 0x6B 0x68 ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{44131C6E-C08D-D7AE-83C1-BEF0C6BDCC4E}
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{44131C6E-C08D-D7AE-83C1-BEF0C6BDCC4E}@gbimbjdckkappahaogngbjjcehooccjpkndbjjaiheefke 0x62 0x61 0x6B 0x68 ...
---- EOF - GMER 1.0.15 ----
DDS:
.
DDS (Ver_2011-08-26.01) - NTFSx86 NETWORK
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_24
Run by Judy at 16:40:12 on 2012-06-19
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.2815.2061 [GMT -4:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: AVG Anti-Virus Free Edition 2011 *Disabled/Outdated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: AVG Anti-Virus Free Edition 2011 *Disabled/Outdated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: AVG Firewall *Disabled* {621CC794-9486-F902-D092-0484E8EA828B}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uDefault_Page_URL = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0409&s=1&o=vp32&d=0807&m=el1310
uStart Page = hxxp://www.google.com/
mDefault_Page_URL = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0409&s=1&o=vp32&d=0807&m=el1310
mStart Page = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0409&s=1&o=vp32&d=0807&m=el1310
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\askbardis\bar\bin\askBar.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~4\office14\GROOVEEX.DLL
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~4\office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar.dll
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [MobileDocuments] c:\program files\common files\apple\internet services\ubd.exe
uRun: [hIxvqiEONcrb.exe] c:\programdata\hIxvqiEONcrb.exe
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe
mRun: [Skytel] c:\program files\realtek\audio\hda\Skytel.exe
mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [LifeCam] "c:\program files\microsoft lifecam\LifeExp.exe"
mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [EEventManager] c:\progra~1\epsons~1\eventm~1\EEventManager.exe
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mExplorerRun: [ukl] c:\programdata\uklpr\wmpusrvc.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office14\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: Se&nd to OneNote - c:\progra~1\micros~4\office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
Trusted Zone: intuit.com\ttlc
DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} - hxxps://iepdirect.neric.org/ScriptX_6_5/smsx.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFECAFE-0013-0001-0028-ABCDEFABCDEF} - hxxp://sbpub1.neric.org/forms/jinitiator/jinit.exe
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{03AE7B1F-1569-470C-A453-C84DA62D1459} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{03AE7B1F-1569-470C-A453-C84DA62D1459}\E454750295F425B402F4E454 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{8A9D0914-6453-4D1A-85C2-A5CC6AD2BA00} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{DC4F88EC-56A9-4225-8903-4B4D589A4CBC} : DhcpNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~4\office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\judy\appdata\roaming\mozilla\firefox\profiles\ii2k5147.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4cbe3293&v=6.010.006.004&I=26&tp=ab&iy=&ychte=us&lng=en-US&q=
FF - prefs.js: network.proxy.type - 0
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpClipBook.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpClipBookDB.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpNeoLogger.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSaturn.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSeymour.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSmartSelect.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSmartWebPrinting.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSWPOperation.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXPLogging.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXPMTC.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXPMTL.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXREStub.dll
FF - component: c:\program files\mozilla firefox\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}\components\SkypeFfComponent.dll
FF - plugin: c:\progra~1\micros~4\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~4\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\plugins\nphpclipbook.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPJinit13128.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_228.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Skype Click to Call: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - c:\program files\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - c:\program files\hp\digital imaging\smart web printing\MozillaAddOn3
FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - c:\program files\hp\digital imaging\smart web printing\MozillaAddOn3
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: InvisibleHand: canitbecheaper@trafficbroker.co.uk - %profile%\extensions\canitbecheaper@trafficbroker.co.uk
FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
.
============= SERVICES / DRIVERS ===============
.
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128]
R3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\rtl8192cu.sys [2012-2-4 728064]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-6-18 612184]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-6-18 337880]
S1 avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwd6x.sys [2010-7-12 54112]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-9-7 249424]
S1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 34384]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-1-3 63928]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-6-18 20696]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-6-18 57688]
S2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-6-18 44768]
S2 avgfws;AVG Firewall;c:\program files\avg\avg10\avgfws.exe [2010-9-10 3210176]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [2010-10-11 6104656]
S2 avgwd;AVG WatchDog;c:\program files\avg\avg10\avgwdsvc.exe [2010-9-10 265400]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate1ca3a335d6f79b7;Google Update Service (gupdate1ca3a335d6f79b7);c:\program files\google\update\GoogleUpdate.exe [2009-9-20 133104]
S2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files\common files\intuit\update service v4\IntuitUpdateService.exe [2011-8-25 13672]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\windows\system32\nvSCPAPISvr.exe [2009-7-8 239648]
S2 WirelessUSB;WirelessUSB;c:\program files\cnet\wireless lan driver and utility\RtlService.exe [2012-2-4 36864]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-1 257696]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg10\toolbar\ToolbarBroker.exe [2010-10-6 517448]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-9-20 133104]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2011-6-12 31125880]
S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\drivers\nx6000.sys [2010-1-29 30576]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2009-8-21 66592]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
S3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;c:\windows\system32\drivers\RTL8192su.sys [2010-7-8 603240]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-3-4 1343400]
S4 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-9-7 298448]
.
=============== Created Last 30 ================
.
2012-06-18 22:51:34--------d-----w-c:\users\judy\appdata\roaming\Malwarebytes
2012-06-18 22:51:29--------d-----w-c:\programdata\Malwarebytes
2012-06-18 22:51:2822344----a-w-c:\windows\system32\drivers\mbam.sys
2012-06-18 22:51:28--------d-----w-c:\program files\Malwarebytes' Anti-Malware
2012-06-18 22:49:3944376----a-w-c:\windows\system32\drivers\aswRdr2.sys
2012-06-18 22:49:38612184----a-w-c:\windows\system32\drivers\aswSnx.sys
2012-06-18 22:49:3757688----a-w-c:\windows\system32\drivers\aswMonFlt.sys
2012-06-18 22:49:3141184----a-w-c:\windows\avastSS.scr
2012-06-18 22:49:21--------d-----w-c:\programdata\AVAST Software
2012-06-18 22:49:21--------d-----w-c:\program files\AVAST Software
2012-06-18 22:16:44346760----a-w-c:\programdata\hIxvqiEONcrb.exe
2012-06-13 22:02:44737072----a-w-c:\programdata\microsoft\ehome\packages\sportsv2\sportstemplatecore-2\Microsoft.MediaCenter.Sports.UI.dll
2012-06-13 22:02:284283672----a-w-c:\programdata\microsoft\ehome\packages\mceclientux\updateablemarkup\markup.dll
2012-06-13 22:02:1642776----a-w-c:\programdata\microsoft\ehome\packages\mceclientux\dsm\StartResources.dll
2012-06-13 22:01:55539984----a-w-c:\programdata\microsoft\ehome\packages\mcespotlight\mcespotlight-2\SpotlightResources.dll
2012-06-13 21:16:53--------d-----w-c:\program files\Epson Software
2012-06-12 22:23:565120----a-w-c:\windows\system32\wmi.dll
2012-06-12 22:23:5619312----a-w-c:\windows\system32\drivers\fs_rec.sys
2012-06-12 22:23:56172544----a-w-c:\windows\system32\wintrust.dll
2012-06-12 22:23:56158720----a-w-c:\windows\system32\imagehlp.dll
2012-06-12 22:15:26139264----a-w-c:\windows\system32\cryptsvc.dll
2012-06-12 22:15:261156608----a-w-c:\windows\system32\crypt32.dll
2012-06-12 22:15:26103936----a-w-c:\windows\system32\cryptnet.dll
.
==================== Find3M ====================
.
2012-05-17 22:45:371800192----a-w-c:\windows\system32\jscript9.dll
2012-05-17 22:35:471129472----a-w-c:\windows\system32\wininet.dll
2012-05-17 22:35:391427968----a-w-c:\windows\system32\inetcpl.cpl
2012-05-17 22:29:45142848----a-w-c:\windows\system32\ieUnatt.exe
2012-05-17 22:24:452382848----a-w-c:\windows\system32\mshtml.tlb
2012-05-15 01:12:092342400----a-w-c:\windows\system32\win32k.sys
2012-05-06 22:56:0470304----a-w-c:\windows\system32\FlashPlayerCPLApp.cpl
2012-05-06 22:56:04419488----a-w-c:\windows\system32\FlashPlayerApp.exe
2012-05-02 04:52:09163328----a-w-c:\windows\system32\profsvc.dll
2012-04-28 03:19:47177152----a-w-c:\windows\system32\drivers\rdpwd.sys
2012-04-26 04:48:5257856----a-w-c:\windows\system32\rdpwsx.dll
2012-04-26 04:48:52129536----a-w-c:\windows\system32\rdpcorekmts.dll
2012-04-26 04:43:148192----a-w-c:\windows\system32\rdrmemptylst.exe
2012-04-19 00:56:3094208----a-w-c:\windows\system32\QuickTimeVR.qtx
2012-04-19 00:56:3069632----a-w-c:\windows\system32\QuickTime.qts
2012-04-07 11:34:372342400----a-w-c:\windows\system32\msi.dll
2012-04-02 04:46:443958128----a-w-c:\windows\system32\ntkrnlpa.exe
2012-04-02 04:46:443902320----a-w-c:\windows\system32\ntoskrnl.exe
2012-03-30 10:29:051287024----a-w-c:\windows\system32\drivers\tcpip.sys
.
============= FINISH: 16:42:12.43 ===============
Attach:
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 12/2/2009 10:44:31 PM
System Uptime: 6/19/2012 4:37:07 PM (0 hours ago)
.
Motherboard: eMachines | | WMCP78M
Processor: AMD Athlon(tm) Processor LE-1640 | Socket AM2 | 2700/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 285 GiB total, 224.984 GiB free.
D: is CDROM ()
E: is Removable
F: is Removable
G: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e96f-e325-11ce-bfc1-08002be10318}
Description: PS/2 Compatible Mouse
Device ID: ACPI\PNP0F13\4&18018E29&0
Manufacturer: Microsoft
Name: PS/2 Compatible Mouse
PNP Device ID: ACPI\PNP0F13\4&18018E29&0
Service: i8042prt
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: avast! Network Shield Support
Device ID: ROOT\LEGACY_ASWTDI\0000
Manufacturer:
Name: avast! Network Shield Support
PNP Device ID: ROOT\LEGACY_ASWTDI\0000
Service: aswTdi
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Security Processor Loader Driver
Device ID: ROOT\LEGACY_SPLDR\0000
Manufacturer:
Name: Security Processor Loader Driver
PNP Device ID: ROOT\LEGACY_SPLDR\0000
Service: spldr
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Officejet 6500 E709n
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer: HP
Name: Officejet 6500 E709n
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service:
.
==== System Restore Points ===================
.
RP301: 5/7/2012 6:45:47 AM - Scheduled Checkpoint
RP302: 5/14/2012 6:52:59 AM - Scheduled Checkpoint
RP303: 5/21/2012 6:32:27 PM - Scheduled Checkpoint
RP304: 5/29/2012 8:37:53 AM - Scheduled Checkpoint
RP305: 6/5/2012 7:04:32 PM - Scheduled Checkpoint
RP306: 6/12/2012 6:19:13 PM - Windows Update
RP308: 6/13/2012 5:08:57 PM - Installed InstallShield Restore Point
RP310: 6/13/2012 5:13:24 PM - Removed EPSON Scan Assistant
RP312: 6/13/2012 5:14:41 PM - Removed Attach To Email
RP314: 6/13/2012 5:15:59 PM - Removed Epson Event Manager
RP316: 6/13/2012 5:18:11 PM - Installed EPSON Perfection V30/V300 Photo Scanner Driver Update
RP318: 6/13/2012 5:19:25 PM - Installed MediaImpression
RP320: 6/13/2012 5:39:56 PM - Installed InstallShield Restore Point
RP322: 6/13/2012 5:42:34 PM - Installed Epson Event Manager
RP324: 6/13/2012 5:43:53 PM - Installed EPSON Scan Assistant
RP326: 6/13/2012 5:45:18 PM - Installed Attach To Email
RP328: 6/13/2012 5:47:08 PM - Installed EPSON Perfection V30/V300 Photo Scanner Driver Update
.
==== Installed Programs ======================
.
.
32 Bit HP CIO Components Installer
6500_E709_eDocs
6500_E709_Help
6500_E709n
ABBYY FineReader 6.0 Sprint
Acrobat.com
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.3)
Agere Systems PCI-SV92EX Soft Modem
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft MediaImpression
Ask Toolbar
avast! Internet Security
AVG 2011
Belkin USB Wireless Adaptor
Blio
Bonjour
bpd_scan
BPDSoftware
BPDSoftware_Ini
BufferChm
Choice Guard
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
CNet Wireless LAN Driver and Utility
Compatibility Pack for the 2007 Office system
CyberLink LabelPrint
CyberLink Power2Go
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Destinations
DeviceDiscovery
DocMgr
DocProc
eMachines Games
Epson Copy Utility 3.4
Epson Event Manager
EPSON Perfection V30/V300 Photo Scanner Driver Update
EPSON Scan
Fax
Free File Viewer 2010
Google Chrome
Google Earth Plug-in
Google Update Helper
GPBaseService2
HP Document Manager 2.0
HP Imaging Device Functions 13.0
HP Officejet 6500 E709 Series
HP Smart Web Printing 4.51
HP Solution Center 13.0
HP Update
HPProductAssistant
iCloud
iTunes
Java Auto Updater
Java(TM) 6 Update 24
Junk Mail filter update
Malwarebytes Anti-Malware version 1.61.0.1400
McAfee Security Scan Plus
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Corporation
Microsoft LifeCam
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
Microsoft XML Parser
Mozilla Firefox (3.6.10)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Network
Nikon Message Center
Norton Internet Security
NVIDIA Display Control Panel
NVIDIA Drivers
NVIDIA Stereoscopic 3D Driver
OCR Software by I.R.I.S. 13.0
OGA Notifier 2.0.0048.0
Oracle JInitiator 1.3.1.28
PictureProject
PlayReady PC Runtime x86
ProductContext
PVSonyDll
QuickTime
Realtek High Definition Audio Driver
Safari
Scan
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598039) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
Security Update for Microsoft Visio Viewer 2010 (KB2597981) 32-Bit Edition
Skype Click to Call
Skype™ 5.5
SmartWebPrinting
SolutionCenter
Spelling Dictionaries Support For Adobe Reader 9
Status
Toolbox
TrayApp
TurboTax 2010
TurboTax 2010 WinPerFedFormset
TurboTax 2010 WinPerReleaseEngine
TurboTax 2010 WinPerTaxSupport
TurboTax 2010 wmaiper
TurboTax 2010 wnyiper
TurboTax 2010 wrapper
TurboTax 2011
TurboTax 2011 WinPerFedFormset
TurboTax 2011 WinPerReleaseEngine
TurboTax 2011 WinPerTaxSupport
TurboTax 2011 wnyiper
TurboTax 2011 wrapper
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Upgrade Kit
WebReg
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Photo Gallery
Windows Live Sync
Windows Live Upload Tool
Word Roots Software A1 Trial
.
==== Event Viewer Messages From Past Week ========
.
6/19/2012 4:40:35 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
6/19/2012 4:39:31 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
6/19/2012 4:39:31 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
6/19/2012 4:39:30 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
6/19/2012 4:39:29 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
6/19/2012 4:39:23 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
6/19/2012 4:38:14 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\Rtlihvs.dll Error Code: 21
6/19/2012 4:37:55 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: aswSnx aswSP aswTdi avgfwfd Avgldx86 Avgmfx86 discache spldr Wanarpv6
6/19/2012 4:37:55 PM, Error: Service Control Manager [7001] - The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
6/19/2012 4:35:19 PM, Error: Service Control Manager [7038] - The WdiServiceHost service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
6/19/2012 4:35:19 PM, Error: Service Control Manager [7038] - The HPSLPSVC service was unable to log on as NT AUTHORITY\SYSTEM with the currently configured password due to the following error: The security account manager (SAM) or local security authority (LSA) server was in the wrong state to perform the security operation. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
6/19/2012 4:35:19 PM, Error: Service Control Manager [7023] - The Windows Time service terminated with the following error: A system shutdown is in progress.
6/19/2012 4:35:19 PM, Error: Service Control Manager [7000] - The Portable Device Enumerator Service service failed to start due to the following error: A system shutdown is in progress.
6/19/2012 4:35:19 PM, Error: Service Control Manager [7000] - The hpqcxs08 service failed to start due to the following error: A system shutdown is in progress.
6/19/2012 4:35:19 PM, Error: Service Control Manager [7000] - The HP Network Devices Support service failed to start due to the following error: The service did not start due to a logon failure.
6/19/2012 4:35:19 PM, Error: Service Control Manager [7000] - The Diagnostic Service Host service failed to start due to the following error: The service did not start due to a logon failure.
6/19/2012 4:35:19 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1115" attempting to start the service hpqcxs08 with arguments "" in order to run the server: {1DAEDD8A-30ED-4585-9CF1-13BDF7791DDE}
6/19/2012 4:35:19 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1069" attempting to start the service HPSLPSVC with arguments "" in order to run the server: {10DA4F3C-CC99-4190-BE4D-58330754E882}
6/19/2012 4:35:18 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: avgfwfd
6/19/2012 4:35:08 PM, Error: Service Control Manager [7023] - The IP Helper service terminated with the following error: The specified module could not be found.
6/19/2012 4:35:02 PM, Error: Service Control Manager [7024] - The AVG WatchDog service terminated with service-specific error %%-536805315.
6/19/2012 4:35:02 PM, Error: Service Control Manager [7000] - The KLPP2Drv service failed to start due to the following error: The system cannot find the path specified.
6/19/2012 3:55:52 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer ADAM-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{03AE7B1F-1569-470C-A453-C84DA62D14. The master browser is stopping or an election is being forced.
6/18/2012 6:49:42 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service gupdate1ca3a335d6f79b7 with arguments "/comsvc" in order to run the server: {4EB61BAC-A3B6-4760-9581-655041EF4D69}
6/18/2012 6:49:35 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
6/18/2012 6:46:50 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: avgfwfd Avgldx86 Avgmfx86 discache spldr Wanarpv6
6/18/2012 6:26:36 PM, Error: Service Control Manager [7023] - The Windows Update service terminated with the following error: %%-2147467243
6/15/2012 4:13:22 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WirelessUSB service.
6/13/2012 5:21:24 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Windows 7 Service Pack 1 (KB976932).
.
==== End Of File ===========================
Malware Bytes:
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org
Database version: v2012.04.04.08
Windows 7 x86 NTFS (Safe Mode/Networking)
Internet Explorer 9.0.8112.16421
Judy :: JUDY-PC [administrator]
6/18/2012 8:38:24 PM
mbam-log-2012-06-18 (21-37-22).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 240416
Time elapsed: 5 minute(s), 52 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 3
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> No action taken.
HKCU\Software\AppDataLow\gvtl (Adware.GameVance) -> No action taken.
Registry Values Detected: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations|bak_Application (Hijacker.Application) -> Data: http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s -> No action taken.
Registry Data Items Detected: 3
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowMyComputer (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowSearch (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations|Application (Hijacker.Application) -> Bad: (http://www.helpmeopen.com/?n=app&ext=%s) Good: (http://shell.windows.com/fileassoc/x/xml/redir.asp?Ext=%s) -> No action taken.
Folders Detected: 1
C:\Program Files\FunWebProducts (PUP.MyWebSearch) -> No action taken.
Files Detected: 2
C:\Users\Judy\AppData\Local\Temp\0.6814292786207503.exe (Exploit.Drop.2) -> No action taken.
C:\Users\Judy\AppData\Local\Temp\0.614036174061378.exe (Exploit.Drop.2) -> No action taken.
(end)
GMER:
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-06-19 00:51:43
Windows 6.1.7600 Harddisk0\DR0 -> \Device\00000061 ST332081 rev.SD23
Running: c4963hmu.exe; Driver: C:\Users\Judy\AppData\Local\Temp\pxldypob.sys
---- Kernel code sections - GMER 1.0.15 ----
.text ntkrnlpa.exe!ZwRollbackTransaction + 13E9 8205C599 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82081092 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\Windows\Explorer.EXE[1324] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [741724FA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.17007_none_72f44f3186198a88\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1324] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [7415565B] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.17007_none_72f44f3186198a88\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1324] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [74155719] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.17007_none_72f44f3186198a88\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1324] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [74172575] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.17007_none_72f44f3186198a88\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1324] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [741685D9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.17007_none_72f44f3186198a88\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1324] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [74164D8D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.17007_none_72f44f3186198a88\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1324] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [74165134] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.17007_none_72f44f3186198a88\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1324] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [74165209] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.17007_none_72f44f3186198a88\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1324] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromHBITMAP] [74166736] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.17007_none_72f44f3186198a88\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1324] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [74168330] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.17007_none_72f44f3186198a88\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1324] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [7416887F] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.17007_none_72f44f3186198a88\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1324] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [741690E0] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.17007_none_72f44f3186198a88\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1324] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [7416E283] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.17007_none_72f44f3186198a88\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1324] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [74164CBF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.17007_none_72f44f3186198a88\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\AVAST Software\Avast\AvastUI.exe[1944] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [6E1DF6A0] C:\Program Files\AVAST Software\Avast\aswCmnBS.dll (Common functions/AVAST Software)
---- Devices - GMER 1.0.15 ----
Device \Driver\ACPI_HAL \Device\00000049 halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume6 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
---- Registry - GMER 1.0.15 ----
Reg HKLM\SOFTWARE\Classes\CLSID\{44131C6E-C08D-D7AE-83C1-BEF0C6BDCC4E}\InProcServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{44131C6E-C08D-D7AE-83C1-BEF0C6BDCC4E}\InProcServer32@fbnghjoapccondnmhenjkjhaipedmnhihppjmnccnlja 0x61 0x65 0x63 0x6D ...
Reg HKLM\SOFTWARE\Classes\CLSID\{44131C6E-C08D-D7AE-83C1-BEF0C6BDCC4E}\InProcServer32@hbnghjoapccondnmhenjkjhaipedmnhihppjmnccnllnjmfi 0x62 0x61 0x6B 0x68 ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{44131C6E-C08D-D7AE-83C1-BEF0C6BDCC4E}
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{44131C6E-C08D-D7AE-83C1-BEF0C6BDCC4E}@gbimbjdckkappahaogngbjjcehooccjpkndbjjaiheefke 0x62 0x61 0x6B 0x68 ...
---- EOF - GMER 1.0.15 ----
DDS:
.
DDS (Ver_2011-08-26.01) - NTFSx86 NETWORK
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_24
Run by Judy at 16:40:12 on 2012-06-19
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.2815.2061 [GMT -4:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: AVG Anti-Virus Free Edition 2011 *Disabled/Outdated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: AVG Anti-Virus Free Edition 2011 *Disabled/Outdated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: AVG Firewall *Disabled* {621CC794-9486-F902-D092-0484E8EA828B}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uDefault_Page_URL = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0409&s=1&o=vp32&d=0807&m=el1310
uStart Page = hxxp://www.google.com/
mDefault_Page_URL = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0409&s=1&o=vp32&d=0807&m=el1310
mStart Page = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0409&s=1&o=vp32&d=0807&m=el1310
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\askbardis\bar\bin\askBar.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~4\office14\GROOVEEX.DLL
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~4\office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar.dll
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [MobileDocuments] c:\program files\common files\apple\internet services\ubd.exe
uRun: [hIxvqiEONcrb.exe] c:\programdata\hIxvqiEONcrb.exe
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe
mRun: [Skytel] c:\program files\realtek\audio\hda\Skytel.exe
mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [LifeCam] "c:\program files\microsoft lifecam\LifeExp.exe"
mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [EEventManager] c:\progra~1\epsons~1\eventm~1\EEventManager.exe
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mExplorerRun: [ukl] c:\programdata\uklpr\wmpusrvc.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office14\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: Se&nd to OneNote - c:\progra~1\micros~4\office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
Trusted Zone: intuit.com\ttlc
DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} - hxxps://iepdirect.neric.org/ScriptX_6_5/smsx.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFECAFE-0013-0001-0028-ABCDEFABCDEF} - hxxp://sbpub1.neric.org/forms/jinitiator/jinit.exe
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{03AE7B1F-1569-470C-A453-C84DA62D1459} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{03AE7B1F-1569-470C-A453-C84DA62D1459}\E454750295F425B402F4E454 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{8A9D0914-6453-4D1A-85C2-A5CC6AD2BA00} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{DC4F88EC-56A9-4225-8903-4B4D589A4CBC} : DhcpNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~4\office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\judy\appdata\roaming\mozilla\firefox\profiles\ii2k5147.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4cbe3293&v=6.010.006.004&I=26&tp=ab&iy=&ychte=us&lng=en-US&q=
FF - prefs.js: network.proxy.type - 0
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpClipBook.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpClipBookDB.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpNeoLogger.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSaturn.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSeymour.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSmartSelect.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSmartWebPrinting.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSWPOperation.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXPLogging.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXPMTC.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXPMTL.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXREStub.dll
FF - component: c:\program files\mozilla firefox\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}\components\SkypeFfComponent.dll
FF - plugin: c:\progra~1\micros~4\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~4\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\plugins\nphpclipbook.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPJinit13128.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_228.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Skype Click to Call: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - c:\program files\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - c:\program files\hp\digital imaging\smart web printing\MozillaAddOn3
FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - c:\program files\hp\digital imaging\smart web printing\MozillaAddOn3
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: InvisibleHand: canitbecheaper@trafficbroker.co.uk - %profile%\extensions\canitbecheaper@trafficbroker.co.uk
FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
.
============= SERVICES / DRIVERS ===============
.
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128]
R3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\rtl8192cu.sys [2012-2-4 728064]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-6-18 612184]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-6-18 337880]
S1 avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwd6x.sys [2010-7-12 54112]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-9-7 249424]
S1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 34384]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-1-3 63928]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-6-18 20696]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-6-18 57688]
S2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-6-18 44768]
S2 avgfws;AVG Firewall;c:\program files\avg\avg10\avgfws.exe [2010-9-10 3210176]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [2010-10-11 6104656]
S2 avgwd;AVG WatchDog;c:\program files\avg\avg10\avgwdsvc.exe [2010-9-10 265400]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate1ca3a335d6f79b7;Google Update Service (gupdate1ca3a335d6f79b7);c:\program files\google\update\GoogleUpdate.exe [2009-9-20 133104]
S2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files\common files\intuit\update service v4\IntuitUpdateService.exe [2011-8-25 13672]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\windows\system32\nvSCPAPISvr.exe [2009-7-8 239648]
S2 WirelessUSB;WirelessUSB;c:\program files\cnet\wireless lan driver and utility\RtlService.exe [2012-2-4 36864]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-1 257696]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg10\toolbar\ToolbarBroker.exe [2010-10-6 517448]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-9-20 133104]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2011-6-12 31125880]
S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\drivers\nx6000.sys [2010-1-29 30576]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2009-8-21 66592]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
S3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;c:\windows\system32\drivers\RTL8192su.sys [2010-7-8 603240]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-3-4 1343400]
S4 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-9-7 298448]
.
=============== Created Last 30 ================
.
2012-06-18 22:51:34--------d-----w-c:\users\judy\appdata\roaming\Malwarebytes
2012-06-18 22:51:29--------d-----w-c:\programdata\Malwarebytes
2012-06-18 22:51:2822344----a-w-c:\windows\system32\drivers\mbam.sys
2012-06-18 22:51:28--------d-----w-c:\program files\Malwarebytes' Anti-Malware
2012-06-18 22:49:3944376----a-w-c:\windows\system32\drivers\aswRdr2.sys
2012-06-18 22:49:38612184----a-w-c:\windows\system32\drivers\aswSnx.sys
2012-06-18 22:49:3757688----a-w-c:\windows\system32\drivers\aswMonFlt.sys
2012-06-18 22:49:3141184----a-w-c:\windows\avastSS.scr
2012-06-18 22:49:21--------d-----w-c:\programdata\AVAST Software
2012-06-18 22:49:21--------d-----w-c:\program files\AVAST Software
2012-06-18 22:16:44346760----a-w-c:\programdata\hIxvqiEONcrb.exe
2012-06-13 22:02:44737072----a-w-c:\programdata\microsoft\ehome\packages\sportsv2\sportstemplatecore-2\Microsoft.MediaCenter.Sports.UI.dll
2012-06-13 22:02:284283672----a-w-c:\programdata\microsoft\ehome\packages\mceclientux\updateablemarkup\markup.dll
2012-06-13 22:02:1642776----a-w-c:\programdata\microsoft\ehome\packages\mceclientux\dsm\StartResources.dll
2012-06-13 22:01:55539984----a-w-c:\programdata\microsoft\ehome\packages\mcespotlight\mcespotlight-2\SpotlightResources.dll
2012-06-13 21:16:53--------d-----w-c:\program files\Epson Software
2012-06-12 22:23:565120----a-w-c:\windows\system32\wmi.dll
2012-06-12 22:23:5619312----a-w-c:\windows\system32\drivers\fs_rec.sys
2012-06-12 22:23:56172544----a-w-c:\windows\system32\wintrust.dll
2012-06-12 22:23:56158720----a-w-c:\windows\system32\imagehlp.dll
2012-06-12 22:15:26139264----a-w-c:\windows\system32\cryptsvc.dll
2012-06-12 22:15:261156608----a-w-c:\windows\system32\crypt32.dll
2012-06-12 22:15:26103936----a-w-c:\windows\system32\cryptnet.dll
.
==================== Find3M ====================
.
2012-05-17 22:45:371800192----a-w-c:\windows\system32\jscript9.dll
2012-05-17 22:35:471129472----a-w-c:\windows\system32\wininet.dll
2012-05-17 22:35:391427968----a-w-c:\windows\system32\inetcpl.cpl
2012-05-17 22:29:45142848----a-w-c:\windows\system32\ieUnatt.exe
2012-05-17 22:24:452382848----a-w-c:\windows\system32\mshtml.tlb
2012-05-15 01:12:092342400----a-w-c:\windows\system32\win32k.sys
2012-05-06 22:56:0470304----a-w-c:\windows\system32\FlashPlayerCPLApp.cpl
2012-05-06 22:56:04419488----a-w-c:\windows\system32\FlashPlayerApp.exe
2012-05-02 04:52:09163328----a-w-c:\windows\system32\profsvc.dll
2012-04-28 03:19:47177152----a-w-c:\windows\system32\drivers\rdpwd.sys
2012-04-26 04:48:5257856----a-w-c:\windows\system32\rdpwsx.dll
2012-04-26 04:48:52129536----a-w-c:\windows\system32\rdpcorekmts.dll
2012-04-26 04:43:148192----a-w-c:\windows\system32\rdrmemptylst.exe
2012-04-19 00:56:3094208----a-w-c:\windows\system32\QuickTimeVR.qtx
2012-04-19 00:56:3069632----a-w-c:\windows\system32\QuickTime.qts
2012-04-07 11:34:372342400----a-w-c:\windows\system32\msi.dll
2012-04-02 04:46:443958128----a-w-c:\windows\system32\ntkrnlpa.exe
2012-04-02 04:46:443902320----a-w-c:\windows\system32\ntoskrnl.exe
2012-03-30 10:29:051287024----a-w-c:\windows\system32\drivers\tcpip.sys
.
============= FINISH: 16:42:12.43 ===============
Attach:
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 12/2/2009 10:44:31 PM
System Uptime: 6/19/2012 4:37:07 PM (0 hours ago)
.
Motherboard: eMachines | | WMCP78M
Processor: AMD Athlon(tm) Processor LE-1640 | Socket AM2 | 2700/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 285 GiB total, 224.984 GiB free.
D: is CDROM ()
E: is Removable
F: is Removable
G: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e96f-e325-11ce-bfc1-08002be10318}
Description: PS/2 Compatible Mouse
Device ID: ACPI\PNP0F13\4&18018E29&0
Manufacturer: Microsoft
Name: PS/2 Compatible Mouse
PNP Device ID: ACPI\PNP0F13\4&18018E29&0
Service: i8042prt
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: avast! Network Shield Support
Device ID: ROOT\LEGACY_ASWTDI\0000
Manufacturer:
Name: avast! Network Shield Support
PNP Device ID: ROOT\LEGACY_ASWTDI\0000
Service: aswTdi
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Security Processor Loader Driver
Device ID: ROOT\LEGACY_SPLDR\0000
Manufacturer:
Name: Security Processor Loader Driver
PNP Device ID: ROOT\LEGACY_SPLDR\0000
Service: spldr
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Officejet 6500 E709n
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer: HP
Name: Officejet 6500 E709n
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service:
.
==== System Restore Points ===================
.
RP301: 5/7/2012 6:45:47 AM - Scheduled Checkpoint
RP302: 5/14/2012 6:52:59 AM - Scheduled Checkpoint
RP303: 5/21/2012 6:32:27 PM - Scheduled Checkpoint
RP304: 5/29/2012 8:37:53 AM - Scheduled Checkpoint
RP305: 6/5/2012 7:04:32 PM - Scheduled Checkpoint
RP306: 6/12/2012 6:19:13 PM - Windows Update
RP308: 6/13/2012 5:08:57 PM - Installed InstallShield Restore Point
RP310: 6/13/2012 5:13:24 PM - Removed EPSON Scan Assistant
RP312: 6/13/2012 5:14:41 PM - Removed Attach To Email
RP314: 6/13/2012 5:15:59 PM - Removed Epson Event Manager
RP316: 6/13/2012 5:18:11 PM - Installed EPSON Perfection V30/V300 Photo Scanner Driver Update
RP318: 6/13/2012 5:19:25 PM - Installed MediaImpression
RP320: 6/13/2012 5:39:56 PM - Installed InstallShield Restore Point
RP322: 6/13/2012 5:42:34 PM - Installed Epson Event Manager
RP324: 6/13/2012 5:43:53 PM - Installed EPSON Scan Assistant
RP326: 6/13/2012 5:45:18 PM - Installed Attach To Email
RP328: 6/13/2012 5:47:08 PM - Installed EPSON Perfection V30/V300 Photo Scanner Driver Update
.
==== Installed Programs ======================
.
.
32 Bit HP CIO Components Installer
6500_E709_eDocs
6500_E709_Help
6500_E709n
ABBYY FineReader 6.0 Sprint
Acrobat.com
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.3)
Agere Systems PCI-SV92EX Soft Modem
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft MediaImpression
Ask Toolbar
avast! Internet Security
AVG 2011
Belkin USB Wireless Adaptor
Blio
Bonjour
bpd_scan
BPDSoftware
BPDSoftware_Ini
BufferChm
Choice Guard
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
CNet Wireless LAN Driver and Utility
Compatibility Pack for the 2007 Office system
CyberLink LabelPrint
CyberLink Power2Go
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Destinations
DeviceDiscovery
DocMgr
DocProc
eMachines Games
Epson Copy Utility 3.4
Epson Event Manager
EPSON Perfection V30/V300 Photo Scanner Driver Update
EPSON Scan
Fax
Free File Viewer 2010
Google Chrome
Google Earth Plug-in
Google Update Helper
GPBaseService2
HP Document Manager 2.0
HP Imaging Device Functions 13.0
HP Officejet 6500 E709 Series
HP Smart Web Printing 4.51
HP Solution Center 13.0
HP Update
HPProductAssistant
iCloud
iTunes
Java Auto Updater
Java(TM) 6 Update 24
Junk Mail filter update
Malwarebytes Anti-Malware version 1.61.0.1400
McAfee Security Scan Plus
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Corporation
Microsoft LifeCam
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
Microsoft XML Parser
Mozilla Firefox (3.6.10)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Network
Nikon Message Center
Norton Internet Security
NVIDIA Display Control Panel
NVIDIA Drivers
NVIDIA Stereoscopic 3D Driver
OCR Software by I.R.I.S. 13.0
OGA Notifier 2.0.0048.0
Oracle JInitiator 1.3.1.28
PictureProject
PlayReady PC Runtime x86
ProductContext
PVSonyDll
QuickTime
Realtek High Definition Audio Driver
Safari
Scan
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598039) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
Security Update for Microsoft Visio Viewer 2010 (KB2597981) 32-Bit Edition
Skype Click to Call
Skype™ 5.5
SmartWebPrinting
SolutionCenter
Spelling Dictionaries Support For Adobe Reader 9
Status
Toolbox
TrayApp
TurboTax 2010
TurboTax 2010 WinPerFedFormset
TurboTax 2010 WinPerReleaseEngine
TurboTax 2010 WinPerTaxSupport
TurboTax 2010 wmaiper
TurboTax 2010 wnyiper
TurboTax 2010 wrapper
TurboTax 2011
TurboTax 2011 WinPerFedFormset
TurboTax 2011 WinPerReleaseEngine
TurboTax 2011 WinPerTaxSupport
TurboTax 2011 wnyiper
TurboTax 2011 wrapper
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Upgrade Kit
WebReg
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Photo Gallery
Windows Live Sync
Windows Live Upload Tool
Word Roots Software A1 Trial
.
==== Event Viewer Messages From Past Week ========
.
6/19/2012 4:40:35 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
6/19/2012 4:39:31 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
6/19/2012 4:39:31 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
6/19/2012 4:39:30 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
6/19/2012 4:39:29 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
6/19/2012 4:39:23 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
6/19/2012 4:38:14 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\Rtlihvs.dll Error Code: 21
6/19/2012 4:37:55 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: aswSnx aswSP aswTdi avgfwfd Avgldx86 Avgmfx86 discache spldr Wanarpv6
6/19/2012 4:37:55 PM, Error: Service Control Manager [7001] - The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
6/19/2012 4:35:19 PM, Error: Service Control Manager [7038] - The WdiServiceHost service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
6/19/2012 4:35:19 PM, Error: Service Control Manager [7038] - The HPSLPSVC service was unable to log on as NT AUTHORITY\SYSTEM with the currently configured password due to the following error: The security account manager (SAM) or local security authority (LSA) server was in the wrong state to perform the security operation. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
6/19/2012 4:35:19 PM, Error: Service Control Manager [7023] - The Windows Time service terminated with the following error: A system shutdown is in progress.
6/19/2012 4:35:19 PM, Error: Service Control Manager [7000] - The Portable Device Enumerator Service service failed to start due to the following error: A system shutdown is in progress.
6/19/2012 4:35:19 PM, Error: Service Control Manager [7000] - The hpqcxs08 service failed to start due to the following error: A system shutdown is in progress.
6/19/2012 4:35:19 PM, Error: Service Control Manager [7000] - The HP Network Devices Support service failed to start due to the following error: The service did not start due to a logon failure.
6/19/2012 4:35:19 PM, Error: Service Control Manager [7000] - The Diagnostic Service Host service failed to start due to the following error: The service did not start due to a logon failure.
6/19/2012 4:35:19 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1115" attempting to start the service hpqcxs08 with arguments "" in order to run the server: {1DAEDD8A-30ED-4585-9CF1-13BDF7791DDE}
6/19/2012 4:35:19 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1069" attempting to start the service HPSLPSVC with arguments "" in order to run the server: {10DA4F3C-CC99-4190-BE4D-58330754E882}
6/19/2012 4:35:18 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: avgfwfd
6/19/2012 4:35:08 PM, Error: Service Control Manager [7023] - The IP Helper service terminated with the following error: The specified module could not be found.
6/19/2012 4:35:02 PM, Error: Service Control Manager [7024] - The AVG WatchDog service terminated with service-specific error %%-536805315.
6/19/2012 4:35:02 PM, Error: Service Control Manager [7000] - The KLPP2Drv service failed to start due to the following error: The system cannot find the path specified.
6/19/2012 3:55:52 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer ADAM-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{03AE7B1F-1569-470C-A453-C84DA62D14. The master browser is stopping or an election is being forced.
6/18/2012 6:49:42 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service gupdate1ca3a335d6f79b7 with arguments "/comsvc" in order to run the server: {4EB61BAC-A3B6-4760-9581-655041EF4D69}
6/18/2012 6:49:35 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
6/18/2012 6:46:50 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: avgfwfd Avgldx86 Avgmfx86 discache spldr Wanarpv6
6/18/2012 6:26:36 PM, Error: Service Control Manager [7023] - The Windows Update service terminated with the following error: %%-2147467243
6/15/2012 4:13:22 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WirelessUSB service.
6/13/2012 5:21:24 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Windows 7 Service Pack 1 (KB976932).
.
==== End Of File ===========================