Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Can't Run Any Security Programs

Started by Glimmerman007 , Jul 08 2011 11:47 AM

  • This topic is locked This topic is locked

#16
Essexboy
Posted 10 July 2011 - 11:06 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hmm it does that sometimes just to annoy me

Could you now run a fresh OTL scan please and let me know if you are able to install any AV programmes
  • 0

Advertisements

#17
Glimmerman007
Posted 10 July 2011 - 11:18 AM

Glimmerman007

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
Here it is.



OTL logfile created on: 7/10/2011 1:12:51 PM - Run 3
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Steve\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

15.98 Gb Total Physical Memory | 14.59 Gb Available Physical Memory | 91.33% Memory free
31.95 Gb Paging File | 30.14 Gb Available in Paging File | 94.32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1374.73 Gb Total Space | 1267.64 Gb Free Space | 92.21% Space Free | Partition Type: NTFS
Drive E: | 488.28 Gb Total Space | 483.75 Gb Free Space | 99.07% Space Free | Partition Type: NTFS
Drive F: | 5.56 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive G: | 1.90 Gb Total Space | 0.89 Gb Free Space | 46.63% Space Free | Partition Type: FAT

Computer Name: STEVE-PC | User Name: Steve | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/07/08 18:08:15 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Steve\Desktop\OTL.scr
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/05/21 06:01:00 | 002,214,504 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011/01/10 17:50:40 | 001,097,344 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
PRC - [2011/01/07 19:48:56 | 000,378,984 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010/12/01 22:15:14 | 000,915,584 | R--- | M] () -- C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe
PRC - [2010/11/26 21:50:04 | 002,931,328 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
PRC - [2010/11/03 05:30:14 | 000,918,144 | R--- | M] () -- C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
PRC - [2010/10/21 05:52:26 | 000,586,880 | R--- | M] () -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
PRC - [2010/10/12 16:39:50 | 001,115,776 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe
PRC - [2010/09/24 21:29:32 | 001,115,776 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
PRC - [2010/05/14 01:02:56 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files (x86)\CyberLink\Shared files\brs.exe
PRC - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
PRC - [2009/12/15 13:47:00 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009/07/06 14:22:04 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe


========== Modules (SafeList) ==========

MOD - [2011/07/08 18:08:15 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Steve\Desktop\OTL.scr
MOD - [2010/08/21 01:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/08/12 15:00:20 | 000,133,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\IPROSetMonitor.exe -- (Intel® PROSet Monitoring Service)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011/07/04 07:58:22 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/05/21 06:01:00 | 002,214,504 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/01/07 19:48:56 | 000,378,984 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/12/01 22:15:14 | 000,915,584 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe -- (asHmComSvc)
SRV - [2010/11/03 05:30:14 | 000,918,144 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe -- (asComSvc)
SRV - [2010/10/21 05:52:26 | 000,586,880 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2010/05/14 14:02:54 | 000,246,256 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe -- (CLKMSVC10_9EC60124)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/04/13 15:04:38 | 000,045,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2010/11/22 03:09:06 | 000,303,408 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mv91xx.sys -- (mv91xx)
DRV:64bit: - [2010/11/11 19:10:49 | 000,155,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2010/10/19 16:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel®
DRV:64bit: - [2010/09/21 02:34:18 | 000,313,520 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress) Intel®
DRV:64bit: - [2010/08/20 23:59:12 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2010/08/17 13:28:32 | 000,026,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ICCWDT.sys -- (ICCWDT) Intel® Watchdog Timer Driver (Intel® WDT)
DRV:64bit: - [2010/08/10 05:29:16 | 000,120,920 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2009/07/13 21:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 21:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:35:35 | 000,620,544 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = http://localhost

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG10\Firefox4\ [2011/07/07 22:36:10 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2011/07/09 07:56:38 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - File not found
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] File not found
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [MDS_Menu] C:\Program Files (x86)\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RemoteControl9] C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePPShortCut] C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.co...sreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.co...iaSmartScan.cab (NVIDIA Smart Scan)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.syste...ri_4.4.26.0.cab (SysInfo Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - Reg Error: Key error. File not found
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - File not found
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/06/28 09:21:08 | 000,000,277 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/07/10 08:54:55 | 000,000,000 | ---D | C] -- C:\Users\Steve\Desktop\tdsskiller
[2011/07/09 08:01:09 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/07/09 07:59:36 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011/07/09 07:51:50 | 004,137,062 | R--- | C] (Swearware) -- C:\Users\Steve\Desktop\ComboFix.exe
[2011/07/09 07:12:47 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\AVG
[2011/07/09 06:31:43 | 005,570,224 | ---- | C] (AVG Technologies) -- C:\Users\Steve\Desktop\avg_free_stb_all_2011_1388_cnet.exe
[2011/07/08 22:19:19 | 000,000,000 | ---D | C] -- C:\$AVG
[2011/07/08 18:07:27 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\Steve\Desktop\OTL.scr
[2011/07/08 18:01:11 | 000,000,000 | ---D | C] -- C:\Users\Steve\Desktop\RK_Quarantine
[2011/07/07 22:38:13 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\AVG10
[2011/07/07 22:34:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2011/07/07 22:01:13 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2011/07/07 22:00:54 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2011/07/07 22:00:38 | 000,000,000 | ---D | C] -- C:\Users\Steve\Desktop\YO
[2011/07/07 21:21:52 | 000,000,000 | ---D | C] -- C:\085f89d53065f68d00
[2011/07/07 00:16:53 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/07/07 00:16:53 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/07/07 00:16:53 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/07/07 00:15:59 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/07/07 00:13:08 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/07/06 23:43:41 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\Malwarebytes
[2011/07/06 23:43:36 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/07/06 23:43:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/07/06 23:43:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/07/06 23:43:33 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/07/06 23:43:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/07/06 23:42:26 | 009,435,312 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Steve\Desktop\mbam-setup-1.51.0.1200.exe
[2011/07/06 23:30:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2011/07/06 23:03:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton 360 Premier Edition
[2011/07/06 22:32:44 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Local\Diagnostics
[2011/07/06 17:28:03 | 000,397,832 | ---- | C] (Symantec Corporation) -- C:\Users\Steve\Desktop\N360Downloader.exe
[2011/07/06 16:53:45 | 000,137,568 | ---- | C] (Symantec Corporation) -- C:\Users\Steve\Desktop\buDump.exe
[2011/07/06 05:49:13 | 000,000,000 | ---D | C] -- C:\ProgramData\PCSettings
[2011/07/05 23:53:23 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonRnR
[2011/07/05 23:10:44 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Local\NPE
[2011/07/05 23:08:54 | 002,558,968 | ---- | C] (Symantec Corporation) -- C:\Users\Steve\Desktop\NPE.exe
[2011/07/05 21:35:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Windows Genuine Advantage
[2011/07/05 19:51:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2011/07/05 19:36:49 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2011/07/05 19:36:05 | 000,000,000 | ---D | C] -- C:\a6a9f8b3f4e32b1526285c08c222ea
[2011/07/04 08:08:07 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[2011/07/04 07:54:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2011/07/04 07:54:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2011/07/04 07:53:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2011/07/03 22:32:28 | 000,000,000 | ---D | C] -- C:\found.001
[2011/07/02 09:00:30 | 000,000,000 | --SD | C] -- C:\Users\Public\Documents\Debbie's picture vault
[2011/07/02 08:58:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Creative Memories
[2011/07/02 08:57:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative Memories
[2011/07/02 08:54:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Creative Memories
[2011/07/01 19:55:01 | 000,000,000 | ---D | C] -- C:\found.000
[2011/07/01 18:46:24 | 001,458,992 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Steve\Desktop\TDSSKiller.exe
[2011/06/26 09:10:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2011/06/25 21:02:23 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Local\CrashDumps
[2011/06/18 18:25:27 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2011/06/18 14:29:35 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Local\ElevatedDiagnostics
[2011/06/12 14:35:27 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/06/11 15:45:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2011/06/11 15:45:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2011/06/11 15:45:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2011/06/11 15:45:23 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Local\Adobe
[2011/06/11 08:40:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011/06/10 22:35:43 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\NVIDIA
[2011/06/10 20:13:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2011/06/10 20:13:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2011/06/10 17:39:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse
[2011/06/10 17:39:34 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft IntelliPoint

========== Files - Modified Within 30 Days ==========

[2011/07/10 13:02:25 | 000,013,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/07/10 13:02:25 | 000,013,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/07/10 13:01:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/07/10 12:45:35 | 4276,850,686 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/10 12:44:56 | 000,003,288 | ---- | M] () -- C:\bootsqm.dat
[2011/07/10 08:47:52 | 001,327,397 | ---- | M] () -- C:\Users\Steve\Desktop\tdsskiller.zip
[2011/07/10 02:47:42 | 000,001,030 | ---- | M] () -- C:\Users\Steve\Desktop\Internet Explorer.lnk
[2011/07/09 08:00:56 | 001,010,908 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/07/09 08:00:56 | 000,237,148 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/07/09 08:00:56 | 000,005,348 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/07/09 07:56:38 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011/07/09 07:18:13 | 004,137,062 | R--- | M] (Swearware) -- C:\Users\Steve\Desktop\ComboFix.exe
[2011/07/09 06:32:16 | 005,570,224 | ---- | M] (AVG Technologies) -- C:\Users\Steve\Desktop\avg_free_stb_all_2011_1388_cnet.exe
[2011/07/09 06:01:21 | 627,870,059 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/07/08 18:08:15 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Steve\Desktop\OTL.scr
[2011/07/06 23:43:37 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/07/06 23:42:56 | 009,435,312 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Steve\Desktop\mbam-setup-1.51.0.1200.exe
[2011/07/06 21:56:12 | 000,435,740 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20110706-215655.backup
[2011/07/06 17:28:05 | 000,397,832 | ---- | M] (Symantec Corporation) -- C:\Users\Steve\Desktop\N360Downloader.exe
[2011/07/06 16:54:48 | 000,920,384 | ---- | M] () -- C:\Users\Steve\Desktop\Norton_Removal_Tool.exe
[2011/07/06 16:53:45 | 000,137,568 | ---- | M] (Symantec Corporation) -- C:\Users\Steve\Desktop\buDump.exe
[2011/07/06 16:40:31 | 000,000,000 | ---- | M] () -- C:\Windows\lgfwup.ini
[2011/07/05 23:09:05 | 002,558,968 | ---- | M] (Symantec Corporation) -- C:\Users\Steve\Desktop\NPE.exe
[2011/07/05 21:17:45 | 000,001,101 | ---- | M] () -- C:\Users\Steve\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2011/07/05 16:23:07 | 000,001,437 | ---- | M] () -- C:\Users\Steve\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/07/05 16:18:33 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2011/07/05 16:18:33 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2011/07/04 16:31:00 | 000,000,221 | ---- | M] () -- C:\Users\Steve\Desktop\Assassin's Creed.url
[2011/07/04 08:08:07 | 000,000,219 | ---- | M] () -- C:\Users\Steve\Desktop\Portal.url
[2011/07/03 23:30:29 | 000,001,308 | ---- | M] () -- C:\Users\Steve\Desktop\Norton Installation Files.lnk
[2011/07/02 14:25:39 | 001,032,256 | ---- | M] () -- C:\Windows\PE_Rom.dll
[2011/07/02 14:25:32 | 000,003,349 | ---- | M] () -- C:\Windows\MB.idx
[2011/07/02 14:25:28 | 000,000,462 | ---- | M] () -- C:\Windows\Path.idx
[2011/07/02 08:57:56 | 000,002,094 | ---- | M] () -- C:\Users\Public\Desktop\Memory Manager 3.0.lnk
[2011/07/01 18:46:24 | 001,458,992 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Steve\Desktop\TDSSKiller.exe
[2011/06/29 08:54:06 | 000,427,264 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/06/26 09:10:44 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/06/26 02:45:56 | 000,256,000 | ---- | M] () -- C:\Windows\PEV.exe
[2011/06/11 15:34:06 | 001,075,322 | ---- | M] () -- C:\Users\Steve\Documents\Employee list by position.pdf
[2011/06/10 17:39:39 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_point64_01009.Wdf

========== Files Created - No Company Name ==========

[2011/07/10 12:44:56 | 000,003,288 | ---- | C] () -- C:\bootsqm.dat
[2011/07/10 08:51:22 | 001,327,397 | ---- | C] () -- C:\Users\Steve\Desktop\tdsskiller.zip
[2011/07/07 00:16:53 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011/07/07 00:16:53 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/07/07 00:16:53 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/07/07 00:16:53 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/07/07 00:16:53 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/07/06 23:43:37 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/07/06 16:54:47 | 000,920,384 | ---- | C] () -- C:\Users\Steve\Desktop\Norton_Removal_Tool.exe
[2011/07/05 16:18:33 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2011/07/05 16:18:33 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2011/07/04 16:31:00 | 000,000,221 | ---- | C] () -- C:\Users\Steve\Desktop\Assassin's Creed.url
[2011/07/04 08:08:07 | 000,000,219 | ---- | C] () -- C:\Users\Steve\Desktop\Portal.url
[2011/07/02 14:24:54 | 000,003,349 | ---- | C] () -- C:\Windows\MB.idx
[2011/07/02 14:24:46 | 000,000,462 | ---- | C] () -- C:\Windows\Path.idx
[2011/07/02 14:24:12 | 001,032,256 | ---- | C] () -- C:\Windows\PE_Rom.dll
[2011/07/02 08:57:56 | 000,002,094 | ---- | C] () -- C:\Users\Public\Desktop\Memory Manager 3.0.lnk
[2011/06/26 09:10:44 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/06/26 09:10:43 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011/06/12 14:35:26 | 627,870,059 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/06/12 14:07:53 | 003,797,756 | ---- | C] () -- C:\100_1676.jpg
[2011/06/12 14:07:52 | 004,167,921 | ---- | C] () -- C:\100_1672.jpg
[2011/06/12 14:07:52 | 003,997,650 | ---- | C] () -- C:\100_1674.jpg
[2011/06/12 14:07:52 | 003,904,804 | ---- | C] () -- C:\100_1673.jpg
[2011/06/12 14:07:52 | 003,519,965 | ---- | C] () -- C:\100_1675.jpg
[2011/06/12 14:07:52 | 002,485,470 | ---- | C] () -- C:\100_1671.jpg
[2011/06/12 14:07:51 | 003,745,824 | ---- | C] () -- C:\100_1666.jpg
[2011/06/12 14:07:51 | 003,612,005 | ---- | C] () -- C:\100_1663.jpg
[2011/06/12 14:07:51 | 003,543,991 | ---- | C] () -- C:\100_1660.jpg
[2011/06/12 14:07:51 | 003,454,528 | ---- | C] () -- C:\100_1662.jpg
[2011/06/12 14:07:50 | 003,793,248 | ---- | C] () -- C:\100_1637.jpg
[2011/06/12 14:07:50 | 003,742,268 | ---- | C] () -- C:\100_1638.jpg
[2011/06/12 14:07:50 | 003,660,552 | ---- | C] () -- C:\100_1639.jpg
[2011/06/12 14:07:50 | 003,443,578 | ---- | C] () -- C:\100_1658.jpg
[2011/06/11 15:34:06 | 001,075,322 | ---- | C] () -- C:\Users\Steve\Documents\Employee list by position.pdf
[2011/06/10 17:39:39 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_point64_01009.Wdf
[2011/05/30 10:24:03 | 000,013,440 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2011/05/30 10:23:53 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2011/05/27 22:55:33 | 000,000,000 | ---- | C] () -- C:\Windows\lgfwup.ini
[2011/05/27 22:26:23 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2011/05/27 22:26:18 | 000,026,916 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2010/08/03 01:21:24 | 000,014,464 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsUpIO.sys
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009/04/02 08:30:14 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2008/01/04 01:34:42 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys

========== LOP Check ==========

[2011/07/09 07:12:47 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\AVG
[2011/07/07 22:38:13 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\AVG10
[2011/06/05 12:56:33 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Tific
[2011/07/07 23:34:33 | 000,032,540 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >
[2007/01/11 19:12:58 | 002,855,080 | ---- | M] () -- C:\aawsepersonal.exe


< MD5 for: EXPLORER.EXE >
[2011/02/26 02:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\ERDNT\cache86\explorer.exe
[2011/02/26 02:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\explorer.exe
[2011/02/26 02:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\SysWOW64\explorer.exe
[2011/02/26 02:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 01:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/13 21:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 01:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009/10/31 01:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 02:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 08:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/02/26 01:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=4EE209CDCD70DEC3F5629D21F4DB07FB -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2009/08/03 02:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009/10/31 02:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/03 01:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 09:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/10/31 02:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/03 01:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/13 21:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 02:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011/02/26 02:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009/08/03 02:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: SVCHOST.EXE >
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\ERDNT\cache86\svchost.exe
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\ERDNT\cache64\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/13 21:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\ERDNT\cache86\userinit.exe
[2009/07/13 21:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009/07/13 21:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/13 21:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\ERDNT\cache64\userinit.exe
[2009/07/13 21:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009/07/13 21:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 09:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 09:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/13 21:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009/10/28 03:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/28 02:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\ERDNT\cache64\winlogon.exe
[2009/10/28 02:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe
[2009/10/28 02:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< %systemroot%\*. /mp /s >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2011/07/05 16:18:33 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2011/07/05 16:18:33 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2011/07/05 16:18:33 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2011/07/05 16:18:33 | 000,748,336 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" [2011/07/05 16:18:33 | 000,748,336 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2011/07/05 16:18:33 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2011/07/05 16:18:33 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2011/07/05 16:18:33 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2011/07/05 16:18:33 | 000,748,336 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" [2011/07/05 16:18:33 | 000,748,336 | ---- | M] (Microsoft Corporation)

< >

========== Alternate Data Streams ==========

@Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:0B4227B4

< End of report >
  • 0

#18
Essexboy
Posted 10 July 2011 - 11:24 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Are you able to install or run an AV programme ?
  • 0

#19
Glimmerman007
Posted 10 July 2011 - 11:27 AM

Glimmerman007

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
Do you want me to see if I can download AVG and scan with it. I could download it in the past but once it started to scan I would get the message that windows was shutting it down.
  • 0

#20
Glimmerman007
Posted 10 July 2011 - 11:35 AM

Glimmerman007

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
Our messages crisscrossed, I'm downloading and will try to run it when it's finished.
  • 0

#21
Essexboy
Posted 10 July 2011 - 11:38 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Happens to me all the time :)
  • 0

#22
Glimmerman007
Posted 10 July 2011 - 12:14 PM

Glimmerman007

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
Succesful at downloading AVG and ran it, No threats found but it did give the following information.
c:ProgramFiles(x86)/CommonFiles?Microsoftshared/OFFICE14/MSORES.DLL This file is signed with a broken digital singature, issued by Microsoft Corporation
  • 0

#23
Essexboy
Posted 10 July 2011 - 12:26 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you now update and run malwarebytes please and post the resultant log, along with any remaining problems
  • 0

#24
Glimmerman007
Posted 10 July 2011 - 12:40 PM

Glimmerman007

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
Below is the log. I'm to see what other lingering problems I have and I'll get right back with you.


Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Database version: 7064

Windows 6.1.7600
Internet Explorer 9.0.8112.16421

7/10/2011 2:38:18 PM
mbam-log-2011-07-10 (14-38-18).txt

Scan type: Quick scan
Objects scanned: 219318
Time elapsed: 49 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
  • 0

#25
Glimmerman007
Posted 10 July 2011 - 01:09 PM

Glimmerman007

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
I still can't install three Window updates. Two are Security Updates for Microsoft. NET Frame work KB2446708 & KB2478663. The other is the Windows 7 Service Pack 1 for x64- based systems. All my Microsoft Office programs have stopped working for some reason.
  • 0

Advertisements

#26
Essexboy
Posted 10 July 2011 - 02:16 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
What error code does windows update give ?

But first go to this MS website and run the fixit about one third of the way down and then try updates again
If a normal run fails then rerun it in the aggresive mode :)
  • 0

#27
Glimmerman007
Posted 11 July 2011 - 05:43 AM

Glimmerman007

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
I used the Fixit but it still won't update. I thought I might would download the Service 1 for x64 based systems on a jump drive at another computer then try to download it to my computer. Do you think it's worth a try? Also my Microsoft Office programs are working again.
  • 0

#28
Essexboy
Posted 11 July 2011 - 11:25 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Back a few weeks ago I made a transfer using Belkin Easy Transfer. I transfered files from my older computer which has the WindowsXP system to my new computer which has the Windows7 Ultimate system. Could this be my problem? Just wondering if I need to reformat my Windows7 computer and start from scratch

If the permissions are not set correctly and the programmes are not windows 7 compliant, then that may cause some problems. If you do have the ability to reset the system (fresh windows 7 install) without losing any important data I would recommend that. Then rather than copy programmes over download fresh copies to the new system, thereby ensuring that they are the latest and best. What are your thoughts on this ?
  • 0

#29
Glimmerman007
Posted 11 July 2011 - 11:36 AM

Glimmerman007

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
Sounds like a plan to me. I think I'll give it a try and I'll let you know what happens. I just about don't have any more hair to pull out. :)
  • 0

#30
Essexboy
Posted 11 July 2011 - 11:40 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
I have found that with windows 7 64 bit a nice clean install with all fresh programmes and it works a treat :)
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP