Jump to content

quo_status

Members
  • Content Count

    211
  • Joined

  • Last visited

About quo_status

  • Rank
    Member
  1. I havnt been able to get to another machine so I have been waiting, hoping I will by tonight. I am thinking if I need to reformat, I could try just doing a disk image in safemode and hope that works, if so then I may just wipe the disk clean and start fresh with all my things. One thing confuses me and I need clarification, I bought my laptop with the windows7 already pre installed (just needed to turn it on and set everything up etc) and I do not have an original win7 disk BUT, after installation I created a system restore onto a clean disk. Would this be neccessary to use?
  2. I agree on the possibility for a reinformat, goodness i think this would be better hahaha! But hopefully we can get somewhere after all this time, fingers crossed! IF, if we get to that, will it be possible to do an image of my harddrive so I do not lose things? Maybe I should go ahead and back up/image my hdd soon, how ever it can be done. I am going to start from scratch on 10th post starting with the usb flash drive as I speak....
  3. Been having trouble (again) getting on the machine smoothly. Things were running a bit better at first moment but now this windows critical error happens about every time I log on and go into normal desktop, it pops up every time and forces a shut down reboot. Silly. SO I am back in safe mode hahaha. Along with the system crit error, the Catalyst Control Center keeps popping up claiming it isnt running right or something of an error, and, something had triggered the DskChk to run every time I restart, some sort of file had gone corrupt apparently according to an icon stating so in the clock bar section. Am I able to continue this step, in safe mode at all?
  4. All but TDSkiller came back with nothing, 0 on everything and no log. I have been encountering sudden appearances of a windows error message stating windows has encountered a critical problem and must shutdown in 1 minute, and it reboots each time. I have encountered this in the past when I try to upload from the HDD (except when I use yahoo email, so I think this error has to do with what 'style' window of windows explorer is opened for uploadng a file, makes sense?) ASW MBR log: aswMBR version 0.9.9.1532 Copyright© 2011 AVAST Software Run date: 2012-03-06 17:00:01 ----------------------------- 17:00:01.239 OS Version: Windows 6.1.7600 17:00:01.239 Number of processors: 1 586 0x301 17:00:01.241 ComputerName: ADAM-PC UserName: Adam 17:00:02.059 Initialize success 17:00:11.246 AVAST engine defs: 12030600 17:00:16.625 Disk 0 (boot) DeviceHarddisk0DR0 -> DeviceIdeIdeDeviceP1T0L0-1 17:00:16.628 Disk 0 Vendor: TOSHIBA_MK2555GSX FG001M Size: 238475MB BusType: 11 17:00:16.670 Disk 0 MBR read successfully 17:00:16.674 Disk 0 MBR scan 17:00:16.681 Disk 0 Windows VISTA default MBR code 17:00:16.695 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048 17:00:16.716 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 228693 MB offset 3074048 17:00:16.754 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 8281 MB offset 471437312 17:00:16.792 Disk 0 scanning sectors +488396800 17:00:16.919 Disk 0 scanning C:windowssystem32drivers 17:00:33.539 Service scanning 17:00:34.851 Modules scanning 17:00:57.656 Disk 0 trace - called modules: 17:00:58.084 ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS halmacpi.dll PCIIDEX.SYS msahci.sys 17:00:58.114 1 nt!IofCallDriver -> DeviceHarddisk0DR0[0x85c74ac8] 17:00:58.123 3 CLASSPNP.SYS[8840459e] -> nt!IofCallDriver -> DeviceIdeIdeDeviceP1T0L0-1[0x85c69030] 17:00:59.097 AVAST engine scan C:windows 17:01:03.487 AVAST engine scan C:windowssystem32 17:05:10.067 AVAST engine scan C:windowssystem32drivers 17:05:25.455 AVAST engine scan C:UsersAdam 17:06:00.084 Disk 0 MBR has been saved successfully to "C:UsersAdamDesktopMBR.dat" 17:06:00.099 The log file has been saved successfully to "C:UsersAdamDesktopaswMBR.txt" 17:06:18.913 Disk 0 MBR has been saved successfully to "C:UsersAdamDesktopMBR.dat" 17:06:18.923 The log file has been saved successfully to "C:UsersAdamDesktopaswMBR.txt" DDS log: . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_22 Run by Adam at 16:06:44 on 2012-03-06 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.1790.188 [GMT -8:00] . SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:windowssystem32wininit.exe C:windowssystem32lsm.exe C:windowssystem32svchost.exe -k DcomLaunch C:windowssystem32svchost.exe -k RPCSS C:windowssystem32atiesrxx.exe C:windowsSystem32svchost.exe -k LocalServiceNetworkRestricted C:windowsSystem32svchost.exe -k LocalSystemNetworkRestricted C:windowssystem32svchost.exe -k netsvcs C:windowssystem32svchost.exe -k LocalService C:windowssystem32atieclxx.exe C:windowssystem32svchost.exe -k NetworkService C:windowsSystem32spoolsv.exe C:windowssystem32svchost.exe -k LocalServiceNoNetwork C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe C:Program FilesBonjourmDNSResponder.exe C:windowssystem32svchost.exe -k LocalServiceAndNoImpersonation C:Program FilesLogMeIn Hamachihamachi-2.exe c:Program FilesCommon FilesProtexisLicense ServicePsiService_2.exe C:windowssystem32taskhost.exe C:windowssystem32svchost.exe -k imgsvc C:windowssystem32Dwm.exe C:windowssystem32Wacom_Tablet.exe C:Windowssystem32TODDSrv.exe C:windowssystem32taskeng.exe C:windowsSystem32svchost.exe -k secsvcs C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE C:windowssystem32WTabletWacom_TabletUser.exe C:windowssystem32SearchIndexer.exe C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe C:windowssystem32Wacom_Tablet.exe C:windowsExplorer.EXE C:Program FilesRealtekAudioHDARtHDVCpl.exe C:Program FilesSynapticsSynTPSynTPEnh.exe C:Program FilesFreecorderFLVSrvc.exe C:windowssystem32svchost.exe -k NetworkServiceNetworkRestricted C:Program FilesSynapticsSynTPSynTPHelper.exe C:Program FilesWindows Media Playerwmpnetwk.exe C:Program FilesMicrosoft OfficeOffice12ONENOTEM.EXE C:windowsSystem32svchost.exe -k LocalServicePeerNet C:Program FilesTOSHIBAConfigFreeNDSTray.exe C:Program FilesTOSHIBAConfigFreeCFSwMgr.exe C:Program FilesInternet Exploreriexplore.exe C:Program FilesInternet Exploreriexplore.exe C:Program FilesInternet Exploreriexplore.exe C:Program FilesInternet Exploreriexplore.exe C:Program FilesInternet Exploreriexplore.exe C:Program FilesInternet Exploreriexplore.exe C:Program FilesInternet Exploreriexplore.exe C:Program FilesInternet Exploreriexplore.exe C:Program FilesInternet Exploreriexplore.exe C:Program FilesInternet Exploreriexplore.exe C:Program FilesInternet Exploreriexplore.exe C:Program FilesInternet Exploreriexplore.exe C:Program FilesInternet Exploreriexplore.exe C:Program FilesInternet Exploreriexplore.exe C:Program FilesInternet Exploreriexplore.exe C:Program FilesInternet Exploreriexplore.exe C:Program FilesInternet Exploreriexplore.exe C:Program FilesInternet Exploreriexplore.exe C:Program FilesInternet Exploreriexplore.exe C:Program FilesInternet Exploreriexplore.exe C:Program FilesTOSHIBAConfigFreeCFIWmxSvcs.exe C:Program FilesTOSHIBATOSHIBA HDD SSD AlertTosSmartSrv.exe C:Program FilesTOSHIBAConfigFreeCFSvcs.exe C:Program FilesCommon FilesMicrosoft SharedInkInputPersonalization.exe C:Program FilesTOSHIBATOSHIBA HDD SSD AlertTosSENotify.exe C:windowssystem32wuauclt.exe C:windowssystem32DllHost.exe C:windowssystem32DllHost.exe C:windowssystem32conhost.exe C:windowssystem32wbemwmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA uInternet Settings,ProxyOverride = *.local uURLSearchHooks: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - c:program filesfreecorderprxtbFre0.dll mURLSearchHooks: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - c:program filesfreecorderprxtbFre0.dll BHO: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - c:program filesfreecorderprxtbFre0.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:program filescommon filesadobeacrobatactivexAcroIEHelperShim.dll BHO: Conduit Engine : {30f9b915-b755-4826-820b-08fba6bd249d} - c:program filesconduitengineprxConduitEngine.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:program filescommon filesmicrosoft sharedwindows liveWindowsLiveLogin.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:program filesskypetoolbarsinternet explorerskypeieplugin.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:program filesjavajre6binjp2ssv.dll TB: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - c:program filesfreecorderprxtbFre0.dll TB: Conduit Engine : {30f9b915-b755-4826-820b-08fba6bd249d} - c:program filesconduitengineprxConduitEngine.dll uRunOnce: [FlashPlayerUpdate] c:windowssystem32macromedflashFlashUtil10k_ActiveX.exe -update activex mRun: [startCCC] "c:program filesati technologiesati.acecore-staticCLIStart.exe" MSRun mRun: [RtHDVCpl] c:program filesrealtekaudiohdaRtHDVCpl.exe mRun: [synTPEnh] %ProgramFiles%SynapticsSynTPSynTPEnh.exe mRun: [HWSetup] "c:program filestoshibautilitiesHWSetup.exe" hwSetUP mRun: [TosSENotify] c:program filestoshibatoshiba hdd ssd alertTosWaitSrv.exe mRun: [Freecorder FLV Service] "c:program filesfreecorderFLVSrvc.exe" /run mRun: [Malwarebytes Anti-Malware (reboot)] "c:program filesmalwarebytes' anti-malwarembam.exe" /runcleanupscript mRun: [Malwarebytes' Anti-Malware (reboot)] "c:program filesmalwarebytes' anti-malwarembam.exe" /runcleanupscript mRun: [LogMeIn Hamachi Ui] "c:program fileslogmein hamachihamachi-2-ui.exe" --auto-start StartupFolder: c:usersadamappdataroamingmicros~1windowsstartm~1programsstartupadobeg~1.lnk - c:program filescommon filesadobecalibrationAdobe Gamma Loader.exe StartupFolder: c:usersadamappdataroamingmicros~1windowsstartm~1programsstartuponenot~1.lnk - c:program filesmicrosoft officeoffice12ONENOTEM.EXE mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: E&xport to Microsoft Excel - c:progra~1mif5ba~1office12EXCEL.EXE/3000 IE: En&queue current page with Bulk Image Downloader - file://c:program filesbulk image downloaderiemenuiebidqueue.htm IE: Enqueue link target with Bulk Ima&ge Downloader - file://c:program filesbulk image downloaderiemenuiebidlinkqueue.htm IE: Open &link target with Bulk Image Downloader - file://c:program filesbulk image downloaderiemenuiebidlink.htm IE: Open current page with Bulk I&mage Downloader - file://c:program filesbulk image downloaderiemenuiebid.htm IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:program fileswindows livewriterWriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:progra~1mif5ba~1office12ONBttnIE.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:program filesskypetoolbarsinternet explorerskypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:progra~1mif5ba~1office12REFIEBAR.DLL DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab TCP: DhcpNameServer = 10.0.0.1 TCP: Interfaces{18ADF773-72E7-492A-A945-E19EC4AABD96} : DhcpNameServer = 10.0.0.1 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:program filesskypetoolbarsinternet explorerskypeieplugin.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:program fileswindows livephoto galleryAlbumDownloadProtocolHandler.dll mASetup: {01250B8F-D947-4F8A-9408-FE8E3EE2EC92} - c:program filestoshibamy toshibaMyToshiba.exe /SETUP . ================= FIREFOX =================== . FF - ProfilePath - c:usersadamappdataroamingmozillafirefoxprofilesfuq844eo.default FF - plugin: c:program filesjavajre6binnew_pluginnpdeployJava1.dll FF - plugin: c:program filesmozilla firefoxpluginsnpdeployJava1.dll FF - plugin: c:program fileswindows livephoto galleryNPWLPG.dll FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:program filesmozilla firefoxextensions{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:program filesmozilla firefoxextensions{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%extensions{b9db16a4-6edc-47ec-a1f4-b86292ed211d} FF - Ext: DownThemAll!: {DDC359D1-844A-42a7-9AA1-88A850A938A8} - %profile%extensions{DDC359D1-844A-42a7-9AA1-88A850A938A8} FF - Ext: Session Manager: {1280606b-2510-4fe0-97ef-9b5a22eafe30} - %profile%extensions{1280606b-2510-4fe0-97ef-9b5a22eafe30} . ---- FIREFOX POLICIES ---- FF - user.js: browser.cache.memory.capacity - 65536 FF - user.js: browser.chrome.favicons - false FF - user.js: browser.display.show_image_placeholders - true FF - user.js: browser.turbo.enabled - true FF - user.js: browser.urlbar.autocomplete.enabled - true FF - user.js: browser.urlbar.autofill - true FF - user.js: content.interrupt.parsing - true FF - user.js: content.max.tokenizing.time - 2250000 FF - user.js: content.notify.backoffcount - 5 FF - user.js: content.notify.interval - 750000 FF - user.js: content.notify.ontimer - true FF - user.js: content.switch.threshold - 750000 FF - user.js: network.http.max-connections - 48 FF - user.js: network.http.max-connections-per-server - 16 FF - user.js: network.http.max-persistent-connections-per-proxy - 16 FF - user.js: network.http.max-persistent-connections-per-server - 8 FF - user.js: network.http.pipelining - true FF - user.js: network.http.pipelining.firstrequest - true FF - user.js: network.http.pipelining.maxrequests - 8 FF - user.js: network.http.proxy.pipelining - true FF - user.js: network.http.request.max-start-delay - 0 FF - user.js: network.protocol-handler.warn-external.dnupdate - false FF - user.js: nglayout.initialpaint.delay - 0 FF - user.js: plugin.expose_full_path - true FF - user.js: ui.submenuDelay - 0 FF - user.js: network.protocol-handler.warn-external.dnupdate - false . ============= SERVICES / DRIVERS =============== . R1 vwififlt;Virtual WiFi Filter Driver;c:windowssystem32driversvwififlt.sys [2009-7-13 48128] R2 AMD External Events Utility;AMD External Events Utility;c:windowssystem32atiesrxx.exe [2010-7-15 176128] R2 cfWiMAXService;ConfigFree WiMAX Service;c:program filestoshibaconfigfreeCFIWmxSvcs.exe [2009-8-10 185712] R2 ConfigFree Service;ConfigFree Service;c:program filestoshibaconfigfreeCFSvcs.exe [2009-3-10 46448] R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:program fileslogmein hamachihamachi-2.exe [2012-2-28 1373576] R2 TabletServiceWacom;TabletServiceWacom;c:windowssystem32Wacom_Tablet.exe [2012-3-1 5010288] R3 RTL8167;Realtek 8167 NT Driver;c:windowssystem32driversRt86win7.sys [2010-7-15 167936] R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:program filestoshibatoshiba hdd ssd alertTosSmartSrv.exe [2009-8-3 111960] R3 wacmoumonitor;Wacom Mode Helper;c:windowssystem32driverswacmoumonitor.sys [2010-8-12 16168] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:windowsmicrosoft.netframeworkv4.0.30319mscorsvw.exe [2010-3-18 130384] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:windowssystem32driversb57nd60x.sys [2009-7-13 229888] S3 WatAdminSvc;Windows Activation Technologies Service;c:windowssystem32watWatAdminSvc.exe [2010-8-13 1343400] . =============== Created Last 30 ================ . 2012-03-06 12:06:22 -------- d-----w- c:usersadamappdatalocalSCE 2012-03-06 12:05:13 74072 ----a-w- c:windowssystem32XAPOFX1_5.dll 2012-03-06 12:05:13 527192 ----a-w- c:windowssystem32XAudio2_7.dll 2012-03-06 12:05:12 239960 ----a-w- c:windowssystem32xactengine3_7.dll 2012-03-06 12:05:12 2106216 ----a-w- c:windowssystem32D3DCompiler_43.dll 2012-03-06 12:05:12 1868128 ----a-w- c:windowssystem32d3dcsx_43.dll 2012-03-06 12:05:11 470880 ----a-w- c:windowssystem32d3dx10_43.dll 2012-03-06 12:05:11 248672 ----a-w- c:windowssystem32d3dx11_43.dll 2012-03-06 12:05:11 1998168 ----a-w- c:windowssystem32D3DX9_43.dll 2012-03-03 07:04:37 -------- d-----w- c:program filescommon filesCorel 2012-03-03 07:04:26 -------- d-----w- c:program filescommon filesProtexis 2012-03-01 23:58:28 -------- d-----w- c:usersadamappdatalocalSkyrim 2012-03-01 23:37:20 -------- d-----w- c:usersadamappdataroamingWTablet 2012-03-01 23:37:11 7773040 ----a-w- c:windowssystem32WacomTablet.cpl 2012-03-01 23:37:07 14120 ----a-w- c:windowssystem32driverswacomvhid.sys 2012-03-01 23:37:01 -------- d-----w- c:windowssystem32WTablet 2012-03-01 23:36:59 5010288 ----a-w- c:windowssystem32Wacom_Tablet.exe 2012-03-01 23:36:59 415600 ----a-w- c:windowssystem32Wacom_Tablet.dll 2012-03-01 23:36:59 294400 ----a-w- c:windowssystem32Wintab32.dll 2012-03-01 23:36:56 -------- d-----w- c:program filesTablet 2012-03-01 23:35:33 56200 ----a-w- c:programdatamicrosoftwindows defenderdefinition updates{9a8aeec5-54fc-4bc4-a202-14ba59cf817a}offreg.dll 2012-03-01 21:54:44 162664 ----a-w- c:programdatamicrosoftwindowssqmmanifestSqm10140.bin 2012-03-01 21:24:50 -------- d-----w- c:program filesMicrosoft XNA 2012-03-01 21:11:08 -------- d-----w- c:program filesLogMeIn Hamachi 2012-03-01 18:13:58 266088 ----a-w- c:windowssystem32xactengine2_8.dll 2012-02-20 11:47:04 5732688 ----a-w- c:programdatamicrosoftwindows defenderdefinition updatesbackupmpengine.dll 2012-02-20 11:46:53 6557240 ----a-w- c:programdatamicrosoftwindows defenderdefinition updates{9a8aeec5-54fc-4bc4-a202-14ba59cf817a}mpengine.dll 2012-02-15 00:19:31 -------- d-sh--w- C:$RECYCLE.BIN . ==================== Find3M ==================== . . ============= FINISH: 16:08:46.72 =============== Attach log: . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: DeviceHarddiskVolume1 Install Date: 8/12/2010 7:16:17 PM System Uptime: 3/6/2012 2:22:59 PM (2 hours ago) . Motherboard: TOSHIBA | | NBWAE Processor: AMD Sempron SI-42 | Socket M2/S1G1 | 2100/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 223 GiB total, 92.215 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsle80a2f7c Device ID: ROOTLEGACY_MPKSLE80A2F7C0000 Manufacturer: Name: MpKsle80a2f7c PNP Device ID: ROOTLEGACY_MPKSLE80A2F7C0000 Service: MpKsle80a2f7c . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsl9de29f62 Device ID: ROOTLEGACY_MPKSL9DE29F620000 Manufacturer: Name: MpKsl9de29f62 PNP Device ID: ROOTLEGACY_MPKSL9DE29F620000 Service: MpKsl9de29f62 . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsl806f3dbb Device ID: ROOTLEGACY_MPKSL806F3DBB0000 Manufacturer: Name: MpKsl806f3dbb PNP Device ID: ROOTLEGACY_MPKSL806F3DBB0000 Service: MpKsl806f3dbb . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsle987c862 Device ID: ROOTLEGACY_MPKSLE987C8620000 Manufacturer: Name: MpKsle987c862 PNP Device ID: ROOTLEGACY_MPKSLE987C8620000 Service: MpKsle987c862 . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsl9e47ea43 Device ID: ROOTLEGACY_MPKSL9E47EA430000 Manufacturer: Name: MpKsl9e47ea43 PNP Device ID: ROOTLEGACY_MPKSL9E47EA430000 Service: MpKsl9e47ea43 . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsl8411b7c6 Device ID: ROOTLEGACY_MPKSL8411B7C60000 Manufacturer: Name: MpKsl8411b7c6 PNP Device ID: ROOTLEGACY_MPKSL8411B7C60000 Service: MpKsl8411b7c6 . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsl701a9d74 Device ID: ROOTLEGACY_MPKSL701A9D740000 Manufacturer: Name: MpKsl701a9d74 PNP Device ID: ROOTLEGACY_MPKSL701A9D740000 Service: MpKsl701a9d74 . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsl330ff689 Device ID: ROOTLEGACY_MPKSL330FF6890000 Manufacturer: Name: MpKsl330ff689 PNP Device ID: ROOTLEGACY_MPKSL330FF6890000 Service: MpKsl330ff689 . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsl0ba2593c Device ID: ROOTLEGACY_MPKSL0BA2593C0000 Manufacturer: Name: MpKsl0ba2593c PNP Device ID: ROOTLEGACY_MPKSL0BA2593C0000 Service: MpKsl0ba2593c . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKslecee22ca Device ID: ROOTLEGACY_MPKSLECEE22CA0000 Manufacturer: Name: MpKslecee22ca PNP Device ID: ROOTLEGACY_MPKSLECEE22CA0000 Service: MpKslecee22ca . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsld342bd09 Device ID: ROOTLEGACY_MPKSLD342BD090000 Manufacturer: Name: MpKsld342bd09 PNP Device ID: ROOTLEGACY_MPKSLD342BD090000 Service: MpKsld342bd09 . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsla064baaf Device ID: ROOTLEGACY_MPKSLA064BAAF0000 Manufacturer: Name: MpKsla064baaf PNP Device ID: ROOTLEGACY_MPKSLA064BAAF0000 Service: MpKsla064baaf . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsl501cce31 Device ID: ROOTLEGACY_MPKSL501CCE310000 Manufacturer: Name: MpKsl501cce31 PNP Device ID: ROOTLEGACY_MPKSL501CCE310000 Service: MpKsl501cce31 . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsl34f01ff0 Device ID: ROOTLEGACY_MPKSL34F01FF00000 Manufacturer: Name: MpKsl34f01ff0 PNP Device ID: ROOTLEGACY_MPKSL34F01FF00000 Service: MpKsl34f01ff0 . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsld46c87a8 Device ID: ROOTLEGACY_MPKSLD46C87A80000 Manufacturer: Name: MpKsld46c87a8 PNP Device ID: ROOTLEGACY_MPKSLD46C87A80000 Service: MpKsld46c87a8 . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsla20831bd Device ID: ROOTLEGACY_MPKSLA20831BD0000 Manufacturer: Name: MpKsla20831bd PNP Device ID: ROOTLEGACY_MPKSLA20831BD0000 Service: MpKsla20831bd . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsl581eec0b Device ID: ROOTLEGACY_MPKSL581EEC0B0000 Manufacturer: Name: MpKsl581eec0b PNP Device ID: ROOTLEGACY_MPKSL581EEC0B0000 Service: MpKsl581eec0b . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsl3c2a79d8 Device ID: ROOTLEGACY_MPKSL3C2A79D80000 Manufacturer: Name: MpKsl3c2a79d8 PNP Device ID: ROOTLEGACY_MPKSL3C2A79D80000 Service: MpKsl3c2a79d8 . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsl1059b6ec Device ID: ROOTLEGACY_MPKSL1059B6EC0000 Manufacturer: Name: MpKsl1059b6ec PNP Device ID: ROOTLEGACY_MPKSL1059B6EC0000 Service: MpKsl1059b6ec . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsl42345a87 Device ID: ROOTLEGACY_MPKSL42345A870000 Manufacturer: Name: MpKsl42345a87 PNP Device ID: ROOTLEGACY_MPKSL42345A870000 Service: MpKsl42345a87 . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKslf2af5e9e Device ID: ROOTLEGACY_MPKSLF2AF5E9E0000 Manufacturer: Name: MpKslf2af5e9e PNP Device ID: ROOTLEGACY_MPKSLF2AF5E9E0000 Service: MpKslf2af5e9e . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsld63d33ff Device ID: ROOTLEGACY_MPKSLD63D33FF0000 Manufacturer: Name: MpKsld63d33ff PNP Device ID: ROOTLEGACY_MPKSLD63D33FF0000 Service: MpKsld63d33ff . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsl8abc474d Device ID: ROOTLEGACY_MPKSL8ABC474D0000 Manufacturer: Name: MpKsl8abc474d PNP Device ID: ROOTLEGACY_MPKSL8ABC474D0000 Service: MpKsl8abc474d . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsl75045c4a Device ID: ROOTLEGACY_MPKSL75045C4A0000 Manufacturer: Name: MpKsl75045c4a PNP Device ID: ROOTLEGACY_MPKSL75045C4A0000 Service: MpKsl75045c4a . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsl5b996b5a Device ID: ROOTLEGACY_MPKSL5B996B5A0000 Manufacturer: Name: MpKsl5b996b5a PNP Device ID: ROOTLEGACY_MPKSL5B996B5A0000 Service: MpKsl5b996b5a . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsl762780d2 Device ID: ROOTLEGACY_MPKSL762780D20000 Manufacturer: Name: MpKsl762780d2 PNP Device ID: ROOTLEGACY_MPKSL762780D20000 Service: MpKsl762780d2 . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsl5d805dc1 Device ID: ROOTLEGACY_MPKSL5D805DC10000 Manufacturer: Name: MpKsl5d805dc1 PNP Device ID: ROOTLEGACY_MPKSL5D805DC10000 Service: MpKsl5d805dc1 . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsl4377235f Device ID: ROOTLEGACY_MPKSL4377235F0000 Manufacturer: Name: MpKsl4377235f PNP Device ID: ROOTLEGACY_MPKSL4377235F0000 Service: MpKsl4377235f . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsl1b086aa1 Device ID: ROOTLEGACY_MPKSL1B086AA10000 Manufacturer: Name: MpKsl1b086aa1 PNP Device ID: ROOTLEGACY_MPKSL1B086AA10000 Service: MpKsl1b086aa1 . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKslf6b7efc2 Device ID: ROOTLEGACY_MPKSLF6B7EFC20000 Manufacturer: Name: MpKslf6b7efc2 PNP Device ID: ROOTLEGACY_MPKSLF6B7EFC20000 Service: MpKslf6b7efc2 . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsld6ee7080 Device ID: ROOTLEGACY_MPKSLD6EE70800000 Manufacturer: Name: MpKsld6ee7080 PNP Device ID: ROOTLEGACY_MPKSLD6EE70800000 Service: MpKsld6ee7080 . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKslb88e1846 Device ID: ROOTLEGACY_MPKSLB88E18460000 Manufacturer: Name: MpKslb88e1846 PNP Device ID: ROOTLEGACY_MPKSLB88E18460000 Service: MpKslb88e1846 . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsl8d935975 Device ID: ROOTLEGACY_MPKSL8D9359750000 Manufacturer: Name: MpKsl8d935975 PNP Device ID: ROOTLEGACY_MPKSL8D9359750000 Service: MpKsl8d935975 . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsl452cf586 Device ID: ROOTLEGACY_MPKSL452CF5860000 Manufacturer: Name: MpKsl452cf586 PNP Device ID: ROOTLEGACY_MPKSL452CF5860000 Service: MpKsl452cf586 . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKslf840bc20 Device ID: ROOTLEGACY_MPKSLF840BC200000 Manufacturer: Name: MpKslf840bc20 PNP Device ID: ROOTLEGACY_MPKSLF840BC200000 Service: MpKslf840bc20 . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsl91e0bddc Device ID: ROOTLEGACY_MPKSL91E0BDDC0000 Manufacturer: Name: MpKsl91e0bddc PNP Device ID: ROOTLEGACY_MPKSL91E0BDDC0000 Service: MpKsl91e0bddc . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsl77738586 Device ID: ROOTLEGACY_MPKSL777385860000 Manufacturer: Name: MpKsl77738586 PNP Device ID: ROOTLEGACY_MPKSL777385860000 Service: MpKsl77738586 . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsl46833a2b Device ID: ROOTLEGACY_MPKSL46833A2B0000 Manufacturer: Name: MpKsl46833a2b PNP Device ID: ROOTLEGACY_MPKSL46833A2B0000 Service: MpKsl46833a2b . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsl21474827 Device ID: ROOTLEGACY_MPKSL214748270000 Manufacturer: Name: MpKsl21474827 PNP Device ID: ROOTLEGACY_MPKSL214748270000 Service: MpKsl21474827 . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKslf924966b Device ID: ROOTLEGACY_MPKSLF924966B0000 Manufacturer: Name: MpKslf924966b PNP Device ID: ROOTLEGACY_MPKSLF924966B0000 Service: MpKslf924966b . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsld8e840dd Device ID: ROOTLEGACY_MPKSLD8E840DD0000 Manufacturer: Name: MpKsld8e840dd PNP Device ID: ROOTLEGACY_MPKSLD8E840DD0000 Service: MpKsld8e840dd . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKslc3642160 Device ID: ROOTLEGACY_MPKSLC36421600000 Manufacturer: Name: MpKslc3642160 PNP Device ID: ROOTLEGACY_MPKSLC36421600000 Service: MpKslc3642160 . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsl91fb1e43 Device ID: ROOTLEGACY_MPKSL91FB1E430000 Manufacturer: Name: MpKsl91fb1e43 PNP Device ID: ROOTLEGACY_MPKSL91FB1E430000 Service: MpKsl91fb1e43 . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsl781f8162 Device ID: ROOTLEGACY_MPKSL781F81620000 Manufacturer: Name: MpKsl781f8162 PNP Device ID: ROOTLEGACY_MPKSL781F81620000 Service: MpKsl781f8162 . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsl63216024 Device ID: ROOTLEGACY_MPKSL632160240000 Manufacturer: Name: MpKsl63216024 PNP Device ID: ROOTLEGACY_MPKSL632160240000 Service: MpKsl63216024 . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsl2167ebe2 Device ID: ROOTLEGACY_MPKSL2167EBE20000 Manufacturer: Name: MpKsl2167ebe2 PNP Device ID: ROOTLEGACY_MPKSL2167EBE20000 Service: MpKsl2167ebe2 . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsl05e262b8 Device ID: ROOTLEGACY_MPKSL05E262B80000 Manufacturer: Name: MpKsl05e262b8 PNP Device ID: ROOTLEGACY_MPKSL05E262B80000 Service: MpKsl05e262b8 . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsldc97a1ba Device ID: ROOTLEGACY_MPKSLDC97A1BA0000 Manufacturer: Name: MpKsldc97a1ba PNP Device ID: ROOTLEGACY_MPKSLDC97A1BA0000 Service: MpKsldc97a1ba . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKslc74941a6 Device ID: ROOTLEGACY_MPKSLC74941A60000 Manufacturer: Name: MpKslc74941a6 PNP Device ID: ROOTLEGACY_MPKSLC74941A60000 Service: MpKslc74941a6 . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsl98b6d337 Device ID: ROOTLEGACY_MPKSL98B6D3370000 Manufacturer: Name: MpKsl98b6d337 PNP Device ID: ROOTLEGACY_MPKSL98B6D3370000 Service: MpKsl98b6d337 . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsl484c1310 Device ID: ROOTLEGACY_MPKSL484C13100000 Manufacturer: Name: MpKsl484c1310 PNP Device ID: ROOTLEGACY_MPKSL484C13100000 Service: MpKsl484c1310 . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsl220762c7 Device ID: ROOTLEGACY_MPKSL220762C70000 Manufacturer: Name: MpKsl220762c7 PNP Device ID: ROOTLEGACY_MPKSL220762C70000 Service: MpKsl220762c7 . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsl070b1af6 Device ID: ROOTLEGACY_MPKSL070B1AF60000 Manufacturer: Name: MpKsl070b1af6 PNP Device ID: ROOTLEGACY_MPKSL070B1AF60000 Service: MpKsl070b1af6 . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsldcd07c91 Device ID: ROOTLEGACY_MPKSLDCD07C910000 Manufacturer: Name: MpKsldcd07c91 PNP Device ID: ROOTLEGACY_MPKSLDCD07C910000 Service: MpKsldcd07c91 . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsl9a9d525d Device ID: ROOTLEGACY_MPKSL9A9D525D0000 Manufacturer: Name: MpKsl9a9d525d PNP Device ID: ROOTLEGACY_MPKSL9A9D525D0000 Service: MpKsl9a9d525d . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsl78fb3990 Device ID: ROOTLEGACY_MPKSL78FB39900000 Manufacturer: Name: MpKsl78fb3990 PNP Device ID: ROOTLEGACY_MPKSL78FB39900000 Service: MpKsl78fb3990 . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsl9ad4fcf8 Device ID: ROOTLEGACY_MPKSL9AD4FCF80000 Manufacturer: Name: MpKsl9ad4fcf8 PNP Device ID: ROOTLEGACY_MPKSL9AD4FCF80000 Service: MpKsl9ad4fcf8 . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsl6939393a Device ID: ROOTLEGACY_MPKSL6939393A0000 Manufacturer: Name: MpKsl6939393a PNP Device ID: ROOTLEGACY_MPKSL6939393A0000 Service: MpKsl6939393a . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsl4c73ebd2 Device ID: ROOTLEGACY_MPKSL4C73EBD20000 Manufacturer: Name: MpKsl4c73ebd2 PNP Device ID: ROOTLEGACY_MPKSL4C73EBD20000 Service: MpKsl4c73ebd2 . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsl2b61864c Device ID: ROOTLEGACY_MPKSL2B61864C0000 Manufacturer: Name: MpKsl2b61864c PNP Device ID: ROOTLEGACY_MPKSL2B61864C0000 Service: MpKsl2b61864c . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsl07f4630a Device ID: ROOTLEGACY_MPKSL07F4630A0000 Manufacturer: Name: MpKsl07f4630a PNP Device ID: ROOTLEGACY_MPKSL07F4630A0000 Service: MpKsl07f4630a . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsle0a19fd3 Device ID: ROOTLEGACY_MPKSLE0A19FD30000 Manufacturer: Name: MpKsle0a19fd3 PNP Device ID: ROOTLEGACY_MPKSLE0A19FD30000 Service: MpKsle0a19fd3 . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKslc9b8f707 Device ID: ROOTLEGACY_MPKSLC9B8F7070000 Manufacturer: Name: MpKslc9b8f707 PNP Device ID: ROOTLEGACY_MPKSLC9B8F7070000 Service: MpKslc9b8f707 . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsl9bd63ac6 Device ID: ROOTLEGACY_MPKSL9BD63AC60000 Manufacturer: Name: MpKsl9bd63ac6 PNP Device ID: ROOTLEGACY_MPKSL9BD63AC60000 Service: MpKsl9bd63ac6 . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsl6a277f76 Device ID: ROOTLEGACY_MPKSL6A277F760000 Manufacturer: Name: MpKsl6a277f76 PNP Device ID: ROOTLEGACY_MPKSL6A277F760000 Service: MpKsl6a277f76 . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsl2d6a9f8b Device ID: ROOTLEGACY_MPKSL2D6A9F8B0000 Manufacturer: Name: MpKsl2d6a9f8b PNP Device ID: ROOTLEGACY_MPKSL2D6A9F8B0000 Service: MpKsl2d6a9f8b . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKslc9c6eb0d Device ID: ROOTLEGACY_MPKSLC9C6EB0D0000 Manufacturer: Name: MpKslc9c6eb0d PNP Device ID: ROOTLEGACY_MPKSLC9C6EB0D0000 Service: MpKslc9c6eb0d . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsl9dd7423e Device ID: ROOTLEGACY_MPKSL9DD7423E0000 Manufacturer: Name: MpKsl9dd7423e PNP Device ID: ROOTLEGACY_MPKSL9DD7423E0000 Service: MpKsl9dd7423e . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsl3005483b Device ID: ROOTLEGACY_MPKSL3005483B0000 Manufacturer: Name: MpKsl3005483b PNP Device ID: ROOTLEGACY_MPKSL3005483B0000 Service: MpKsl3005483b . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsl0ae27d7f Device ID: ROOTLEGACY_MPKSL0AE27D7F0000 Manufacturer: Name: MpKsl0ae27d7f PNP Device ID: ROOTLEGACY_MPKSL0AE27D7F0000 Service: MpKsl0ae27d7f . ==== System Restore Points =================== . RP313: 3/1/2012 1:24:25 PM - Installed Microsoft XNA Framework Redistributable 3.1 RP315: 3/1/2012 3:56:20 PM - Installed DirectX RP316: 3/2/2012 12:29:28 AM - Installed Corel Painter Essentials 3 RP318: 3/3/2012 7:15:01 PM - Installed DirectX RP320: 3/6/2012 4:03:07 AM - Installed DirectX . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) Adobe Bridge 1.0 Adobe Common File Installer Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Help Center 1.0 Adobe Photoshop CS2 Adobe Photoshop Scripting Support 1.0 Adobe Reader 9.1 Adobe Stock Photos 1.0 Advanced SystemCare 3 AIM 7 Alien Swarm Aliens vs. Predator Apple Application Support Apple Mobile Device Support Apple Software Update ATI Catalyst Install Manager Audiosurf Bonjour Bulk Image Downloader v1.36.0.4 Catalyst Control Center - Branding Catalyst Control Center Core Implementation Catalyst Control Center Graphics Full Existing Catalyst Control Center Graphics Full New Catalyst Control Center Graphics Light Catalyst Control Center Graphics Previews Common Catalyst Control Center Graphics Previews Vista Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-core-static ccc-utility CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish CCleaner Champions Online: Free For All Click to Call with Skype Compatibility Pack for the 2007 Office system Conduit Engine Corel Painter 12 Corel Painter 12 - IPM Corel Painter Essentials 3 D3DX10 ESET Online Scanner v3 Freecorder Freecorder Toolbar Furcadia IconHandler 32 bit iTunes Java Auto Updater Java 6 Update 22 Junk Mail filter update K-Lite Codec Pack 5.6.1 (Full) Label@Once 1.0 Lead and Gold - Gangs of the Wild West Left 4 Dead 2 LogMeIn Hamachi Magic: The Gathering – Tactics Magicka Malwarebytes' Anti-Malware version 1.51.2.1300 Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office Excel MUI (English) 2007 Microsoft Office Home and Student 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Suite Activation Assistant Microsoft Office Word MUI (English) 2007 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Works Microsoft XNA Framework Redistributable 3.1 Mozilla Firefox (3.6.17) MSVCRT MV RegClean 5.0 English MyPaint 1.0.0 MyToshiba Neverwinter Nights 2 NVIDIA PhysX v8.05.26 Oddworld: Abe's Exoddus Oddworld: Abe's Oddysee OGA Notifier 2.0.0048.0 Painter 12 - Content Painter 12 - Core Painter 12 - EN Painter 12 - Painter Painter 12 - Setup Files PFPortChecker 1.0.32 PlayReady PC Runtime x86 Portal Portforward Static IP Address 1.0.44 QuickTime Realtek 8136 8168 8169 Ethernet Driver Realtek High Definition Audio Driver Realtek USB 2.0 Card Reader Realtek WLAN Driver Security Update for 2007 Microsoft Office System (KB2288621) Security Update for 2007 Microsoft Office System (KB2288931) Security Update for 2007 Microsoft Office System (KB2345043) Security Update for 2007 Microsoft Office System (KB2509488) Security Update for 2007 Microsoft Office System (KB969559) Security Update for 2007 Microsoft Office System (KB976321) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft Office 2007 System (KB2541012) Security Update for Microsoft Office Excel 2007 (KB2541007) Security Update for Microsoft Office InfoPath 2007 (KB979441) Security Update for Microsoft Office PowerPoint 2007 (KB2535818) Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) Security Update for Microsoft Office system 2007 (972581) Security Update for Microsoft Office system 2007 (KB974234) Security Update for Microsoft Office Visio Viewer 2007 (KB973709) Security Update for Microsoft Office Word 2007 (KB2344993) Skype™ 5.5 Spiral Knights Star Wars Galactic Battlegrounds: Saga Star Wars Republic Commando Starcraft Steam Synaptics Pointing Device Driver The Elder Scrolls V: Skyrim Toshiba Application and Driver Installer TOSHIBA ConfigFree TOSHIBA Disc Creator TOSHIBA DVD PLAYER TOSHIBA Extended Tiles for Windows Mobility Center TOSHIBA Hardware Setup TOSHIBA HDD/SSD Alert TOSHIBA Speech System Applications TOSHIBA Speech System SR Engine(U.S.) Version1.0 TOSHIBA Speech System TTS Engine(U.S.) Version1.0 TubeHunter Ultra 4.31 Unreal Tournament 3 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 System (KB2539530) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office OneNote 2007 (KB980729) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 (KB974631) Update for Microsoft Office Word 2007 Help (KB963665) Utility Common Driver Visual IRC 2.0 VTFEdit 1.2.5 Wacom Tablet WebTablet IE Plugin WebTablet Netscape Plugin WildTangent Games Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinPcap 4.1.1 WinRAR archiver Yahoo! Messenger . ==== Event Viewer Messages From Past Week ======== . 3/6/2012 2:23:21 PM, Error: atikmdag [52236] - CPLIB :: General - Invalid Parameter 3/6/2012 2:23:21 PM, Error: atikmdag [43029] - Display is not active 3/6/2012 2:23:18 PM, Error: volmgr [46] - Crash dump initialization failed! 3/6/2012 2:21:44 PM, Error: Service Control Manager [7038] - The upnphost service was unable to log on as NT AUTHORITYLocalService with the currently configured password due to the following error: The RPC server is unavailable. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). 3/6/2012 2:21:44 PM, Error: Service Control Manager [7000] - The UPnP Device Host service failed to start due to the following error: The service did not start due to a logon failure. 3/6/2012 2:21:44 PM, Error: Microsoft-Windows-WMPNSS-Service [14338] - A new media server was not initialized because CoCreateInstance(CLSID_UPnPRegistrar) encountered error '0x8007042d'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly. 3/6/2012 2:21:44 PM, Error: Microsoft-Windows-WMPNSS-Service [14333] - Service 'WMPNetworkSvc' did not start correctly due to error '0x80070005'. Restart your computer, and then try to restart the service. 3/6/2012 2:21:44 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1069" attempting to start the service upnphost with arguments "" in order to run the server: {204810B9-73B2-11D4-BF42-00B0D0118B56} 3/6/2012 2:21:29 PM, Error: LsaSrv [5000] - The security package NTLM generated an exception. The exception information is the data. 3/1/2012 5:19:26 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334} 3/1/2012 10:12:12 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046} 3/1/2012 1:21:03 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect. 3/1/2012 1:21:03 PM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 3/1/2012 1:11:14 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the LogMeIn Hamachi Tunneling Engine service to connect. 3/1/2012 1:11:14 PM, Error: Service Control Manager [7000] - The LogMeIn Hamachi Tunneling Engine service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 3/1/2012 1:11:13 PM, Error: Service Control Manager [7030] - The LogMeIn Hamachi Tunneling Engine service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. 3/1/2012 1:02:28 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 2/29/2012 9:51:25 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 2/29/2012 4:16:51 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 2/29/2012 12:56:35 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 2/29/2012 1:23:24 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start. . ==== End Of File ===========================
  5. Appologies for the lateness Tom! I was not able to access another machine to try the last steps just yet, and I havent been able to go any further since till today. As I logged on (in safe mode) I have been forced to always open an application by the Run as Admin option. Today I forgotten to do that, and opened IE as is normally, and it opened just fine... It seems a few things have changed and I dont know how, but today I decided to try booting up in NORMAL Mode for the heck of it. I was expecting a spamming barracade of error windows and the such from past times booting up in normal. The weirdest thing is nothing is happening, everything SEEMS normal. No pop ups, redirects (i have not fully tested around to be sure) or the like from the recent past. What gets me confused is, we have tried different scannings, cleanings and readings, and most of them came back as no results, zero zero zero. Yet somehow the coast seems clear! Is it possible we had busted the problems? I doubt everything is fixed, but now that I AM in Normal mode, I am sure we could try things we meant to before. So I am in Normal mode now, and going to be EXTRA cautious on opening files and applications till we know for sure. System does seem to be running laggishly slow!
  6. Appologies for the late reply, Thank you for clarifying that Tom. I will have some results to post soon!
  7. Currently the machine im working on is my laptop, which is the only one having these problems yes. I dont have FF installed on this machine but i shall try downloading anyhow with IE as thats my only browser at the time being. Question: will downloading and using these on another/uninfected machine (as requested in your post) effect the machine in any way? This would mean having to use one that isnt mine (as the laptop is all I have in the time being), so i want to be extra cautious. Let me know in advance and I will try what I can, thank you.
  8. I flushed the DNS, I can only operate in safe mode with networking since I am bombarded with errors or random 'spam' of windows...followed by a forced reboot shuttdown. Last I remember i was having browser redirects, but i cannot even function in normal mode without being bombarded. I am using a shared router network with others so that would be difficult or impossible. Hope we can get around that with ease, Another issue I encountered when trying to upload the file url in virus total... There seems to be a windows error malfunction that is triggered by opening the browse window in windows explorer for uploading...strictly uploading from windows browser. It gives a windows encountered critical error and will shut down in 1 minute, which it does automatically every time. What should we do next? The best thing I could do now is flush the dns via the command console.
  9. Thank you Tom, TDSS worked well but no log report given, no results to show. The log for ComboFix....(NOTE: sometime ago my microsoft essentials security was wiped off due to some virus and I never recovered it, yet combofix notes it is running, and it isnt even around to un install... ComboFix 12-02-13.01 - Adam 02/14/2012 16:05:52.5.1 - x86 NETWORK Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.1790.1423 [GMT -8:00] Running from: c:usersAdamDesktopComboFix.exe AV: Microsoft Security Essentials *Enabled/Updated* {BF5CEBDC-F2D3-7540-343C-F0CE11FD6E66} SP: Microsoft Security Essentials *Enabled/Updated* {043D0A38-D4E9-7ACE-0E8C-CBBC6A7A24DB} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point . . ((((((((((((((((((((((((( Files Created from 2012-01-15 to 2012-02-15 ))))))))))))))))))))))))))))))) . . 2012-02-15 00:16 . 2012-02-15 00:16 -------- d-----w- c:usersPublicAppDataLocaltemp 2012-02-15 00:16 . 2012-02-15 00:16 -------- d-----w- c:usersDefaultAppDataLocaltemp . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerURLSearchHooks] "{1392b8d2-5c05-419f-a8f6-b9f15a596612}"= "c:program filesFreecorderprxtbFre0.dll" [2011-01-17 175912] . [HKEY_CLASSES_ROOTclsid{1392b8d2-5c05-419f-a8f6-b9f15a596612}] . [HKEY_LOCAL_MACHINE~Browser Helper Objects{1392b8d2-5c05-419f-a8f6-b9f15a596612}] 2011-01-17 14:54 175912 ----a-w- c:program filesFreecorderprxtbFre0.dll . [HKEY_LOCAL_MACHINE~Browser Helper Objects{30F9B915-B755-4826-820B-08FBA6BD249D}] 2011-01-17 14:54 175912 ----a-w- c:program filesConduitEngineprxConduitEngine.dll . [HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar] "{1392b8d2-5c05-419f-a8f6-b9f15a596612}"= "c:program filesFreecorderprxtbFre0.dll" [2011-01-17 175912] "{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:program filesConduitEngineprxConduitEngine.dll" [2011-01-17 175912] . [HKEY_CLASSES_ROOTclsid{1392b8d2-5c05-419f-a8f6-b9f15a596612}] . [HKEY_CLASSES_ROOTclsid{30f9b915-b755-4826-820b-08fba6bd249d}] . [HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerToolbarWebbrowser] "{1392B8D2-5C05-419F-A8F6-B9F15A596612}"= "c:program filesFreecorderprxtbFre0.dll" [2011-01-17 175912] "{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:program filesConduitEngineprxConduitEngine.dll" [2011-01-17 175912] . [HKEY_CLASSES_ROOTclsid{1392b8d2-5c05-419f-a8f6-b9f15a596612}] . [HKEY_CLASSES_ROOTclsid{30f9b915-b755-4826-820b-08fba6bd249d}] . [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun] "StartCCC"="c:program filesATI TechnologiesATI.ACECore-StaticCLIStart.exe" [2009-07-30 98304] "RtHDVCpl"="c:program filesRealtekAudioHDARtHDVCpl.exe" [2009-07-29 7625248] "SynTPEnh"="c:program filesSynapticsSynTPSynTPEnh.exe" [2009-07-21 1545512] "HWSetup"="c:program filesTOSHIBAUtilitiesHWSetup.exe" [2009-06-02 425984] "TosSENotify"="c:program filesTOSHIBATOSHIBA HDD SSD AlertTosWaitSrv.exe" [2009-08-04 611672] "Freecorder FLV Service"="c:program filesFreecorderFLVSrvc.exe" [2010-06-26 167936] "Malwarebytes Anti-Malware (reboot)"="c:program filesMalwarebytes' Anti-Malwarembam.exe" [2011-09-01 1047208] "LogMeIn Hamachi Ui"="c:program filesLogMeIn Hamachihamachi-2-ui.exe" [2011-08-04 1955208] "Malwarebytes' Anti-Malware (reboot)"="c:program filesMalwarebytes' Anti-Malwarembam.exe" [2011-09-01 1047208] . c:usersAdamAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup Adobe Gamma.lnk - c:program filesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe [2010-9-2 113664] OneNote 2007 Screen Clipper and Launcher.lnk - c:program filesMicrosoft OfficeOffice12ONENOTEM.EXE [2009-2-26 97680] . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciessystem] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversiondrivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrollsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKLM~startupfolderC:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk] backup=c:windowspssAdobe Gamma Loader.lnk.CommonStartup backupExtension=.CommonStartup . [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregiTunesHelper] 2010-09-01 16:32 421160 ----a-w- c:program filesiTunesiTunesHelper.exe . [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregLogMeIn Hamachi Ui] 2011-08-04 21:34 1955208 ----a-w- c:program filesLogMeIn Hamachihamachi-2-ui.exe . [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregMyTOSHIBA] 2009-08-06 16:15 264048 ----a-w- c:program filesTOSHIBAMy ToshibaMyToshiba.exe . [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregQuickTime Task] 2010-08-10 12:15 421888 ----a-w- c:program filesQuickTimeQTTask.exe . [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregSunJavaUpdateSched] 2010-05-14 18:44 248552 ----a-w- c:program filesCommon FilesJavaJava Updatejusched.exe . R1 MpKsl05e262b8;MpKsl05e262b8; [x] R1 MpKsl070b1af6;MpKsl070b1af6; [x] R1 MpKsl07f4630a;MpKsl07f4630a; [x] R1 MpKsl0ae27d7f;MpKsl0ae27d7f; [x] R1 MpKsl0ba2593c;MpKsl0ba2593c; [x] R1 MpKsl1059b6ec;MpKsl1059b6ec; [x] R1 MpKsl1b086aa1;MpKsl1b086aa1; [x] R1 MpKsl21474827;MpKsl21474827; [x] R1 MpKsl2167ebe2;MpKsl2167ebe2; [x] R1 MpKsl220762c7;MpKsl220762c7; [x] R1 MpKsl2b61864c;MpKsl2b61864c; [x] R1 MpKsl2d6a9f8b;MpKsl2d6a9f8b; [x] R1 MpKsl3005483b;MpKsl3005483b; [x] R1 MpKsl330ff689;MpKsl330ff689; [x] R1 MpKsl34f01ff0;MpKsl34f01ff0; [x] R1 MpKsl3c2a79d8;MpKsl3c2a79d8; [x] R1 MpKsl42345a87;MpKsl42345a87; [x] R1 MpKsl4377235f;MpKsl4377235f; [x] R1 MpKsl452cf586;MpKsl452cf586; [x] R1 MpKsl46833a2b;MpKsl46833a2b; [x] R1 MpKsl484c1310;MpKsl484c1310; [x] R1 MpKsl4c73ebd2;MpKsl4c73ebd2; [x] R1 MpKsl501cce31;MpKsl501cce31; [x] R1 MpKsl581eec0b;MpKsl581eec0b; [x] R1 MpKsl5b996b5a;MpKsl5b996b5a; [x] R1 MpKsl5d805dc1;MpKsl5d805dc1; [x] R1 MpKsl63216024;MpKsl63216024; [x] R1 MpKsl6939393a;MpKsl6939393a; [x] R1 MpKsl6a277f76;MpKsl6a277f76; [x] R1 MpKsl701a9d74;MpKsl701a9d74; [x] R1 MpKsl75045c4a;MpKsl75045c4a; [x] R1 MpKsl762780d2;MpKsl762780d2; [x] R1 MpKsl77738586;MpKsl77738586; [x] R1 MpKsl781f8162;MpKsl781f8162; [x] R1 MpKsl78fb3990;MpKsl78fb3990; [x] R1 MpKsl806f3dbb;MpKsl806f3dbb; [x] R1 MpKsl8411b7c6;MpKsl8411b7c6; [x] R1 MpKsl8abc474d;MpKsl8abc474d; [x] R1 MpKsl8d935975;MpKsl8d935975; [x] R1 MpKsl91e0bddc;MpKsl91e0bddc; [x] R1 MpKsl91fb1e43;MpKsl91fb1e43; [x] R1 MpKsl98b6d337;MpKsl98b6d337; [x] R1 MpKsl9a9d525d;MpKsl9a9d525d; [x] R1 MpKsl9ad4fcf8;MpKsl9ad4fcf8; [x] R1 MpKsl9bd63ac6;MpKsl9bd63ac6; [x] R1 MpKsl9dd7423e;MpKsl9dd7423e; [x] R1 MpKsl9de29f62;MpKsl9de29f62; [x] R1 MpKsl9e47ea43;MpKsl9e47ea43; [x] R1 MpKsla064baaf;MpKsla064baaf; [x] R1 MpKsla20831bd;MpKsla20831bd; [x] R1 MpKslb88e1846;MpKslb88e1846; [x] R1 MpKslc3642160;MpKslc3642160; [x] R1 MpKslc74941a6;MpKslc74941a6; [x] R1 MpKslc9b8f707;MpKslc9b8f707; [x] R1 MpKslc9c6eb0d;MpKslc9c6eb0d; [x] R1 MpKsld342bd09;MpKsld342bd09; [x] R1 MpKsld46c87a8;MpKsld46c87a8; [x] R1 MpKsld63d33ff;MpKsld63d33ff; [x] R1 MpKsld6ee7080;MpKsld6ee7080; [x] R1 MpKsld8e840dd;MpKsld8e840dd; [x] R1 MpKsldc97a1ba;MpKsldc97a1ba; [x] R1 MpKsldcd07c91;MpKsldcd07c91; [x] R1 MpKsle0a19fd3;MpKsle0a19fd3; [x] R1 MpKsle80a2f7c;MpKsle80a2f7c; [x] R1 MpKsle987c862;MpKsle987c862; [x] R1 MpKslecee22ca;MpKslecee22ca; [x] R1 MpKslf2af5e9e;MpKslf2af5e9e; [x] R1 MpKslf6b7efc2;MpKslf6b7efc2; [x] R1 MpKslf840bc20;MpKslf840bc20; [x] R1 MpKslf924966b;MpKslf924966b; [x] R2 AMD External Events Utility;AMD External Events Utility;c:windowssystem32atiesrxx.exe [2009-07-30 176128] R2 cfWiMAXService;ConfigFree WiMAX Service;c:program filesTOSHIBAConfigFreeCFIWmxSvcs.exe [2009-08-11 185712] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:windowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe [2010-03-18 130384] R2 ConfigFree Service;ConfigFree Service;c:program filesTOSHIBAConfigFreeCFSvcs.exe [2009-03-11 46448] R2 npf;NetGroup Packet Filter Driver;c:windowssystem32driversnpf.sys [2010-01-27 50704] R2 TabletServiceWacom;TabletServiceWacom;c:windowssystem32Wacom_Tablet.exe [2010-03-08 5010288] R3 MBAMSwissArmy;MBAMSwissArmy;c:windowssystem32driversmbamswissarmy.sys [x] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:windowssystem32DriversRtsUStor.sys [x] R3 RtsUIR;Realtek IR Driver;c:windowssystem32DRIVERSRts516xIR.sys [x] R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:program filesTOSHIBATOSHIBA HDD SSD AlertTosSmartSrv.exe [2009-08-04 111960] R3 WatAdminSvc;Windows Activation Technologies Service;c:windowssystem32WatWatAdminSvc.exe [2010-08-14 1343400] S1 vwififlt;Virtual WiFi Filter Driver;c:windowssystem32DRIVERSvwififlt.sys [2009-07-13 48128] S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:program filesLogMeIn Hamachihamachi-2.exe [2011-08-04 1361288] S3 RTL8167;Realtek 8167 NT Driver;c:windowssystem32DRIVERSRt86win7.sys [2009-05-23 167936] S3 wacmoumonitor;Wacom Mode Helper;c:windowssystem32DRIVERSwacmoumonitor.sys [2010-01-24 16168] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - 97320719 *Deregistered* - 97320719 *Deregistered* - aswMBR . [HKEY_LOCAL_MACHINEsoftwaremicrosoftactive setupinstalled components{01250B8F-D947-4F8A-9408-FE8E3EE2EC92}] 2009-08-06 16:15 264048 ----a-w- c:program filesTOSHIBAMy ToshibaMyToshiba.exe . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:progra~1MIF5BA~1Office12EXCEL.EXE/3000 IE: En&queue current page with Bulk Image Downloader - file://c:program filesBulk Image Downloaderiemenuiebidqueue.htm IE: Enqueue link target with Bulk Ima&ge Downloader - file://c:program filesBulk Image Downloaderiemenuiebidlinkqueue.htm IE: Open &link target with Bulk Image Downloader - file://c:program filesBulk Image Downloaderiemenuiebidlink.htm IE: Open current page with Bulk I&mage Downloader - file://c:program filesBulk Image Downloaderiemenuiebid.htm TCP: DhcpNameServer = 10.0.0.1 FF - ProfilePath - c:usersAdamAppDataRoamingMozillaFirefoxProfilesfuq844eo.default FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:program filesMozilla Firefoxextensions{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:program filesMozilla Firefoxextensions{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%extensions{b9db16a4-6edc-47ec-a1f4-b86292ed211d} FF - Ext: DownThemAll!: {DDC359D1-844A-42a7-9AA1-88A850A938A8} - %profile%extensions{DDC359D1-844A-42a7-9AA1-88A850A938A8} FF - Ext: Session Manager: {1280606b-2510-4fe0-97ef-9b5a22eafe30} - %profile%extensions{1280606b-2510-4fe0-97ef-9b5a22eafe30} FF - user.js: browser.cache.memory.capacity - 65536 FF - user.js: browser.chrome.favicons - false FF - user.js: browser.display.show_image_placeholders - true FF - user.js: browser.turbo.enabled - true FF - user.js: browser.urlbar.autocomplete.enabled - true FF - user.js: browser.urlbar.autofill - true FF - user.js: content.interrupt.parsing - true FF - user.js: content.max.tokenizing.time - 2250000 FF - user.js: content.notify.backoffcount - 5 FF - user.js: content.notify.interval - 750000 FF - user.js: content.notify.ontimer - true FF - user.js: content.switch.threshold - 750000 FF - user.js: network.http.max-connections - 48 FF - user.js: network.http.max-connections-per-server - 16 FF - user.js: network.http.max-persistent-connections-per-proxy - 16 FF - user.js: network.http.max-persistent-connections-per-server - 8 FF - user.js: network.http.pipelining - true FF - user.js: network.http.pipelining.firstrequest - true FF - user.js: network.http.pipelining.maxrequests - 8 FF - user.js: network.http.proxy.pipelining - true FF - user.js: network.http.request.max-start-delay - 0 FF - user.js: network.protocol-handler.warn-external.dnupdate - false FF - user.js: nglayout.initialpaint.delay - 0 FF - user.js: plugin.expose_full_path - true FF - user.js: ui.submenuDelay - 0 FF - user.js: network.protocol-handler.warn-external.dnupdate - false . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERSS-1-5-21-518270180-3274849516-1806874171-1002SoftwareMicrosoftWindowsCurrentVersionExplorerFileExts.emlUserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.Email.1" . [HKEY_USERSS-1-5-21-518270180-3274849516-1806874171-1002SoftwareMicrosoftWindowsCurrentVersionExplorerFileExts.vcfUserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.VCard.1" . [HKEY_LOCAL_MACHINEsystemControlSet001ControlPCWSecurity] @Denied: (Full) (Everyone) . Completion time: 2012-02-14 16:20:31 ComboFix-quarantined-files.txt 2012-02-15 00:20 ComboFix2.txt 2011-11-03 21:34 ComboFix3.txt 2011-06-08 08:53 ComboFix4.txt 2011-05-28 11:24 . Pre-Run: 106,482,151,424 bytes free Post-Run: 106,768,625,664 bytes free . - - End Of File - - 49F919552E0B31BAB606FD1FDA45C457
  10. MBR worked successfully, here is the log aswMBR version 0.9.9.1532 Copyright© 2011 AVAST Software Run date: 2012-02-11 15:47:08 ----------------------------- 15:47:08.703 OS Version: Windows 6.1.7600 15:47:08.703 Number of processors: 1 586 0x301 15:47:08.704 ComputerName: ADAM-PC UserName: Adam 15:47:11.415 Initialize success 15:58:22.063 AVAST engine defs: 12021101 16:02:52.812 Disk 0 (boot) DeviceHarddisk0DR0 -> DeviceIdeIdeDeviceP1T0L0-1 16:02:52.816 Disk 0 Vendor: TOSHIBA_MK2555GSX FG001M Size: 238475MB BusType: 11 16:02:52.895 Disk 0 MBR read successfully 16:02:52.968 Disk 0 MBR scan 16:02:52.986 Disk 0 Windows VISTA default MBR code 16:02:52.991 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048 16:02:53.009 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 228693 MB offset 3074048 16:02:53.125 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 8281 MB offset 471437312 16:02:53.213 Disk 0 scanning sectors +488396800 16:02:53.389 Disk 0 scanning C:windowssystem32drivers 16:03:10.238 Service scanning 16:03:12.098 Modules scanning 16:03:36.404 Disk 0 trace - called modules: 16:03:37.728 ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS halmacpi.dll PCIIDEX.SYS msahci.sys 16:03:37.738 1 nt!IofCallDriver -> DeviceHarddisk0DR0[0x84c5f650] 16:03:37.748 3 CLASSPNP.SYS[879ca59e] -> nt!IofCallDriver -> DeviceIdeIdeDeviceP1T0L0-1[0x84c5a030] 16:03:38.757 AVAST engine scan C:windows 16:03:43.157 AVAST engine scan C:windowssystem32 16:09:35.511 AVAST engine scan C:windowssystem32drivers 16:10:12.351 AVAST engine scan C:UsersAdam 16:12:17.470 Disk 0 MBR has been saved successfully to "C:UsersAdamDesktopMBR.dat" 16:12:17.512 The log file has been saved successfully to "C:UsersAdamDesktopaswMBR.txt"
  11. Hi Jon, thank you. I tried using GMER but it had some kind of error, that it couldnt finish. Tried it for a second run and this time it brought me into a blue screen error saying windows had to force shut down for safetey reasons and such. I'm not eager to try it again right now, I dont know why it is doing that. The DDS logs DDS . DDS (Ver_2011-08-26.01) - NTFSx86 NETWORK Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_22 Run by Adam at 3:51:00 on 2012-02-11 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.1790.728 [GMT -8:00] . AV: Microsoft Security Essentials *Enabled/Updated* {BF5CEBDC-F2D3-7540-343C-F0CE11FD6E66} SP: Microsoft Security Essentials *Enabled/Updated* {043D0A38-D4E9-7ACE-0E8C-CBBC6A7A24DB} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:windowssystem32wininit.exe C:windowssystem32lsm.exe C:windowssystem32svchost.exe -k DcomLaunch C:windowssystem32svchost.exe -k RPCSS C:windowsSystem32svchost.exe -k LocalServiceNetworkRestricted C:windowssystem32svchost.exe -k netsvcs C:windowssystem32svchost.exe -k LocalSystemNetworkRestricted C:windowssystem32svchost.exe -k LocalService C:windowssystem32svchost.exe -k NetworkService C:windowssystem32svchost.exe -k LocalServiceNoNetwork C:Program FilesLogMeIn Hamachihamachi-2.exe C:windowssystem32svchost.exe -k NetworkServiceNetworkRestricted C:windowsExplorer.EXE C:windowssystem32ctfmon.exe C:Program FilesInternet Exploreriexplore.exe C:Program FilesInternet Exploreriexplore.exe C:Program FilesInternet Exploreriexplore.exe C:Program FilesInternet Exploreriexplore.exe C:windowssystem32conhost.exe C:windowssystem32DllHost.exe C:windowssystem32wbemwmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA uInternet Settings,ProxyOverride = *.local uURLSearchHooks: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - c:program filesfreecorderprxtbFre0.dll mURLSearchHooks: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - c:program filesfreecorderprxtbFre0.dll BHO: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - c:program filesfreecorderprxtbFre0.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:program filescommon filesadobeacrobatactivexAcroIEHelperShim.dll BHO: Conduit Engine : {30f9b915-b755-4826-820b-08fba6bd249d} - c:program filesconduitengineprxConduitEngine.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:program filescommon filesmicrosoft sharedwindows liveWindowsLiveLogin.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:program filesskypetoolbarsinternet explorerskypeieplugin.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:program filesjavajre6binjp2ssv.dll TB: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - c:program filesfreecorderprxtbFre0.dll TB: Conduit Engine : {30f9b915-b755-4826-820b-08fba6bd249d} - c:program filesconduitengineprxConduitEngine.dll uRunOnce: [FlashPlayerUpdate] c:windowssystem32macromedflashFlashUtil10k_ActiveX.exe -update activex mRun: [startCCC] "c:program filesati technologiesati.acecore-staticCLIStart.exe" MSRun mRun: [RtHDVCpl] c:program filesrealtekaudiohdaRtHDVCpl.exe mRun: [synTPEnh] %ProgramFiles%SynapticsSynTPSynTPEnh.exe mRun: [HWSetup] "c:program filestoshibautilitiesHWSetup.exe" hwSetUP mRun: [TosSENotify] c:program filestoshibatoshiba hdd ssd alertTosWaitSrv.exe mRun: [Freecorder FLV Service] "c:program filesfreecorderFLVSrvc.exe" /run mRun: [Malwarebytes Anti-Malware (reboot)] "c:program filesmalwarebytes' anti-malwarembam.exe" /runcleanupscript mRun: [LogMeIn Hamachi Ui] "c:program fileslogmein hamachihamachi-2-ui.exe" --auto-start mRun: [Malwarebytes' Anti-Malware (reboot)] "c:program filesmalwarebytes' anti-malwarembam.exe" /runcleanupscript StartupFolder: c:usersadamappdataroamingmicros~1windowsstartm~1programsstartupadobeg~1.lnk - c:program filescommon filesadobecalibrationAdobe Gamma Loader.exe StartupFolder: c:usersadamappdataroamingmicros~1windowsstartm~1programsstartuponenot~1.lnk - c:program filesmicrosoft officeoffice12ONENOTEM.EXE uPolicies-explorer: HideSCAHealth = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: E&xport to Microsoft Excel - c:progra~1mif5ba~1office12EXCEL.EXE/3000 IE: En&queue current page with Bulk Image Downloader - file://c:program filesbulk image downloaderiemenuiebidqueue.htm IE: Enqueue link target with Bulk Ima&ge Downloader - file://c:program filesbulk image downloaderiemenuiebidlinkqueue.htm IE: Open &link target with Bulk Image Downloader - file://c:program filesbulk image downloaderiemenuiebidlink.htm IE: Open current page with Bulk I&mage Downloader - file://c:program filesbulk image downloaderiemenuiebid.htm IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:program fileswindows livewriterWriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:progra~1mif5ba~1office12ONBttnIE.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:program filesskypetoolbarsinternet explorerskypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:progra~1mif5ba~1office12REFIEBAR.DLL DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab TCP: DhcpNameServer = 10.0.0.1 TCP: Interfaces{18ADF773-72E7-492A-A945-E19EC4AABD96} : DhcpNameServer = 10.0.0.1 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:program filesskypetoolbarsinternet explorerskypeieplugin.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:program fileswindows livephoto galleryAlbumDownloadProtocolHandler.dll mASetup: {01250B8F-D947-4F8A-9408-FE8E3EE2EC92} - c:program filestoshibamy toshibaMyToshiba.exe /SETUP . ================= FIREFOX =================== . FF - ProfilePath - c:usersadamappdataroamingmozillafirefoxprofilesfuq844eo.default FF - plugin: c:program filesjavajre6binnew_pluginnpdeployJava1.dll FF - plugin: c:program filesmozilla firefoxpluginsnpdeployJava1.dll FF - plugin: c:program fileswindows livephoto galleryNPWLPG.dll FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:program filesmozilla firefoxextensions{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:program filesmozilla firefoxextensions{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%extensions{b9db16a4-6edc-47ec-a1f4-b86292ed211d} FF - Ext: DownThemAll!: {DDC359D1-844A-42a7-9AA1-88A850A938A8} - %profile%extensions{DDC359D1-844A-42a7-9AA1-88A850A938A8} FF - Ext: Session Manager: {1280606b-2510-4fe0-97ef-9b5a22eafe30} - %profile%extensions{1280606b-2510-4fe0-97ef-9b5a22eafe30} . ---- FIREFOX POLICIES ---- FF - user.js: browser.cache.memory.capacity - 65536 FF - user.js: browser.chrome.favicons - false FF - user.js: browser.display.show_image_placeholders - true FF - user.js: browser.turbo.enabled - true FF - user.js: browser.urlbar.autocomplete.enabled - true FF - user.js: browser.urlbar.autofill - true FF - user.js: content.interrupt.parsing - true FF - user.js: content.max.tokenizing.time - 2250000 FF - user.js: content.notify.backoffcount - 5 FF - user.js: content.notify.interval - 750000 FF - user.js: content.notify.ontimer - true FF - user.js: content.switch.threshold - 750000 FF - user.js: network.http.max-connections - 48 FF - user.js: network.http.max-connections-per-server - 16 FF - user.js: network.http.max-persistent-connections-per-proxy - 16 FF - user.js: network.http.max-persistent-connections-per-server - 8 FF - user.js: network.http.pipelining - true FF - user.js: network.http.pipelining.firstrequest - true FF - user.js: network.http.pipelining.maxrequests - 8 FF - user.js: network.http.proxy.pipelining - true FF - user.js: network.http.request.max-start-delay - 0 FF - user.js: network.protocol-handler.warn-external.dnupdate - false FF - user.js: nglayout.initialpaint.delay - 0 FF - user.js: plugin.expose_full_path - true FF - user.js: ui.submenuDelay - 0 FF - user.js: network.protocol-handler.warn-external.dnupdate - false . ============= SERVICES / DRIVERS =============== . R1 vwififlt;Virtual WiFi Filter Driver;c:windowssystem32driversvwififlt.sys [2009-7-13 48128] R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:program fileslogmein hamachihamachi-2.exe [2011-8-4 1361288] R3 RTL8167;Realtek 8167 NT Driver;c:windowssystem32driversRt86win7.sys [2010-7-15 167936] R3 wacmoumonitor;Wacom Mode Helper;c:windowssystem32driverswacmoumonitor.sys [2010-8-12 16168] S2 AMD External Events Utility;AMD External Events Utility;c:windowssystem32atiesrxx.exe [2010-7-15 176128] S2 cfWiMAXService;ConfigFree WiMAX Service;c:program filestoshibaconfigfreeCFIWmxSvcs.exe [2009-8-10 185712] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:windowsmicrosoft.netframeworkv4.0.30319mscorsvw.exe [2010-3-18 130384] S2 ConfigFree Service;ConfigFree Service;c:program filestoshibaconfigfreeCFSvcs.exe [2009-3-10 46448] S2 TabletServiceWacom;TabletServiceWacom;c:windowssystem32Wacom_Tablet.exe [2010-9-28 5010288] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:windowssystem32driversb57nd60x.sys [2009-7-13 229888] S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:program filestoshibatoshiba hdd ssd alertTosSmartSrv.exe [2009-8-3 111960] . =============== File Associations =============== . .exe=V13 . =============== Created Last 30 ================ . . ==================== Find3M ==================== . . ============= FINISH: 3:52:59.46 =============== ATTACH log . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: DeviceHarddiskVolume1 Install Date: 8/12/2010 7:16:17 PM System Uptime: 2/9/2012 7:19:19 PM (32 hours ago) . Motherboard: TOSHIBA | | NBWAE Processor: AMD Sempron SI-42 | Socket M2/S1G1 | 2100/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 223 GiB total, 99.277 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: Security Processor Loader Driver Device ID: ROOTLEGACY_SPLDR0000 Manufacturer: Name: Security Processor Loader Driver PNP Device ID: ROOTLEGACY_SPLDR0000 Service: spldr . ==== System Restore Points =================== . RP308: 8/31/2011 2:25:40 AM - Scheduled Checkpoint RP309: 9/24/2011 2:40:27 AM - Scheduled Checkpoint RP310: 10/2/2011 2:00:40 PM - Scheduled Checkpoint RP311: 10/15/2011 9:53:51 AM - Scheduled Checkpoint RP312: 10/24/2011 12:00:38 AM - Scheduled Checkpoint . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) Adobe Bridge 1.0 Adobe Common File Installer Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Help Center 1.0 Adobe Photoshop CS2 Adobe Photoshop Scripting Support 1.0 Adobe Reader 9.1 Adobe Stock Photos 1.0 Advanced SystemCare 3 AIM 7 Alien Swarm Aliens vs. Predator Apple Application Support Apple Mobile Device Support Apple Software Update ATI Catalyst Install Manager Audiosurf Bonjour Bulk Image Downloader v1.36.0.4 Catalyst Control Center - Branding Catalyst Control Center Core Implementation Catalyst Control Center Graphics Full Existing Catalyst Control Center Graphics Full New Catalyst Control Center Graphics Light Catalyst Control Center Graphics Previews Common Catalyst Control Center Graphics Previews Vista Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-core-static ccc-utility CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish CCleaner Click to Call with Skype Compatibility Pack for the 2007 Office system Conduit Engine Corel Painter 12 Corel Painter 12 - IPM D3DX10 ESET Online Scanner v3 Freecorder Freecorder Toolbar Furcadia IconHandler 32 bit iTunes Java Auto Updater Java 6 Update 22 Junk Mail filter update K-Lite Codec Pack 5.6.1 (Full) Label@Once 1.0 Lead and Gold - Gangs of the Wild West Left 4 Dead 2 LogMeIn Hamachi Malwarebytes' Anti-Malware version 1.51.2.1300 Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office Excel MUI (English) 2007 Microsoft Office Home and Student 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Suite Activation Assistant Microsoft Office Word MUI (English) 2007 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Works Mozilla Firefox (3.6.17) MSVCRT MV RegClean 5.0 English MyPaint 1.0.0 MyToshiba Neverwinter Nights 2 NVIDIA PhysX v8.05.26 Oddworld: Abe's Exoddus Oddworld: Abe's Oddysee OGA Notifier 2.0.0048.0 Painter 12 - Content Painter 12 - Core Painter 12 - EN Painter 12 - Painter Painter 12 - Setup Files PFPortChecker 1.0.32 PlayReady PC Runtime x86 Portal Portforward Static IP Address 1.0.44 QuickTime Realtek 8136 8168 8169 Ethernet Driver Realtek High Definition Audio Driver Realtek USB 2.0 Card Reader Realtek WLAN Driver Security Update for 2007 Microsoft Office System (KB2288621) Security Update for 2007 Microsoft Office System (KB2288931) Security Update for 2007 Microsoft Office System (KB2345043) Security Update for 2007 Microsoft Office System (KB2509488) Security Update for 2007 Microsoft Office System (KB969559) Security Update for 2007 Microsoft Office System (KB976321) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft Office 2007 System (KB2541012) Security Update for Microsoft Office Excel 2007 (KB2541007) Security Update for Microsoft Office InfoPath 2007 (KB979441) Security Update for Microsoft Office PowerPoint 2007 (KB2535818) Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) Security Update for Microsoft Office system 2007 (972581) Security Update for Microsoft Office system 2007 (KB974234) Security Update for Microsoft Office Visio Viewer 2007 (KB973709) Security Update for Microsoft Office Word 2007 (KB2344993) Skype™ 5.5 Spiral Knights Star Wars Galactic Battlegrounds: Saga Star Wars Republic Commando Starcraft Steam Synaptics Pointing Device Driver Toshiba Application and Driver Installer TOSHIBA ConfigFree TOSHIBA Disc Creator TOSHIBA DVD PLAYER TOSHIBA Extended Tiles for Windows Mobility Center TOSHIBA Hardware Setup TOSHIBA HDD/SSD Alert TOSHIBA Speech System Applications TOSHIBA Speech System SR Engine(U.S.) Version1.0 TOSHIBA Speech System TTS Engine(U.S.) Version1.0 TubeHunter Ultra 4.31 Unreal Tournament 3 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 System (KB2539530) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office OneNote 2007 (KB980729) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 (KB974631) Update for Microsoft Office Word 2007 Help (KB963665) Utility Common Driver Visual IRC 2.0 VTFEdit 1.2.5 Wacom Tablet WebTablet IE Plugin WildTangent Games Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinPcap 4.1.1 WinRAR archiver Yahoo! Messenger . ==== Event Viewer Messages From Past Week ======== . 2/9/2012 7:21:09 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 2/9/2012 7:21:05 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 2/9/2012 7:20:59 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046} 2/9/2012 7:19:59 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache spldr Wanarpv6 2/9/2012 7:19:42 PM, Error: volmgr [46] - Crash dump initialization failed! 2/8/2012 12:38:33 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service BITS with arguments "" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097} 2/8/2012 12:38:32 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334} 2/6/2012 7:50:46 PM, Error: Service Control Manager [7034] - The LogMeIn Hamachi Tunneling Engine service terminated unexpectedly. It has done this 1 time(s). 2/4/2012 8:44:10 AM, Error: NetBT [4307] - Initialization failed because the transport refused to open initial addresses. 2/11/2012 3:50:44 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 2/11/2012 3:48:26 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 2/10/2012 7:20:59 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 2/10/2012 11:09:19 AM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start. . ==== End Of File ===========================
  12. I have been forced to stay in safemode for some time, cannot log into normal without malware and redirects spamming the screen. I have tried MBAM but nothing is improving. Not sure the HTJ log will tell much, but anyway: HiJackThis Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:35:06 PM, on 2/4/2012 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16839) Boot mode: Safe mode with network support Running processes: C:\windows\Explorer.EXE C:\windows\system32\ctfmon.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\ViRC\ViRC.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Adam\Desktop\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\prxtbFre0.dll O2 - BHO: Freecorder - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\prxtbFre0.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\prxtbFre0.dll O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [HWSetup] "C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP O4 - HKLM\..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe O4 - HKLM\..\Run: [Freecorder FLV Service] "C:\Program Files\Freecorder\FLVSrvc.exe" /run O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\windows\system32\Macromed\Flash\FlashUtil10k_ActiveX.exe -update activex O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: En&queue current page with Bulk Image Downloader - file://C:\Program Files\Bulk Image Downloader\iemenu\iebidqueue.htm O8 - Extra context menu item: Enqueue link target with Bulk Ima&ge Downloader - file://C:\Program Files\Bulk Image Downloader\iemenu\iebidlinkqueue.htm O8 - Extra context menu item: Open &link target with Bulk Image Downloader - file://C:\Program Files\Bulk Image Downloader\iemenu\iebidlink.htm O8 - Extra context menu item: Open current page with Bulk I&mage Downloader - file://C:\Program Files\Bulk Image Downloader\iemenu\iebid.htm O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AMD External Events Utility - AMD - C:\windows\system32\atiesrxx.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: TabletServiceWacom - Wacom Technology, Corp. - C:\windows\system32\Wacom_Tablet.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- End of file - 8138 bytes
  13. Sorry for the late response, yes this will do just perfect I believe, thank you!
  14. Thank you for trying Joe, but this hasnt helped my situation. If anyone has suggestions please let it be known, Id like to get this done before doing some deep clearnup which i must do. Appreciated!
  15. I can export the browser but only in certain settings. Basically Favorites, Cookies and Feeds but no History. Is there another way to accomplish this?
×
×
  • Create New...