tk0805
2011-09-17, 20:48
I need some major help, and I have no clue what to do. In responding, remember, I'm only so so with computers; so, explanations may be necessary. Hopefully, someone can point me in the right direction.
So, last night I was streaming a tv show online when a few viruses or something was detected by AVG. I couldnt get rid of them. Not too long after, the blue screen of death began dumping physical memory. When the computer restarted, I started normally and ran avg and microsoft security essentials. Before completing, the blue screen of death came back and crashed the computer. Next, I restarted in Safe Mode and ran them both. Neither said I had any problems. However, when I search in google or msn, say I search for mtv, I click it and some shopping website (usually different ones) come up. So, I ran Spybot. It found a whole lot of crap on here. I removed everything it found and rebooted again in normal mode. However, upon being on Facebook for more than 5 minutes, the blue screen of death came back. I went back to safe mode and tried a system restore, which didn't work and deleted my restore point. Then I tried to just restore the computer back to factory settings. However, I'm operating Windows 7 now, whereas the original operating system was Vista. I can't get it to pop up to restore the Vista and Windows 7 recovery options are the only ones I have. I did not make a backup cd...I know!! What do I do? Currently, I can only do anything while in Safe Mode with Networking.
.
Here are the dds reports.
.
DDS (Ver_2011-08-26.01) - NTFSx86 NETWORK
Internet Explorer: 9.0.8112.16421
Run by KENDALLT at 15:08:33 on 2011-09-17
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.1790.992 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
AV: AVG Anti-Virus Free *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSHB&bmod=TSHB
uStart Page = hxxp://www.google.com/
mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSHB&bmod=TSHB
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSHB&bmod=TSHB
uURLSearchHooks: H - No File
uURLSearchHooks: H - No File
uURLSearchHooks: H - No File
uURLSearchHooks: FCToolbarURLSearchHook Class: {bb78b434-c869-e534-65a9-f4a7dab04d57} - c:\program files\socialribbons lp4\Helper.dll
uURLSearchHooks: H - No File
mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg9\toolbar\IEToolbar.dll
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy 2\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_06\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg9\toolbar\IEToolbar.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll
BHO: DCA BHO: {b49699fc-1665-4414-a1cb-c4a2a4a13eec} - c:\program files\common files\freecause\dca\dca-bho.dll
BHO: SocialRibbons LP4: {daa05029-eece-7a44-a584-c603c68cb608} - c:\program files\socialribbons lp4\Toolbar.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg9\toolbar\IEToolbar.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
TB: {CE7499E7-AF3C-4662-AC92-454212345DDB} - No File
TB: {46897C77-E7A6-4C33-BFFB-E9C2E2718942} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB: {37153479-1976-43C3-A1EE-557513977B64} - No File
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [TOSCDSPD] c:\program files\toshiba\toscdspd\TOSCDSPD.exe
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [RESTART_STICKY_NOTES] c:\windows\system32\StikyNot.exe
uRun: [Google Update] "c:\users\kendallt\appdata\local\google\update\GoogleUpdate.exe" /c
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [Skytel] Skytel.exe
mRun: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
mRun: [Camera Assistant Software] "c:\program files\camera assistant software for toshiba\traybar.exe" /start
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
mRun: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
mRun: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [SDTray] "c:\program files\spybot - search & destroy 2\SDTray.exe"
mRun: [Spybot-S&D Cleaning] "c:\program files\spybot - search & destroy 2\SDCleaner.exe" /autoclean
mRunOnce: [NoIE4StubProcessing] c:\windows\system32\reg.exe delete "hklm\software\microsoft\active setup\Installed Components" /v "NoIE4StubProcessing" /f
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_06\bin\ssv.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy 2\SDHelper.dll
DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - hxxp://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/ZwinkyInitialSetup1.0.1.1.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.254.254 192.168.254.254
TCP: Interfaces\{1FE0AC54-6EFA-408B-9731-710215167B08} : DhcpNameServer = 192.168.254.254 192.168.254.254
TCP: Interfaces\{1FE0AC54-6EFA-408B-9731-710215167B08}\35075656463547275616D6 : DhcpNameServer = 74.128.18.98 74.128.18.99
TCP: Interfaces\{1FE0AC54-6EFA-408B-9731-710215167B08}\7796C646361647 : DhcpNameServer = 72.51.219.21 72.51.219.22
TCP: Interfaces\{1FE0AC54-6EFA-408B-9731-710215167B08}\96E63796768647F577966696F573235343 : DhcpNameServer = 192.168.2.1 74.128.17.114 74.128.19.102
TCP: Interfaces\{1FE0AC54-6EFA-408B-9731-710215167B08}\E4B45577966696 : DhcpNameServer = 216.68.4.10 216.68.5.10
TCP: Interfaces\{851F44CC-9B25-460F-B320-A01E5A54878C} : DhcpNameServer = 192.168.2.1 74.128.17.114 74.128.19.102
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\avg\avg9\toolbar\IEToolbar.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll
Notify: SDWinLogon - SDWinLogon.dll
AppInit_DLLs: c:\progra~1\google\google~1\GO36F4~1.DLL
.
============= SERVICES / DRIVERS ===============
.
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2010-4-24 243152]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128]
R3 FwLnk;FwLnk Driver;c:\windows\system32\drivers\FwLnk.sys [2008-5-5 7168]
S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2010-4-24 216400]
S1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2010-4-24 29712]
S1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648]
S1 MpKsl1f8f2979;MpKsl1f8f2979;c:\programdata\microsoft\microsoft antimalware\definition updates\{1fc36d86-83f7-4bb4-9331-d47b568bd4bd}\MpKsl1f8f2979.sys [2011-9-16 28752]
S1 MpKsl20f74fb4;MpKsl20f74fb4;c:\programdata\microsoft\microsoft antimalware\definition updates\{1fc36d86-83f7-4bb4-9331-d47b568bd4bd}\MpKsl20f74fb4.sys [2011-9-17 28752]
S1 MpKsl2713c5fe;MpKsl2713c5fe;c:\programdata\microsoft\microsoft antimalware\definition updates\{1fc36d86-83f7-4bb4-9331-d47b568bd4bd}\MpKsl2713c5fe.sys [2011-9-17 28752]
S1 MpKsl49d91c34;MpKsl49d91c34;c:\programdata\microsoft\microsoft antimalware\definition updates\{1fc36d86-83f7-4bb4-9331-d47b568bd4bd}\MpKsl49d91c34.sys [2011-9-17 28752]
S1 MpKsl58004cf3;MpKsl58004cf3;c:\programdata\microsoft\microsoft antimalware\definition updates\{1fc36d86-83f7-4bb4-9331-d47b568bd4bd}\MpKsl58004cf3.sys [2011-9-17 28752]
S1 MpKsl80484c96;MpKsl80484c96;c:\programdata\microsoft\microsoft antimalware\definition updates\{1fc36d86-83f7-4bb4-9331-d47b568bd4bd}\MpKsl80484c96.sys [2011-9-17 28752]
S1 MpKsl9549bea5;MpKsl9549bea5;c:\programdata\microsoft\microsoft antimalware\definition updates\{1fc36d86-83f7-4bb4-9331-d47b568bd4bd}\MpKsl9549bea5.sys [2011-9-17 28752]
S1 MpKslb0dfad43;MpKslb0dfad43;c:\programdata\microsoft\microsoft antimalware\definition updates\{1fc36d86-83f7-4bb4-9331-d47b568bd4bd}\MpKslb0dfad43.sys [2011-9-17 28752]
S1 MpKslb6a092a5;MpKslb6a092a5;c:\programdata\microsoft\microsoft antimalware\definition updates\{1fc36d86-83f7-4bb4-9331-d47b568bd4bd}\MpKslb6a092a5.sys [2011-9-17 28752]
S1 MpKslbf30c1f4;MpKslbf30c1f4;c:\programdata\microsoft\microsoft antimalware\definition updates\{1fc36d86-83f7-4bb4-9331-d47b568bd4bd}\MpKslbf30c1f4.sys [2011-9-17 28752]
S1 MpKslf2ae8f34;MpKslf2ae8f34;c:\programdata\microsoft\microsoft antimalware\definition updates\{1fc36d86-83f7-4bb4-9331-d47b568bd4bd}\MpKslf2ae8f34.sys [2011-9-17 28752]
S1 MpKslf4930bab;MpKslf4930bab;c:\programdata\microsoft\microsoft antimalware\definition updates\{1fc36d86-83f7-4bb4-9331-d47b568bd4bd}\MpKslf4930bab.sys [2011-9-17 28752]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-8-18 176128]
S2 avg9emc;AVG Free E-mail Scanner;c:\program files\avg\avg9\avgemc.exe [2010-7-15 921952]
S2 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-7-15 308136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 ConfigFree Service;ConfigFree Service;c:\program files\toshiba\configfree\CFSvcs.exe [2008-4-17 40960]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-3-6 135664]
S2 SDHookService;Spybot S&D 2 Live Protection Service;c:\program files\spybot - search & destroy 2\SDHookSvc.exe [2011-9-17 130976]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\spybot - search & destroy 2\SDFSSvc.exe [2011-9-17 1082800]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\spybot - search & destroy 2\SDWSCSvc.exe [2011-9-17 169624]
S2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\toshiba\smartlogservice\TosIPCSrv.exe [2007-12-3 126976]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg9\toolbar\ToolbarBroker.exe [2010-10-26 947528]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 FlyUsb;FLY Fusion;c:\windows\system32\drivers\FlyUsb.sys [2008-4-1 19456]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2010-6-3 54632]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2008-5-5 30192]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-3-6 135664]
S3 jswpsapi;Jumpstart Wifi Protected Setup;c:\program files\jumpstart\jswpsapi.exe [2010-3-4 954368]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2011-4-18 43392]
S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 65024]
S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2011-4-27 208944]
S3 SmartFaceVWatchSrv;SmartFaceVWatchSrv;c:\program files\toshiba\smartfacev\SmartFaceVWatchSrv.exe [2008-4-24 73728]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-5-18 1343400]
S4 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\spybot - search & destroy 2\SDUpdSvc.exe [2011-9-17 1149864]
.
=============== Created Last 30 ================
.
2011-09-17 18:16:51 -------- d-----w- c:\windows\Panther
2011-09-17 18:14:58 28752 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{1fc36d86-83f7-4bb4-9331-d47b568bd4bd}\MpKsl49d91c34.sys
2011-09-17 16:22:35 -------- d-----w- c:\windows\system32\MpEngineStore
2011-09-17 09:00:07 28752 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{1fc36d86-83f7-4bb4-9331-d47b568bd4bd}\MpKslb6a092a5.sys
2011-09-17 08:18:49 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2011-09-17 08:17:45 28752 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{1fc36d86-83f7-4bb4-9331-d47b568bd4bd}\MpKsl20f74fb4.sys
2011-09-17 08:13:06 15224 ----a-w- c:\windows\system32\sdnclean.exe
2011-09-17 08:13:01 -------- d-----w- c:\program files\Spybot - Search & Destroy 2
2011-09-17 08:11:18 -------- d-----w- c:\program files\SocialRibbons LP4
2011-09-17 06:53:36 28752 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{1fc36d86-83f7-4bb4-9331-d47b568bd4bd}\MpKslf4930bab.sys
2011-09-17 06:44:06 28752 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{1fc36d86-83f7-4bb4-9331-d47b568bd4bd}\MpKsl2713c5fe.sys
2011-09-17 06:34:39 28752 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{1fc36d86-83f7-4bb4-9331-d47b568bd4bd}\MpKsl9549bea5.sys
2011-09-17 06:24:21 28752 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{1fc36d86-83f7-4bb4-9331-d47b568bd4bd}\MpKsl58004cf3.sys
2011-09-17 06:03:25 28752 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{1fc36d86-83f7-4bb4-9331-d47b568bd4bd}\MpKsl80484c96.sys
2011-09-17 05:08:09 28752 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{1fc36d86-83f7-4bb4-9331-d47b568bd4bd}\MpKslbf30c1f4.sys
2011-09-17 04:54:36 28752 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{1fc36d86-83f7-4bb4-9331-d47b568bd4bd}\MpKslb0dfad43.sys
2011-09-17 04:47:33 28752 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{1fc36d86-83f7-4bb4-9331-d47b568bd4bd}\MpKslf2ae8f34.sys
2011-09-16 20:05:08 28752 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{1fc36d86-83f7-4bb4-9331-d47b568bd4bd}\MpKsl1f8f2979.sys
2011-09-16 20:03:52 7152464 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{1fc36d86-83f7-4bb4-9331-d47b568bd4bd}\mpengine.dll
2011-09-08 20:05:51 439632 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{179b5889-3d13-407e-a288-c8da896e24e2}\gapaengine.dll
2011-09-02 01:40:12 -------- d-----w- c:\program files\Cheat Engine 6.1
2011-09-02 01:26:45 -------- d-----w- c:\users\kendallt\appdata\local\Mozilla
2011-08-29 00:59:58 2048 ----a-w- c:\windows\system32\tzres.dll
.
==================== Find3M ====================
.
2011-07-16 04:37:32 169984 ----a-w- c:\windows\system32\winsrv.dll
2011-07-16 04:34:28 290816 ----a-w- c:\windows\system32\KernelBase.dll
2011-07-16 04:31:12 271360 ----a-w- c:\windows\system32\conhost.exe
2011-07-16 02:21:47 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-07-16 02:21:47 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-16 02:21:47 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-07-16 02:21:47 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-07-09 02:26:10 222720 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-06-23 04:38:05 3957120 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-06-23 04:38:04 3902336 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-06-21 05:39:53 1286016 ----a-w- c:\windows\system32\drivers\tcpip.sys
.
============= FINISH: 15:09:15.03 ===============
So, last night I was streaming a tv show online when a few viruses or something was detected by AVG. I couldnt get rid of them. Not too long after, the blue screen of death began dumping physical memory. When the computer restarted, I started normally and ran avg and microsoft security essentials. Before completing, the blue screen of death came back and crashed the computer. Next, I restarted in Safe Mode and ran them both. Neither said I had any problems. However, when I search in google or msn, say I search for mtv, I click it and some shopping website (usually different ones) come up. So, I ran Spybot. It found a whole lot of crap on here. I removed everything it found and rebooted again in normal mode. However, upon being on Facebook for more than 5 minutes, the blue screen of death came back. I went back to safe mode and tried a system restore, which didn't work and deleted my restore point. Then I tried to just restore the computer back to factory settings. However, I'm operating Windows 7 now, whereas the original operating system was Vista. I can't get it to pop up to restore the Vista and Windows 7 recovery options are the only ones I have. I did not make a backup cd...I know!! What do I do? Currently, I can only do anything while in Safe Mode with Networking.
.
Here are the dds reports.
.
DDS (Ver_2011-08-26.01) - NTFSx86 NETWORK
Internet Explorer: 9.0.8112.16421
Run by KENDALLT at 15:08:33 on 2011-09-17
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.1790.992 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
AV: AVG Anti-Virus Free *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSHB&bmod=TSHB
uStart Page = hxxp://www.google.com/
mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSHB&bmod=TSHB
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSHB&bmod=TSHB
uURLSearchHooks: H - No File
uURLSearchHooks: H - No File
uURLSearchHooks: H - No File
uURLSearchHooks: FCToolbarURLSearchHook Class: {bb78b434-c869-e534-65a9-f4a7dab04d57} - c:\program files\socialribbons lp4\Helper.dll
uURLSearchHooks: H - No File
mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg9\toolbar\IEToolbar.dll
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy 2\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_06\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg9\toolbar\IEToolbar.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll
BHO: DCA BHO: {b49699fc-1665-4414-a1cb-c4a2a4a13eec} - c:\program files\common files\freecause\dca\dca-bho.dll
BHO: SocialRibbons LP4: {daa05029-eece-7a44-a584-c603c68cb608} - c:\program files\socialribbons lp4\Toolbar.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg9\toolbar\IEToolbar.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
TB: {CE7499E7-AF3C-4662-AC92-454212345DDB} - No File
TB: {46897C77-E7A6-4C33-BFFB-E9C2E2718942} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB: {37153479-1976-43C3-A1EE-557513977B64} - No File
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [TOSCDSPD] c:\program files\toshiba\toscdspd\TOSCDSPD.exe
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [RESTART_STICKY_NOTES] c:\windows\system32\StikyNot.exe
uRun: [Google Update] "c:\users\kendallt\appdata\local\google\update\GoogleUpdate.exe" /c
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [Skytel] Skytel.exe
mRun: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
mRun: [Camera Assistant Software] "c:\program files\camera assistant software for toshiba\traybar.exe" /start
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
mRun: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
mRun: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [SDTray] "c:\program files\spybot - search & destroy 2\SDTray.exe"
mRun: [Spybot-S&D Cleaning] "c:\program files\spybot - search & destroy 2\SDCleaner.exe" /autoclean
mRunOnce: [NoIE4StubProcessing] c:\windows\system32\reg.exe delete "hklm\software\microsoft\active setup\Installed Components" /v "NoIE4StubProcessing" /f
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_06\bin\ssv.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy 2\SDHelper.dll
DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - hxxp://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/ZwinkyInitialSetup1.0.1.1.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.254.254 192.168.254.254
TCP: Interfaces\{1FE0AC54-6EFA-408B-9731-710215167B08} : DhcpNameServer = 192.168.254.254 192.168.254.254
TCP: Interfaces\{1FE0AC54-6EFA-408B-9731-710215167B08}\35075656463547275616D6 : DhcpNameServer = 74.128.18.98 74.128.18.99
TCP: Interfaces\{1FE0AC54-6EFA-408B-9731-710215167B08}\7796C646361647 : DhcpNameServer = 72.51.219.21 72.51.219.22
TCP: Interfaces\{1FE0AC54-6EFA-408B-9731-710215167B08}\96E63796768647F577966696F573235343 : DhcpNameServer = 192.168.2.1 74.128.17.114 74.128.19.102
TCP: Interfaces\{1FE0AC54-6EFA-408B-9731-710215167B08}\E4B45577966696 : DhcpNameServer = 216.68.4.10 216.68.5.10
TCP: Interfaces\{851F44CC-9B25-460F-B320-A01E5A54878C} : DhcpNameServer = 192.168.2.1 74.128.17.114 74.128.19.102
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\avg\avg9\toolbar\IEToolbar.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll
Notify: SDWinLogon - SDWinLogon.dll
AppInit_DLLs: c:\progra~1\google\google~1\GO36F4~1.DLL
.
============= SERVICES / DRIVERS ===============
.
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2010-4-24 243152]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128]
R3 FwLnk;FwLnk Driver;c:\windows\system32\drivers\FwLnk.sys [2008-5-5 7168]
S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2010-4-24 216400]
S1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2010-4-24 29712]
S1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648]
S1 MpKsl1f8f2979;MpKsl1f8f2979;c:\programdata\microsoft\microsoft antimalware\definition updates\{1fc36d86-83f7-4bb4-9331-d47b568bd4bd}\MpKsl1f8f2979.sys [2011-9-16 28752]
S1 MpKsl20f74fb4;MpKsl20f74fb4;c:\programdata\microsoft\microsoft antimalware\definition updates\{1fc36d86-83f7-4bb4-9331-d47b568bd4bd}\MpKsl20f74fb4.sys [2011-9-17 28752]
S1 MpKsl2713c5fe;MpKsl2713c5fe;c:\programdata\microsoft\microsoft antimalware\definition updates\{1fc36d86-83f7-4bb4-9331-d47b568bd4bd}\MpKsl2713c5fe.sys [2011-9-17 28752]
S1 MpKsl49d91c34;MpKsl49d91c34;c:\programdata\microsoft\microsoft antimalware\definition updates\{1fc36d86-83f7-4bb4-9331-d47b568bd4bd}\MpKsl49d91c34.sys [2011-9-17 28752]
S1 MpKsl58004cf3;MpKsl58004cf3;c:\programdata\microsoft\microsoft antimalware\definition updates\{1fc36d86-83f7-4bb4-9331-d47b568bd4bd}\MpKsl58004cf3.sys [2011-9-17 28752]
S1 MpKsl80484c96;MpKsl80484c96;c:\programdata\microsoft\microsoft antimalware\definition updates\{1fc36d86-83f7-4bb4-9331-d47b568bd4bd}\MpKsl80484c96.sys [2011-9-17 28752]
S1 MpKsl9549bea5;MpKsl9549bea5;c:\programdata\microsoft\microsoft antimalware\definition updates\{1fc36d86-83f7-4bb4-9331-d47b568bd4bd}\MpKsl9549bea5.sys [2011-9-17 28752]
S1 MpKslb0dfad43;MpKslb0dfad43;c:\programdata\microsoft\microsoft antimalware\definition updates\{1fc36d86-83f7-4bb4-9331-d47b568bd4bd}\MpKslb0dfad43.sys [2011-9-17 28752]
S1 MpKslb6a092a5;MpKslb6a092a5;c:\programdata\microsoft\microsoft antimalware\definition updates\{1fc36d86-83f7-4bb4-9331-d47b568bd4bd}\MpKslb6a092a5.sys [2011-9-17 28752]
S1 MpKslbf30c1f4;MpKslbf30c1f4;c:\programdata\microsoft\microsoft antimalware\definition updates\{1fc36d86-83f7-4bb4-9331-d47b568bd4bd}\MpKslbf30c1f4.sys [2011-9-17 28752]
S1 MpKslf2ae8f34;MpKslf2ae8f34;c:\programdata\microsoft\microsoft antimalware\definition updates\{1fc36d86-83f7-4bb4-9331-d47b568bd4bd}\MpKslf2ae8f34.sys [2011-9-17 28752]
S1 MpKslf4930bab;MpKslf4930bab;c:\programdata\microsoft\microsoft antimalware\definition updates\{1fc36d86-83f7-4bb4-9331-d47b568bd4bd}\MpKslf4930bab.sys [2011-9-17 28752]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-8-18 176128]
S2 avg9emc;AVG Free E-mail Scanner;c:\program files\avg\avg9\avgemc.exe [2010-7-15 921952]
S2 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-7-15 308136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 ConfigFree Service;ConfigFree Service;c:\program files\toshiba\configfree\CFSvcs.exe [2008-4-17 40960]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-3-6 135664]
S2 SDHookService;Spybot S&D 2 Live Protection Service;c:\program files\spybot - search & destroy 2\SDHookSvc.exe [2011-9-17 130976]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\spybot - search & destroy 2\SDFSSvc.exe [2011-9-17 1082800]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\spybot - search & destroy 2\SDWSCSvc.exe [2011-9-17 169624]
S2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\toshiba\smartlogservice\TosIPCSrv.exe [2007-12-3 126976]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg9\toolbar\ToolbarBroker.exe [2010-10-26 947528]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 FlyUsb;FLY Fusion;c:\windows\system32\drivers\FlyUsb.sys [2008-4-1 19456]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2010-6-3 54632]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2008-5-5 30192]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-3-6 135664]
S3 jswpsapi;Jumpstart Wifi Protected Setup;c:\program files\jumpstart\jswpsapi.exe [2010-3-4 954368]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2011-4-18 43392]
S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 65024]
S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2011-4-27 208944]
S3 SmartFaceVWatchSrv;SmartFaceVWatchSrv;c:\program files\toshiba\smartfacev\SmartFaceVWatchSrv.exe [2008-4-24 73728]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-5-18 1343400]
S4 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\spybot - search & destroy 2\SDUpdSvc.exe [2011-9-17 1149864]
.
=============== Created Last 30 ================
.
2011-09-17 18:16:51 -------- d-----w- c:\windows\Panther
2011-09-17 18:14:58 28752 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{1fc36d86-83f7-4bb4-9331-d47b568bd4bd}\MpKsl49d91c34.sys
2011-09-17 16:22:35 -------- d-----w- c:\windows\system32\MpEngineStore
2011-09-17 09:00:07 28752 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{1fc36d86-83f7-4bb4-9331-d47b568bd4bd}\MpKslb6a092a5.sys
2011-09-17 08:18:49 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2011-09-17 08:17:45 28752 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{1fc36d86-83f7-4bb4-9331-d47b568bd4bd}\MpKsl20f74fb4.sys
2011-09-17 08:13:06 15224 ----a-w- c:\windows\system32\sdnclean.exe
2011-09-17 08:13:01 -------- d-----w- c:\program files\Spybot - Search & Destroy 2
2011-09-17 08:11:18 -------- d-----w- c:\program files\SocialRibbons LP4
2011-09-17 06:53:36 28752 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{1fc36d86-83f7-4bb4-9331-d47b568bd4bd}\MpKslf4930bab.sys
2011-09-17 06:44:06 28752 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{1fc36d86-83f7-4bb4-9331-d47b568bd4bd}\MpKsl2713c5fe.sys
2011-09-17 06:34:39 28752 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{1fc36d86-83f7-4bb4-9331-d47b568bd4bd}\MpKsl9549bea5.sys
2011-09-17 06:24:21 28752 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{1fc36d86-83f7-4bb4-9331-d47b568bd4bd}\MpKsl58004cf3.sys
2011-09-17 06:03:25 28752 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{1fc36d86-83f7-4bb4-9331-d47b568bd4bd}\MpKsl80484c96.sys
2011-09-17 05:08:09 28752 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{1fc36d86-83f7-4bb4-9331-d47b568bd4bd}\MpKslbf30c1f4.sys
2011-09-17 04:54:36 28752 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{1fc36d86-83f7-4bb4-9331-d47b568bd4bd}\MpKslb0dfad43.sys
2011-09-17 04:47:33 28752 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{1fc36d86-83f7-4bb4-9331-d47b568bd4bd}\MpKslf2ae8f34.sys
2011-09-16 20:05:08 28752 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{1fc36d86-83f7-4bb4-9331-d47b568bd4bd}\MpKsl1f8f2979.sys
2011-09-16 20:03:52 7152464 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{1fc36d86-83f7-4bb4-9331-d47b568bd4bd}\mpengine.dll
2011-09-08 20:05:51 439632 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{179b5889-3d13-407e-a288-c8da896e24e2}\gapaengine.dll
2011-09-02 01:40:12 -------- d-----w- c:\program files\Cheat Engine 6.1
2011-09-02 01:26:45 -------- d-----w- c:\users\kendallt\appdata\local\Mozilla
2011-08-29 00:59:58 2048 ----a-w- c:\windows\system32\tzres.dll
.
==================== Find3M ====================
.
2011-07-16 04:37:32 169984 ----a-w- c:\windows\system32\winsrv.dll
2011-07-16 04:34:28 290816 ----a-w- c:\windows\system32\KernelBase.dll
2011-07-16 04:31:12 271360 ----a-w- c:\windows\system32\conhost.exe
2011-07-16 02:21:47 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-07-16 02:21:47 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-16 02:21:47 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-07-16 02:21:47 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-07-09 02:26:10 222720 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-06-23 04:38:05 3957120 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-06-23 04:38:04 3902336 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-06-21 05:39:53 1286016 ----a-w- c:\windows\system32\drivers\tcpip.sys
.
============= FINISH: 15:09:15.03 ===============