virus

Status
Not open for further replies.
H

howardscat

New member
Thanks in advance for your help. I can't download the latest windows update and my recently installed trend micro won't work.

DDS (Ver_2012-11-07.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16450
Run by David at 22:23:00 on 2012-11-17
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3836.1240 [GMT -5:00]
.
AV: Trend Micro Titanium Maximum Security 2012 *Enabled/Updated* {B7599298-8445-728A-A5C7-A26A082C8BDA}
SP: Trend Micro Titanium Maximum Security 2012 *Enabled/Updated* {0C38737C-A27F-7D04-9F77-991873ABC167}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
c:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
C:\Windows\system32\WLANExt.exe
C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files\Dell\OSD\DellOSDservice.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Dell\OSD\DellOSD.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Windows\Explorer.EXE
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\System32\alg.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_WLM\TMAS_WLMMon.exe
C:\Program Files (x86)\Multimedia Card Reader(6366)\ShwiconXP6366.exe
C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Roxio\Roxio Burn\Roxio Burn.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
-netsvcs
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Dell Support Center\uaclauncher.exe
C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://forecast.weather.gov/MapClick.php?CityName=Canton&state=OH&site=CLE&textField1=40.8122&textField2=-81.3733&e=1
uSearch Bar = Preserve
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1361\6.8.1078\TmIEPlg32.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: TSToolbarBHO: {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: FAIESSOHelper Class: {A2F122DA-055F-4df7-8F24-7354DBDBA85B} - c:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1104\7.1.1104\TmBpIe32.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Trend Micro Toolbar: {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
mRun: [ShwiconXP6366] c:\Program Files (x86)\Multimedia Card Reader(6366)\ShwiconXP6366.exe
mRun: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m
mRun: [FATrayAlert] c:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
mRun: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [UCam_Menu] "C:\Program Files (x86)\Dell\Dell TouchCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Dell\Dell TouchCam" UpdateWithCreateOnce "Software\CyberLink\Dell TouchCam\1.1"
mRun: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" /r
mRun: [FAStartup] <no file>
mRunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{03CFFF16-39BA-45AA-A454-A91ACD9564E9} : DHCPNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{03CFFF16-39BA-45AA-A454-A91ACD9564E9}\C696E6B6379737 : DHCPNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{36ED47B5-BB59-4E3F-A38F-B7EC328043E4} : DHCPNameServer = 209.18.47.61 209.18.47.62
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1104\7.1.1104\TmBpIe32.dll
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1361\6.8.1078\TmIEPlg32.dll
Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: FastAccess - c:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll
SSODL: WebCheck - <orphaned>
LSA: Notification Packages = scecli FAPassSync
x64-BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1361\6.8.1078\TmIEPlg.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1104\7.1.1104\TmBpIe64.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe
x64-Run: [RunDLLEntry_THXCfg] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\THXCfg64.dll,RunDLLEntry THXCfg64
x64-Run: [RunDLLEntry_EptMon] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\EptMon64.dll,RunDLLEntry EptMon64
x64-Run: [Trend Micro Titanium] "C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" -set Silent "1" SplashURL ""
x64-Run: [DellStage] "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup
x64-Run: [WLM] "C:\Program Files\Trend Micro\Titanium\Plugin\TMAS\TMAS_WLM\TMAS_WLMMon.exe"
x64-Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
x64-Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1104\7.1.1104\TmBpIe64.dll
x64-Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1361\6.8.1078\TmIEPlg.dll
x64-Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - <orphaned>
x64-Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\09aioq3y.default\
FF - prefs.js: browser.search.selectedEngine - My Way
FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/?pc=WLEM|http://www.google.com/
FF - prefs.js: keyword.URL - hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=Z1xdm00250us&ptb=3CE77520-2F59-4161-B174-A00FECD738D3&psa=&ind=2011011613&ptnrS=Z1xdm00250us&si=&st=kwd&n=77dd9a1d&searchfor=
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-11-20 55856]
R1 tmevtmgr;tmevtmgr;C:\Windows\System32\drivers\tmevtmgr.sys [2011-10-8 77184]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-9-22 203264]
R2 Amsp;Trend Micro Solution Platform;C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2012-9-30 275912]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 DellOSDservice;DellOSDservice;C:\Program Files\Dell\OSD\DellOSDservice.exe [2010-7-5 7168]
R2 FAService;FAService;C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe [2010-2-22 2409800]
R3 BcmVWL;Broadcom Virtual Wireless;C:\Windows\System32\drivers\bcmvwl64.sys [2010-9-22 20984]
R3 nuviocir;Nuvoton W836x7HG CIR Device Driver;C:\Windows\System32\drivers\nuviocir_win7_x64.sys [2010-11-20 33792]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]
R3 tmeevw;tmeevw;C:\Windows\System32\drivers\tmeevw.sys [2011-10-8 67344]
R3 tmnciesc;tmnciesc;C:\Windows\System32\drivers\tmnciesc.sys [2011-10-8 210704]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 FACAP;facap, FastAccess Video Capture;C:\Windows\System32\drivers\facap.sys [2008-9-24 238848]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-5-12 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
S3 PCDSRVC{1E208CE0-FB7451FF-06020200}_0;PCDSRVC{1E208CE0-FB7451FF-06020200}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\Dell Support Center\pcdsrvc_x64.pkms [2012-8-17 25584]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-7-1 59392]
.
=============== Created Last 30 ================
.
2012-11-18 03:06:37 -------- d-----w- C:\Users\David\AppData\Local\{A3E6F13E-3AC7-4225-B98B-C94D632FD230}
2012-11-12 19:36:44 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service
2012-11-12 19:36:37 588728 ----a-w- C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll
2012-11-12 19:36:37 43960 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
2012-11-12 19:36:37 157352 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice_installer.exe
2012-11-12 19:36:37 129976 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice.exe
2012-11-12 19:36:36 626688 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcr80.dll
2012-11-12 19:36:36 548864 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcp80.dll
2012-11-12 19:36:36 479232 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcm80.dll
2012-10-26 00:45:33 -------- d-----w- C:\Users\David\AppData\Local\{401CA29D-5F68-4994-AF62-4E715403089A}
2012-10-22 15:59:36 -------- d-----w- C:\Users\David\AppData\Local\{7725EC7C-EFEC-4CC8-8C18-92673483CDE6}
2012-10-21 20:42:25 -------- d-----w- C:\ProgramData\VirtualizedApplications
2012-10-21 19:54:52 -------- d-----w- C:\Users\David\AppData\Roaming\LolClient
2012-10-21 18:31:53 -------- d-----w- C:\Users\David\AppData\Roaming\SoftGrid Client
2012-10-21 18:31:53 -------- d-----w- C:\Users\David\AppData\Local\SoftGrid Client
2012-10-21 18:30:20 -------- d-----w- C:\Program Files (x86)\Microsoft Application Virtualization Client
2012-10-21 18:30:06 -------- d-----w- C:\Users\David\AppData\Roaming\TP
2012-10-21 18:05:44 68616 ----a-w- C:\Windows\SysWow64\XAPOFX1_1.dll
2012-10-21 18:05:44 509448 ----a-w- C:\Windows\SysWow64\XAudio2_2.dll
2012-10-21 18:05:44 1493528 ----a-w- C:\Windows\SysWow64\D3DCompiler_39.dll
2012-10-21 18:05:43 467984 ----a-w- C:\Windows\SysWow64\d3dx10_39.dll
2012-10-21 18:05:42 3851784 ----a-w- C:\Windows\SysWow64\D3DX9_39.dll
2012-10-21 18:01:03 -------- d-----w- C:\Riot Games
2012-10-21 01:36:51 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-10-21 01:36:51 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-10-21 01:36:15 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2012-10-21 01:36:15 1464320 ----a-w- C:\Windows\System32\crypt32.dll
2012-10-21 01:36:15 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2012-10-21 01:36:15 140288 ----a-w- C:\Windows\System32\cryptnet.dll
2012-10-21 01:36:15 1159680 ----a-w- C:\Windows\SysWow64\crypt32.dll
2012-10-21 01:36:14 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
.
==================== Find3M ====================
.
2012-10-21 00:25:39 696760 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-10-21 00:25:38 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-25 03:01:12 107048 ----a-w- C:\Windows\System32\drivers\tmactmon.sys
2012-09-25 03:00:36 77184 ----a-w- C:\Windows\System32\drivers\tmevtmgr.sys
2012-09-25 03:00:00 173504 ----a-w- C:\Windows\System32\drivers\tmcomm.sys
2012-08-31 18:19:35 1659760 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2012-08-24 18:05:07 220160 ----a-w- C:\Windows\System32\wintrust.dll
2012-08-24 16:57:48 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-08-24 10:31:32 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-08-24 10:21:18 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-08-24 10:20:11 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-08-24 10:14:45 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-08-24 10:13:29 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-08-24 10:09:42 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-08-24 06:59:17 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-08-24 06:51:27 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-08-24 06:51:02 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-08-24 06:47:26 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-08-24 06:47:12 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-08-24 06:43:58 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-08-22 18:12:50 1913200 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-08-22 18:12:40 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys
2012-08-22 18:12:40 376688 ----a-w- C:\Windows\System32\drivers\netio.sys
2012-08-22 18:12:33 288624 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2012-08-21 21:01:00 245760 ----a-w- C:\Windows\System32\OxpsConverter.exe
2012-08-20 18:48:44 362496 ----a-w- C:\Windows\System32\wow64win.dll
2012-08-20 18:48:44 243200 ----a-w- C:\Windows\System32\wow64.dll
2012-08-20 18:48:44 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2012-08-20 18:48:43 215040 ----a-w- C:\Windows\System32\winsrv.dll
2012-08-20 18:48:37 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2012-08-20 18:48:35 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2012-08-20 18:46:22 338432 ----a-w- C:\Windows\System32\conhost.exe
2012-08-20 17:40:21 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2012-08-20 17:38:44 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2012-08-20 17:38:26 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2012-08-20 17:37:19 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2012-08-20 17:37:18 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2012-08-20 15:38:21 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2012-08-20 15:38:20 2048 ----a-w- C:\Windows\SysWow64\user.exe
2012-08-20 15:33:28 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-08-20 15:33:28 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 15:33:28 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 15:33:28 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
.
============= FINISH: 22:24:48.32 ===============


aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-11-17 22:31:32
-----------------------------
22:31:32.997 OS Version: Windows x64 6.1.7601 Service Pack 1
22:31:32.997 Number of processors: 2 586 0x602
22:31:32.997 ComputerName: OLDSPICE UserName: David
22:31:38.517 Initialize success
22:32:01.527 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005e
22:32:01.527 Disk 0 Vendor: ST350041 CC46 Size: 476940MB BusType: 11
22:32:01.537 Device \Driver\amdsata -> MajorFunction fffffa80052225e8
22:32:01.537 Disk 0 MBR read successfully
22:32:01.537 Disk 0 MBR scan
22:32:01.547 Disk 0 Windows VISTA default MBR code
22:32:01.547 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
22:32:01.567 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 80325
22:32:01.577 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 461899 MB offset 30800325
22:32:01.597 Disk 0 scanning C:\Windows\system32\drivers
22:32:26.812 Service scanning
22:33:09.571 Modules scanning
22:33:09.591 Disk 0 trace - called modules:
22:33:09.601 ntoskrnl.exe CLASSPNP.SYS disk.sys amdxata.sys >>UNKNOWN [0xfffffa80052225e8]<<
22:33:09.933 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004bde060]
22:33:09.933 3 CLASSPNP.SYS[fffff880018d243f] -> nt!IofCallDriver -> [0xfffffa8004b6b4e0]
22:33:09.943 5 amdxata.sys[fffff88000e947a8] -> nt!IofCallDriver -> \Device\0000005e[0xfffffa8004b674d0]
22:33:09.953 \Driver\amdsata[0xfffffa8005112d30] -> IRP_MJ_CREATE -> 0xfffffa80052225e8
22:33:09.963 Scan finished successfully
22:34:44.676 Disk 0 MBR has been saved successfully to "C:\Users\David\Desktop\MBR.dat"
22:34:44.686 The log file has been saved successfully to "C:\Users\David\Desktop\aswMBR.txt"
22:36:08.014 Disk 0 MBR has been saved successfully to "C:\Users\David\Desktop\MBR.dat"
22:36:08.024 The log file has been saved successfully to "C:\Users\David\Desktop\aswMBR1.txt"


aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-11-17 22:31:32
-----------------------------
22:31:32.997 OS Version: Windows x64 6.1.7601 Service Pack 1
22:31:32.997 Number of processors: 2 586 0x602
22:31:32.997 ComputerName: OLDSPICE UserName: David
22:31:38.517 Initialize success
22:32:01.527 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005e
22:32:01.527 Disk 0 Vendor: ST350041 CC46 Size: 476940MB BusType: 11
22:32:01.537 Device \Driver\amdsata -> MajorFunction fffffa80052225e8
22:32:01.537 Disk 0 MBR read successfully
22:32:01.537 Disk 0 MBR scan
22:32:01.547 Disk 0 Windows VISTA default MBR code
22:32:01.547 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
22:32:01.567 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 80325
22:32:01.577 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 461899 MB offset 30800325
22:32:01.597 Disk 0 scanning C:\Windows\system32\drivers
22:32:26.812 Service scanning
22:33:09.571 Modules scanning
22:33:09.591 Disk 0 trace - called modules:
22:33:09.601 ntoskrnl.exe CLASSPNP.SYS disk.sys amdxata.sys >>UNKNOWN [0xfffffa80052225e8]<<
22:33:09.933 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004bde060]
22:33:09.933 3 CLASSPNP.SYS[fffff880018d243f] -> nt!IofCallDriver -> [0xfffffa8004b6b4e0]
22:33:09.943 5 amdxata.sys[fffff88000e947a8] -> nt!IofCallDriver -> \Device\0000005e[0xfffffa8004b674d0]
22:33:09.953 \Driver\amdsata[0xfffffa8005112d30] -> IRP_MJ_CREATE -> 0xfffffa80052225e8
22:33:09.963 Scan finished successfully
22:34:44.676 Disk 0 MBR has been saved successfully to "C:\Users\David\Desktop\MBR.dat"
22:34:44.686 The log file has been saved successfully to "C:\Users\David\Desktop\aswMBR.txt"
22:36:08.014 Disk 0 MBR has been saved successfully to "C:\Users\David\Desktop\MBR.dat"
22:36:08.024 The log file has been saved successfully to "C:\Users\David\Desktop\aswMBR1.txt"
22:38:44.541 Disk 0 MBR has been saved successfully to "C:\Users\David\Desktop\MBR.dat"
22:38:44.551 The log file has been saved successfully to "C:\Users\David\Desktop\aswMBR1.txt"
 
:welcome:

Sorry for the delay , if you have not resolved this issue run DDS and post a new log please
 
Due to inactivity, this thread will now be closed.

If it has been three days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a new DDS log with a link to your previous thread. Please do not add any logs that might have been requested in the closed topic, you would be starting fresh.
 
Status
Not open for further replies.
Back
Top