124 replies to this topic

[compudodo]

oh crimminee...... it's now 21 percent done..... 157,000 of 20228300 free clusters processed...... this will take all night

[compudodo]

ok....went away....computer obviously rebooted itself and started up..... no report generated

[Tomk]

Cool. Can you please run DDS again and post both logs?

[compudodo]

oops posted twice

Edited by compudodo, 20 April 2011 - 10:42 PM.

[compudodo]

.
DDS (Ver_11-03-05.01) - NTFSx86
Run by cici at 0:36:59.45 on Thu 04/21/2011
Internet Explorer: 9.0.8112.16421
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2812.1840 [GMT -4:00]
.
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Firewall *Disabled* {D17DF357-CFF5-F001-D1C1-FCD21DFE3D5E}
.
============== Running Processes ===============
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\atieclxx.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe
C:\windows\system32\conhost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files\DDNI\DIBS\DDNIService.exe
C:\windows\System32\IgrsSvcs.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe
C:\Program Files\DDNI\Lenovo Idea Notes\DDNIMSGUser.exe
C:\Program Files\Lenovo\VeriFace\PManage.exe
C:\Program Files\Lenovo\YouCam\YouCamTray.exe
C:\Program Files\Lenovo\Energy Management\utility.exe
C:\Program Files\Lenovo\Energy Management\Energy Management.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\windows\system32\Macromed\Flash\FlashUtil10o_ActiveX.exe
C:\Program Files\DDNI\Lenovo Idea Notes\DDNIMSGService.exe
C:\windows\system32\svchost.exe -k SDRSVC
C:\Program Files\Internet Explorer\iexplore.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\DllHost.exe
C:\windows\system32\DllHost.exe
C:\Users\cici\Desktop\dds.scr
C:\windows\system32\conhost.exe
C:\windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [Google Update] "c:\users\cici\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [cAudioFilterAgent] c:\program files\conexant\caudiofilteragent\cAudioFilterAgent.exe
mRun: [SmartAudio] c:\program files\conexant\saii\SAIICpl.exe /t
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [IdeaNotesUser] c:\program files\ddni\lenovo idea notes\DDNIMSGUser.exe
mRun: [VeriFaceManager] c:\program files\lenovo\veriface\PManage.exe
mRun: [UCam_Menu] "c:\program files\lenovo\youcam\muitransfer\muistartmenu.exe" "c:\program files\lenovo\youcam" updatewithcreateonce "software\cyberlink\youcam\3.0"
mRun: [YouCam Mirror Tray icon] "c:\program files\lenovo\youcam\YouCamTray.exe" /s
mRun: [UpdateP2GShortCut] "c:\program files\lenovo\power2go\muitransfer\muistartmenu.exe" "c:\program files\lenovo\power2go" updatewithcreateonce "software\cyberlink\power2go\5.0"
mRun: [EnergyUtility] c:\program files\lenovo\energy management\utility.exe
mRun: [Energy Management] c:\program files\lenovo\energy management\Energy Management.exe
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [ZoneAlarm Client] "c:\program files\zone labs\zonealarm\zlclient.exe"
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
dRunOnce: [WLStart] "c:\program files\windows live\installer\wlstart.exe" /nosearch /nohomepage
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} - hxxp://zone.msn.com/bingame/amun/default/mjolauncher.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} - hxxp://zone.msn.com/bingame/feed/default/SproutLauncher.cab
DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://zone.msn.com/bingame/popcaploader_v10.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-4-14 371544]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-4-14 301528]
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24 165264]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-4-20 172032]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-4-14 19544]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-4-14 53592]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-4-14 42184]
R2 DDNIMSGService;DDNIMSGService;c:\program files\ddni\lenovo idea notes\DDNIMSGService.exe [2010-12-30 171872]
R2 DDNIService;DDNIService;c:\program files\ddni\dibs\DDNIService.exe [2010-12-30 163680]
R2 ReadyComm.DirectRouter;ReadyComm.DirectRouter;c:\windows\system32\igrssvcs.exe -k igrssvcs --> c:\windows\system32\IgrsSvcs.exe -k IgrsSvcs [?]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\drivers\AcpiVpc.sys [2010-4-20 21256]
R3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atipmdag.sys [2010-4-20 5340160]
R3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys [2010-4-20 152064]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\drivers\L1C62x86.sys [2010-4-20 58368]
R3 usbfilter;AMD USB Filter Driver;c:\windows\system32\drivers\usbfilter.sys [2010-4-20 30392]
R3 usbsmi;Lenovo EasyCamera;c:\windows\system32\drivers\SMIksdrv.sys [2010-4-20 171776]
R3 wdmirror;wdmirror;c:\windows\system32\drivers\WDMirror.sys [2010-4-20 11792]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-3-20 136176]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 Bridge0;Bridge0;c:\windows\system32\drivers\wdbridge.sys [2010-4-20 63240]
S3 IGRS;IGRS;c:\program files\lenovo\readycomm\common\IGRS.exe [2009-7-15 38152]
S3 k57nd60x;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\k57nd60x.sys [2009-7-13 229888]
S3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;c:\program files\lenovo\readycomm\AppSvc.exe [2010-4-20 509192]
S3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;c:\program files\lenovo\readycomm\ConnSvc.exe [2010-4-20 575304]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2010-10-24 43392]
S3 netw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\netw5v32.sys [2009-6-10 4231168]
S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 54144]
S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2010-11-11 206360]
S3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\system32\svchost.exe -k nosGetPlusHelper [2009-7-13 20992]
S3 PS_MDP;ReadyComm Presentation Space Helper Service;c:\windows\system32\igrssvcs.exe -k igrssvcs --> c:\windows\system32\IgrsSvcs.exe -k IgrsSvcs [?]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2010-4-20 189984]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-3-23 52224]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-12-31 1343400]
S3 wsvd;wsvd;c:\windows\system32\drivers\wsvd.sys [2009-7-21 81704]
.
=============== Created Last 30 ================
.
2011-04-21 01:00:57 7071056 ----a-w- c:\progra~2\microsoft\microsoft antimalware\definition updates\{b1572afd-933f-4bc0-9358-26d4664231e7}\mpengine.dll
2011-04-21 00:51:36 -------- d-----w- c:\users\cici\appdata\local\{309E7778-82F3-4B52-B8EB-969F97158B39}
2011-04-20 09:21:55 98392 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-04-20 09:21:03 -------- d-----w- c:\users\cici\appdata\local\Sunbelt Software
2011-04-20 00:08:22 -------- d-----w- c:\users\cici\appdata\local\{E6A6B004-398E-4927-A1AC-D231EB248793}
2011-04-19 10:20:25 -------- d-----w- c:\users\cici\appdata\local\{49880DD2-855D-4824-9333-4B24F3F9E611}
2011-04-18 22:42:29 -------- d-----w- c:\program files\Astra Jigsaw India
2011-04-18 22:19:49 -------- d-----w- c:\users\cici\appdata\local\{93FCE099-F310-4BAF-B42C-2A391928B74A}
2011-04-17 16:51:55 -------- d-----w- c:\users\cici\appdata\local\{132DAC53-C721-49FE-9461-FA44B860E97E}
2011-04-17 03:45:49 -------- d-----w- c:\users\cici\appdata\local\{E34A2325-990D-487B-9203-05545DC9CC37}
2011-04-16 14:32:19 -------- d-----w- c:\users\cici\appdata\local\{DEACB010-D615-44D9-A701-D3EF6A6CBFAF}
2011-04-15 18:48:49 -------- d-----w- c:\users\cici\appdata\local\{77543336-192D-4CC4-8F34-BF24856257D2}
2011-04-14 21:41:35 -------- d-----w- c:\users\cici\appdata\local\{D3A01E12-8F01-4170-B4B9-703AF4B51157}
2011-04-14 12:25:06 -------- d-----w- c:\users\cici\appdata\local\{8DA46CB8-49E3-4816-8FFC-90268217477C}
2011-04-14 04:21:05 371544 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-04-14 04:21:01 53592 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-04-14 04:20:30 40648 ----a-w- c:\windows\avastSS.scr
2011-04-14 04:20:23 -------- d-----w- c:\program files\AVAST Software
2011-04-14 04:20:23 -------- d-----w- c:\progra~2\AVAST Software
2011-04-14 04:00:14 -------- d-----w- c:\users\cici\appdata\roaming\Sammsoft
2011-04-14 03:59:48 -------- d-----w- c:\program files\ARO 2011
2011-04-13 22:41:38 -------- d-sh--w- C:\$RECYCLE.BIN
2011-04-13 22:41:29 -------- d-----w- c:\users\cici\appdata\local\temp
2011-04-13 22:11:34 98816 ----a-w- c:\windows\sed.exe
2011-04-13 22:11:34 89088 ----a-w- c:\windows\MBR.exe
2011-04-13 22:11:34 256512 ----a-w- c:\windows\PEV.exe
2011-04-13 22:11:34 161792 ----a-w- c:\windows\SWREG.exe
2011-04-13 16:01:22 -------- d-----w- c:\users\cici\appdata\local\{C64F3376-3DF3-4551-BB5E-CBE22AE7BA60}
2011-04-13 01:41:20 -------- d-----w- C:\_OTM
2011-04-12 18:34:43 -------- d-----w- c:\users\cici\appdata\local\{D11A10B4-573C-4DD7-9FD4-E06EA917072F}
2011-04-11 22:12:11 -------- d-----w- c:\users\cici\appdata\local\{4434FC7A-B76B-49AC-872C-D361097D263B}
2011-04-11 00:11:26 -------- d-----w- c:\users\cici\appdata\local\{7978BE95-0D33-4A04-A2DD-6673B0B87ED4}
2011-04-09 16:06:18 -------- d-----w- c:\users\cici\appdata\local\{E69B056B-7B3A-4DCD-B8DD-C4947B25E2B2}
2011-04-08 14:15:12 -------- d-----w- c:\users\cici\appdata\local\{3F92FA22-95DB-406D-8BE1-E1AF086A76A8}
2011-04-08 02:14:37 -------- d-----w- c:\users\cici\appdata\local\{1CC52244-640A-45C6-A3B5-9FA7C252A1B4}
2011-04-07 15:18:20 -------- d-----w- c:\users\cici\appdata\local\{4450FBD8-CFE5-4168-BD5C-DA5CF04D9EA7}
2011-04-07 02:33:47 -------- d-----w- c:\users\cici\appdata\local\{5E93B8F3-56FE-453D-A49C-BDA5AA22A4EF}
2011-04-06 14:33:22 -------- d-----w- c:\users\cici\appdata\local\{35A57AD2-912F-4A60-AE2F-CB79B84F0186}
2011-04-05 22:11:29 -------- d-----w- c:\users\cici\appdata\local\{5C97E5D3-E8A0-410F-9D07-A7EE6AB3F2E6}
2011-04-05 15:38:45 439632 ------w- c:\progra~2\microsoft\microsoft antimalware\definition updates\{7d074fae-f067-4066-88c0-4d7d07a15e65}\gapaengine.dll
2011-04-04 11:40:49 -------- d-----w- c:\users\cici\appdata\local\{5C51381B-2337-4592-B773-DD7724C90923}
2011-04-03 10:37:44 -------- d-----w- c:\users\cici\appdata\local\{600E3012-AEC5-4966-BFEF-627F662CC2A6}
2011-04-02 13:09:26 -------- d-----w- c:\users\cici\appdata\local\{CF4552CD-69B7-47F0-A805-90010A4481CC}
2011-04-02 01:08:46 -------- d-----w- c:\users\cici\appdata\local\{BA9D007D-B348-4FB9-AC9D-69903FFC5727}
2011-04-01 05:56:07 -------- d-----w- c:\users\cici\appdata\local\{D1B6E34A-3CC8-42DA-8755-BFDEE919BD3F}
2011-03-31 17:29:06 -------- d-----w- c:\users\cici\appdata\local\{68373B5F-97E7-49A5-93B3-E73F303B573E}
2011-03-31 08:26:50 -------- d-----w- c:\users\cici\appdata\local\{F618D4B9-7193-4737-9FEA-4439D55B064E}
2011-03-28 12:09:12 -------- d-----w- c:\users\cici\appdata\roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2011-03-26 01:31:22 439632 ------w- c:\progra~2\microsoft\microsoft antimalware\definition updates\nisbackup\gapaengine.dll
2011-03-23 08:21:01 -------- d-----w- c:\windows\system32\SPReview
2011-03-23 08:12:59 520064 ----a-w- c:\windows\system32\mcupdate_GenuineIntel.dll
2011-03-23 08:11:59 380416 ----a-w- c:\windows\system32\sxs.dll
2011-03-23 08:10:59 55808 ----a-w- c:\windows\system32\drivers\hidclass.sys
2011-03-23 08:09:59 94208 ----a-w- c:\program files\common files\system\msadc\msadcf.dll
2011-03-23 08:08:54 780288 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2011-03-23 08:08:54 606208 ----a-w- c:\windows\system32\wbem\fastprox.dll
2011-03-23 08:08:54 363008 ----a-w- c:\windows\system32\wbemcomn.dll
2011-03-23 08:08:54 351232 ----a-w- c:\windows\system32\wmicmiplugin.dll
2011-03-23 08:08:37 697344 ----a-w- c:\windows\system32\SmiEngine.dll
2011-03-23 08:08:26 209920 ----a-w- c:\windows\system32\PkgMgr.exe
2011-03-23 08:08:26 189952 ----a-w- c:\windows\system32\wdscore.dll
2011-03-23 08:07:45 323072 ----a-w- c:\windows\system32\drvstore.dll
2011-03-23 08:07:44 257024 ----a-w- c:\windows\system32\dpx.dll
2011-03-23 07:37:06 219136 ----a-w- c:\windows\system32\d3d10_1core.dll
2011-03-23 07:37:06 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2011-03-23 07:33:37 -------- d-----w- c:\users\cici\appdata\local\ElevatedDiagnostics
2011-03-23 07:29:05 -------- d-----w- c:\windows\system32\EventProviders
.
==================== Find3M ====================
.
2011-03-23 08:45:42 152576 ----a-w- c:\windows\system32\msclmd.dll
2011-03-11 05:33:59 1164288 ----a-w- c:\windows\system32\mfc42u.dll
2011-03-11 05:33:59 1137664 ----a-w- c:\windows\system32\mfc42.dll
2011-03-08 05:28:29 741376 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-03 05:38:01 132608 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-03-03 05:36:16 28672 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-03-03 03:42:34 2333184 ----a-w- c:\windows\system32\win32k.sys
2011-02-24 05:38:54 288256 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-02-19 06:30:54 805376 ----a-w- c:\windows\system32\FntCache.dll
2011-02-19 06:30:51 1076736 ----a-w- c:\windows\system32\DWrite.dll
2011-02-19 06:30:50 739840 ----a-w- c:\windows\system32\d2d1.dll
2011-02-19 06:30:46 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-02-19 04:34:54 294912 ----a-w- c:\windows\system32\atmfd.dll
2011-02-18 21:28:28 1238528 ----a-w- c:\windows\system32\zpeng25.dll
2011-02-12 05:35:31 191488 ----a-w- c:\windows\system32\FXSCOVER.exe
2011-02-03 01:40:23 472808 ----a-w- c:\windows\system32\deployJava1.dll
.
============= FINISH: 0:37:45.80 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-03-05.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 12/29/2010 1:53:34 PM
System Uptime: 4/21/2011 12:13:42 AM (0 hours ago)
.
Motherboard: LENOVO | | Bali
Processor: AMD Athlon™ II Dual-Core M320 | Socket S1G3 | 2100/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 105 GiB total, 77.137 GiB free.
D: is FIXED (NTFS) - 29 GiB total, 0.425 GiB free.
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP117: 4/10/2011 7:00:12 PM - Windows Backup
RP118: 4/13/2011 12:08:43 PM - Windows Update
RP120: 4/13/2011 11:59:25 PM - ARO 2011 - Before Installation
RP122: 4/14/2011 12:00:20 AM - ARO 2011 - FIRST RUN
RP124: 4/14/2011 12:18:36 AM - ARO 2011 Thu, Apr 14, 11 00:18
RP125: 4/14/2011 12:20:02 AM - avast! Free Antivirus Setup
RP126: 4/16/2011 1:15:07 PM - Windows Update
RP127: 4/17/2011 7:00:17 PM - Windows Backup
RP128: 4/19/2011 8:18:06 PM - Windows Update
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
2007 Microsoft Office system
Acrobat.com
Activation Assistant for the 2007 Microsoft Office suites
Adobe AIR
Adobe Download Manager
Adobe Flash Player 10 ActiveX
Adobe Reader 9.0.1
Adobe Shockwave Player 11.5
ALPS Touch Pad Driver
AMD USB Filter Driver
Astra Jigsaw Art Edition version 1.21
Astra Jigsaw Art II version 1.21
Astra Jigsaw Europe Tour version 1.21
Astra Jigsaw France and UK version 1.21
Astra Jigsaw India version 1.22
Astra Jigsaw Italy and Spain version 1.21
Astra Jigsaw Japan version 1.21
Astra Jigsaw Landmarks Edition version 1.21
Astra Jigsaw My Favorite Things version 1.21
Astra Jigsaw Tropical Edition version 1.21
Astra Jigsaw USA Edition version 1.21
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
ATI Catalyst Install Manager
avast! Free Antivirus
Big Fish Games: Game Manager
BigJig version 8.15
BigPatience version 5.01
Bricks of Atlantis
Bricks of Egypt 2
Broadcom 802.11 Wireless Driver
Business Contact Manager for Outlook 2007 SP2
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
ccc-utility
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Conexant HD Audio
CyberLink YouCam
D3DX10
Desktop Taipei version 2.2
DIBS
Energy Management
Google Chrome
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
Java Auto Updater
Java™ 6 Update 24
Junk Mail filter update
Lenovo DirectShare
Lenovo Driver Download Manager
Lenovo EasyCamera
Lenovo First Boot
Lenovo Idea Central
Lenovo Idea Notes
Lenovo OneKey Recovery
Lenovo ReadyComm 5
Lenovo ReadyComm 5.0 Service
Malwarebytes' Anti-Malware
Microsoft .NET Framework 4 Client Profile
Microsoft Antimalware
Microsoft Application Error Reporting
Microsoft Office 2003 Web Components
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Hybrid 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Small Business Connectivity Components
Microsoft Office Word MUI (English) 2007
Microsoft Search Enhancement Pack
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
MSVCRT
Power2Go
Realtek USB 2.0 Card Reader
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2466156)
Security Update for 2007 Microsoft Office System (KB2509488)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2464583)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2464594)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
SpywareBlaster 4.4
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2412171)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2522999)
VeriFace
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
ZoneAlarm
.
==== Event Viewer Messages From Past Week ========
.
4/21/2011 12:37:44 AM, Error: atapi [11] - The driver detected a controller error on \Device\Ide\IdePort0.
4/20/2011 5:20:48 AM, Error: Service Control Manager [7030] - The Lavasoft Ad-Aware Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
4/20/2011 2:41:38 AM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
4/20/2011 2:33:56 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
4/20/2011 2:33:56 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
4/20/2011 2:33:56 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
4/20/2011 2:33:56 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
4/20/2011 2:33:55 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
4/20/2011 2:33:49 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
4/20/2011 2:33:41 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD aswRdr aswSnx aswSP aswTdi DfsC discache MpFilter NetBIOS NetBT nsiproxy Psched rdbss spldr tdx Vsdatant vwififlt Wanarpv6 WfpLwf
4/20/2011 2:33:41 AM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
4/20/2011 2:33:41 AM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
4/20/2011 2:33:41 AM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
4/20/2011 2:33:41 AM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
4/20/2011 2:33:41 AM, Error: Service Control Manager [7001] - The Network Connections service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
4/20/2011 2:33:41 AM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
4/20/2011 2:33:40 AM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
4/20/2011 2:33:40 AM, Error: Service Control Manager [7001] - The TrueVector Internet Monitor service depends on the Zone Alarm Firewall Driver service which failed to start because of the following error: A device attached to the system is not functioning.
4/20/2011 2:33:40 AM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
4/20/2011 2:33:40 AM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
4/20/2011 2:33:40 AM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
4/20/2011 2:33:40 AM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
4/17/2011 5:06:57 PM, Error: ACPI [13] - : The embedded controller (EC) did not respond within the specified timeout period. This may indicate that there is an error in the EC hardware or firmware or that the BIOS is accessing the EC incorrectly. You should check with your computer manufacturer for an upgraded BIOS. In some situations, this error may cause the computer to function incorrectly.
4/14/2011 5:49:42 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.101.1404.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.6702.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
.
==== End Of File ===========================

[Tomk]

So... how does your computer seem to be running?

[compudodo]

lol..... haven't been on much...... have been so wiped out by the calisthenics, gyrations and marathons i've been running here, i was just sick of being on the computer..... and don't want to go on facebook, because that is pretty much the only place i've been going and i think it's where i got the virus in the first place....i know i was up and on facebook by the time frame you gave me..... it's ok i guess...only trouble is I got kinda upset about the all the cookies and gathering of information about where i've been going....so I blocked too many cookies on MSN and now I can't access my email thru them, even though I have tried a hundred times to reset and let every cookie in the world have access, whatever i did, it seems permanent.... I can't access hotmail or the games on MSN. will i have to completely uninstall IE now? start from scratch? ....while i was waiting to hear from you a couple of days ago, i went over to another forum and posed the question, but i guess that's a no no..even though it's an entirely different problem. oh well. so what do i do with this nawa1110 on my desktop, just delete it????

Edited by compudodo, 20 April 2011 - 11:17 PM.

[Tomk]

Yep delete it.

Time for some housekeeping

• Click START then RUN
• Now type ComboFix /Uninstall in the runbox and click OK.
• Note the space between the X and the U, it needs to be there.
• 

The above procedure will:

• Implement some cleanup procedures.
• Reset System Restore.

Now to remove most of the tools that we have used in fixing your machine:

• Make sure you have an Internet Connection.
• Download OTC to your desktop and run it
• A list of tool components used in the cleanup of malware will be downloaded.
• If your Firewall or Real Time protection attempts to block OTC to reach the Internet, please allow the application to do so.
• Click Yes to begin the cleanup process and remove these components, including this application.
• You will be asked to reboot the machine to finish the cleanup process. If you are asked to reboot the machine choose Yes.

After you've done all that... tell me more about what's happening on MSN?

Please re-enable any security that was disabled.

[compudodo]

click on start...ok....but where to click on run??????? don't see it...typed run in the white box, but that did nothing also..... do i shut off my avast and zone alarm again????

Edited by compudodo, 20 April 2011 - 11:41 PM.

[Tomk]

Shouldn't need to shut anything off.

Get the runbox this way.... hold the windows key and press R

[compudodo]

aw carp**....i did it again.... nothing is working on my keyboard....iwent into system clean up..... and clicked on something and now nothing is working

[compudodo]

ok, got it back...don't know what the heck i did

[compudodo]

now avast won't let me run the combo fix. It keeps telling me it is potentially unsafe and wants me to open in the sandbox. HUH??? I scroll down and click open normally....but it still wants me to run it in the sandbox?????????? and then any data that you save while in the sandbox will be lost when the sandbox is closed. i don't even know what the heck the sandbox is...why won't it let me open it normally?????

[compudodo]

now combofix wants me shut down everything running, avast, zone alarm..... jeesh

[compudodo]

ok.... FINALLY....combo fix is uninstalled