Jump to content
IObit Forum
Top Free Driver Updater Tools Best 25 PC Optimization Software Best 22 Antimalware Best 22 Uninstaller Software IObit Coupons & Discount Offers PC Optimizer

dds logs


Recommended Posts

Hope this is right

IObit Malware Fighter

 

OS: Windows 7

Version: 2.0.1.6

Define Version: 1243

Time Elapsed: 00:47:20

Objects Scanned: 80026

Threats Found: 0

Save Time: 6/17/2013 5:33:03 PM

 

|Name|Type|Description|ID|

 

Edit: Merged this post into this thread

Link to comment
Share on other sites

dds logs

 

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 10/28/2012 11:06:11 PM

System Uptime: 6/17/2013 3:10:12 PM (1 hours ago)

.

Motherboard: eMachines | | WMCP61M

Processor: AMD Athlon Processor 2850e | Socket AM2 | 1800/201mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 286 GiB total, 211.79 GiB free.

D: is CDROM ()

E: is Removable

F: is Removable

G: is FIXED (NTFS) - 0 GiB total, 0.02 GiB free.

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP563: 6/12/2013 3:01:01 AM - Windows Update

RP564: 6/13/2013 3:00:40 AM - Windows Update

RP565: 6/14/2013 3:00:33 AM - Windows Update

RP566: 6/15/2013 3:01:15 AM - Windows Update

RP567: 6/15/2013 12:42:31 PM - RegCure Pro Backup

RP568: 6/15/2013 7:27:22 PM - Installed Visual C++ 9.0 Runtime for Dragon NaturallySpeaking 64bit (x64).

RP569: 6/15/2013 7:34:33 PM - Installed Dragon NaturallySpeaking 11.

RP570: 6/16/2013 3:00:32 AM - Windows Update

RP571: 6/17/2013 3:00:30 AM - Windows Update

RP572: 6/17/2013 10:35:08 AM - Removed Dragon NaturallySpeaking 11.5.

RP573: 6/17/2013 10:48:44 AM - Installed Dragon NaturallySpeaking 11.

RP574: 6/17/2013 12:54:52 PM - Removed Classic Shell

RP575: 6/17/2013 12:57:57 PM - Removed iTunes

RP576: 6/17/2013 1:03:58 PM - Removed LibreOffice 3.6

RP577: 6/17/2013 1:18:00 PM - Removed LibreOffice 3.6 Help Pack (English)

RP578: 6/17/2013 1:22:01 PM - Removed Dragon NaturallySpeaking 11.5.

RP579: 6/17/2013 1:58:37 PM - Removed iCloud

RP580: 6/17/2013 2:03:18 PM - Removed Apple Application Support

RP581: 6/17/2013 2:12:03 PM - Installed Dragon NaturallySpeaking 11.

.

==== Installed Programs ======================

.

5600

5600_Help

5600Trb

7-Zip 9.20

Adobe Flash Player 11 ActiveX

Adobe Reader XI (11.0.02)

Adobe Shockwave Player 11.6

Advanced SystemCare Ultimate 6

AIO_CDB_ProductContext

AIO_CDB_Software

AIO_Scan

Apple Mobile Device Support

Apple Software Update

Audio Converter

Batch DOCX to DOC Converter 2012

Bluebeam Revu x64 10

Bonjour

BufferChm

Compatibility Pack for the 2007 Office system

Copy

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

Destinations

DeviceDiscovery

DocProc

Download Manager and Options

Dragon NaturallySpeaking 11

Expert PDF 7 Reader

Fax

GPBaseService2

Hewlett-Packard ACLM.NET v1.1.0.0

HP Photosmart Essential 3.5

HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B

HP Smart Web Printing 4.51

HP Update

HPDiagnosticAlert

HPPhotoGadget

HPPhotoSmartDiscLabelContent1

HPPhotosmartEssential

HPProductAssistant

IB Updater Service

IObit Apps Toolbar v7.1

IObit Malware Fighter

IObit Unlocker

K-Lite Codec Pack 9.6.0 (Basic)

LastPass (uninstall only)

Macromedia Shockwave Player

MarketResearch

Microsoft .NET Framework 1.1

Microsoft .NET Framework 4 Client Profile

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Office 64-bit Components 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Professional 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared 64-bit MUI (English) 2010

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Single Image 2010

Microsoft Office Word MUI (English) 2010

Microsoft Silverlight

Microsoft VC9 runtime libraries

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP3 Parser

MSXML 4.0 SP3 Parser (KB2721691)

MSXML 4.0 SP3 Parser (KB2758694)

Network64

NVIDIA Control Panel 307.83

NVIDIA Drivers

NVIDIA Graphics Driver 307.83

NVIDIA Install Application

NVIDIA Update 1.10.8

NVIDIA Update Components

PC Cleaners

QuickTime

RealDownloader

RealNetworks - Microsoft Visual C++ 2008 Runtime

RealNetworks - Microsoft Visual C++ 2010 Runtime

Realtek High Definition Audio Driver

RealUpgrade 1.1

Reimage Repair

Scan

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)

Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition

Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition

Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition

Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition

Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition

Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition

Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition

Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition

Serif PhotoPlus Starter Edition 3

Smart Defrag 2

SmartWebPrinting

Software Advisor

SolutionCenter

Status

SumatraPDF

swMSM

Toolbox

TrayApp

True Image 2013

Tweaking.com - Windows Repair (All in One)

UnloadSupport

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition

Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition

Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition

Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition

Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition

Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition

Verizon Yahoo! Toolbar

Visual C++ 9.0 Runtime for Dragon NaturallySpeaking 64bit (x64)

Vz In Home Agent

WebReg

WePrint

Windows Clean-Up Pro

WinRAR 4.20 (64-bit)

.

==== Event Viewer Messages From Past Week ========

.

6/17/2013 2:51:58 PM, Error: Service Control Manager [7038] - The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: Logon failure: the specified account password has expired. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

6/17/2013 2:51:58 PM, Error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The service did not start due to a logon failure.

6/17/2013 2:49:52 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Apple Mobile Device service to connect.

6/17/2013 2:49:52 PM, Error: Service Control Manager [7000] - The Apple Mobile Device service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

6/17/2013 2:49:28 PM, Error: volmgr [46] - Crash dump initialization failed!

6/17/2013 2:40:30 PM, Error: Service Control Manager [7034] - The Advanced SystemCare Service 6 service terminated unexpectedly. It has done this 1 time(s).

6/17/2013 10:53:30 AM, Error: Service Control Manager [7030] - The Dragon Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

6/16/2013 3:01:53 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070002: Windows Malicious Software Removal Tool x64 - June 2013 (KB890830).

6/14/2013 5:09:23 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} and APPID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} to the user Judy-PC\Judy SID (S-1-5-21-3837789094-3474773503-1615160316-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

6/14/2013 4:40:58 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

6/14/2013 4:40:58 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.

6/14/2013 3:26:21 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070002: Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2742595).

6/13/2013 2:46:37 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WerSvc service.

6/12/2013 3:08:09 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80246007: Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2789642).

6/12/2013 3:08:09 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80246007: Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2742595).

6/12/2013 3:08:09 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070002: Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2804576).

6/11/2013 2:22:31 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.

6/11/2013 2:22:31 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

6/11/2013 2:22:31 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

6/11/2013 10:22:20 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.151.1977.0).

6/10/2013 1:43:50 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.

.

==== End Of File ===========================

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 9.0.8112.16490

Run by Judy at 16:48:57 on 2013-06-17

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.1790.532 [GMT -4:00]

.

AV: Advanced SystemCare Ultimate *Enabled/Updated* {1C304DC4-1D72-5DB9-B33A-43B638ECFD30}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ascsvc.exe

C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ascavsvc.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k LocalService

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe

C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt

C:\Program Files\IB Updater\ExtensionUpdaterService.exe

C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe

C:\Windows\System32\WUDFHost.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\FixCleaner\FixCleaner.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCTray.exe

C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe

C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

C:\Program Files (x86)\Internet Explorer\IELowutil.exe

C:\PROGRAM FILES (X86)\COMMON FILES\ADOBE\ARM\1.0\ADOBEARM.EXE

C:\Windows\servicing\TrustedInstaller.exe

C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE

C:\Windows\splwow64.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Windows\SysWOW64\NOTEPAD.EXE

C:\Windows\SysWOW64\NOTEPAD.EXE

C:\Windows\SysWOW64\notepad.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://my.yahoo.com/

uSearch Bar = hxxp://www.google.com

uSearch Page = hxxp://www.google.com

uSearchAssistant = hxxp://www.google.com

uSearchURL,(Default) = hxxp://isearch.glarysoft.com/?q=%s&src=iesearch

uURLSearchHooks: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - <orphaned>

dURLSearchHooks: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - <orphaned>

dURLSearchHooks: YTNavAssistPlugin Class: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll

mWinlogon: Userinit = userinit.exe

BHO: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - <orphaned>

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll

BHO: ExplorerBHO Class: {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -

BHO: LastPass Vault: {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll

BHO: {A7C0A55C-300E-4193-8FB5-5DB8E6533D35} - <orphaned>

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL

BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\BrowerProtect\ASCPlugin_Protection.dll

TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

uRun: [Advanced SystemCare Ultimate] "C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCTray.exe" /AutoStart

uRun: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler

mRun: [QuickTime Task] "C:\PROGRAM FILES (X86)\QUICKTIME\QTTASK.EXE" -atboottime

mRun: [iObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart

mRun: [DNS7reminder] "C:\Program Files (x86)\Nuance\NaturallySpeaking11\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\NaturallySpeaking11\Ereg.ini"

uPolicies-Explorer: NoDrives = dword:0

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-Explorer: NoDrives = dword:0

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: LastPass - C:\Users\Judy\AppData\LocalLow\LastPass\context.html?cmd=lastpass

IE: LastPass Fill Forms - C:\Users\Judy\AppData\LocalLow\LastPass\context.html?cmd=fillforms

IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll

IE: {64964764-1101-4bbd-8891-B56B1A53B9B3} - {553891B7-A0D5-4526-BE18-D3CE461D6310}

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

.

INFO: HKCU has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab

DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab

DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect118.cab

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

TCP: NameServer = 192.168.1.1

TCP: Interfaces\{EDD32F51-6369-489D-9A94-8DD8D908B4A9} : DHCPNameServer = 192.168.1.1

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

SSODL: WebCheck - <orphaned>

SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll

STS: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll

x64-BHO: LastPass Vault: {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll

x64-BHO: ClassicIE9BHO Class: {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -

x64-TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll

x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

x64-IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll

x64-IE: {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE9_32.exe

x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

x64-SSODL: WebCheck - <orphaned>

x64-SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\System32\CbFsMntNtf3.dll

x64-STS: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\System32\CbFsMntNtf3.dll

.

============= SERVICES / DRIVERS ===============

.

R0 fltsrv;Acronis Storage Filter Management;C:\Windows\System32\drivers\fltsrv.sys [2012-11-14 155272]

R0 PCTCore;PCTools KDS;C:\Windows\System32\drivers\PCTCore64.sys [2012-10-22 426616]

R0 pctDS;PC Tools Data Store;C:\Windows\System32\drivers\pctDS64.sys [2012-10-22 453896]

R0 pctEFA;PC Tools Extended File Attributes;C:\Windows\System32\drivers\pctEFA64.sys [2012-10-22 1096176]

R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\drivers\SmartDefragDriver.sys [2013-1-2 17720]

R0 tib_mounter;Acronis TIB Mounter;C:\Windows\System32\drivers\tib_mounter.sys [2012-11-14 1093256]

R0 vididr;Acronis Virtual Disk;C:\Windows\System32\drivers\vididr.sys [2012-11-14 228488]

R0 vidsflt;Acronis Disk Storage Filter;C:\Windows\System32\drivers\vidsflt.sys [2012-11-14 166024]

R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-10-11 31080]

R1 cbfs3;cbfs3;C:\Windows\System32\drivers\cbfs3.sys [2013-2-19 352008]

R1 HssDRV6;Hotspot Shield Routing Driver 6;C:\Windows\System32\drivers\hssdrv6.sys [2012-10-24 42248]

R1 PCTSD;PC Tools Spyware Doctor Driver;C:\Windows\System32\drivers\PCTSD64.sys [2012-10-22 251560]

R2 AdvancedSystemCareService6;Advanced SystemCare Service 6;C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCSvc.exe [2013-1-9 1051088]

R2 ASCAntivirusSrv;AdvancedSystemCareAntivirus;C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCAvSvc.exe [2013-1-9 621008]

R2 DragonSvc;Dragon Service;C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe [2011-6-4 296808]

R2 IB Updater;IB Updater;C:\Program Files\IB Updater\ExtensionUpdaterService.exe [2013-3-11 188760]

R2 IMFservice;IMF Service;C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2012-10-15 335168]

R2 sbapifs;sbapifs;C:\Windows\System32\drivers\sbapifs.sys [2012-9-24 74872]

R3 FileMonitor;FileMonitor;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2013-6-7 23048]

R3 RegFilter;RegFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys [2013-6-7 34336]

R3 taphss6;Anchorfree HSS VPN Adapter;C:\Windows\System32\drivers\taphss6.sys [2012-10-24 40712]

R3 UrlFilter;UrlFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys [2013-6-7 23016]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S3 afcdp;afcdp;C:\Windows\System32\drivers\afcdp.sys [2012-11-14 367200]

S3 PCTBD;PC Tools Browser Defender Driver;C:\Windows\System32\drivers\PCTBD64.sys [2012-10-22 85224]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-12-7 19456]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-12-7 59392]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-12-7 31232]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]

S4 afcdpsrv;Acronis Nonstop Backup Service;C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2012-11-14 3696632]

S4 IObitUnlocker;IObitUnlocker;C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [2012-10-5 35256]

S4 McciCMService64;McciCMService64;C:\Program Files\Common Files\Motive\McciCMService.exe [2012-10-19 517632]

.

=============== File Associations ===============

.

FileExt: .ini: Applications\pdfreader.exe=C:\Program Files (x86)\Avanquest\Expert PDF 7 Reader\PDFReader.exe "%1" [userChoice]

ShellExec: PhotoPlus Starter Edition.exe: open=C:\PROGRA~2\Serif\PHOTOP~1\3.0\Program\PHOTOP~1.EXE "%1"

.

=============== Created Last 30 ================

.

2013-06-17 15:07:16 -------- d-----w- C:\Users\Judy\AppData\Roaming\Nuance

2013-06-17 14:52:06 -------- d-----w- C:\Program Files (x86)\Common Files\IVA

2013-06-17 14:51:51 -------- d-----w- C:\Program Files (x86)\Common Files\Nuance

2013-06-17 14:49:17 -------- d-----w- C:\ProgramData\Nuance

2013-06-17 14:49:17 -------- d-----w- C:\Program Files (x86)\Nuance

2013-06-17 14:07:46 -------- d-----w- C:\Users\Judy\Judy Soule

2013-06-15 23:42:04 -------- d-----w- C:\Users\Judy\AppData\Roaming\FLEXnet

2013-06-14 22:39:56 -------- d-----w- C:\Users\Judy\AppData\Roaming\PC Cleaners

2013-06-14 20:43:19 9460464 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2F7BEE70-1E2D-4BDA-A065-625E16103D91}\mpengine.dll

2013-06-13 07:07:59 763544 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe

2013-06-12 18:26:14 30720 ----a-w- C:\Windows\System32\cryptdlg.dll

2013-06-12 18:26:14 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll

2013-06-12 18:25:36 751104 ----a-w- C:\Windows\System32\win32spl.dll

2013-06-12 18:25:36 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll

2013-06-12 18:25:34 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2013-06-12 18:25:32 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll

2013-06-12 18:25:32 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll

2013-06-12 18:24:23 1192448 ----a-w- C:\Windows\System32\certutil.exe

2013-06-12 18:24:22 903168 ----a-w- C:\Windows\SysWow64\certutil.exe

2013-06-12 18:24:22 1464320 ----a-w- C:\Windows\System32\crypt32.dll

2013-06-12 18:24:21 52224 ----a-w- C:\Windows\System32\certenc.dll

2013-06-12 18:24:21 43008 ----a-w- C:\Windows\SysWow64\certenc.dll

2013-06-12 18:24:21 184320 ----a-w- C:\Windows\System32\cryptsvc.dll

2013-06-12 18:24:21 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll

2013-06-12 18:24:21 139776 ----a-w- C:\Windows\System32\cryptnet.dll

2013-06-12 18:24:21 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll

2013-06-12 18:24:21 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll

2013-06-12 18:17:33 1887232 ----a-w- C:\Windows\System32\d3d11.dll

2013-06-12 18:17:32 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll

2013-06-07 16:27:14 -------- d-----w- C:\Program Files (x86)\IObit Apps Toolbar

2013-05-24 19:56:17 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin5.dll

2013-05-24 19:56:17 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin4.dll

2013-05-24 19:56:17 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin3.dll

2013-05-24 19:56:17 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin2.dll

2013-05-24 19:56:17 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin.dll

.

==================== Find3M ====================

.

2013-06-12 18:02:06 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-06-12 18:02:06 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-06-06 17:42:12 9728 ----a-w- C:\Windows\System32\Native.exe

2013-05-17 03:09:56 2312704 ----a-w- C:\Windows\System32\jscript9.dll

2013-05-17 03:02:29 1392128 ----a-w- C:\Windows\System32\wininet.dll

2013-05-17 03:01:13 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2013-05-17 02:56:09 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2013-05-17 02:56:00 599040 ----a-w- C:\Windows\System32\vbscript.dll

2013-05-17 02:51:27 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2013-05-16 22:39:39 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll

2013-05-16 22:28:26 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2013-05-16 22:27:30 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2013-05-16 22:21:37 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2013-05-16 22:20:30 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll

2013-05-16 22:16:57 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2013-05-02 06:06:08 278800 ------w- C:\Windows\System32\MpSigStub.exe

2013-05-01 07:59:12 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx

2013-05-01 07:59:12 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts

2013-04-27 12:27:59 14690376 ----a-w- C:\Program Files (x86)\Common Files\lpuninstall.exe

2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll

2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll

2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll

2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll

2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll

2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll

2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys

2013-04-10 06:01:54 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys

2013-04-10 06:01:53 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys

2013-04-10 03:30:50 3153920 ----a-w- C:\Windows\System32\win32k.sys

.

============= FINISH: 16:52:48.50 ===============

Link to comment
Share on other sites

Hello and welcome to IOBit Forums. My name is Dave. I will be helping you out with your particular problem on your computer.

 

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.

2. The fixes are specific to your problem and should only be used for this issue on this machine.

3. If you don't know or understand something, please don't hesitate to ask.

4. Please DO NOT run any other tools or scans while I am helping you.

5. It is important that you reply to this thread. Do not start a new topic.

6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.

7. Absence of symptoms does not mean that everything is clear.

 

If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.

*************************************************************

Why are posting these logs? Are you having problems with your computer?

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...