Ad-Aware 10 won't start on Windows Vista

Started by HelpMe12345 , Jun 01 2012 06:13 PM

Next

This topic is locked

48 replies to this topic

#1 HelpMe12345

Advanced Member

Members
36 posts

Posted 01 June 2012 - 06:13 PM

When I run ad-aware 10 (I have the newest version) nothing happens at all. I get no error messages, no warnings, notifications, or anything. Nothing happens at all. Also in the help & security center, is says ad-aware is temporarly disabled and is 'snoozing'. I tried running ad-aware in safe mode, that didn't work. I also tried reinstalling it many times.

Here's my system info.
OS Name Microsoft® Windows Vista™ Home Premium
Version 6.0.6002 Service Pack 2 Build 6002
Other OS Description Not Available
OS Manufacturer Microsoft Corporation
System Name (My computer name)
System Manufacturer Dell Inc.
System Model Inspiron 530
System Type X86-based PC
Processor Intel® Core™2 Duo CPU E6550 @ 2.33GHz, 2331 Mhz, 2 Core(s), 2 Logical Processor(s)
BIOS Version/Date Dell Inc. 1.0.10, 12/15/2007
SMBIOS Version 2.5
Windows Directory C:\Windows
System Directory C:\Windows\system32
Boot Device \Device\HarddiskVolume3
Locale United States
Hardware Abstraction Layer Version = "6.0.6002.18005"
User Name (My user name)
Time Zone Central Daylight Time
Installed Physical Memory (RAM) 3.00 GB
Total Physical Memory 2.99 GB
Available Physical Memory 1.33 GB
Total Virtual Memory 6.21 GB
Available Virtual Memory 4.58 GB
Page File Space 3.28 GB
Page File C:\pagefile.sys

Edited by HelpMe12345, 01 June 2012 - 06:14 PM.

Back to top

#2 CeciliaB

Volunteer

Moderator
5499 posts

Posted 01 June 2012 - 11:34 PM

Hi HelpMe12345,

Is it behaving as LS Ann describes in http://www.lavasofts...g-program-icon/ ?

Do you have another antivirus or similar program installed?

Back to top

#3 HelpMe12345

Advanced Member

Members
36 posts

Posted 02 June 2012 - 02:21 AM

In LS Ann's description, it said to kill AdAware.exe, all AdAwareLauncher.exe and AdAwareService.exe in the task manager, but they are not open. I followed her second solution, and nothing happened.
Also I have the following programs:
-Spybot Search and Destroy
-Malwarebyte's anti-malware
-Windows Defender

Back to top

#4 CeciliaB

Volunteer

Moderator
5499 posts

Posted 02 June 2012 - 10:12 AM

Spybot S&D (TeaTimer) controls what is entered into some parts of the registry. If it stops the Ad-Aware installation program from adding a program to the list of programs that will be started automatically, Ad-Aware will not start. I suggest that you are sure that Spybot, including TeaTimer, is turned off before you install Ad-Aware.

Back to top

#5 HelpMe12345

Advanced Member

Members
36 posts

Posted 02 June 2012 - 07:02 PM

OK, thank you. Also, here is a screenshot I took of the security center.

Attached Thumbnails

Back to top

#6 HelpMe12345

Advanced Member

Members
36 posts

Posted 02 June 2012 - 07:25 PM

Ok, I uninstalled spybot, uninstalled ad-aware, restarted my computer, installed ad aware, and after the new installation, it still does not open.

Back to top

#7 CeciliaB

Volunteer

Moderator
5499 posts

Posted 02 June 2012 - 10:15 PM

Ok, let us see if which Ad-Aware drivers and services have been added to the registry. Save DDS to your desktop: http://download.blee...om/sUBs/dds.scr

Double-click on the DDS tool to run it.

When finished, DDS will open two (2) logs:
1. DDS.txt
2. Attach.txt

Save them to your desktop and paste their content into your answer.

Back to top

#8 HelpMe12345

Advanced Member

Members
36 posts

Posted 03 June 2012 - 08:11 PM

OK, here is DDS.txt:

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.4.1
Run by JT at 16:57:05 on 2012-06-02
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3060.1881 [GMT -5:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
AV: Lavasoft Ad-Aware *Disabled/Updated* {445B48C3-0FA4-6B16-8F07-6506F305D800}
SP: Lavasoft Ad-Aware *Disabled/Updated* {FF3AA927-299E-6498-B5B7-5E74888292BD}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Lavasoft Ad-Aware *Disabled* {7C60C9E6-45CB-6A4E-A458-CC330DD69F7B}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE
c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\rundll32.exe
C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Google\Update\1.3.21.111\GoogleCrashHandler.exe
C:\Windows\RtHDVCpl.exe
C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\System32\wpcumi.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\JT.Jared-PC\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\SyncServer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/webhp?sourceid=navclient&ie=UTF-8&rlz=1T4WZPH_enUS451
uWindow Title = Internet Explorer provided by Dell
uDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=1080221
uSearch Bar =
mStart Page = hxxp://www.bigseekpro.com/cheatengine/{D4FEE6C0-F1EF-473F-8111-958608E34C7B}
mDefault_Page_URL = hxxp://www.yahoo.com
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
uURLSearchHooks: YTNavAssistPlugin Class: {81017ea9-9aa8-4a6a-9734-7af40e7d593f} - c:\program files\yahoo!\companion\installs\cpn3\yt.dll
uURLSearchHooks: H - No File
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn3\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - c:\program files\adawaretb\adawareDx.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn3\yt.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - c:\program files\adawaretb\adawareDx.dll
TB: {9D425283-D487-4337-BAB6-AB8354A81457} - No File
TB: {338B4DFE-2E2C-4338-9E41-E176D497299E} - No File
TB: {BA00B7B1-0351-477A-B948-23E3EE5A73D4} - No File
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [WorkForce 840(Network)] c:\windows\system32\spool\drivers\w32x86\3\e_fatigma.exe /fu "c:\windows\temp\E_SDE5E.tmp" /EF "HKCU"
uRun: [EPSON WorkForce 840 Series] c:\windows\system32\spool\drivers\w32x86\3\e_fatigma.exe /fu "c:\windows\temp\E_SE2D1.tmp" /EF "HKCU"
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [SansaDispatch] c:\users\jt.jared-pc\appdata\roaming\sandisk\sansa updater\SansaDispatch.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [Ad-Aware Browsing Protection] "c:\programdata\ad-aware browsing protection\adawarebp.exe"
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [WPCUMI] c:\windows\system32\WpcUmi.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Ad-Aware Antivirus] "c:\program files\ad-aware antivirus\AdAwareLauncher" --windows-run
dRunOnce: [adaware] reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /f
dRunOnce: [adaware_XP] reg.exe delete "HKCU\Software\adaware" /f
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
LSP: c:\windows\system32\wpclsp.dll
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab}
DPF: {7623BE59-D4CF-4379-ABC4-B39E11854D66} - hxxp://nxcache.nexon.net/mabinogi/renderer/mabiweb.2010.5.03.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.3.0.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - hxxp://a532.g.akamai.net/f/532/6712/5m/virtools.download.akamai.com/6712/player/install/installer.exe
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.5.1.0.cab
TCP: DhcpNameServer = 192.168.11.1
TCP: Interfaces\{6464EB9C-D332-449A-9306-D9BF50D896D4} : DhcpNameServer = 192.168.11.1
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\progra~1\google\google~3\GOEC62~1.DLL
Hosts: 127.0.0.1 www.spywareinfoforum.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\jt.jared-pc\appdata\roaming\mozilla\firefox\profiles\cs9a2nnt.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B6602d08f-aa45-4e6e-a466-2cbedf731f62%7D&mid=842549be547b47d1a1f4d1544f6dbb71-fbd19c0f95a374fa4daef549a6b5e41a63dccc4d&ds=AVG&v=11.1.0.7&lang=en&pr=pr&d=2012-05-31%2022%3A27%3A36&sap=ku&q=
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: c:\program files\mcafee\siteadvisor\NPMcFFPlg32.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\program files\oracle\javafx 2.1 runtime\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll
FF - plugin: c:\programdata\nexonus\ngm\npNxGameUS.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\users\jt.jared-pc\appdata\local\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\users\jt.jared-pc\appdata\local\roblox\versions\version-eecd9135a67340ab\NPRobloxProxy.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_235.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648]
R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [2012-6-2 335224]
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREDrv.sys [2011-10-26 101112]
R1 sbtis;sbtis;c:\windows\system32\drivers\sbtis.sys [2012-6-2 217976]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-1-3 63928]
R2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);c:\program files\common files\epson\epw!3 ssrp\E_S50ST7.EXE [2012-2-16 153600]
R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);c:\program files\common files\epson\epw!3 ssrp\E_S50RP7.EXE [2012-2-16 121856]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2009-12-26 21504]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~1\mcafee\sitead~1\mcsacore.exe [2012-2-28 95200]
R2 SBAMSvc;Ad-Aware;c:\program files\ad-aware antivirus\SBAMSvc.exe [2011-12-19 3289032]
R2 sbapifs;sbapifs;c:\windows\system32\drivers\sbapifs.sys [2012-6-2 77816]
R2 TeamViewer7;TeamViewer 7;c:\program files\teamviewer\version7\TeamViewer_Service.exe [2012-5-14 2666880]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2011-4-18 43392]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 65024]
R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2011-4-27 208944]
R3 SBFWIMCLMP;GFI Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [2012-6-2 94584]
R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\drivers\WSDPrint.sys [2009-12-26 16896]
R3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\drivers\WSDScan.sys [2010-10-9 19968]
S2 Ad-Aware Service;Ad-Aware Service;c:\program files\ad-aware antivirus\AdAwareService.exe [2012-5-3 1226096]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-1-6 135664]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-2 257696]
S3 dc3d;MS Hardware Device Detection Driver;c:\windows\system32\drivers\dc3d.sys [2010-7-21 44432]
S3 FlyUsb;FLY Fusion;c:\windows\system32\drivers\FlyUsb.sys [2007-6-18 19456]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2011-8-26 30192]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-1-6 135664]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-5-9 129976]
S3 SBFWIMCL;GFI Software Firewall NDIS IM Filter Service;c:\windows\system32\drivers\SbFwIm.sys [2012-6-2 94584]
S3 sbhips;sbhips;c:\windows\system32\drivers\sbhips.sys [2012-6-2 93816]
S3 sbwtis;sbwtis;c:\windows\system32\drivers\sbwtis.sys [2011-12-19 72312]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S4 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSrv.exe [2007-12-5 77824]
.
=============== Created Last 30 ================
.
2012-06-02 18:32:01 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll
2012-06-02 18:32:01 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll
2012-06-02 18:32:01 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll
2012-06-02 18:32:01 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll
2012-06-02 18:32:01 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll
2012-06-02 18:32:01 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll
2012-06-02 18:32:01 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll
2012-06-02 18:15:49 -------- d-----w- c:\users\jt.jared-pc\appdata\local\adaware
2012-06-02 18:15:29 77816 ----a-w- c:\windows\system32\drivers\sbapifs.sys
2012-06-02 18:15:28 93816 ----a-w- c:\windows\system32\drivers\sbhips.sys
2012-06-02 18:15:28 217976 ----a-w- c:\windows\system32\drivers\sbtis.sys
2012-06-02 18:14:06 94584 ----a-w- c:\windows\system32\drivers\SbFwIm.sys
2012-06-02 18:14:05 335224 ----a-w- c:\windows\system32\drivers\SbFw.sys
2012-06-02 18:14:01 -------- d-----w- c:\windows\system32\drivers\VDD
2012-06-02 18:12:44 -------- d-----w- c:\users\jt.jared-pc\appdata\roaming\Ad-Aware Antivirus
2012-06-02 05:30:26 -------- d-----w- c:\users\jt.jared-pc\appdata\local\RoHack_LTD
2012-06-02 01:57:37 -------- d-----w- c:\users\jt.jared-pc\appdata\roaming\StreamTorrent
2012-06-02 01:57:37 -------- d-----w- c:\program files\StreamTorrent 1.0
2012-06-01 17:27:58 6737808 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{07bd90c3-e787-4b16-8508-f53e8fa0df01}\mpengine.dll
2012-06-01 17:27:51 6737808 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\updates\mpengine.dll
2012-06-01 02:46:37 -------- d-----w- C:\Free File Opener
2012-06-01 01:27:28 -------- d-----w- c:\program files\Ad-Aware Antivirus
2012-05-30 00:52:44 -------- d-----w- c:\users\jt.jared-pc\appdata\roaming\SanDisk
2012-05-29 05:00:27 6737808 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{1240c88a-a1e7-4ae9-b30c-78ca62121b45}\mpengine.dll
2012-05-28 05:37:59 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-05-28 05:37:59 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2012-05-28 05:37:28 -------- d-----w- c:\program files\iPod
2012-05-28 05:37:27 -------- d-----w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2012-05-28 05:37:27 -------- d-----w- c:\program files\iTunes
2012-05-28 05:35:05 -------- d-----w- c:\program files\Bonjour
2012-05-18 00:56:04 -------- d-----w- c:\users\jt.jared-pc\appdata\roaming\COWON
2012-05-18 00:52:58 -------- d-----w- c:\program files\common files\COWON
2012-05-18 00:52:57 -------- d-----w- c:\program files\JetAudio
2012-05-17 22:10:31 -------- d-----w- c:\program files\Microsoft Mathematics
2012-05-17 02:17:09 -------- d-----w- c:\users\jt.jared-pc\appdata\roaming\OpenOffice.org
2012-05-17 01:52:11 -------- d-----w- c:\program files\OpenOffice.org 3
2012-05-14 23:22:20 -------- d-----w- c:\users\jt.jared-pc\appdata\roaming\TeamViewer
2012-05-14 23:20:50 -------- d-----w- c:\program files\TeamViewer
2012-05-13 19:35:32 -------- d-----w- c:\program files\Microsoft Calculator Plus
2012-05-13 00:08:07 -------- d-----w- c:\program files\Oracle
2012-05-13 00:06:39 772504 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-05-12 23:09:07 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
2012-05-11 18:43:30 -------- d-----w- C:\IObit
2012-05-10 01:15:51 1069056 ----a-w- c:\windows\system32\DWrite.dll
2012-05-10 01:15:50 683008 ----a-w- c:\windows\system32\d2d1.dll
2012-05-10 01:15:50 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-05-10 01:15:50 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2012-05-10 01:15:50 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2012-05-10 01:15:47 914304 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-05-10 01:15:45 31232 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2012-05-10 01:14:33 53120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-05-10 01:14:20 983040 ----a-w- c:\program files\windows journal\JNTFiltr.dll
2012-05-10 01:14:20 964608 ----a-w- c:\program files\windows journal\JNWDRV.dll
2012-05-10 01:14:20 936960 ----a-w- c:\program files\common files\microsoft shared\ink\journal.dll
2012-05-10 01:14:20 1404928 ----a-w- c:\program files\common files\microsoft shared\ink\InkObj.dll
2012-05-10 01:14:20 1218048 ----a-w- c:\program files\windows journal\NBDoc.DLL
2012-05-10 01:14:19 47104 ----a-w- c:\program files\windows journal\PDIALOG.exe
2012-05-10 01:13:47 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-05-10 01:13:47 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-10 01:13:47 2044928 ----a-w- c:\windows\system32\win32k.sys
2012-05-09 22:07:30 -------- d-----w- c:\program files\Mozilla Maintenance Service
2012-05-09 22:07:28 157352 ----a-w- c:\program files\mozilla firefox\maintenanceservice_installer.exe
2012-05-09 22:07:28 129976 ----a-w- c:\program files\mozilla firefox\maintenanceservice.exe
2012-05-09 11:46:57 -------- d-----w- c:\users\jt.jared-pc\appdata\roaming\Auslogics
2012-05-09 11:46:54 -------- d-----w- c:\program files\Auslogics
2012-05-09 02:27:43 -------- d-----w- c:\programdata\GFI Software
2012-05-08 23:44:59 -------- d-----w- c:\programdata\IObit
2012-05-08 23:44:47 -------- d-----w- c:\users\jt.jared-pc\appdata\roaming\IObit
2012-05-08 23:44:38 -------- d-----w- c:\program files\IObit
2012-05-08 23:43:18 -------- d-----w- c:\program files\Defraggler
.
==================== Find3M ====================
.
2012-05-09 00:35:25 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-05-09 00:35:24 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-19 01:56:30 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2012-04-19 01:56:30 69632 ----a-w- c:\windows\system32\QuickTime.qts
2012-04-04 23:47:02 687504 ----a-w- c:\windows\system32\deployJava1.dll
2012-04-04 20:56:40 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
.
============= FINISH: 16:57:29.43 ===============

And here is attach.txt:

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume3
Install Date: 2/20/2008 1:17:04 PM
System Uptime: 6/2/2012 1:19:05 PM (3 hours ago)
.
Motherboard: Dell Inc. | | 0RY007
Processor: Intel® Core™2 Duo CPU E6550 @ 2.33GHz | Socket 775 | 2331/333mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 456 GiB total, 308.99 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 5.989 GiB free.
E: is CDROM (UDF)
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP1621: 5/18/2012 12:30:06 PM - Windows Update
RP1622: 5/19/2012 11:04:46 PM - Scheduled Checkpoint
RP1623: 5/20/2012 3:00:13 AM - Windows Update
RP1624: 5/20/2012 5:56:41 PM - Scheduled Checkpoint
RP1625: 5/20/2012 10:47:51 PM - Windows Update
RP1626: 5/21/2012 2:34:52 PM - Scheduled Checkpoint
RP1627: 5/21/2012 3:20:57 PM - Windows Update
RP1628: 5/21/2012 3:31:44 PM - Restore Operation
RP1629: 5/21/2012 3:41:16 PM - Windows Update
RP1630: 5/21/2012 10:21:15 PM - Windows Update
RP1631: 5/24/2012 8:48:30 PM - Scheduled Checkpoint
RP1632: 5/25/2012 11:22:02 AM - Windows Update
RP1633: 5/25/2012 11:34:03 AM - avast! Internet Security Setup
RP1634: 5/25/2012 2:09:46 PM - Windows Update
RP1635: 5/27/2012 12:52:55 PM - Windows Update
RP1636: 5/28/2012 12:35:18 AM - Device Driver Package Install: Apple, Inc. Universal Serial Bus controllers
RP1637: 5/28/2012 12:36:01 AM - Device Driver Package Install: Apple Network adapters
RP1638: 5/28/2012 12:36:57 AM - Installed iTunes
RP1639: 5/28/2012 3:00:10 AM - Windows Update
RP1640: 5/28/2012 11:58:57 PM - Windows Update
RP1641: 5/29/2012 3:00:11 AM - Windows Update
RP1642: 5/29/2012 8:43:03 PM - Scheduled Checkpoint
RP1643: 5/30/2012 3:00:11 AM - Windows Update
RP1644: 5/31/2012 7:18:53 PM - Windows Update
RP1645: 5/31/2012 7:20:08 PM - Removed Ad-Aware Antivirus.
RP1646: 5/31/2012 8:07:13 PM - Windows Update
RP1647: 5/31/2012 8:11:39 PM - Removed Ad-Aware Antivirus.
RP1648: 5/31/2012 8:16:24 PM - Removed Ad-Aware Antivirus.
RP1649: 5/31/2012 9:57:32 PM - Removed Ad-Aware Antivirus.
RP1650: 5/31/2012 11:43:30 PM - Windows Update
RP1651: 6/1/2012 12:17:26 PM - Windows Update
RP1652: 6/1/2012 12:20:21 PM - Windows Update
RP1653: 6/1/2012 12:50:05 PM - Windows Update
RP1654: 6/1/2012 6:58:20 PM - Removed AVG 2012
RP1655: 6/1/2012 7:00:54 PM - Removed AVG 2012
RP1656: 6/2/2012 12:45:02 AM - Windows Update
RP1657: 6/2/2012 1:05:50 PM - Removed Ad-Aware Antivirus.
.
==== Installed Programs ======================
.
7-Zip 9.20
Ad-Aware Antivirus
Ad-Aware Browsing Protection
Ad-Aware Security Toolbar
Adobe Acrobat 4.0
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.3)
Adobe Shockwave Player 11.5
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Audacity 1.3.14 (Unicode)
Auslogics Disk Defrag Professional
Bonjour
Browser Address Error Redirector
CCleaner
Combat Arms
COWON Media Center - jetAudio Basic VX
Defraggler
Dell DataSafe Online
Dell Driver Download Manager
Dell Getting Started Guide
Epson CreativeZone
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)
Epson Easy Photo Print Plug-in for Windows Live Photo Gallery
Epson Easy Photo Print Plug-in for Windows Live Photo Gallery Setup
Epson Event Manager
Epson FAX Utility
Epson PC-FAX Driver
EPSON Scan
EPSON WorkForce 840 Series Printer Uninstall
EpsonNet Print
Finding Nemo UWF
Finding Nemo: Nemo's Underwater World of Fun
foobar2000 v1.1.11
Free File Opener
Google Chrome
Google Desktop
Google Drive
Google Toolbar for Internet Explorer
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Index.dat Analyzer v2.0
Intel® Graphics Media Accelerator Driver
Intel® PRO Network Connections 12.1.11.0
Intel® TV Wizard
iTunes
Java Auto Updater
Java™ 6 Update 31
Java™ 7 Update 4
Java™ SE Runtime Environment 6
JavaFX 2.1.0
Mabinogi
Malwarebytes Anti-Malware version 1.61.0.1400
McAfee SiteAdvisor
Microsoft .NET Framework 1.1
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Antimalware
Microsoft Application Error Reporting
Microsoft Calculator Plus
Microsoft Mathematics
Microsoft Office 2003 Resource Kit
Microsoft Silverlight
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft Works
Mozilla Firefox 12.0 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Music, Photos & Videos Launcher
Nexon Game Manager
OGA Notifier 2.0.0048.0
OpenOffice.org 3.4
Pando Media Booster
PDF Tablet 0.1
Product Documentation Launcher
QuickTime
RealNetworks - Microsoft Visual C++ 2005 Runtime
RealNetworks - Microsoft Visual C++ 2008 Runtime
Realtek High Definition Audio Driver
RealUpgrade 1.1
Recuva
Roblox
Roblox for JT
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Express Labeler
Roxio MyDVD DE
Roxio Update Manager
Sansa Updater
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Sonic Activation Module
Spelling Dictionaries Support For Adobe Reader 8
StreamTorrent 1.0
System Requirements Lab CYRI
System Requirements Lab for Intel
TeamViewer 7
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
USB Video Driver
User's Guides
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
Windows Driver Package - eMPIA Technology Inc, (emAudio) MEDIA (08/31/2007 5.7.0831.0)
Windows Live ID Sign-in Assistant
Windows Live Sign-in Assistant
Windows Media Player Firefox Plugin
Yahoo! Toolbar
.
==== Event Viewer Messages From Past Week ========
.
6/2/2012 4:31:21 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Ad-Aware Service service to connect.
6/2/2012 4:31:21 PM, Error: Service Control Manager [7000] - The Ad-Aware Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
6/2/2012 12:46:24 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2656353).
6/2/2012 1:22:30 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service Ad-Aware Service with arguments "" in order to run the server: {706FFEF5-7E90-4149-B038-B39106ECDB99}
6/2/2012 1:21:06 PM, Error: Service Control Manager [7023] -
6/2/2012 1:21:06 PM, Error: Service Control Manager [7000] - The SupportSoft Sprocket Service (dellsupportcenter) service failed to start due to the following error: The system cannot find the path specified.
6/2/2012 1:21:06 PM, Error: Service Control Manager [7000] - The sbwtis service failed to start due to the following error: Cannot create a file when that file already exists.
6/2/2012 1:10:55 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SBRE
6/1/2012 12:52:37 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2656370).
5/31/2012 9:56:50 PM, Error: Service Control Manager [7000] - The Ad-Aware Service service failed to start due to the following error: The system cannot find the file specified.
5/31/2012 9:46:44 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "2" attempting to start the service Ad-Aware Service with arguments "" in order to run the server: {706FFEF5-7E90-4149-B038-B39106ECDB99}
5/31/2012 7:14:40 PM, Error: EventLog [6008] - The previous system shutdown at 4:52:04 PM on 5/30/2012 was unexpected.
5/31/2012 10:27:55 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
5/31/2012 10:19:31 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McAfee SiteAdvisor Service with arguments "" in order to run the server: {5A90F5EE-16B8-4C2A-81B3-FD5329BA477C}
5/31/2012 10:18:30 PM, Error: Service Control Manager [7001] - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
5/31/2012 10:17:10 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: MpFilter spldr Wanarpv6
5/31/2012 10:17:10 PM, Error: Service Control Manager [7001] - The Windows Media Center Extender Service service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
5/31/2012 10:17:10 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
5/31/2012 10:17:05 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
5/31/2012 10:17:03 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
5/31/2012 10:17:02 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
5/31/2012 10:16:55 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
5/31/2012 10:16:30 PM, Error: Microsoft-Windows-TerminalServices-LocalSessionManager [1048] - Terminal Service start failed. The relevant status code was This service cannot be started in Safe Mode .
5/31/2012 10:16:30 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service TermService with arguments "" in order to run the server: {F9A874B6-F8A8-4D73-B5A8-AB610816828B}
5/29/2012 7:37:25 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
5/29/2012 4:08:49 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
5/29/2012 12:17:48 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
5/29/2012 11:38:53 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the stisvc service.
5/29/2012 11:37:17 PM, Error: Service Control Manager [7034] - The Ad-Aware service terminated unexpectedly. It has done this 1 time(s).
5/28/2012 12:30:01 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
5/28/2012 11:54:54 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
5/27/2012 12:49:41 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
.
==== End Of File ===========================
I Will also attatch them.

Attached Files

Logs.zip 10.54K 29 downloads

Back to top

#9 CeciliaB

Volunteer

Moderator
5499 posts

Posted 03 June 2012 - 10:28 PM

According to the logs you recently had Avast and AVG installed. Have you run their special removal/clean-up programs after uninstalling them?
Do you have Microsoft Security Essentials installed?

Are there several user accounts in the computer?
Have Ad-Aware been installed with one account and uninstalled with another? Or have you used "Run as administrator" when you installed or uninstalled Ad-Aware?
dRunOnce: [adaware] reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /f
dRunOnce: [adaware_XP] reg.exe delete "HKCU\Software\adaware" /f
Those two registry entries should Windows only run once and then delete (probably during the restart after uninstall of Ad-Aware), but they are still there. Maybe Windows then will continue to delete necessary Ad-Aware information from the registry after each restart of the computer.

The Ad-Aware Services are there but they aren't running.

P.S. This is an old version with known vulnerabilities:
Java™ SE Runtime Environment 6
You should uninstall it.

Back to top

#10 HelpMe12345

Advanced Member

Members
36 posts

Posted 04 June 2012 - 12:44 AM

Thanks for the notice on java, that explains why some sites don't work properly

I will run the removal tools for Avast and AVG. I used to use avast and ad-aware, but I found out those programs did't work properly together, so I uninstalled avast. I ran AVG before I started this topic, because I thought maybe spyware or malware could be causing the program. I have not tried running the ad aware installer as an administrator, so I will uninstall ad aware and run the installer as an administrator. I also do have multiple user accounts on this computer. I will try all these solutions and give you the results once I do.

Back to top

#11 HelpMe12345

Advanced Member

Members
36 posts

Posted 04 June 2012 - 07:40 AM

OK, there are 6 user accounts on this computer. I ran the uninstaller and the installer as an administrator, restarted, ran ad-aware and nothing happened. There is no removal tool for AVG and avast. Also, I don't have Microsoft Security Essentials installed. What should I do?

Back to top

#12 CeciliaB

Volunteer

Moderator
5499 posts

Posted 04 June 2012 - 11:51 AM

AVG Remover: http://www.avg.com/ww-en/utilities
Avast Uninstall: http://www.avast.com/uninstall-utility

Uninstall Ad-Aware again. Restart the computer, run DDS and paste DDS.txt into your answer.

Have you used the register editor, regedit, before?

Back to top

#13 HelpMe12345

Advanced Member

Members
36 posts

Posted 06 June 2012 - 06:42 AM

OK, I ran both of those. I think I have used regedit before.
Anyways, DDS:
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.4.1
Run by JT at 13:06:23 on 2012-06-05
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3060.2087 [GMT -5:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE
c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\rundll32.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Google\Update\1.3.21.111\GoogleCrashHandler.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\userinit.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\System32\wpcumi.exe
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Users\JT.Jared-PC\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/webhp?sourceid=navclient&ie=UTF-8&rlz=1T4WZPH_enUS451
uWindow Title = Internet Explorer provided by Dell
uDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=1080221
uSearch Bar =
mStart Page = hxxp://www.bigseekpro.com/cheatengine/{D4FEE6C0-F1EF-473F-8111-958608E34C7B}
mDefault_Page_URL = hxxp://www.yahoo.com
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
uURLSearchHooks: YTNavAssistPlugin Class: {81017ea9-9aa8-4a6a-9734-7af40e7d593f} - c:\program files\yahoo!\companion\installs\cpn3\yt.dll
uURLSearchHooks: H - No File
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn3\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - c:\program files\adawaretb\adawareDx.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn3\yt.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - c:\program files\adawaretb\adawareDx.dll
TB: {9D425283-D487-4337-BAB6-AB8354A81457} - No File
TB: {338B4DFE-2E2C-4338-9E41-E176D497299E} - No File
TB: {BA00B7B1-0351-477A-B948-23E3EE5A73D4} - No File
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [WorkForce 840(Network)] c:\windows\system32\spool\drivers\w32x86\3\e_fatigma.exe /fu "c:\windows\temp\E_SDE5E.tmp" /EF "HKCU"
uRun: [EPSON WorkForce 840 Series] c:\windows\system32\spool\drivers\w32x86\3\e_fatigma.exe /fu "c:\windows\temp\E_SE2D1.tmp" /EF "HKCU"
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [SansaDispatch] c:\users\jt.jared-pc\appdata\roaming\sandisk\sansa updater\SansaDispatch.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [Ad-Aware Browsing Protection] "c:\programdata\ad-aware browsing protection\adawarebp.exe"
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [WPCUMI] c:\windows\system32\WpcUmi.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
dRunOnce: [adaware] reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /f
dRunOnce: [adaware_XP] reg.exe delete "HKCU\Software\adaware" /f
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
LSP: c:\windows\system32\wpclsp.dll
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab}
DPF: {7623BE59-D4CF-4379-ABC4-B39E11854D66} - hxxp://nxcache.nexon.net/mabinogi/renderer/mabiweb.2010.5.03.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
DPF: {CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.3.0.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - hxxp://a532.g.akamai.net/f/532/6712/5m/virtools.download.akamai.com/6712/player/install/installer.exe
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.5.1.0.cab
TCP: DhcpNameServer = 192.168.11.1
TCP: Interfaces\{6464EB9C-D332-449A-9306-D9BF50D896D4} : DhcpNameServer = 192.168.11.1
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\progra~1\google\google~3\GOEC62~1.DLL
Hosts: 127.0.0.1 www.spywareinfoforum.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\jt.jared-pc\appdata\roaming\mozilla\firefox\profiles\cs9a2nnt.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B6602d08f-aa45-4e6e-a466-2cbedf731f62%7D&mid=842549be547b47d1a1f4d1544f6dbb71-fbd19c0f95a374fa4daef549a6b5e41a63dccc4d&ds=AVG&v=11.1.0.7&lang=en&pr=pr&d=2012-05-31%2022%3A27%3A36&sap=ku&q=
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: c:\program files\mcafee\siteadvisor\NPMcFFPlg32.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\program files\oracle\javafx 2.1 runtime\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll
FF - plugin: c:\programdata\nexonus\ngm\npNxGameUS.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\users\jt.jared-pc\appdata\local\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\users\jt.jared-pc\appdata\local\roblox\versions\version-eecd9135a67340ab\NPRobloxProxy.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_235.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-1-3 63928]
R2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);c:\program files\common files\epson\epw!3 ssrp\E_S50ST7.EXE [2012-2-16 153600]
R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);c:\program files\common files\epson\epw!3 ssrp\E_S50RP7.EXE [2012-2-16 121856]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2009-12-26 21504]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~1\mcafee\sitead~1\mcsacore.exe [2012-2-28 95200]
R2 TeamViewer7;TeamViewer 7;c:\program files\teamviewer\version7\TeamViewer_Service.exe [2012-5-14 2666880]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2011-4-18 43392]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 65024]
R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2011-4-27 208944]
R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\drivers\WSDPrint.sys [2009-12-26 16896]
R3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\drivers\WSDScan.sys [2010-10-9 19968]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-1-6 135664]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-2 257696]
S3 dc3d;MS Hardware Device Detection Driver;c:\windows\system32\drivers\dc3d.sys [2010-7-21 44432]
S3 FlyUsb;FLY Fusion;c:\windows\system32\drivers\FlyUsb.sys [2007-6-18 19456]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2011-8-26 30192]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-1-6 135664]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-5-9 129976]
S3 sbwtis;sbwtis;c:\windows\system32\drivers\sbwtis.sys [2011-12-19 72312]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S4 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSrv.exe [2007-12-5 77824]
.
=============== Created Last 30 ================
.
2012-06-05 03:00:04 -------- d-----w- c:\users\jt.jared-pc\appdata\local\adaware
2012-06-05 02:57:51 -------- d-----w- c:\users\jt.jared-pc\appdata\roaming\Ad-Aware Antivirus
2012-06-04 05:26:47 -------- d-----w- c:\program files\Oracle
2012-06-02 18:32:01 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll
2012-06-02 18:32:01 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll
2012-06-02 18:32:01 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll
2012-06-02 18:32:01 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll
2012-06-02 18:32:01 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll
2012-06-02 18:32:01 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll
2012-06-02 18:32:01 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll
2012-06-02 01:57:37 -------- d-----w- c:\users\jt.jared-pc\appdata\roaming\StreamTorrent
2012-06-02 01:57:37 -------- d-----w- c:\program files\StreamTorrent 1.0
2012-06-01 17:27:58 6737808 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{07bd90c3-e787-4b16-8508-f53e8fa0df01}\mpengine.dll
2012-06-01 17:27:51 6737808 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\updates\mpengine.dll
2012-06-01 02:46:37 -------- d-----w- C:\Free File Opener
2012-06-01 01:27:28 -------- d-----w- c:\program files\Ad-Aware Antivirus
2012-05-30 00:52:44 -------- d-----w- c:\users\jt.jared-pc\appdata\roaming\SanDisk
2012-05-29 05:00:27 6737808 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{1240c88a-a1e7-4ae9-b30c-78ca62121b45}\mpengine.dll
2012-05-28 05:37:59 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-05-28 05:37:59 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2012-05-28 05:37:28 -------- d-----w- c:\program files\iPod
2012-05-28 05:37:27 -------- d-----w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2012-05-28 05:37:27 -------- d-----w- c:\program files\iTunes
2012-05-28 05:35:05 -------- d-----w- c:\program files\Bonjour
2012-05-18 00:56:04 -------- d-----w- c:\users\jt.jared-pc\appdata\roaming\COWON
2012-05-18 00:52:58 -------- d-----w- c:\program files\common files\COWON
2012-05-18 00:52:57 -------- d-----w- c:\program files\JetAudio
2012-05-17 22:10:31 -------- d-----w- c:\program files\Microsoft Mathematics
2012-05-17 02:17:09 -------- d-----w- c:\users\jt.jared-pc\appdata\roaming\OpenOffice.org
2012-05-17 01:52:11 -------- d-----w- c:\program files\OpenOffice.org 3
2012-05-14 23:22:20 -------- d-----w- c:\users\jt.jared-pc\appdata\roaming\TeamViewer
2012-05-14 23:20:50 -------- d-----w- c:\program files\TeamViewer
2012-05-13 19:35:32 -------- d-----w- c:\program files\Microsoft Calculator Plus
2012-05-13 00:06:39 772504 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-05-12 23:09:07 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
2012-05-11 18:43:30 -------- d-----w- C:\IObit
2012-05-10 01:15:51 1069056 ----a-w- c:\windows\system32\DWrite.dll
2012-05-10 01:15:50 683008 ----a-w- c:\windows\system32\d2d1.dll
2012-05-10 01:15:50 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-05-10 01:15:50 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2012-05-10 01:15:50 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2012-05-10 01:15:47 914304 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-05-10 01:15:45 31232 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2012-05-10 01:14:33 53120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-05-10 01:14:20 983040 ----a-w- c:\program files\windows journal\JNTFiltr.dll
2012-05-10 01:14:20 964608 ----a-w- c:\program files\windows journal\JNWDRV.dll
2012-05-10 01:14:20 936960 ----a-w- c:\program files\common files\microsoft shared\ink\journal.dll
2012-05-10 01:14:20 1404928 ----a-w- c:\program files\common files\microsoft shared\ink\InkObj.dll
2012-05-10 01:14:20 1218048 ----a-w- c:\program files\windows journal\NBDoc.DLL
2012-05-10 01:14:19 47104 ----a-w- c:\program files\windows journal\PDIALOG.exe
2012-05-10 01:13:47 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-05-10 01:13:47 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-10 01:13:47 2044928 ----a-w- c:\windows\system32\win32k.sys
2012-05-09 22:07:30 -------- d-----w- c:\program files\Mozilla Maintenance Service
2012-05-09 22:07:28 157352 ----a-w- c:\program files\mozilla firefox\maintenanceservice_installer.exe
2012-05-09 22:07:28 129976 ----a-w- c:\program files\mozilla firefox\maintenanceservice.exe
2012-05-09 11:46:57 -------- d-----w- c:\users\jt.jared-pc\appdata\roaming\Auslogics
2012-05-09 11:46:54 -------- d-----w- c:\program files\Auslogics
2012-05-09 02:27:43 -------- d-----w- c:\programdata\GFI Software
2012-05-08 23:44:59 -------- d-----w- c:\programdata\IObit
2012-05-08 23:44:47 -------- d-----w- c:\users\jt.jared-pc\appdata\roaming\IObit
2012-05-08 23:44:38 -------- d-----w- c:\program files\IObit
2012-05-08 23:43:18 -------- d-----w- c:\program files\Defraggler
.
==================== Find3M ====================
.
2012-05-09 00:35:25 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-05-09 00:35:24 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-19 01:56:30 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2012-04-19 01:56:30 69632 ----a-w- c:\windows\system32\QuickTime.qts
2012-04-04 23:47:02 687504 ----a-w- c:\windows\system32\deployJava1.dll
2012-04-04 20:56:40 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
.
============= FINISH: 13:07:10.24 ===============
And attach:
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume3
Install Date: 2/20/2008 1:17:04 PM
System Uptime: 6/5/2012 12:54:52 PM (1 hours ago)
.
Motherboard: Dell Inc. | | 0RY007
Processor: Intel® Core™2 Duo CPU E6550 @ 2.33GHz | Socket 775 | 2331/333mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 456 GiB total, 304.993 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 5.989 GiB free.
E: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
7-Zip 9.20
Ad-Aware Browsing Protection
Ad-Aware Security Toolbar
Adobe Acrobat 4.0
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.3)
Adobe Shockwave Player 11.5
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Audacity 1.3.14 (Unicode)
Auslogics Disk Defrag Professional
Bonjour
Browser Address Error Redirector
CCleaner
Combat Arms
COWON Media Center - jetAudio Basic VX
Defraggler
Dell DataSafe Online
Dell Driver Download Manager
Dell Getting Started Guide
Epson CreativeZone
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)
Epson Easy Photo Print Plug-in for Windows Live Photo Gallery
Epson Easy Photo Print Plug-in for Windows Live Photo Gallery Setup
Epson Event Manager
Epson FAX Utility
Epson PC-FAX Driver
EPSON Scan
EPSON WorkForce 840 Series Printer Uninstall
EpsonNet Print
Finding Nemo UWF
Finding Nemo: Nemo's Underwater World of Fun
foobar2000 v1.1.11
Free File Opener
Google Chrome
Google Desktop
Google Drive
Google Toolbar for Internet Explorer
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Index.dat Analyzer v2.0
Intel® Graphics Media Accelerator Driver
Intel® PRO Network Connections 12.1.11.0
Intel® TV Wizard
iTunes
Java Auto Updater
Java™ 7 Update 4
JavaFX 2.1.0
Mabinogi
Malwarebytes Anti-Malware version 1.61.0.1400
McAfee SiteAdvisor
Microsoft .NET Framework 1.1
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Antimalware
Microsoft Application Error Reporting
Microsoft Calculator Plus
Microsoft Mathematics
Microsoft Office 2003 Resource Kit
Microsoft Silverlight
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft Works
Mozilla Firefox 12.0 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Music, Photos & Videos Launcher
Nexon Game Manager
OGA Notifier 2.0.0048.0
OpenOffice.org 3.4
Pando Media Booster
PDF Tablet 0.1
Product Documentation Launcher
QuickTime
RealNetworks - Microsoft Visual C++ 2005 Runtime
RealNetworks - Microsoft Visual C++ 2008 Runtime
Realtek High Definition Audio Driver
RealUpgrade 1.1
Recuva
Roblox
Roblox for JT
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Express Labeler
Roxio MyDVD DE
Roxio Update Manager
Sansa Updater
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Sonic Activation Module
Spelling Dictionaries Support For Adobe Reader 8
StreamTorrent 1.0
System Requirements Lab CYRI
System Requirements Lab for Intel
TeamViewer 7
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
USB Video Driver
User's Guides
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
Windows Driver Package - eMPIA Technology Inc, (emAudio) MEDIA (08/31/2007 5.7.0831.0)
Windows Live ID Sign-in Assistant
Windows Live Sign-in Assistant
Windows Media Player Firefox Plugin
Yahoo! Toolbar
.
==== Event Viewer Messages From Past Week ========
.
6/5/2012 3:01:59 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2656353).
6/5/2012 12:56:52 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SBRE
6/5/2012 12:56:52 PM, Error: Service Control Manager [7023] -
6/5/2012 12:56:52 PM, Error: Service Control Manager [7000] - The SupportSoft Sprocket Service (dellsupportcenter) service failed to start due to the following error: The system cannot find the path specified.
6/5/2012 12:43:11 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Ad-Aware Service service to connect.
6/5/2012 12:43:11 PM, Error: Service Control Manager [7000] - The Ad-Aware Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
6/4/2012 9:44:40 PM, Error: Service Control Manager [7001] - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
6/4/2012 9:43:54 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
6/4/2012 9:43:54 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
6/4/2012 9:43:54 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
6/4/2012 9:43:49 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
6/4/2012 9:43:42 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: MpFilter spldr Wanarpv6
6/4/2012 9:43:42 PM, Error: Service Control Manager [7001] - The Windows Media Center Extender Service service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
6/4/2012 9:43:42 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
6/4/2012 9:42:40 PM, Error: Microsoft-Windows-TerminalServices-LocalSessionManager [1048] - Terminal Service start failed. The relevant status code was This service cannot be started in Safe Mode .
6/4/2012 9:42:40 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service TermService with arguments "" in order to run the server: {F9A874B6-F8A8-4D73-B5A8-AB610816828B}
6/4/2012 10:04:44 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service Ad-Aware Service with arguments "" in order to run the server: {706FFEF5-7E90-4149-B038-B39106ECDB99}
6/4/2012 10:04:42 PM, Error: Service Control Manager [7000] - The sbwtis service failed to start due to the following error: Cannot create a file when that file already exists.
6/4/2012 1:30:58 AM, Error: Service Control Manager [7001] - The Windows Image Acquisition (WIA) service depends on the Shell Hardware Detection service which failed to start because of the following error: The operation completed successfully.
6/1/2012 12:52:37 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2656370).
5/31/2012 9:56:50 PM, Error: Service Control Manager [7000] - The Ad-Aware Service service failed to start due to the following error: The system cannot find the file specified.
5/31/2012 9:46:44 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "2" attempting to start the service Ad-Aware Service with arguments "" in order to run the server: {706FFEF5-7E90-4149-B038-B39106ECDB99}
5/31/2012 7:14:40 PM, Error: EventLog [6008] - The previous system shutdown at 4:52:04 PM on 5/30/2012 was unexpected.
5/31/2012 10:27:55 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
5/31/2012 10:19:31 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McAfee SiteAdvisor Service with arguments "" in order to run the server: {5A90F5EE-16B8-4C2A-81B3-FD5329BA477C}
5/29/2012 7:37:25 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
5/29/2012 4:08:49 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
5/29/2012 12:17:48 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
5/29/2012 11:38:53 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the stisvc service.
5/29/2012 11:37:17 PM, Error: Service Control Manager [7034] - The Ad-Aware service terminated unexpectedly. It has done this 1 time(s).
.
==== End Of File ===========================

Attached Files

Logs.zip 9.58K 23 downloads

Back to top

#14 CeciliaB

Volunteer

Moderator
5499 posts

Posted 06 June 2012 - 12:48 PM

Please, create a system restore point before starting the registry editor, regedit: http://www.howtogeek...system-restore/
Read how you can restore to that restore point, if Windows isn't starting due to bad changes in the registry:
If you have a Vista DVD: http://www.bleepingc...ry-environment/
http://windows.micro...n-windows-vista

Start regedit, for example by entering regedit in the small search field that is visible when you click the start button.

Search for "adaware" (without ").
Repeat the search until you find one of these:
reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /f
reg.exe delete "HKCU\Software\adaware" /f

Delete that line.
Repeat the search until you find the other. Delete that line, too.

Restart the computer.
Run DDS and paste DDS.txt into your answer. You don't need to attach it and I'm not interested in Attach.txt this time.

Back to top

#15 HelpMe12345

Advanced Member

Members
36 posts

Posted 06 June 2012 - 08:46 PM

Ok, i'll try that. Also, I have a question. Can you change the screen resolution of ad aware in safe mode? I had a virus or something (13 traces detected) and when I run ad aware, it crashes. I have it running in safe mode but I cant see he full screen, because my other PC can't display any larger than 640x480. Can I change the screen size of ad-aware?

Back to top

#16 CeciliaB

Volunteer

Moderator
5499 posts

Posted 06 June 2012 - 09:57 PM

Sorry, the screen resolution can not be set to anything lower. People have wished before to be able to use it with 800x600 which is a rather common netbook size, but not that low.

You can try to use a context scan instead of a full scan, that is you right-click C:\ in Windows Explorer and select to scan it with Ad-Aware. It is less likely that it crash then.

Back to top

#17 HelpMe12345

Advanced Member

Members
36 posts

Posted 09 June 2012 - 02:50 AM

Here is the results for DDS:
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.4.1
Run by JT at 20:45:28 on 2012-06-08
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3060.2018 [GMT -5:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE
c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
C:\Windows\system32\rundll32.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Google\Update\1.3.21.111\GoogleCrashHandler.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\TeamViewer\Version7\TeamViewer.exe
C:\Program Files\TeamViewer\Version7\tv_w32.exe
C:\Windows\RtHDVCpl.exe
C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\System32\wpcumi.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Users\JT.Jared-PC\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/webhp?sourceid=navclient&ie=UTF-8&rlz=1T4WZPH_enUS451
uWindow Title = Internet Explorer provided by Dell
uDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=1080221
uSearch Bar =
mStart Page = hxxp://www.bigseekpro.com/cheatengine/{D4FEE6C0-F1EF-473F-8111-958608E34C7B}
mDefault_Page_URL = hxxp://www.yahoo.com
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
uURLSearchHooks: YTNavAssistPlugin Class: {81017ea9-9aa8-4a6a-9734-7af40e7d593f} - c:\program files\yahoo!\companion\installs\cpn3\yt.dll
uURLSearchHooks: H - No File
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn3\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - c:\program files\adawaretb\adawareDx.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn3\yt.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - c:\program files\adawaretb\adawareDx.dll
TB: {9D425283-D487-4337-BAB6-AB8354A81457} - No File
TB: {338B4DFE-2E2C-4338-9E41-E176D497299E} - No File
TB: {BA00B7B1-0351-477A-B948-23E3EE5A73D4} - No File
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [WorkForce 840(Network)] c:\windows\system32\spool\drivers\w32x86\3\e_fatigma.exe /fu "c:\windows\temp\E_SDE5E.tmp" /EF "HKCU"
uRun: [EPSON WorkForce 840 Series] c:\windows\system32\spool\drivers\w32x86\3\e_fatigma.exe /fu "c:\windows\temp\E_SE2D1.tmp" /EF "HKCU"
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [SansaDispatch] c:\users\jt.jared-pc\appdata\roaming\sandisk\sansa updater\SansaDispatch.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [Ad-Aware Browsing Protection] "c:\programdata\ad-aware browsing protection\adawarebp.exe"
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [WPCUMI] c:\windows\system32\WpcUmi.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
LSP: c:\windows\system32\wpclsp.dll
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab}
DPF: {7623BE59-D4CF-4379-ABC4-B39E11854D66} - hxxp://nxcache.nexon.net/mabinogi/renderer/mabiweb.2010.5.03.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
DPF: {CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.3.0.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - hxxp://a532.g.akamai.net/f/532/6712/5m/virtools.download.akamai.com/6712/player/install/installer.exe
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.5.1.0.cab
TCP: DhcpNameServer = 192.168.11.1
TCP: Interfaces\{6464EB9C-D332-449A-9306-D9BF50D896D4} : DhcpNameServer = 192.168.11.1
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\progra~1\google\google~3\GOEC62~1.DLL
Hosts: 127.0.0.1 www.spywareinfoforum.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\jt.jared-pc\appdata\roaming\mozilla\firefox\profiles\cs9a2nnt.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B6602d08f-aa45-4e6e-a466-2cbedf731f62%7D&mid=842549be547b47d1a1f4d1544f6dbb71-fbd19c0f95a374fa4daef549a6b5e41a63dccc4d&ds=AVG&v=11.1.0.7&lang=en&pr=pr&d=2012-05-31%2022%3A27%3A36&sap=ku&q=
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: c:\program files\mcafee\siteadvisor\NPMcFFPlg32.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\program files\oracle\javafx 2.1 runtime\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll
FF - plugin: c:\programdata\nexonus\ngm\npNxGameUS.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\users\jt.jared-pc\appdata\local\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\users\jt.jared-pc\appdata\local\roblox\versions\version-eecd9135a67340ab\NPRobloxProxy.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_235.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-1-3 63928]
R2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);c:\program files\common files\epson\epw!3 ssrp\E_S50ST7.EXE [2012-2-16 153600]
R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);c:\program files\common files\epson\epw!3 ssrp\E_S50RP7.EXE [2012-2-16 121856]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2009-12-26 21504]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~1\mcafee\sitead~1\mcsacore.exe [2012-2-28 95200]
R2 TeamViewer7;TeamViewer 7;c:\program files\teamviewer\version7\TeamViewer_Service.exe [2012-5-14 2666880]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2011-4-18 43392]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 65024]
R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2011-4-27 208944]
R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\drivers\WSDPrint.sys [2009-12-26 16896]
R3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\drivers\WSDScan.sys [2010-10-9 19968]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-1-6 135664]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-2 257696]
S3 dc3d;MS Hardware Device Detection Driver;c:\windows\system32\drivers\dc3d.sys [2010-7-21 44432]
S3 FlyUsb;FLY Fusion;c:\windows\system32\drivers\FlyUsb.sys [2007-6-18 19456]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2011-8-26 30192]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-1-6 135664]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-5-9 129976]
S3 sbwtis;sbwtis;c:\windows\system32\drivers\sbwtis.sys [2011-12-19 72312]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S4 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSrv.exe [2007-12-5 77824]
.
=============== Created Last 30 ================
.
2012-06-08 06:17:02 6737808 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{92f21a9a-1f09-4b75-8637-fb5f91c1bddb}\mpengine.dll
2012-06-06 20:09:49 -------- d-----w- C:\adaware
2012-06-05 03:00:04 -------- d-----w- c:\users\jt.jared-pc\appdata\local\adaware
2012-06-05 02:57:51 -------- d-----w- c:\users\jt.jared-pc\appdata\roaming\Ad-Aware Antivirus
2012-06-04 05:26:47 -------- d-----w- c:\program files\Oracle
2012-06-02 18:32:01 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll
2012-06-02 18:32:01 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll
2012-06-02 18:32:01 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll
2012-06-02 18:32:01 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll
2012-06-02 18:32:01 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll
2012-06-02 18:32:01 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll
2012-06-02 18:32:01 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll
2012-06-02 01:57:37 -------- d-----w- c:\users\jt.jared-pc\appdata\roaming\StreamTorrent
2012-06-02 01:57:37 -------- d-----w- c:\program files\StreamTorrent 1.0
2012-06-01 17:27:58 6737808 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{07bd90c3-e787-4b16-8508-f53e8fa0df01}\mpengine.dll
2012-06-01 17:27:51 6737808 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\updates\mpengine.dll
2012-06-01 02:46:37 -------- d-----w- C:\Free File Opener
2012-06-01 01:27:28 -------- d-----w- c:\program files\Ad-Aware Antivirus
2012-05-30 00:52:44 -------- d-----w- c:\users\jt.jared-pc\appdata\roaming\SanDisk
2012-05-28 05:37:59 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-05-28 05:37:59 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2012-05-28 05:37:28 -------- d-----w- c:\program files\iPod
2012-05-28 05:37:27 -------- d-----w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2012-05-28 05:37:27 -------- d-----w- c:\program files\iTunes
2012-05-28 05:35:05 -------- d-----w- c:\program files\Bonjour
2012-05-18 00:56:04 -------- d-----w- c:\users\jt.jared-pc\appdata\roaming\COWON
2012-05-18 00:52:58 -------- d-----w- c:\program files\common files\COWON
2012-05-18 00:52:57 -------- d-----w- c:\program files\JetAudio
2012-05-17 22:10:31 -------- d-----w- c:\program files\Microsoft Mathematics
2012-05-17 02:17:09 -------- d-----w- c:\users\jt.jared-pc\appdata\roaming\OpenOffice.org
2012-05-17 01:52:11 -------- d-----w- c:\program files\OpenOffice.org 3
2012-05-14 23:22:20 -------- d-----w- c:\users\jt.jared-pc\appdata\roaming\TeamViewer
2012-05-14 23:20:50 -------- d-----w- c:\program files\TeamViewer
2012-05-13 19:35:32 -------- d-----w- c:\program files\Microsoft Calculator Plus
2012-05-13 00:06:39 772504 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-05-12 23:09:07 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
2012-05-11 18:43:30 -------- d-----w- C:\IObit
.
==================== Find3M ====================
.
2012-05-09 00:35:25 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-05-09 00:35:24 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-19 01:56:30 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2012-04-19 01:56:30 69632 ----a-w- c:\windows\system32\QuickTime.qts
2012-04-04 23:47:02 687504 ----a-w- c:\windows\system32\deployJava1.dll
2012-04-04 20:56:40 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-04-03 08:16:12 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-04-03 08:16:11 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-02 13:36:21 2044928 ----a-w- c:\windows\system32\win32k.sys
2012-03-30 12:39:11 914304 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-03-29 13:39:19 31232 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2012-03-20 23:28:50 53120 ----a-w- c:\windows\system32\drivers\partmgr.sys
.
============= FINISH: 20:46:21.55 ===============

Back to top

#18 CeciliaB

Volunteer

Moderator
5499 posts

Posted 09 June 2012 - 12:09 PM

Great!
You managed to remove those two registry entries.

Please, try to install Ad-Aware again. After the restart of the computer, run DDS and paste DDS.txt again. Please, report how Ad-Aware is behaving now.

Back to top

#19 LS Ann

Lavasoft Staff

Moderator
50 posts

Posted 11 June 2012 - 05:26 PM

Hi HelpMe12345,
I will write you in PM. Can you look and answer please?

Thanks,
Ann

Back to top

#20 HelpMe12345

Advanced Member

Members
36 posts

Posted 13 June 2012 - 04:00 AM

DDS:
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.4.1
Run by JT at 21:57:26 on 2012-06-12
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3060.1342 [GMT -5:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
AV: Lavasoft Ad-Aware *Disabled/Updated* {445B48C3-0FA4-6B16-8F07-6506F305D800}
SP: Lavasoft Ad-Aware *Disabled/Updated* {FF3AA927-299E-6498-B5B7-5E74888292BD}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Lavasoft Ad-Aware *Disabled* {7C60C9E6-45CB-6A4E-A458-CC330DD69F7B}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE
c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
C:\Program Files\Google\Update\1.3.21.111\GoogleCrashHandler.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\TeamViewer\Version7\TeamViewer.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\TeamViewer\Version7\tv_w32.exe
C:\Windows\RtHDVCpl.exe
C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\System32\wpcumi.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Users\JT.Jared-PC\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
c:\PROGRA~1\mcafee\SITEAD~1\saui.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_257.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_257.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/webhp?sourceid=navclient&ie=UTF-8&rlz=1T4WZPH_enUS451
uWindow Title = Internet Explorer provided by Dell
uDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=1080221
uSearch Bar =
mStart Page = hxxp://www.bigseekpro.com/cheatengine/{D4FEE6C0-F1EF-473F-8111-958608E34C7B}
mDefault_Page_URL = hxxp://www.yahoo.com
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
uURLSearchHooks: YTNavAssistPlugin Class: {81017ea9-9aa8-4a6a-9734-7af40e7d593f} - c:\program files\yahoo!\companion\installs\cpn3\yt.dll
uURLSearchHooks: H - No File
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn3\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - c:\program files\adawaretb\adawareDx.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn3\yt.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - c:\program files\adawaretb\adawareDx.dll
TB: {9D425283-D487-4337-BAB6-AB8354A81457} - No File
TB: {338B4DFE-2E2C-4338-9E41-E176D497299E} - No File
TB: {BA00B7B1-0351-477A-B948-23E3EE5A73D4} - No File
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [WorkForce 840(Network)] c:\windows\system32\spool\drivers\w32x86\3\e_fatigma.exe /fu "c:\windows\temp\E_SDE5E.tmp" /EF "HKCU"
uRun: [EPSON WorkForce 840 Series] c:\windows\system32\spool\drivers\w32x86\3\e_fatigma.exe /fu "c:\windows\temp\E_SE2D1.tmp" /EF "HKCU"
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [SansaDispatch] c:\users\jt.jared-pc\appdata\roaming\sandisk\sansa updater\SansaDispatch.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [Ad-Aware Browsing Protection] "c:\programdata\ad-aware browsing protection\adawarebp.exe"
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [WPCUMI] c:\windows\system32\WpcUmi.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Ad-Aware Antivirus] "c:\program files\ad-aware antivirus\AdAwareLauncher" --windows-run
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
LSP: c:\windows\system32\wpclsp.dll
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab}
DPF: {7623BE59-D4CF-4379-ABC4-B39E11854D66} - hxxp://nxcache.nexon.net/mabinogi/renderer/mabiweb.2010.5.03.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
DPF: {CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.3.0.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - hxxp://a532.g.akamai.net/f/532/6712/5m/virtools.download.akamai.com/6712/player/install/installer.exe
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.5.1.0.cab
TCP: DhcpNameServer = 192.168.11.1
TCP: Interfaces\{6464EB9C-D332-449A-9306-D9BF50D896D4} : DhcpNameServer = 192.168.11.1
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\progra~1\google\google~3\GOEC62~1.DLL
Hosts: 127.0.0.1 www.spywareinfoforum.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\jt.jared-pc\appdata\roaming\mozilla\firefox\profiles\cs9a2nnt.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B6602d08f-aa45-4e6e-a466-2cbedf731f62%7D&mid=842549be547b47d1a1f4d1544f6dbb71-fbd19c0f95a374fa4daef549a6b5e41a63dccc4d&ds=AVG&v=11.1.0.7&lang=en&pr=pr&d=2012-05-31%2022%3A27%3A36&sap=ku&q=
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: c:\program files\mcafee\siteadvisor\NPMcFFPlg32.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\program files\oracle\javafx 2.1 runtime\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll
FF - plugin: c:\programdata\nexonus\ngm\npNxGameUS.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\users\jt.jared-pc\appdata\local\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\users\jt.jared-pc\appdata\local\roblox\versions\version-eecd9135a67340ab\NPRobloxProxy.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_257.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648]
R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [2012-6-9 335224]
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREDrv.sys [2011-10-26 101112]
R1 sbtis;sbtis;c:\windows\system32\drivers\sbtis.sys [2012-6-9 217976]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-1-3 63928]
R2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);c:\program files\common files\epson\epw!3 ssrp\E_S50ST7.EXE [2012-2-16 153600]
R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);c:\program files\common files\epson\epw!3 ssrp\E_S50RP7.EXE [2012-2-16 121856]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2009-12-26 21504]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~1\mcafee\sitead~1\mcsacore.exe [2012-2-28 95200]
R2 SBAMSvc;Ad-Aware;c:\program files\ad-aware antivirus\SBAMSvc.exe [2011-12-19 3289032]
R2 sbapifs;sbapifs;c:\windows\system32\drivers\sbapifs.sys [2012-6-9 77816]
R2 TeamViewer7;TeamViewer 7;c:\program files\teamviewer\version7\TeamViewer_Service.exe [2012-5-14 2666880]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2011-4-18 43392]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 65024]
R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2011-4-27 208944]
R3 SBFWIMCLMP;GFI Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [2012-6-9 94584]
R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\drivers\WSDPrint.sys [2009-12-26 16896]
R3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\drivers\WSDScan.sys [2010-10-9 19968]
S2 0191111339532795mcinstcleanup;McAfee Application Installer Cleanup (0191111339532795);c:\windows\temp\019111~1.exe -cleanup -nolog --> c:\windows\temp\019111~1.EXE -cleanup -nolog [?]
S2 Ad-Aware Service;Ad-Aware Service;c:\program files\ad-aware antivirus\AdAwareService.exe [2012-5-3 1226096]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-1-6 135664]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-2 257224]
S3 dc3d;MS Hardware Device Detection Driver;c:\windows\system32\drivers\dc3d.sys [2010-7-21 44432]
S3 FlyUsb;FLY Fusion;c:\windows\system32\drivers\FlyUsb.sys [2007-6-18 19456]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2011-8-26 30192]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-1-6 135664]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-5-9 129976]
S3 SBFWIMCL;GFI Software Firewall NDIS IM Filter Service;c:\windows\system32\drivers\SbFwIm.sys [2012-6-9 94584]
S3 sbhips;sbhips;c:\windows\system32\drivers\sbhips.sys [2012-6-9 93816]
S3 sbwtis;sbwtis;c:\windows\system32\drivers\sbwtis.sys [2011-12-19 72312]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S4 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSrv.exe [2007-12-5 77824]
.
=============== Created Last 30 ================
.
2012-06-09 22:45:21 -------- d-----w- c:\users\jt.jared-pc\appdata\local\adaware
2012-06-09 22:44:45 93816 ----a-w- c:\windows\system32\drivers\sbhips.sys
2012-06-09 22:44:45 77816 ----a-w- c:\windows\system32\drivers\sbapifs.sys
2012-06-09 22:44:44 217976 ----a-w- c:\windows\system32\drivers\sbtis.sys
2012-06-09 22:44:29 -------- d-----w- c:\users\jt.jared-pc\appdata\local\Macromedia
2012-06-09 22:44:00 94584 ----a-w- c:\windows\system32\drivers\SbFwIm.sys
2012-06-09 22:44:00 335224 ----a-w- c:\windows\system32\drivers\SbFw.sys
2012-06-09 22:43:58 -------- d-----w- c:\windows\system32\drivers\VDD
2012-06-08 06:17:02 6737808 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{92f21a9a-1f09-4b75-8637-fb5f91c1bddb}\mpengine.dll
2012-06-06 20:09:49 -------- d-----w- C:\adaware
2012-06-05 02:57:51 -------- d-----w- c:\users\jt.jared-pc\appdata\roaming\Ad-Aware Antivirus
2012-06-04 05:26:47 -------- d-----w- c:\program files\Oracle
2012-06-02 18:32:01 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll
2012-06-02 18:32:01 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll
2012-06-02 18:32:01 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll
2012-06-02 18:32:01 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll
2012-06-02 18:32:01 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll
2012-06-02 18:32:01 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll
2012-06-02 18:32:01 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll
2012-06-02 01:57:37 -------- d-----w- c:\users\jt.jared-pc\appdata\roaming\StreamTorrent
2012-06-02 01:57:37 -------- d-----w- c:\program files\StreamTorrent 1.0
2012-06-01 17:27:58 6737808 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{07bd90c3-e787-4b16-8508-f53e8fa0df01}\mpengine.dll
2012-06-01 17:27:51 6737808 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\updates\mpengine.dll
2012-06-01 02:46:37 -------- d-----w- C:\Free File Opener
2012-06-01 01:27:28 -------- d-----w- c:\program files\Ad-Aware Antivirus
2012-05-30 00:52:44 -------- d-----w- c:\users\jt.jared-pc\appdata\roaming\SanDisk
2012-05-28 05:37:59 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-05-28 05:37:59 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2012-05-28 05:37:28 -------- d-----w- c:\program files\iPod
2012-05-28 05:37:27 -------- d-----w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2012-05-28 05:37:27 -------- d-----w- c:\program files\iTunes
2012-05-28 05:35:05 -------- d-----w- c:\program files\Bonjour
2012-05-18 00:56:04 -------- d-----w- c:\users\jt.jared-pc\appdata\roaming\COWON
2012-05-18 00:52:58 -------- d-----w- c:\program files\common files\COWON
2012-05-18 00:52:57 -------- d-----w- c:\program files\JetAudio
2012-05-17 22:10:31 -------- d-----w- c:\program files\Microsoft Mathematics
2012-05-17 02:17:09 -------- d-----w- c:\users\jt.jared-pc\appdata\roaming\OpenOffice.org
2012-05-17 01:52:11 -------- d-----w- c:\program files\OpenOffice.org 3
2012-05-14 23:22:20 -------- d-----w- c:\users\jt.jared-pc\appdata\roaming\TeamViewer
2012-05-14 23:20:50 -------- d-----w- c:\program files\TeamViewer
.
==================== Find3M ====================
.
2012-06-09 22:41:44 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-09 22:41:44 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-04-19 01:56:30 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2012-04-19 01:56:30 69632 ----a-w- c:\windows\system32\QuickTime.qts
2012-04-04 23:47:08 772504 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-04-04 23:47:02 687504 ----a-w- c:\windows\system32\deployJava1.dll
2012-04-04 20:56:40 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-04-03 08:16:12 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-04-03 08:16:11 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-02 13:36:21 2044928 ----a-w- c:\windows\system32\win32k.sys
2012-03-30 12:39:11 914304 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-03-29 13:39:19 31232 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2012-03-20 23:28:50 53120 ----a-w- c:\windows\system32\drivers\partmgr.sys
.
============= FINISH: 21:58:28.40 ===============

Back to top

Next

Back to Resolved/Inactive HijackThis Logs

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users