Jump to content

rgrahamward

Members
  • Content Count

    1
  • Joined

  • Last visited

About rgrahamward

  • Rank
    New Member
  1. Good day, recently I have started to get Bad Image errors when opening certain programs like iTunes. I have tried everything from a chkdsk to an sfc /scannow. Neither of those worked. I have done a full system scan with bitdefender, spybot search and destroy along with malware bytes. The only thing I have not tried yet is a system restore and that is because it does not work. When I restore to a point it comes up with an error that states that system restore did not complete successfully windows 7 failed to extract a file. Now the only restore points available are not far enough back, it only shows restore points for today. I would need it to restore atleast 2 days back. Please aid me in figuring out what is wrong with my computer. Due to the vast amount of programs that I have on my laptop a windows 7 reinstall would take too long to install the programs back. Please let me know if there is an easier way to fix this problem. Here is my DDS scan txt: DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.9.2 Run by RGraham-Ward at 21:26:44 on 2013-01-07 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.8169.5088 [GMT 0:00] . AV: Bitdefender Antivirus *Enabled/Updated* {98CD50CE-5097-4098-9669-6C401FB3969C} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Bitdefender Antispyware *Enabled/Updated* {23ACB12A-76AD-4F16-ACD9-57326434DC21} FW: Bitdefender Firewall *Enabled* {A0F6D1EB-1AF8-41C0-BD36-C575E160D1E7} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\servicing\TrustedInstaller.exe C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\Tablet\Wacom\Wacom_TouchService.exe C:\Windows\System32\WUDFHost.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k WbioSvcGroup C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe C:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe C:\ProgramData\DatacardService\HWDeviceService64.exe C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe C:\Program Files\Microsoft LifeCam\MSCamS64.exe c:\Program Files (x86)\Hotkey\PowerBiosServer.exe C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\remotesolverdispatcherservice.exe C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\dispatcher.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe C:\Program Files\TightVNC\tvnserver.exe C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\atieclxx.exe C:\Program Files\Protector Suite\upeksvr.exe C:\Windows\system32\taskhost.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\Dwm.exe C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe C:\Windows\Explorer.EXE C:\ProgramData\DatacardService\DCSHelper.exe C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Windows\system32\sppsvc.exe C:\Program Files (x86)\Common Files\Intel\Intel Extreme Tuning Utility\PerfTuneService.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Program Files\TightVNC\tvnserver.exe C:\Windows\System32\rundll32.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe C:\Program Files\Protector Suite\psqltray.exe C:\Program Files (x86)\ChiconyCam\CECAPLF.exe C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe C:\Users\RGraham-Ward\AppData\Roaming\T-Mobile Internet Manager\ouc.exe C:\Users\RGraham-Ward\AppData\Local\Akamai\netsession_win.exe C:\Program Files\Bigfoot Networks\Killer Network Manager\KillerNetManager.exe C:\Program Files (x86)\Hotkey\Hotkey.exe D:\SketchBookSnapshot.exe C:\Users\RGraham-Ward\AppData\Local\Akamai\netsession_win.exe C:\Program Files\SolidWorks Corp\SolidWorks\sldworks_fs.exe C:\Users\RGraham-Ward\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\hott notes 4\hottnotes.exe C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe C:\Program Files (x86)\PowerISO\PWRISOVM.EXE C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = about:blank mStart Page = about:blank uProxyServer = 10.10.2.245:8080 uProxyOverride = <local>erride;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local> uURLSearchHooks: {ba14329e-9550-4989-b3f2-9732e92d17cc} - <orphaned> uURLSearchHooks: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTo0.dll uURLSearchHooks: ToolbarURLSearchHook Class: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files (x86)\TopviewSoft DB Toolbar Toolbar\tbhelper.dll mURLSearchHooks: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTo0.dll mWinlogon: Userinit = userinit.exe, BHO: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Expat Shield Class: {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - C:\Program Files (x86)\Expat Shield\HssIE\ExpatIE.dll BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll BHO: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTo0.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\bin\ssv.dll BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll BHO: Freecorder extension: {B15BBE59-42F5-4206-B3F0-BE98F5DC4B93} - C:\Program Files (x86)\Freecorder extension\ScriptHost.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\bin\jp2ssv.dll BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll BHO: SMTTB2009 Class: {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\TopviewSoft DB Toolbar Toolbar\tbcore3.dll TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll TB: uTorrentControl2 Toolbar: {687578B9-7132-4A7A-80E4-30EE31099E03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTo0.dll TB: TopviewSoft DB Toolbar Toolbar: {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files (x86)\TopviewSoft DB Toolbar Toolbar\tbcore3.dll TB: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll TB: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTo0.dll TB: TopviewSoft DB Toolbar Toolbar: {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files (x86)\TopviewSoft DB Toolbar Toolbar\tbcore3.dll uRun: [AdobeBridge] <no file> mRun: [DataCardMonitor] C:\Program Files (x86)\T-Mobile\InternetManager_H\DataCardMonitor.exe mRun: [updReg] C:\Windows\UpdReg.EXE mRun: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [RemoteControl11] C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE mRun: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe" mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun: [CLMLServer] "c:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" dRunOnce: [{90140000-0011-0000-1000-0000000FF1CE}] C:\Windows\System32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H StartupFolder: C:\Users\RGRAHA~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\RGraham-Ward\AppData\Roaming\Dropbox\bin\Dropbox.exe StartupFolder: C:\Users\RGRAHA~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\HOTTNO~1.LNK - C:\Program Files (x86)\hott notes 4\hottnotes.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BIGFOO~1.LNK - C:\Program Files\Bigfoot Networks\Killer Network Manager\KillerNetManager.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\Hotkey.lnk - C:\Program Files (x86)\Hotkey\Hotkey.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SKETCH~1.LNK - D:\SketchBookSnapshot.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SOLIDW~2.LNK - C:\Windows\Installer\{B6B5EA7E-B91F-443D-A958-B0062FB53804}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SOLIDW~1.LNK - C:\Program Files (x86)\Common Files\SolidWorks Installation Manager\BackgroundDownloading\sldBgDwld.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\START3~1.LNK - C:\Program Files\3Dconnexion\3Dconnexion 3DxSoftware\3DxWare64\3dxsrv.exe uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 mPolicies-System: SoftwareSASGeneration = dword:1 IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll LSP: %SYSTEMROOT%\system32\BfLLR.dll TCP: NameServer = 194.168.4.100 194.168.8.100 TCP: Interfaces\{07591BF8-68A2-4830-9807-9608540EACC2} : DHCPNameServer = 109.249.185.224 109.249.188.32 8.8.8.8 TCP: Interfaces\{B35E7C74-F59A-4DAD-AF59-C30099141798} : DHCPNameServer = 194.168.4.100 194.168.8.100 TCP: Interfaces\{B35E7C74-F59A-4DAD-AF59-C30099141798}\3756475707D277966696 : DHCPNameServer = 158.125.1.100 131.231.16.7 131.231.16.16 TCP: Interfaces\{B35E7C74-F59A-4DAD-AF59-C30099141798}\54675637 : DHCPNameServer = 206.53.177.3 206.53.177.2 TCP: Interfaces\{B35E7C74-F59A-4DAD-AF59-C30099141798}\B4164786973702B41666665656 : DHCPNameServer = 192.168.0.1 TCP: Interfaces\{BD58E136-35E5-4A4E-869E-E5AFB4593A74} : DHCPNameServer = 194.168.4.100 194.168.8.100 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL LSA: Notification Packages = scecli C:\Program Files\Protector Suite\psqlpwd.dll x64-mStart Page = about:blank x64-BHO: Expat Shield Class: {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - C:\Program Files (x86)\Expat Shield\HssIE\ExpatIE_64.dll x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: Freecorder extension x64: {B15BBE59-42F5-4206-B3F0-BE98F5DC4B93} - C:\Program Files\Freecorder extension x64\ScriptHost.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-Run: [tvncontrol] "C:\Program Files\TightVNC\tvnserver.exe" -controlservice -slave x64-Run: [THXCfg64] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\THXCfg64.dll,RunDLLEntry THXCfg64 x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s x64-Run: [PSQLLauncher] "C:\Program Files\Protector Suite\launcher.exe" /startup x64-Run: [LogMeIn GUI] "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe" x64-Run: [CECAPLF] C:\Program Files (x86)\ChiconyCam\CECAPLF.exe x64-Run: [bDAgent] "C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe" x64-Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" x64-Run: [intelliType Pro] "C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe" x64-Run: [intelliPoint] "C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe" x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-SSODL: WebCheck - <orphaned> x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL . ============= SERVICES / DRIVERS =============== . R0 avc3;avc3;C:\Windows\System32\drivers\avc3.sys [2011-11-25 705552] R0 BMLoad;Bytemobile Boot Time Load Driver;C:\Windows\System32\drivers\BMLoad.sys [2012-6-29 16512] R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-12-16 55280] R1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [2011-11-14 93160] R1 bdfwfpf;bdfwfpf;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2011-11-14 103504] R1 BDVEDISK;BDVEDISK;C:\Windows\System32\drivers\bdvedisk.sys [2010-1-19 103944] R1 BfLwf;Bigfoot Networks Bandwidth Control;C:\Windows\System32\drivers\bflwfx64.sys [2011-6-26 69224] R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2012/03/19 12:48:47];C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [2011-9-2 148976] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-6-11 239616] R2 Autodesk Content Service;Autodesk Content Service;C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2011-2-2 18656] R2 Bigfoot Networks Killer Service;Bigfoot Networks Killer Service;C:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe [2011-6-26 466944] R2 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD;C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [2012-3-19 83240] R2 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service;C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [2012-3-19 75048] R2 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service;C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [2012-3-19 292136] R2 HWDeviceService64.exe;HWDeviceService64.exe;C:\ProgramData\DatacardService\HWDeviceService64.exe -/service --> C:\ProgramData\DatacardService\HWDeviceService64.exe -/service [?] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-12-2 13336] R2 IOCBIOS;IOCBIOS;C:\ProgramData\Intel\Extreme Tuning Utility\IOCbios\64bit\iOCbios.sys [2010-9-15 34304] R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2011-12-7 375728] R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2011-9-16 15928] R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\Windows\System32\drivers\LMIRfsDriver.sys [2012-1-22 72216] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-1-7 398184] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-1-7 682344] R2 mitsijm2012;Autodesk Moldflow Inventor Tool Suite Integration 2012 Job Manager;C:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe [2010-12-7 848184] R2 ntk_PowerDVD;ntk_PowerDVD;C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys [2012-3-19 75248] R2 PowerBiosServer;PowerBiosServer;C:\Program Files (x86)\Hotkey\PowerBiosServer.exe [2011-2-16 33792] R2 RemoteSolverDispatcher;Remote Solver for Flow Simulation 2013;C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\remotesolverdispatcherservice.exe [2012-9-13 51848] R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2013-1-7 1153368] R2 TabletServiceWacom;TabletServiceWacom;C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe [2011-12-16 8786848] R2 TouchServiceWacom;Wacom Professional Touch Service;C:\Program Files\Tablet\Wacom\Wacom_TouchService.exe [2012-3-11 565152] R2 tvnserver;TightVNC Server;C:\Program Files\TightVNC\tvnserver.exe [2012-6-26 1652280] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-12-2 2656280] R2 UPDATESRV;BitDefender Desktop Update Service;C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe [2012-3-13 67904] R2 XTUService;Intel® Extreme Tuning Utility;C:\Program Files (x86)\Common Files\Intel\Intel Extreme Tuning Utility\PerfTuneService.exe [2010-11-24 21768] R3 Ak27x64;Killer Wireless-N 1102 device driver;C:\Windows\System32\drivers\Ak27x64.sys [2011-6-26 2740328] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-5-14 96896] R3 avchv;avchv Function Driver;C:\Windows\System32\drivers\avchv.sys [2012-12-12 261056] R3 huawei_enumerator;huawei_enumerator;C:\Windows\System32\drivers\ew_jubusenum.sys [2012-6-29 86016] R3 ICCWDT;Intel® Watchdog Timer Driver (Intel® WDT);C:\Windows\System32\drivers\ICCWDT.sys [2010-8-18 26136] R3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2011-1-4 174168] R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits);C:\Windows\System32\drivers\JME.sys [2011-5-5 132624] R3 ManyCam;ManyCam Virtual Webcam;C:\Windows\System32\drivers\mcvidrv_x64.sys [2012-1-11 34304] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-1-7 24176] R3 mcaudrv_simple;ManyCam Virtual Microphone;C:\Windows\System32\drivers\mcaudrv_x64.sys [2012-2-22 28160] R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;C:\Windows\System32\drivers\nx6000.sys [2010-12-13 36720] R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-2-10 82432] R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-2-10 181760] S2 ADExchange;ArcSoft Exchange Service;C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe --> C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944] S2 UGS License Server (ugslmd);UGS License Server (ugslmd);C:\Program Files (x86)\UGS\UGSLicensing\lmgrd.exe [2009-7-7 1510152] S3 avckf;avckf;C:\Windows\System32\drivers\avckf.sys [2012-12-12 587024] S3 bdsandbox;bdsandbox;C:\Windows\System32\drivers\bdsandbox.sys [2011-11-17 79952] S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [2012-9-28 76904] S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\Windows\System32\drivers\ew_hwusbdev.sys [2012-6-29 117248] S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-1-8 1431888] S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2011-12-2 130976] S3 hidkmdf;KMDF Driver;C:\Windows\System32\drivers\hidkmdf.sys [2012-10-1 13728] S3 huawei_cdcacm;huawei_cdcacm;C:\Windows\System32\drivers\ew_jucdcacm.sys [2012-6-29 98816] S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2011-8-2 22528] S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-10 174440] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-1-7 19456] S3 SafeBox;SafeBox;C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe [2012-8-24 75384] S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096] S3 tapoas;TAP-Win32 Adapter OAS;C:\Windows\System32\drivers\tapoas.sys [2011-8-19 30720] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-1-7 57856] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-1-7 30208] S3 Update Server;BitDefender Update Server v2;C:\Program Files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe [2011-10-14 466736] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-9-28 53760] S3 WacHidRouter;Wacom Hid Router;C:\Windows\System32\drivers\wachidrouter.sys [2012-10-1 68512] S3 wacmoumonitor;Wacom Mode Helper;C:\Windows\System32\drivers\wacmoumonitor.sys [2011-12-16 13312] S3 wacomrouterfilter;Wacom Router Filter Driver;C:\Windows\System32\drivers\wacomrouterfilter.sys [2012-10-1 15736] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-12-17 1255736] S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464] . =============== File Associations =============== . FileExt: .scr: AutoCADScriptFile=C:\Windows\System32\notepad.exe "%1" FileExt: .js: jsfile="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5\Dreamweaver.exe","%1" ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5\dreamweaver.exe", "%1" . =============== Created Last 30 ================ . 2013-01-07 21:01:03 -------- d-----w- C:\Program Files\AuthenTec 2013-01-07 20:59:58 3072 ----a-w- C:\Windows\System32\drivers\en-US\tsusbflt.sys.mui 2013-01-07 20:58:57 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll 2013-01-07 20:58:57 458712 ----a-w- C:\Windows\System32\drivers\cng.sys 2013-01-07 20:58:57 340992 ----a-w- C:\Windows\System32\schannel.dll 2013-01-07 20:58:57 307200 ----a-w- C:\Windows\System32\ncrypt.dll 2013-01-07 20:58:57 247808 ----a-w- C:\Windows\SysWow64\schannel.dll 2013-01-07 20:58:57 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll 2013-01-07 20:58:57 22016 ----a-w- C:\Windows\SysWow64\secur32.dll 2013-01-07 20:58:57 154480 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2013-01-07 20:58:57 1448448 ----a-w- C:\Windows\System32\lsasrv.dll 2013-01-07 20:58:55 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll 2013-01-07 20:58:55 366592 ----a-w- C:\Windows\System32\qdvd.dll 2013-01-07 19:49:17 -------- d-----w- C:\Windows\pss 2013-01-07 18:19:33 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy 2013-01-07 18:19:33 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2013-01-07 18:04:54 -------- d-----w- C:\Users\RGraham-Ward\AppData\Roaming\Malwarebytes 2013-01-07 18:04:47 -------- d-----w- C:\ProgramData\Malwarebytes 2013-01-07 18:04:46 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-01-07 18:04:46 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-01-07 18:04:38 -------- d-----w- C:\Users\RGraham-Ward\AppData\Local\Programs 2013-01-07 07:20:45 -------- d-sh--w- C:\found.000 2013-01-06 22:21:39 -------- d-----w- C:\Users\RGraham-Ward\AppData\Roaming\LolClient 2013-01-06 21:35:59 467984 ----a-w- C:\Windows\SysWow64\d3dx10_39.dll 2013-01-06 21:35:59 3851784 ----a-w- C:\Windows\SysWow64\D3DX9_39.dll 2013-01-06 21:35:59 1493528 ----a-w- C:\Windows\SysWow64\D3DCompiler_39.dll 2013-01-06 21:33:59 -------- d-----w- C:\Riot Games 2013-01-06 20:38:20 -------- d-----w- C:\Users\RGraham-Ward\AppData\Local\PMB Files 2013-01-06 20:38:20 -------- d-----w- C:\ProgramData\PMB Files 2013-01-06 20:38:13 -------- d-----w- C:\Program Files (x86)\Pando Networks 2012-12-29 20:09:40 -------- d-----w- C:\Users\RGraham-Ward\AppData\Local\Freecorder 7 Video 2012-12-29 20:09:34 -------- d-----w- C:\Users\RGraham-Ward\AppData\Roaming\Freecorder 7 Video 2012-12-29 20:09:24 -------- d-----w- C:\Users\RGraham-Ward\AppData\Local\Jaksta_Technologies_Pty_L 2012-12-29 19:54:18 -------- d-----w- C:\Program Files (x86)\Applian Technologies 2012-12-29 19:53:09 -------- d-----w- C:\Program Files\Freecorder extension x64 2012-12-29 19:52:48 -------- d-----w- C:\Program Files (x86)\Freecorder extension 2012-12-26 20:26:11 -------- d-----w- C:\Users\RGraham-Ward\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 2012-12-26 20:09:51 -------- d-sh--r- C:\Kernels 2012-12-21 12:47:00 -------- d-----w- C:\Users\RGraham-Ward\AppData\Roaming\CircuitWorks 2012-12-20 23:04:28 46080 ----a-w- C:\Windows\System32\atmlib.dll 2012-12-20 23:04:28 367616 ----a-w- C:\Windows\System32\atmfd.dll 2012-12-20 23:04:28 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll 2012-12-20 23:04:28 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll 2012-12-13 10:43:43 2048 ----a-w- C:\Windows\SysWow64\tzres.dll 2012-12-13 10:43:41 2048 ----a-w- C:\Windows\System32\tzres.dll 2012-12-12 13:32:21 3149824 ----a-w- C:\Windows\System32\win32k.sys 2012-12-12 13:30:15 478208 ----a-w- C:\Windows\System32\dpnet.dll 2012-12-12 13:30:15 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll 2012-12-12 12:16:33 261056 ----a-w- C:\Windows\System32\drivers\avchv.sys 2012-12-12 12:16:29 587024 ----a-w- C:\Windows\System32\drivers\avckf.sys 2012-12-11 17:18:05 -------- d-----w- C:\Users\RGraham-Ward\AppData\Roaming\Luxology 2012-12-11 17:18:05 -------- d-----w- C:\Users\RGraham-Ward\AppData\Roaming\Kits 2012-12-10 14:57:14 -------- d-----w- C:\Program Files\iPod 2012-12-10 14:57:13 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2012-12-10 14:57:13 -------- d-----w- C:\Program Files\iTunes 2012-12-10 14:57:13 -------- d-----w- C:\Program Files (x86)\iTunes 2012-12-10 14:55:44 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin7.dll 2012-12-10 14:55:44 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin6.dll 2012-12-10 14:55:44 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll 2012-12-10 14:55:44 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll 2012-12-10 14:55:44 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll 2012-12-10 14:55:44 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll 2012-12-10 14:55:44 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll . ==================== Find3M ==================== . 2012-12-12 12:16:28 705552 ----a-w- C:\Windows\System32\drivers\avc3.sys 2012-11-25 12:32:48 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2012-11-25 12:32:48 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2012-11-25 12:32:48 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2012-11-09 21:08:03 88008 ----a-w- C:\Windows\System32\LMIRfsClientNP.dll 2012-11-09 21:08:03 35240 ----a-w- C:\Windows\System32\LMIport.dll 2012-11-09 21:08:02 83880 ----a-w- C:\Windows\System32\LMIinit.dll 2012-11-02 15:38:36 862664 ----a-w- C:\Windows\SysWow64\msvcr110.dll 2012-11-02 15:38:36 828872 ----a-w- C:\Windows\System32\msvcr110.dll 2012-11-02 15:38:36 661448 ----a-w- C:\Windows\System32\msvcp110.dll 2012-11-02 15:38:36 534480 ----a-w- C:\Windows\SysWow64\msvcp110.dll 2012-11-02 15:38:36 354264 ----a-w- C:\Windows\System32\vccorlib110.dll 2012-11-02 15:38:36 251864 ----a-w- C:\Windows\SysWow64\vccorlib110.dll 2012-10-25 03:12:26 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx 2012-10-25 03:12:26 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts 2012-10-16 08:38:37 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll 2012-10-16 08:38:34 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll 2012-10-16 07:39:52 561664 ----a-w- C:\Windows\apppatch\AcLayers.dll . ============= FINISH: 21:27:04.28 =============== Thanking you in advanced! Ricardo
×
×
  • Create New...