Help
Read the following topic before creating a new topic in this forum. It contains instructions on the what we would like you to post, which will enable us to help you more quickly.
This topic is locked
DDS Log:
. DDS (Ver_2011-06-23.01) - NTFSAMD64 Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_22 Run by aaronmiddleton at 9:28:31 on 2011-08-23 Microsoft Windows 7 Professional 6.1.7600.0.1252.1.1033.18.3831.1824 [GMT -5:00] . AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160} SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\WUDFHost.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Windows\system32\AppleOSSMgr.exe C:\Windows\system32\AppleTimeSrv.exe C:\Program Files (x86)\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\System32\svchost.exe -k HPZ12 c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\svchost.exe -k HPService c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\system32\WUDFHost.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Program Files\Boot Camp\Bootcamp.exe C:\Program Files\Logitech\SetPointP\SetPoint.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files (x86)\RocketDock\RocketDock.exe C:\Users\aaronmiddleton\Local Settings\Apps\F.lux\flux.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Users\aaronmiddleton\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE C:\Program Files\Rainmeter\Rainmeter.exe C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 7\firefox.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\wuauclt.exe C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 7\plugin-container.exe C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ mWinlogon: Userinit=userinit.exe, BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll uRun: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe" uRun: [F.lux] "C:\Users\aaronmiddleton\Local Settings\Apps\F.lux\flux.exe" /noshow uRun: [Google Update] "C:\Users\aaronmiddleton\AppData\Local\Google\Update\GoogleUpdate.exe" /c mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
mRun: [<NO NAME>] mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" mRun: [QuickFinder Scheduler] "c:\Program Files (x86)\Corel\WordPerfect Office X5\Programs\QFSCHD150.EXE" mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray StartupFolder: C:\Users\AARONM~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk C:\Users\aaronmiddleton\AppData\Roaming\Dropbox\bin\Dropbox.exe StartupFolder: C:\Users\AARONM~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\RAINME~1.LNK C:\Program Files\Rainmeter\Rainmeter.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Open with WordPerfect - c:\Program Files (x86)\Corel\WordPerfect Office X5\Programs\WPLauncher.hta IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22windows-i586.cab DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22windows-i586.cab TCP: DhcpNameServer = 192.168.1.103 66.180.96.12 64.238.96.12 TCP: Interfaces\{97E12921-5FF4-4D76-97D9-9230C74D71F4} : DhcpNameServer = 192.168.1.104 TCP: Interfaces\{D3478739-A8D3-4A35-A95D-D15BF9B6C42B} : DhcpNameServer = 192.168.1.103 66.180.96.12
64.238.96.12 TCP: Interfaces\{D3478739-A8D3-4A35-A95D-D15BF9B6C42B}\345444 : DhcpNameServer = 192.168.2.1 TCP: Interfaces\{D3478739-A8D3-4A35-A95D-D15BF9B6C42B}\348656562657277616 : DhcpNameServer =
68.87.85.102 68.87.69.150
TCP: Interfaces\{D3478739-A8D3-4A35-A95D-D15BF9B6C42B}\84F6D656D2E4 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{D3478739-A8D3-4A35-A95D-D15BF9B6C42B}\C4964747C656F524C61636B6F524F687 :
DhcpNameServer = 68.87.85.102 68.87.69.150
TCP: Interfaces\{D3478739-A8D3-4A35-A95D-D15BF9B6C42B}\C696E6B6379737 : DhcpNameServer =
192.168.1.1
TCP: Interfaces\{D3478739-A8D3-4A35-A95D-D15BF9B6C42B}\E4F42616D61634162756 : DhcpNameServer =
68.87.85.102 68.87.69.150 192.168.1.1
TCP: Interfaces\{D4E589C5-3D22-4F9D-9680-2DE667DE2743} : DhcpNameServer = 192.168.1.104
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft
shared\OFFICE14\MSOXMLMF.DLL
BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital
Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO-X64: HP Print Enhancer - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files
(x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program
Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO -No File
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files
(x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common
Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO-X64: SmartSelect - No File
BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files
(x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
BHO-X64: HP Smart BHO Class - No File
TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common
Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
mRun-x64: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
mRun-x64: [(Default)]
mRun-x64: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
mRun-x64: [QuickFinder Scheduler] "c:\Program Files (x86)\Corel\WordPerfect Office
X5\Programs\QFSCHD150.EXE"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun-x64: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe"
/starttray
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\aaronmiddleton\AppData\Roaming\Mozilla\Firefox\Profiles\irqb9swa.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=Z128&form=ZGAADF&install_date=20110810&q=
FF - prefs.js: network.proxy.type - 4
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrlui.dll
FF - plugin: C:\Users\aaronmiddleton\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin:
C:\Users\aaronmiddleton\AppData\Roaming\Mozilla\Firefox\Profiles\irqb9swa.default\extensions\LogMeInClient@log
mein.com\plugins\npRACtrl.dll
FF - plugin: C:\Windows\system32\Wat\npWatWeb.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AppleHFS;AppleHFS;C:\Windows\system32\drivers\AppleHFS.sys -->
C:\Windows\system32\drivers\AppleHFS.sys [?]
R0 AppleMNT;AppleMNT;C:\Windows\system32\drivers\AppleMNT.sys -->
C:\Windows\system32\drivers\AppleMNT.sys [?]
R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys -->
C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys -->
C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AppleOSSMgr;Apple OS Switch Manager;C:\Windows\system32\AppleOSSMgr.exe -->
C:\Windows\system32\AppleOSSMgr.exe [?]
R2 AppleTimeSrv;Apple Time Service;C:\Windows\system32\AppleTimeSrv.exe -->
C:\Windows\system32\AppleTimeSrv.exe [?]
R2 KeyAgent;KeyAgent;\??\C:\Windows\system32\drivers\KeyAgent.sys -->
C:\Windows\system32\drivers\KeyAgent.sys [?]
R2 MacHALDriver;Mac HAL;\??\C:\Windows\system32\drivers\MacHALDriver.sys -->
C:\Windows\system32\drivers\MacHALDriver.sys [?]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-8-21
366640]
R3 acpials;ALS Sensor Filter;C:\Windows\system32\DRIVERS\acpials.sys -->
C:\Windows\system32\DRIVERS\acpials.sys [?]
R3 AppleBtBc;Apple Broadcom Built-in Bluetooth;C:\Windows\system32\DRIVERS\AppleBtBc.sys -->
C:\Windows\system32\DRIVERS\AppleBtBc.sys [?]
R3 applemtm;Apple Multitouch Mouse;C:\Windows\system32\DRIVERS\applemtm.sys -->
C:\Windows\system32\DRIVERS\applemtm.sys [?]
R3 applemtp;Apple Multitouch;C:\Windows\system32\DRIVERS\applemtp.sys -->
C:\Windows\system32\DRIVERS\applemtp.sys [?]
R3 CirrusFilter;CS420xLowerFilter;C:\Windows\system32\DRIVERS\CS420x64.sys -->
C:\Windows\system32\DRIVERS\CS420x64.sys [?]
R3 IRRemoteFlt;IR Receiver Filter Driver;C:\Windows\system32\DRIVERS\IRFilter.sys -->
C:\Windows\system32\DRIVERS\IRFilter.sys [?]
R3 KeyMagic;USB Keyboard HID Filter;C:\Windows\system32\DRIVERS\KeyMagic.sys -->
C:\Windows\system32\DRIVERS\KeyMagic.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys -->
C:\Windows\system32\drivers\mbam.sys [?]
R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys -->
C:\Windows\system32\DRIVERS\MpNWMon.sys [?]
R3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys -->
C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [20114-27 288272] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?] R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-9-8 136176] S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-9-8 136176] S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?] . =============== Created Last 30 ================ . 2011-08-23 14:12:59 8862544 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{EFB80BE7-93B4-4B9F-9064-AF1875358693}\mpengine.dll 2011-08-22 13:58:20 35712 ----a-w-C:\Windows\SysWow64\drivers\BlackBox.sys 2011-08-22 12:42:10 -------- d-----w- C:\Program Files\CCleaner 2011-08-22 12:16:57 25160 ----a-w-C:\Windows\System32\drivers\hitmanpro35.sys 2011-08-22 12:16:24 -------- d-----w- C:\ProgramData\Hitman Pro 2011-08-22 05:28:16 24416 ----a-r-C:\Windows\System32\AdobePDFUI.dll 2011-08-22 05:26:48 103864 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll 2011-08-22 04:31:47 41272 ----a-w-C:\Windows\SysWow64\drivers\mbamswissarmy.sys 2011-08-22 04:31:44 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2011-08-22 04:05:47 -------- d-----w- C:\Users\aaronmiddleton\AppData\Local\{393441BD-DC41-41FDB2AD-31AE5E7D2CF5} 2011-08-22 04:03:35 -------- d-----w-C:\ProgramData\aJ01602HhCfJ01602 2011-08-18 21:04:51 -------- d-----w- C:\Program Files (x86)\Common Files\Steam 2011-08-18 21:04:47 -------- d-----w- C:\Program Files (x86)\Steam 2011-08-16 01:38:07 -------- d-----w-C:\Users\aaronmiddleton\AppData\Local\HP 2011-08-16 01:36:14 -------- d-----w-C:\ProgramData\WEBREG 2011-08-16 01:32:50 -------- d-----w-C:\Windows\SysWow64\spool 2011-08-16 01:31:52 -------- d-----w- C:\Program Files (x86)\Common Files\Hewlett-Packard 2011-08-16 01:31:29 -------- d-----w- C:\Program Files (x86)\Common Files\HP 2011-08-16 01:29:30 -------- d-----w- C:\Program Files (x86)\HP 2011-08-16 01:28:26 -------- d-----w- C:\Program Files\HP 2011-08-16 01:24:13 642360 ----a-w-C:\Windows\System32\hpzids40.dll 2011-08-14 23:52:21 -------- d-----w- C:\Program Files (x86)\Maxis 2011-08-12 12:35:50 601424 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3D8FA713-B28C-44E4-B143-001E322A9809}\gapaengine.dll 2011-08-11 03:29:27 -------- d-----w-C:\Users\aaronmiddleton\AppData\Roaming\Malwarebytes 2011-08-11 03:29:18 -------- d-----w-C:\ProgramData\Malwarebytes 2011-08-11 03:29:15 25912 ----a-w-C:\Windows\System32\drivers\mbam.sys 2011-08-11 03:15:56 338432 ----a-w-C:\Windows\System32\conhost.exe 2011-08-10 23:33:25 -------- d-----w-C:\Users\aaronmiddleton\AppData\Roaming\Mael 2011-08-10 23:31:58 -------- d-----w- C:\Program Files (x86)\HxD 2011-08-09 19:04:25 -------- d-----w-C:\Users\aaronmiddleton\AppData\Local\LogMeIn 2011-08-09 19:04:25 -------- d-----w-C:\ProgramData\LogMeIn 2011-08-08 13:47:05 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client 2011-08-08 13:46:35 8578896 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpengine.dll 2011-08-04 03:38:12 -------- d-----w-C:\Users\aaronmiddleton\AppData\Roaming\Spotify 2011-08-04 03:38:12 -------- d-----w-C:\Users\aaronmiddleton\AppData\Local\Spotify 2011-08-04 03:38:03 -------- d-----w- C:\Program Files (x86)\Spotify . ==================== Find3M ==================== . 2011-08-22 18:10:36 1056 --sha-w-C:\ProgramData\KGyGaAvL.sys 2011-07-22 05:35:08 1638912 ----a-w-C:\Windows\System32\mshtml.tlb 2011-07-22 04:56:17 1638912 ----a-w-C:\Windows\SysWow64\mshtml.tlb 2011-07-16 05:26:54 362496 ----a-w-C:\Windows\System32\wow64win.dll 2011-07-16 05:26:53 243200 ----a-w-C:\Windows\System32\wow64.dll 2011-07-16 05:26:53 13312 ----a-w-C:\Windows\System32\wow64cpu.dll 2011-07-16 05:26:18 214528 ----a-w-C:\Windows\System32\winsrv.dll 2011-07-16 05:24:09 16384 ----a-w-C:\Windows\System32\ntvdm64.dll 2011-07-16 05:21:32 422400 ----a-w-C:\Windows\System32\KernelBase.dll 2011-07-16 04:36:09 14336 ----a-w-C:\Windows\SysWow64\ntvdm64.dll 2011-07-16 04:32:14 44032 ----a-w-C:\Windows\apppatch\acwow64.dll 2011-07-16 04:31:50 25600 ----a-w-C:\Windows\SysWow64\setup16.exe 2011-07-16 04:30:29 5120 ----a-w-C:\Windows\SysWow64\wow32.dll 2011-07-16 04:30:27 272384 ----a-w-C:\Windows\SysWow64\KernelBase.dll 2011-07-16 02:26:12 7680 ----a-w-C:\Windows\SysWow64\instnm.exe 2011-07-16 02:26:11 2048 ----a-w-C:\Windows\SysWow64\user.exe 2011-07-16 02:21:47 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll 2011-07-16 02:21:47 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll 2011-07-16 02:21:47 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll 2011-07-16 02:21:47 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll 2011-07-09 02:44:55 287744 ----a-w-C:\Windows\System32\drivers\mrxsmb10.sys 2011-07-03 19:57:42 404640 ----a-w-C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2011-06-23 05:29:39 5507968 ----a-w-C:\Windows\System32\ntoskrnl.exe 2011-06-23 04:38:05 3957120 ----a-w-C:\Windows\SysWow64\ntkrnlpa.exe 2011-06-23 04:38:04 3902336 ----a-w-C:\Windows\SysWow64\ntoskrnl.exe 2011-06-21 06:27:14 1896832 ----a-w-C:\Windows\System32\drivers\tcpip.sys 2011-06-21 06:20:48 1197056 ----a-w-C:\Windows\System32\wininet.dll 2011-06-21 06:20:06 57856 ----a-w-C:\Windows\System32\licmgr10.dll 2011-06-21 05:36:36 981504 ----a-w-C:\Windows\SysWow64\wininet.dll 2011-06-21 05:35:05 44544 ----a-w-C:\Windows\SysWow64\licmgr10.dll 2011-06-21 05:05:13 482816 ----a-w-C:\Windows\System32\html.iec 2011-06-21 04:26:02 386048 ----a-w-C:\Windows\SysWow64\html.iec 2011-06-15 09:58:31 212992 ----a-w-C:\Windows\System32\odbctrac.dll 2011-06-15 09:58:31 163840 ----a-w-C:\Windows\System32\odbccp32.dll 2011-06-15 09:58:31 106496 ----a-w-C:\Windows\System32\odbccu32.dll 2011-06-15 09:58:31 106496 ----a-w-C:\Windows\System32\odbccr32.dll 2011-06-15 09:04:46 86016 ----a-w-C:\Windows\SysWow64\odbccu32.dll 2011-06-15 09:04:46 81920 ----a-w-C:\Windows\SysWow64\odbccr32.dll 2011-06-15 09:04:46 319488 ----a-w-C:\Windows\SysWow64\odbcjt32.dll
2011-06-15 09:04:46 163840 ----a-w C:\Windows\SysWow64\odbctrac.dll
2011-06-15 09:04:46 122880 ----a-w C:\Windows\SysWow64\odbccp32.dll
2011-06-11 02:56:44 3134464 ----a-w C:\Windows\System32\win32k.sys
.
============= FINISH: 9:29:22.66 ===============
Thanks!
Attached File(s)
-
Attach.zip (5K)
Number of downloads: 0
Back to top
In order to continue receiving help at BleepingComputer.com, 
If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:
