Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected not sure by what possible 2009 Antivirus


  • This topic is locked This topic is locked
2 replies to this topic

#1 Copper Bravo

Copper Bravo

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:02:14 AM

Posted 05 April 2009 - 01:07 PM

Hello,

well I am turning here for my last resort I believe i might be infected with the 2009 antivirus as i found my hosts file was modified with that I have since removed that. I am still getting popups and my system is running very slow please help.

I am currently running Malwarebytes scan on my system. I have done SpyBot as well as Ad-awareAE

my DDS log is below along with the Attach log uploaded. thank you in advance.



DDS (Ver_09-03-16.01) - NTFSx86
Run by dgreen at 10:55:59.68 on 2009-04-05
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.502.100 [GMT -7:00]


============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\IPSSVC.EXE
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Sandboxie\SbieSvc.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\program files\lenovo\system update\suservice.exe
C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
C:\WINDOWS\system32\TpKmpSVC.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\TpShocks.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\dgreen.CPLLC\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\DS Clock\DSClock.exe
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
c:\program files\common files\installshield\updateservice\isuspm.exe
C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
C:\Documents and Settings\dgreen.CPLLC\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/ig?hl=en&source=iglk
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.5.0_06\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: {c58e0ed0-b565-483b-af45-2f47d5c3e4ec} - c:\windows\system32\bejasiku.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Google Update] "c:\documents and settings\dgreen.cpllc\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [LogitechSoftwareUpdate] "c:\program files\logitech\video\ManifestEngine.exe" boot
uRun: [DS Clock] "c:\program files\ds clock\DSClock.exe"
uRun: [SandboxieControl] "c:\program files\sandboxie\SbieCtrl.exe"
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [SynTPLpr] c:\program files\synaptics\syntp\SynTPLpr.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [TpShocks] TpShocks.exe
mRun: [TP4EX] tp4ex.exe
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [SoundMAX] c:\program files\analog devices\soundmax\Smax4.exe /tray
mRun: [SunJavaUpdateSched] c:\program files\java\jre1.5.0_06\bin\jusched.exe
mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [ShStatEXE] "c:\program files\network associates\virusscan\SHSTAT.EXE" /STANDALONE
mRun: [McAfeeUpdaterUI] "c:\program files\network associates\common framework\UpdaterUI.exe" /StartedFromRunKey
mRun: [Network Associates Error Reporting Service] "c:\program files\common files\network associates\talkback\TBMon.exe"
mRun: [LVCOMSX] c:\windows\system32\LVCOMSX.EXE
mRun: [LogitechVideoRepair] c:\program files\logitech\video\ISStart.exe
mRun: [LogitechVideoTray] c:\program files\logitech\video\LogiTray.exe
mRun: [LPManager] c:\progra~1\thinkv~2\prdctr\LPMGR.exe
mRun: [EZEJMNAP] c:\progra~1\thinkpad\utilit~1\EzEjMnAp.Exe
mRun: [Ad-Watch] c:\program files\lavasoft\ad-aware\AAWTray.exe
mRun: [CPMf7f5285b] Rundll32.exe "c:\windows\system32\vubebiye.dll",a
mRun: [kotubepugu] Rundll32.exe "c:\windows\system32\weminano.dll",s
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {DA320635-F48C-4613-8325-D75A933C549E} - c:\program files\lenovo\system update\sulauncher.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0_06\bin\ssv.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {00000055-9980-0010-8000-00AA00389B71} - hxxp://codecs.microsoft.com/codecs/i386/fhg.CAB
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Notify: AwayNotify - c:\program files\lenovo\awaytask\AwayNotify.dll
Notify: igfxcui - igfxdev.dll
Notify: tpfnf2 - notifyf2.dll
Notify: tphotkey - tphklock.dll
AppInit_DLLs: c:\windows\system32\vubebiye.dll,c:\windows\system32\kanavuwo.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\vubebiye.dll
STS: STS: {ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} - c:\windows\system32\vubebiye.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
LSA: Notification Packages = scecli c:\windows\system32\kanavuwo.dll

============= SERVICES / DRIVERS ===============

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-3-29 64160]
R0 Shockprf;Shockprf;c:\windows\system32\drivers\shockprf.sys [2009-3-7 88576]
R1 NaiAvTdi1;NaiAvTdi1;c:\windows\system32\drivers\mvstdi5x.sys [2009-3-9 58016]
R1 ShockMgr;ShockMgr;c:\windows\system32\drivers\ShockMgr.sys [2009-3-7 4736]
R1 TPPWRIF;TPPWRIF;c:\windows\system32\drivers\TPPWRIF.SYS [2009-3-7 4442]
R2 McAfeeFramework;McAfee Framework Service;c:\program files\network associates\common framework\FrameworkService.exe [2009-3-9 102463]
R2 McShield;Network Associates McShield;c:\program files\network associates\virusscan\Mcshield.exe [2004-8-18 221191]
R2 McTaskManager;Network Associates Task Manager;c:\program files\network associates\virusscan\VsTskMgr.exe [2004-8-18 28672]
R2 smi2;smi2;c:\program files\smi2\smi2.sys [2006-7-14 3968]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\drivers\ManyCam.sys [2008-1-14 21632]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2009-4-5 38496]
R3 NaiAvFilter1;NaiAvFilter1;c:\windows\system32\drivers\naiavf5x.sys [2009-3-9 108256]
R3 SbieDrv;SbieDrv;c:\program files\sandboxie\SbieDrv.sys [2009-1-5 103936]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-3-9 951632]

=============== Created Last 30 ================

2009-04-05 10:35 <DIR> --d----- c:\docume~1\dgreen~1.cpl\applic~1\Malwarebytes
2009-04-05 10:12 <DIR> --d----- C:\VundoFix Backups
2009-04-05 09:15 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-04-05 09:15 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-05 09:15 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-04-05 09:15 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-04-05 08:02 <DIR> --d----- c:\program files\Trend Micro
2009-04-03 06:05 2,713 ---sh--- c:\windows\system32\beyisahe.exe
2009-03-31 14:13 <DIR> --d----- c:\program files\Spybot - Search & Destroy
2009-03-31 14:13 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2009-03-30 06:52 <DIR> --d----- C:\Sandbox
2009-03-30 06:52 1,544 a------- c:\windows\Sandboxie.ini
2009-03-30 06:49 <DIR> --d----- c:\program files\Sandboxie
2009-03-30 00:15 122 ---sh--- c:\windows\system32\ihatoroz.ini
2009-03-29 21:58 15,688 a------- c:\windows\system32\lsdelete.exe
2009-03-29 20:34 64,160 a------- c:\windows\system32\drivers\Lbd.sys
2009-03-29 20:31 <DIR> -cd-h--- c:\docume~1\alluse~1\applic~1\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2009-03-29 20:31 <DIR> --d----- c:\program files\Lavasoft
2009-03-29 12:14 122 ---sh--- c:\windows\system32\ibafuneb.ini
2009-03-28 02:44 <DIR> --d----- c:\program files\DS Clock
2009-03-28 02:44 <DIR> --d----- c:\docume~1\dgreen~1.cpl\applic~1\Duality Software
2009-03-15 22:18 60,032 a------- c:\windows\system32\drivers\USBAUDIO.sys
2009-03-15 22:18 60,032 a------- c:\windows\system32\dllcache\usbaudio.sys
2009-03-15 21:57 <DIR> --d----- c:\program files\common files\Logitech
2009-03-15 21:56 462,848 a------- c:\windows\system32\LCamCpl.dll
2009-03-15 20:55 69,632 a------- c:\windows\system32\lfgif13n.dll
2009-03-15 20:55 450,560 a------- c:\windows\system32\ltimg13n.dll
2009-03-15 20:55 401,408 a------- c:\windows\system32\lfcmp13n.dll
2009-03-15 20:55 206,336 a------- c:\windows\system32\ltefx13n.dll
2009-03-15 20:55 57,344 a------- c:\windows\system32\lfbmp13n.dll
2009-03-15 20:55 462,848 a------- c:\windows\system32\ltkrn13n.dll
2009-03-15 20:55 299,008 a------- c:\windows\system32\ltdis13n.dll
2009-03-15 20:55 163,840 a------- c:\windows\system32\ltfil13n.dll
2009-03-15 19:50 <DIR> --d----- c:\docume~1\dgreen~1.cpl\applic~1\Camfrog
2009-03-15 19:33 <DIR> --d----- c:\docume~1\dgreen~1.cpl\applic~1\Windows Search
2009-03-13 14:05 <DIR> --d----- c:\program files\Microsoft CAPICOM 2.1.0.2
2009-03-13 12:01 268,648 a------- c:\windows\system32\mucltui.dll
2009-03-13 12:01 208,744 a------- c:\windows\system32\muweb.dll
2009-03-13 12:01 27,496 a------- c:\windows\system32\mucltui.dll.mui
2009-03-12 20:37 <DIR> --d----- c:\documents and settings\dgreen.cpllc\Tracing
2009-03-12 20:34 <DIR> --d----- c:\program files\Microsoft
2009-03-12 20:34 <DIR> --d----- c:\program files\Windows Live SkyDrive
2009-03-12 20:29 <DIR> --d----- c:\program files\common files\Windows Live
2009-03-10 20:22 765,952 a------- c:\windows\system32\xvidcore.dll
2009-03-10 20:22 180,224 a------- c:\windows\system32\xvidvfw.dll
2009-03-10 20:22 77,824 a------- c:\windows\system32\xvid.ax
2009-03-10 20:22 <DIR> --d----- c:\program files\Xvid
2009-03-10 20:04 129,520 -------- c:\windows\system32\pxafs.dll
2009-03-09 23:08 <DIR> --d----- c:\program files\SecureCRT
2009-03-09 23:01 <DIR> --d----- c:\docume~1\dgreen~1.cpl\applic~1\VanDyke
2009-03-09 22:09 34,064 a------- c:\windows\system32\lhacm.acm
2009-03-09 22:09 <DIR> --d----- c:\program files\Teamspeak2_RC2
2009-03-09 17:12 <DIR> --d----- c:\documents and settings\dgreen.cpllc\Contacts
2009-03-09 17:11 268 a---h--- C:\sqmdata00.sqm
2009-03-09 17:11 244 a---h--- C:\sqmnoopt00.sqm
2009-03-09 15:24 512 a------- c:\windows\randseed.rnd
2009-03-09 15:24 <DIR> --d----- c:\program files\common files\Cisco Systems
2009-03-09 15:24 108,256 a------- c:\windows\system32\drivers\naiavf5x.sys
2009-03-09 15:24 58,016 a------- c:\windows\system32\drivers\mvstdi5x.sys
2009-03-09 15:24 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Network Associates
2009-03-09 15:24 <DIR> --d----- c:\program files\Network Associates
2009-03-09 15:24 <DIR> --d----- c:\program files\common files\Network Associates
2009-03-09 15:17 <DIR> --d----- c:\windows\SchCache
2009-03-09 15:14 <DIR> --d----- c:\docume~1\dgreen~1.cpl\applic~1\ThinkVantage
2009-03-09 15:14 <DIR> --d----- c:\docume~1\dgreen~1.cpl\applic~1\Symantec
2009-03-09 15:14 <DIR> --d----- c:\docume~1\dgreen~1.cpl\applic~1\Lenovo
2009-03-09 15:14 <DIR> --d----- c:\documents and settings\dgreen.CPLLC
2009-03-09 14:56 <DIR> --d----- c:\windows\system32\appmgmt
2009-03-09 04:05 36,734 a------- c:\windows\system32\OggDSuninst.exe
2009-03-09 04:04 <DIR> --d----- c:\program files\AC3Filter
2009-03-09 03:57 <DIR> --d----- c:\program files\FileZilla Client
2009-03-09 03:52 <DIR> --d----- c:\program files\SnadBoy's Revelation v2
2009-03-09 03:32 <DIR> --d----- C:\PlexView
2009-03-09 03:31 <DIR> --d-h--- c:\program files\Zero G Registry
2009-03-09 03:30 <DIR> --d----- C:\IA_Installers
2009-03-09 03:01 <DIR> --d----- c:\program files\Yahoo!
2009-03-09 00:35 53,760 a------- c:\windows\system32\vfwwdm32.dll
2009-03-09 00:35 53,760 a------- c:\windows\system32\dllcache\vfwwdm32.dll
2009-03-09 00:35 91,136 a------- c:\windows\system32\kswdmcap.ax
2009-03-09 00:35 91,136 a------- c:\windows\system32\dllcache\kswdmcap.ax
2009-03-09 00:35 43,008 a------- c:\windows\system32\ksxbar.ax
2009-03-09 00:35 43,008 a------- c:\windows\system32\dllcache\ksxbar.ax
2009-03-09 00:35 61,952 a------- c:\windows\system32\kstvtune.ax
2009-03-09 00:35 61,952 a------- c:\windows\system32\dllcache\kstvtune.ax
2009-03-09 00:35 <DIR> --d----- c:\program files\ManyCam 2.3
2009-03-09 00:34 <DIR> --d----- c:\program files\Camfrog
2009-03-09 00:26 0 a------- c:\windows\vpc32.INI
2009-03-08 20:34 <DIR> --d----- C:\Python24
2009-03-08 20:34 <DIR> --d----- C:\scripts
2009-03-08 20:32 26,368 a------- c:\windows\system32\dllcache\usbstor.sys
2009-03-08 20:17 1,089,593 -------- c:\windows\system32\dllcache\ntprint.cat
2009-03-08 20:03 172,032 a------- c:\windows\system32\igfxres.dll
2009-03-08 19:51 <DIR> --d----- c:\windows\system32\XPSViewer
2009-03-08 19:50 597,504 -------- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-03-08 19:50 575,488 -------- c:\windows\system32\xpsshhdr.dll
2009-03-08 19:50 575,488 -------- c:\windows\system32\dllcache\xpsshhdr.dll
2009-03-08 19:50 117,760 -------- c:\windows\system32\prntvpt.dll
2009-03-08 19:50 89,088 -------- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-03-08 19:50 <DIR> --d----- C:\888e8fba477b0febce
2009-03-08 19:50 1,676,288 -------- c:\windows\system32\xpssvcs.dll
2009-03-08 19:50 1,676,288 -------- c:\windows\system32\dllcache\xpssvcs.dll
2009-03-08 19:44 <DIR> --d----- c:\program files\MSXML 4.0
2009-03-08 19:41 <DIR> --d-h--- c:\windows\system32\GroupPolicy
2009-03-08 19:41 <DIR> --d----- c:\program files\Windows Desktop Search
2009-03-08 19:31 393,216 a------- c:\windows\system32\igxpun.exe
2009-03-08 19:31 121,232 a------- c:\windows\system32\IScrNBR.bmp
2009-03-08 19:31 121,232 a------- c:\windows\system32\IScrNB.bmp
2009-03-08 19:31 <DIR> --d----- c:\windows\system32\x64
2009-03-08 19:30 319,456 a------- c:\windows\system32\difxapi.dll
2009-03-08 19:11 272,128 -------- c:\windows\system32\dllcache\bthport.sys
2009-03-08 19:11 1,106,944 -------- c:\windows\system32\dllcache\msxml3.dll
2009-03-08 19:11 247,326 -------- c:\windows\system32\dllcache\strmdll.dll
2009-03-08 19:11 337,408 -------- c:\windows\system32\dllcache\netapi32.dll
2009-03-08 19:07 0 a------- c:\windows\MEMORY.DMP
2009-03-08 19:04 12,160 a------- c:\windows\system32\drivers\mouhid.sys
2009-03-08 19:04 21,504 a------- c:\windows\system32\hidserv.dll
2009-03-08 19:04 14,592 a------- c:\windows\system32\drivers\kbdhid.sys
2009-03-08 19:03 10,368 a------- c:\windows\system32\drivers\hidusb.sys
2009-03-08 19:03 32,128 a------- c:\windows\system32\drivers\usbccgp.sys
2009-03-08 12:23 <DIR> --d----- c:\windows\system32\scripting
2009-03-08 12:23 <DIR> --d----- c:\windows\l2schemas
2009-03-08 12:23 <DIR> --d----- c:\windows\system32\en
2009-03-08 12:23 <DIR> --d----- c:\windows\system32\bits
2009-03-08 12:19 <DIR> --d----- c:\windows\ServicePackFiles
2009-03-08 12:18 <DIR> --d----- c:\windows\network diagnostic
2009-03-07 23:13 <DIR> --d----- c:\windows\system32\LogFiles
2009-03-07 22:46 701,440 -------- c:\windows\system32\drivers\ati2mtag.sys
2009-03-07 22:29 <DIR> --d----- c:\windows\system32\PreInstall
2009-03-07 22:23 376 a------- c:\windows\ODBC.INI
2009-03-07 22:23 28,040 a------- c:\windows\system32\mdimon.dll
2009-03-07 22:21 <DIR> --d----- c:\program files\common files\L&H
2009-03-07 22:21 <DIR> --d----- c:\program files\Microsoft ActiveSync
2009-03-07 22:20 <DIR> --d----- c:\windows\SHELLNEW
2009-03-07 22:15 <DIR> --d----- c:\windows\system32\SoftwareDistribution
2009-03-07 21:08 <DIR> --d----- c:\windows\pss
2009-03-07 20:59 221,184 a------- c:\windows\system32\wmpns.dll
2009-03-07 20:59 50 a------- c:\windows\system32\drivers\LENOVO_1953_D9U.MRK
2009-03-07 20:59 10 a------- c:\windows\system32\firstboot.ibm
2009-03-07 20:52 61 a------- c:\windows\smscfg.ini
2009-03-07 20:48 <DIR> --dshr-- C:\RRbackups
2009-03-07 20:47 115,880 -------- c:\windows\system32\pxinsi64.exe
2009-03-07 20:47 114,856 -------- c:\windows\system32\pxcpyi64.exe
2009-03-07 20:46 5,427 a------- c:\windows\system32\EGATHDRV.SYS
2009-03-07 20:46 5,427 a------- c:\windows\EGATHDRV.TMP
2009-03-07 20:46 <DIR> --d----- c:\program files\SMI2
2009-03-07 20:46 <DIR> --d----- c:\program files\TVT SMBus
2009-03-07 20:46 <DIR> --d----- C:\SWSHARE
2009-03-07 20:46 7,012 a------- c:\windows\system32\drivers\pmemnt.sys
2009-03-07 20:45 23,552 a------- c:\windows\system32\drivers\psasrv.exe
2009-03-07 20:45 282,624 a------- c:\windows\system32\tvt_gina_api.dll
2009-03-07 20:45 577,536 a------- c:\windows\system32\tvt_gina.dll
2009-03-07 20:45 0 a------- c:\windows\system32\AccConnAdvanced.html
2009-03-07 20:44 <DIR> --d----- c:\windows\Downloaded Installations
2009-03-07 20:44 1,920,056 a------- c:\windows\800_600 Think Americas Map.bmp
2009-03-07 20:44 114,688 a------- c:\windows\desktopset.exe
2009-03-07 20:44 5,292,056 a------- c:\windows\1680_1050 Think Americas Map.bmp
2009-03-07 20:44 7,680,056 a------- c:\windows\1600_1200 Think Americas Map.bmp
2009-03-07 20:44 5,880,056 a------- c:\windows\1400_1050 Think Americas Map.bmp
2009-03-07 20:44 5,242,936 a------- c:\windows\1280_1024 Think Americas Map.bmp
2009-03-07 20:44 3,145,784 a------- c:\windows\1024_768 Think Americas Map.bmp
2009-03-07 20:44 3,072,056 a------- c:\windows\1280_800 Think Americas Map.bmp
2009-03-07 20:44 2,949,176 a------- c:\windows\1280_768 Think Americas Map.bmp
2009-03-07 20:40 40 a------- c:\windows\system32\profile.dat
2009-03-07 20:40 8,192 a------- c:\windows\REGLOCS.OLD
2009-03-07 20:39 <DIR> --d----- c:\program files\Symantec Client Security
2009-03-07 20:39 <DIR> --d----- c:\program files\common files\Symantec Shared
2009-03-07 20:39 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Symantec
2009-03-07 20:38 <DIR> --d----- c:\program files\Sonic Icons for Lenovo
2009-03-07 20:38 <DIR> --d----- c:\program files\Sonic
2009-03-07 20:38 <DIR> --d----- c:\program files\common files\SureThing Shared
2009-03-07 20:37 <DIR> --d----- c:\program files\Multimedia Center for Think Offerings
2009-03-07 20:37 <DIR> --d----- c:\program files\common files\Sonic Shared
2009-03-07 20:37 <DIR> --d----- c:\program files\InterVideo
2009-03-07 20:36 44,544 a------- c:\windows\system32\msxml4a.dll
2009-03-07 20:36 9,679 a------- c:\windows\system32\msxml4r.cat
2009-03-07 20:36 9,675 a------- c:\windows\system32\msxml4.cat
2009-03-07 20:36 3,489 a------- c:\windows\system32\msxml4.Manifest
2009-03-07 20:36 500 a------- c:\windows\system32\msxml4r.Manifest
2009-03-07 20:36 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Lenovo
2009-03-07 20:36 49,265 a------- c:\windows\system32\jpicpl32.cpl
2009-03-07 20:35 <DIR> --d----- c:\program files\common files\Lenovo
2009-03-07 20:34 917,504 a------- c:\windows\system32\ahlprun.exe
2009-03-07 20:34 <DIR> --d----- c:\program files\ThinkVantage
2009-03-07 20:30 <DIR> --d----- c:\program files\Digital Line Detect
2009-03-07 20:30 <DIR> --d----- c:\program files\NetWaiting
2009-03-07 20:29 <DIR> --d----- c:\program files\CONEXANT
2009-03-07 20:29 1,285,632 a------- c:\windows\system32\SMMedia.dll
2009-03-07 20:28 7,168 a------- c:\windows\system32\drivers\TSMAPIP.SYS
2009-03-07 20:28 <DIR> --d----- c:\program files\Lenovo
2009-03-07 20:28 <DIR> --d----- c:\program files\common files\Wise Installation Wizard
2009-03-07 20:28 21,419 a------- c:\windows\system32\drivers\AegisP.sys
2009-03-07 20:27 <DIR> --d----- c:\program files\Synaptics
2009-03-07 20:27 <DIR> --d----- c:\program files\ThinkPad
2009-03-07 20:25 28,672 a------- c:\windows\system32\verclsid.exe
2009-03-07 20:25 <DIR> --d----- c:\program files\Windows Media Connect 2
2009-03-07 20:24 138 a------- c:\windows\system32\Softkbd.exe.config
2009-03-07 20:21 <DIR> --d----- c:\windows\RegisteredPackages
2009-03-07 20:20 <DIR> --d----- c:\program files\Analog Devices
2009-03-07 20:20 10,240 a------- c:\windows\system32\drivers\compbatt.sys
2009-03-07 20:20 14,208 a------- c:\windows\system32\drivers\battc.sys
2009-03-07 20:20 13,952 a------- c:\windows\system32\drivers\cmbatt.sys
2009-03-07 20:20 30,208 a------- c:\windows\system32\drivers\usbehci.sys
2009-03-07 20:20 7,168 a------- c:\windows\system32\hccoin.dll
2009-03-07 20:19 19,584 a------- c:\windows\system32\drivers\rasirda.sys
2009-03-07 20:19 88,192 a------- c:\windows\system32\drivers\irda.sys
2009-03-07 20:19 151,552 a------- c:\windows\system32\irftp.exe
2009-03-07 20:19 8,192 a------- c:\windows\system32\wshirda.dll
2009-03-07 20:19 28,672 a------- c:\windows\system32\drivers\nscirda.sys
2009-03-07 20:09 <DIR> --d----- C:\SWTOOLS
2009-03-07 20:05 <DIR> a-d----- C:\I386

==================== Find3M ====================

2009-04-05 06:30 61,440 a--sh--- c:\windows\system32\gorumiba.exe
2009-04-03 18:02 61,440 a--sh--- c:\windows\system32\hukawebo.exe
2009-04-03 06:50 61,440 a------- c:\windows\system32\zisuvora.exe
2009-04-02 18:02 50,688 a--sh--- c:\windows\system32\jezohefo.dll
2009-04-02 18:01 61,440 a--sh--- c:\windows\system32\yadobapo.exe
2009-03-31 19:18 61,440 a--sh--- c:\windows\system32\wivagoge.exe
2009-03-31 19:18 50,176 a--sh--- c:\windows\system32\luhuvoyu.dll
2009-03-31 04:31 81,408 a--sh--- c:\windows\system32\tevisiko.dll
2009-03-31 04:31 61,440 a--sh--- c:\windows\system32\yovasuji.exe
2009-03-31 04:31 89,088 a---h--- c:\windows\system32\vubebiye.dll
2009-03-30 16:32 61,440 a--sh--- c:\windows\system32\yuterahi.exe
2009-03-30 16:32 89,088 a--sh--- c:\windows\system32\wenabebi.dll
2009-03-30 16:32 80,896 -------- c:\windows\system32\jirakiti.dll
2009-03-30 00:14 89,088 a--sh--- c:\windows\system32\dowuvedo.dll
2009-03-30 00:14 61,440 a--sh--- c:\windows\system32\rugifuye.exe
2009-03-29 12:14 89,088 a--sh--- c:\windows\system32\paguputo.dll
2009-03-29 12:14 81,408 -------- c:\windows\system32\benufabi.dll
2009-03-29 12:14 61,440 a--sh--- c:\windows\system32\zimasanu.exe
2009-03-09 14:55 17,536 a------- c:\windows\system32\drivers\psadd.sys
2009-03-08 19:45 0 a---h--- c:\windows\system32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
2009-03-08 19:45 0 a---h--- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2009-03-08 12:26 86,327 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2009-03-07 20:29 0 a---hr-- c:\windows\system32\drivers\IBM_1953_D9U_TP.MRK
2009-02-09 04:13 1,846,784 a------- c:\windows\system32\win32k.sys
2009-02-09 04:13 1,846,784 -------- c:\windows\system32\dllcache\win32k.sys
2009-02-06 18:52 49,504 a------- c:\windows\system32\sirenacm.dll
2009-01-16 22:35 3,594,752 -------- c:\windows\system32\dllcache\mshtml.dll
2009-01-02 18:02 50,688 a--sh--- c:\windows\system32\kanavuwo.dll
2009-01-02 18:02 50,688 a--sh--- c:\windows\system32\weminano.dll

============= FINISH: 10:57:26.22 ===============


here is my HJT log as well

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:33:35, on 2009-04-05
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\IPSSVC.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Sandboxie\SbieSvc.exe
C:\WINDOWS\system32\svchost.exe
c:\program files\lenovo\system update\suservice.exe
C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
C:\WINDOWS\system32\TpKmpSVC.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\TpShocks.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\dgreen.CPLLC\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\DS Clock\DSClock.exe
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {c58e0ed0-b565-483b-af45-2f47d5c3e4ec} - C:\WINDOWS\system32\bejasiku.dll (file missing)
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [CPMf7f5285b] Rundll32.exe "c:\windows\system32\vubebiye.dll",a
O4 - HKLM\..\Run: [kotubepugu] Rundll32.exe "C:\WINDOWS\system32\weminano.dll",s
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\dgreen.CPLLC\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [DS Clock] "C:\Program Files\DS Clock\DSClock.exe"
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [kotubepugu] Rundll32.exe "C:\WINDOWS\system32\weminano.dll",s (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [kotubepugu] Rundll32.exe "C:\WINDOWS\system32\weminano.dll",s (User 'NETWORK SERVICE')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: System Update - {DA320635-F48C-4613-8325-D75A933C549E} - C:\Program Files\Lenovo\System Update\sulauncher.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.lenovo.com/welcome/thinkpad
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = cpllc.lan
O17 - HKLM\Software\..\Telephony: DomainName = cpllc.lan
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = cpllc.lan
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = cpllc.lan
O20 - AppInit_DLLs: c:\windows\system32\vubebiye.dll,C:\WINDOWS\system32\kanavuwo.dll
O20 - Winlogon Notify: AwayNotify - C:\Program Files\Lenovo\AwayTask\AwayNotify.dll
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\vubebiye.dll
O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\vubebiye.dll
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: IPS Core Service (IPSSVC) - Lenovo Group Limited - C:\WINDOWS\system32\IPSSVC.EXE
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Sandboxie Service (SbieSvc) - tzuk - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: System Update (SUService) - - c:\program files\lenovo\system update\suservice.exe
O23 - Service: ThinkVantage Registry Monitor Service - Unknown owner - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe
O23 - Service: TSS Core Service (TSSCoreService) - IBM - C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe

--
End of file - 10779 bytes

Attached Files



BC AdBot (Login to Remove)

 


#2 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:02:14 AM

Posted 15 April 2009 - 12:15 AM

Hello Copper Bravo,

Posted Image

Sorry about the delay.:thumbup2: If you still need help, please post a new HijackThis log to make sure nothing has changed, and I'll be happy to look at it for you.

Thanks,
tea
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?

#3 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:02:14 AM

Posted 08 May 2009 - 01:16 AM

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users