Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Hijacked Google Searches, Hijacthis log


  • Please log in to reply
3 replies to this topic

#1 thettman

thettman

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:05:29 AM

Posted 14 January 2011 - 09:29 AM

Hope someone can help and review the following log file from Hijackthis. My Google searches keep getting hijacked to unknown sites. I've run seveal spyware programs to get rid of the problem but it keeps coming back. Thanks.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:09:51 AM, on 1/14/2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files\Verizon\McciTrayApp.exe
C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Windows\System32\PrintDisp.exe
C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
C:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files\CyberLink\Shared files\brs.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\AWS\WeatherBug\Weather.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosHdpProc.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
C:\Program Files\Verizon\McciBrowser.exe
C:\Program Files\Verizon\McciBrowser.exe
C:\BTGUARD\uTorrent.exe
C:\Users\Howie\Downloads\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)
R3 - URLSearchHook: (no name) - {b80f591e-fe9a-46cf-a13e-180377240586} - (no file)
O2 - BHO: AcroIEHelperStub - Disabled:{18DF081C-E8AD-4283-A596-FA578C2EBDC3} - (no file)
O2 - BHO: IEVkbdBHO - Disabled:{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - (no file)
O2 - BHO: Search Helper - Disabled:{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - (no file)
O2 - BHO: (no name) - Disabled:{9030D464-4C02-4ABF-8ECC-5164760863C6} - (no file)
O2 - BHO: Babylon IE plugin - Disabled:{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - (no file)
O2 - BHO: (no name) - Disabled:{AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: (no name) - Disabled:{AE7CD045-E861-484f-8273-0445EE161910} - (no file)
O2 - BHO: (no name) - Disabled:{DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O2 - BHO: link filter bho - Disabled:{E33CF602-D945-461A-83F0-819F76A199F8} - (no file)
O2 - BHO: SmartSelect - Disabled:{F4971EE7-DAA0-4053-9964-665D8EE6A077} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Search Toolbar - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll (file missing)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
O4 - HKLM\..\Run: [Nuance OmniPage 17-reminder] "C:\Program Files\Nuance\OmniPage17\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\OmniPage 17\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [Verizon_McciTrayApp] "C:\Program Files\Verizon\McciTrayApp.exe"
O4 - HKLM\..\Run: [USBToolTip] C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [itype] "c:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [PrintDisp] C:\Windows\system32\PrintDisp.exe
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared files\brs.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKCU\..\Run: [Aim] "C:\Program Files\AIM\aim.exe" /d locale=en-US
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O4 - HKCU\..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
O4 - HKCU\..\Run: [Adobe Acrobat Synchronizer] "C:\Program Files\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - Startup: BTGuard Updates.lnk = C:\BTGUARD\settings.exe
O4 - Global Startup: Aventail VPN Connection.lnk = ?
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O9 - Extra button: HiDownload - {F4FBA929-A891-492C-A0F6-5C79CC4F1742} - C:\Program Files\StreamingStar\HiDownload_Platinum\HiDownloadPlatinum.exe (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} (Device Detection) - http://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (Emsisoft Web Malware Scan) - http://ax.emsisoft.com/emsisoft_webscan.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} (Domino Web Access 7 Control) - https://notesits.amplifon.com/dwa7W.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: Adobe Active File Monitor V9 (AdobeActiveFileMonitor9.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: McciCMService - Alcatel-Lucent - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: Aventail VPN Client (NgVpnMgr) - Aventail Corporation - C:\Windows\system32\ngvpnmgr.exe
O23 - Service: Printer Control - ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM - C:\Windows\system32\PrintCtrl.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: ut785478iy (xxm56yt7ut) - Unknown owner - C:\Program Files\Common Files\bugoilen\bungo659.exe (file missing)

--
End of file - 14432 bytes

BC AdBot (Login to Remove)

 


#2 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:06:29 PM

Posted 18 January 2011 - 10:13 PM

Download DDS by sUBs and save it to your desktop from here or here or here.
Disable any script blocker, and then double click dds.scr to run the tool.
  • When done, DDS will open two (2) logs:
    • DDS.txt
    • Attach.txt
  • Save both reports to your Desktop and post them in your next reply

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive


#3 thettman

thettman
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:05:29 AM

Posted 18 January 2011 - 10:49 PM

DDS.txt file here:

DDS (Ver_10-12-12.01) - NTFSx86
Run by Howie at 22:38:05.23 on Tue 01/18/2011
Internet Explorer: 8.0.7600.16385
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.3327.1787 [GMT -5:00]

SP: Spybot - Search and Destroy *Disabled/Updated* {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
AV: Kaspersky Internet Security *Enabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Kaspersky Internet Security *Enabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
FW: Kaspersky Internet Security *Enabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\ngvpnmgr.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\rundll32.exe
C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\PrintCtrl.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\taskhost.exe
C:\Program Files\Hard Disk Sentinel\HDSentinel.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files\Verizon\McciTrayApp.exe
C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
C:\Windows\System32\PrintDisp.exe
C:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files\CyberLink\Shared files\brs.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\AWS\WeatherBug\Weather.exe
C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Program Files\PC Connectivity Solution\Transports\NclToBTSrv.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosHdpProc.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
C:\Program Files\Common Files\Nokia\NoA\nokiaaserver.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Nero\Update\NASvc.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\BTGUARD\uTorrent.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\wmi32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtblfs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Users\Howie\Desktop\dds.pif
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uSearch Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
uDefault_Page_URL = hxxp://www.msn.com
uInternet Settings,ProxyOverride = *.local;<local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: H - No File
uURLSearchHooks: H - No File
BHO: Disabled:{18DF081C-E8AD-4283-A596-FA578C2EBDC3} - No File
BHO: Disabled:{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - No File
BHO: Disabled:{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - No File
BHO: Disabled:{9030D464-4C02-4ABF-8ECC-5164760863C6} - No File
BHO: Disabled:{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - No File
BHO: Disabled:{AA58ED58-01DD-4d91-8333-CF10577473F7} - No File
BHO: Disabled:{AE7CD045-E861-484f-8273-0445EE161910} - No File
BHO: Disabled:{DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
BHO: Disabled:{E33CF602-D945-461A-83F0-819F76A199F8} - No File
BHO: Disabled:{F4971EE7-DAA0-4053-9964-665D8EE6A077} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files\kaspersky lab\kaspersky internet security 2011\ievkbd.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - c:\program files\kaspersky lab\kaspersky internet security 2011\klwtbbho.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - c:\program files\search toolbar\SearchToolbar.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB: {B80F591E-FE9A-46CF-A13E-180377240586} - No File
TB: {724D43A0-0D85-11D4-9908-00400523E39A} - No File
uRun: [Aim] "c:\program files\aim\aim.exe" /d locale=en-US
uRun: [Weather] c:\program files\aws\weatherbug\Weather.exe 1
uRun: [NokiaOviSuite2] c:\program files\nokia\nokia ovi suite\NokiaOviSuite.exe -tray
uRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
uRun: [TomTomHOME.exe] "c:\program files\tomtom home 2\TomTomHOMERunner.exe"
uRun: [ISUSPM] c:\programdata\flexnet\connect\11\ISUSPM.exe -scheduler
uRun: [Adobe Acrobat Synchronizer] "c:\program files\adobe\acrobat 10.0\acrobat\AdobeCollabSync.exe"
uRun: [<NO NAME>]
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\logitech webcam software\LWS.exe" /hide
mRun: [Nuance OmniPage 17-reminder] "c:\program files\nuance\omnipage17\ereg\ereg.exe" -r "c:\programdata\scansoft\omnipage 17\ereg\Ereg.ini"
mRun: [Verizon_McciTrayApp] "c:\program files\verizon\McciTrayApp.exe"
mRun: [USBToolTip] c:\progra~1\pinnacle\shared~1\programs\usbtip\USBTip.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [itype] "c:\program files\microsoft intellitype pro\itype.exe"
mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
mRun: [PrintDisp] c:\windows\system32\PrintDisp.exe
mRun: [TaskTray]
mRun: [ATICustomerCare] "c:\program files\ati\aticustomercare\ATICustomerCare.exe"
mRun: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [<NO NAME>]
mRun: [Adobe Acrobat Speed Launcher] "c:\program files\adobe\acrobat 10.0\acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 10.0\acrobat\Acrotray.exe"
mRun: [RemoteControl10] "c:\program files\cyberlink\powerdvd10\PDVD10Serv.exe"
mRun: [BDRegion] c:\program files\cyberlink\shared files\brs.exe
mRun: [AVP] "c:\program files\kaspersky lab\kaspersky internet security 2011\avp.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [NokiaMServer] c:\program files\common files\nokia\mplatform\NokiaMServer /watchfiles startup
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
StartupFolder: c:\users\howie\appdata\roaming\micros~1\windows\startm~1\programs\startup\btguar~1.lnk - c:\btguard\settings.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\AVENTA~1.LNK -
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\toshiba\bluetooth toshiba stack\TosBtMng.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
mPolicies-system: EnableLinkedConnections = 1 (0x1)
IE: Add to Anti-Banner - c:\program files\kaspersky lab\kaspersky internet security 2011\ie_banner_deny.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105
IE: {bd707fe6-39f6-4bda-9265-86a76719bdc5} - c:\program files\motorola\bluetooth\btmiesend.htm
IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - c:\program files\kaspersky lab\kaspersky internet security 2011\klwtbbho.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - c:\program files\kaspersky lab\kaspersky internet security 2011\klwtbbho.dll
Trusted Zone: maryland.gov\securetransactions.mva
DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} - hxxp://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} - hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} - hxxp://ax.emsisoft.com/emsisoft_webscan.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} - hxxps://notesits.amplifon.com/dwa7W.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Notify: klogon - c:\windows\system32\klogon.dll
AppInit_DLLs: c:\progra~1\kasper~1\kasper~1\mzvkbd3.dll,c:\progra~1\kasper~1\kasper~1\kloehk.dll

============= SERVICES / DRIVERS ===============

R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [2009-1-7 20744]
R1 kl2;kl2;c:\windows\system32\drivers\kl2.sys [2010-6-9 11352]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\drivers\klim6.sys [2010-4-22 22104]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/11/28 18:00:36];c:\program files\cyberlink\powerdvd10\navfilter\000.fcl [2010-11-17 87536]
R2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program files\adobe\elements 9 organizer\PhotoshopElementsFileAgent.exe [2010-9-6 169408]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-11-25 176128]
R2 AVP;Kaspersky Anti-Virus Service;c:\program files\kaspersky lab\kaspersky internet security 2011\avp.exe [2010-10-5 365336]
R2 cpuz132;cpuz132;c:\windows\system32\drivers\cpuz132_x32.sys [2010-3-10 12672]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2010-12-23 363344]
R2 NAUpdate;Nero Update;c:\program files\nero\update\NASvc.exe [2010-3-25 490280]
R2 NgVpnMgr;Aventail VPN Client;c:\windows\system32\ngvpnmgr.exe [2009-12-15 240768]
R2 Printer Control;Printer Control;c:\windows\system32\PrintCtrl.exe [2010-10-9 65536]
R2 SSPORT;SSPORT;c:\windows\system32\drivers\SSPORT.SYS [2010-1-31 5120]
R2 tmwfp;Trend Micro WFP Callout Driver;c:\windows\system32\drivers\tmwfp.sys [2010-10-31 283152]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2010-8-24 92008]
R3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atikmdag.sys [2010-11-25 6650368]
R3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys [2010-11-25 231936]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2010-11-17 101392]
R3 DKRtWrt;DKRtWrt;c:\windows\system32\drivers\DKRtWrt.sys [2010-11-27 45232]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2009-11-2 19984]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-11-30 20952]
R3 NgLog;Aventail VPN Logging;c:\windows\system32\drivers\nglog.sys [2009-12-15 27160]
R3 NgVpn;Aventail VPN Adapter;c:\windows\system32\drivers\ngvpn.sys [2009-12-15 79896]
R3 NgWfp;Aventail VPN Callout;c:\windows\system32\drivers\ngwfp.sys [2009-12-15 25112]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2010-12-31 197224]
R3 usbfilter;AMD USB Filter Driver;c:\windows\system32\drivers\usbfilter.sys [2010-12-15 36992]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2010-9-23 316192]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-1-31 135664]
S2 HFGService;Handsfree Headset Service;c:\windows\system32\svchost.exe -k bthaudiosvc [2009-7-13 20992]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2011-1-3 1153368]
S2 xxm56yt7ut;ut785478iy;"c:\program files\common files\bugoilen\bungo659.exe" --> c:\program files\common files\bugoilen\bungo659.exe [?]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 BthAudioHF;BthAudioHF Service;c:\windows\system32\drivers\BthAudioHF.sys [2009-12-21 43008]
S3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\system32\drivers\BthAvrcp.sys [2009-8-13 22528]
S3 BTMCOM;Bluetooth Serial Port;c:\windows\system32\drivers\btmcom.sys [2010-11-6 41344]
S3 BTMUSB;Motorola Bluetooth Radio Service;c:\windows\system32\drivers\btmusb.sys [2010-11-6 395776]
S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [2008-12-7 30088]
S3 csr_a2dp;Bluetooth AV Profile;c:\windows\system32\drivers\bthav.sys [2009-12-21 61952]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [2008-7-2 26248]
S3 lne100v4;Linksys LNE100TX Fast Ethernet Adapter(LNE100TX v4);c:\windows\system32\drivers\lne100v4.sys [2010-11-8 31460]
S3 NgFilter;Aventail VPN Filter;c:\windows\system32\drivers\ngfilter.sys [2009-12-15 22552]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-5-7 1343400]
S4 Bluetooth Device Manager;Bluetooth Device Manager;c:\program files\motorola\bluetooth\devmgrsrv.exe [2010-11-6 3512072]
S4 Bluetooth Media Service;Bluetooth Media Service;c:\program files\motorola\bluetooth\audiosrv.exe [2010-11-6 901384]
S4 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files\motorola\bluetooth\obexsrv.exe [2010-11-6 508680]
S4 Samsung UPD Service;Samsung UPD Service;c:\windows\system32\SUPDSvc.exe [2010-8-16 132464]

=============== File Associations ===============

scrfile="%1" /S
.scr=AutoCADScriptFile

=============== Created Last 30 ================

2011-01-14 20:46:03 -------- d-----w- c:\program files\Hard Disk Sentinel
2011-01-14 00:05:09 56400 ----a-w- c:\windows\system32\drivers\tmrkb.sys
2011-01-14 00:05:09 190032 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2011-01-13 23:21:48 6347584 ----a-w- c:\temp\hitman\hitman pro v3.5.5 build 98 (32-bit)\HitmanPro35.exe
2011-01-13 21:39:49 15944 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2011-01-13 21:39:48 -------- d-----w- c:\program files\Hitman Pro 3.5
2011-01-13 21:39:13 -------- d-----w- c:\progra~2\Hitman Pro
2011-01-11 02:09:00 -------- d-----w- c:\users\howie\appdata\roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2011-01-11 01:40:11 -------- d-----w- c:\progra~2\PC Tools
2011-01-05 06:07:19 98392 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-01-05 06:06:23 -------- d-----w- c:\users\howie\appdata\local\Sunbelt Software
2011-01-03 13:55:43 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-01-03 13:55:43 -------- d-----w- c:\progra~2\Spybot - Search & Destroy
2011-01-02 04:52:54 80 --sh--r- c:\windows\CT6PRET.BIN
2011-01-02 04:52:49 -------- d-----w- c:\progra~2\Reallusion
2011-01-02 04:52:22 -------- d-----w- c:\program files\common files\Reallusion
2011-01-02 03:37:38 -------- d-----w- c:\program files\common files\PX Storage Engine
2011-01-01 15:48:49 -------- d-----w- c:\users\howie\appdata\roaming\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1
2011-01-01 15:35:11 -------- d-----w- c:\users\howie\appdata\roaming\Reallusion
2011-01-01 15:34:55 80 --sh--r- c:\windows\FFSSET.BIN
2011-01-01 15:34:43 -------- d-----w- c:\program files\Reallusion
2011-01-01 15:33:39 57344 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\ctor.dll
2011-01-01 15:33:39 237568 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iscript.dll
2011-01-01 15:33:39 155648 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iuser.dll
2011-01-01 15:33:38 696320 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iKernel.dll
2011-01-01 15:33:38 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\DotNetInstaller.exe
2011-01-01 15:33:33 282756 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\setup.dll
2011-01-01 15:33:33 163972 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iGdi.dll
2011-01-01 01:10:12 6273872 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{750294d7-1d81-41d3-a341-64e1d5671eab}\mpengine.dll
2010-12-31 19:56:07 9888360 ----a-w- c:\windows\system32\RtsUStoricon.dll
2010-12-31 19:56:07 313960 ----a-w- c:\windows\system32\RtsUStor.dll
2010-12-31 19:56:07 197224 ----a-w- c:\windows\system32\drivers\RtsUStor.sys
2010-12-31 15:36:35 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2010-12-31 15:36:24 -------- d-----w- c:\program files\PC Connectivity Solution
2010-12-29 13:56:33 -------- d-----w- c:\progra~2\Plugins
2010-12-29 13:53:01 -------- d-----w- c:\progra~2\BlazeVideo
2010-12-29 13:53:00 14 ----a-w- c:\windows\system32\SysInfo_6_5_p.dll
2010-12-27 22:44:32 774144 ----a-w- c:\windows\system32\htmlayout.dll
2010-12-26 19:32:32 -------- d-----w- c:\program files\AnyBizSoft
2010-12-26 06:24:39 -------- d-----w- c:\users\howie\appdata\roaming\calibre
2010-12-26 06:14:28 -------- d-----w- c:\program files\ABC Amber ePub Converter
2010-12-25 21:33:00 -------- d-----w- c:\users\howie\appdata\roaming\pdftoepub
2010-12-25 20:59:07 -------- d-----w- c:\program files\%ProgramFiles(x86)%
2010-12-24 04:20:56 -------- d-----w- c:\program files\muvee Technologies
2010-12-24 04:20:43 -------- d-----w- c:\program files\common files\muvee Technologies
2010-12-24 00:02:23 -------- d-----w- c:\program files\Abrosoft
2010-12-22 03:12:41 66560 ----a-w- c:\windows\system32\nlssrv32.exe
2010-12-22 03:11:55 -------- d-----w- c:\users\howie\appdata\roaming\onOne Software
2010-12-21 04:28:17 -------- d-----w- c:\users\howie\appdata\roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2010-12-21 04:28:17 -------- d-----w- c:\users\howie\appdata\roaming\Adobe Mini Bridge CS5

==================== Find3M ====================

2010-12-02 03:35:18 4280320 ----a-w- c:\windows\system32\GPhotos.scr
2010-11-30 22:23:52 553984 ----a-w- c:\windows\system32\RCoRes.dat
2010-11-29 23:48:26 1723536 ----a-w- c:\windows\system32\WavesGUILib.dll
2010-11-29 23:48:18 1439064 ----a-w- c:\windows\system32\MaxxAudioRealtek.dll
2010-11-29 22:38:30 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-11-29 22:38:30 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-11-28 22:57:48 353576 ----a-w- c:\windows\system32\msvcr71.dll
2010-11-28 22:57:47 505128 ----a-w- c:\windows\system32\msvcp71.dll
2010-11-26 03:02:08 16702976 ----a-w- c:\windows\system32\atioglxx.dll
2010-11-26 02:58:22 143360 ----a-w- c:\windows\system32\atiapfxx.exe
2010-11-26 02:58:12 550400 ----a-w- c:\windows\system32\aticfx32.dll
2010-11-26 02:54:58 462848 ----a-w- c:\windows\system32\ATIDEMGX.dll
2010-11-26 02:54:28 393216 ----a-w- c:\windows\system32\atieclxx.exe
2010-11-26 02:54:00 176128 ----a-w- c:\windows\system32\atiesrxx.exe
2010-11-26 02:52:52 159744 ----a-w- c:\windows\system32\atitmmxx.dll
2010-11-26 02:52:36 356352 ----a-w- c:\windows\system32\atipdlxx.dll
2010-11-26 02:52:26 278528 ----a-w- c:\windows\system32\Oemdspif.dll
2010-11-26 02:52:18 15872 ----a-w- c:\windows\system32\atimuixx.dll
2010-11-26 02:52:10 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2010-11-26 02:49:04 4066816 ----a-w- c:\windows\system32\atidxx32.dll
2010-11-26 02:30:20 4122624 ----a-w- c:\windows\system32\atiumdag.dll
2010-11-26 02:30:18 46080 ----a-w- c:\windows\system32\aticalrt.dll
2010-11-26 02:30:08 44032 ----a-w- c:\windows\system32\aticalcl.dll
2010-11-26 02:28:44 5441024 ----a-w- c:\windows\system32\aticaldd.dll
2010-11-26 02:24:36 52736 ----a-w- c:\windows\system32\coinst.dll
2010-11-26 02:22:26 3460096 ----a-w- c:\windows\system32\atiumdva.dll
2010-11-26 02:17:18 249856 ----a-w- c:\windows\system32\atiadlxx.dll
2010-11-26 02:17:04 12800 ----a-w- c:\windows\system32\atiglpxx.dll
2010-11-26 02:16:54 27136 ----a-w- c:\windows\system32\atigktxx.dll
2010-11-26 02:15:58 30720 ----a-w- c:\windows\system32\atiuxpag.dll
2010-11-26 02:15:42 28672 ----a-w- c:\windows\system32\atiu9pag.dll
2010-11-26 02:09:12 52736 ----a-w- c:\windows\system32\atimpc32.dll
2010-11-26 02:09:12 52736 ----a-w- c:\windows\system32\amdpcom32.dll
2010-11-24 19:24:40 3790440 ----a-w- c:\windows\system32\RtkAPO.dll
2010-11-24 19:24:40 1976936 ----a-w- c:\windows\system32\RtkPgExt.dll
2010-11-22 16:39:10 469608 ----a-w- c:\windows\system32\RtkApoApi.dll
2010-11-13 12:12:01 5222 ----a-w- c:\progra~2\xml847B.tmp
2010-11-13 12:12:01 1886 ----a-w- c:\progra~2\xml8873.tmp
2010-11-13 12:12:01 13489 ----a-w- c:\progra~2\xml873A.tmp
2010-11-12 23:53:06 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-11-11 18:27:00 69224 ----a-w- c:\windows\system32\RtkCoInst.dll
2010-11-08 12:31:30 78680 ----a-w- c:\windows\system32\RTEEL32A.dll
2010-11-08 12:31:30 359768 ----a-w- c:\windows\system32\RTEEP32A.dll
2010-11-08 12:31:28 64856 ----a-w- c:\windows\system32\RTEEG32A.dll
2010-11-08 12:31:28 295768 ----a-w- c:\windows\system32\RP3DHT32.dll
2010-11-08 12:31:28 295768 ----a-w- c:\windows\system32\RP3DAA32.dll
2010-11-08 12:31:28 170840 ----a-w- c:\windows\system32\RTEED32A.dll
2010-11-04 05:52:17 978944 ----a-w- c:\windows\system32\wininet.dll
2010-11-04 05:48:36 44544 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-04 04:41:26 386048 ----a-w- c:\windows\system32\html.iec
2010-11-04 04:08:54 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2010-11-03 23:27:02 1084008 ----a-w- c:\windows\system32\RTSndMgr.cpl
2010-11-03 23:25:54 429160 ----a-w- c:\windows\system32\DTSSymmetryDLL.dll
2010-11-03 23:25:54 406120 ----a-w- c:\windows\system32\DTSVoiceClarityDLL.dll
2010-11-03 23:25:42 962664 ----a-w- c:\windows\system32\DTSS2HeadphoneDLL.dll
2010-11-03 23:25:42 291432 ----a-w- c:\windows\system32\DTSNeoPCDLL.dll
2010-11-03 23:25:42 224360 ----a-w- c:\windows\system32\DTSLimiterDLL.dll
2010-11-03 23:25:42 1132648 ----a-w- c:\windows\system32\DTSS2SpeakerDLL.dll
2010-11-03 23:25:30 107112 ----a-w- c:\windows\system32\DTSLFXAPO.dll
2010-11-03 23:25:30 107112 ----a-w- c:\windows\system32\DTSGFXAPO.dll
2010-11-03 23:25:30 106600 ----a-w- c:\windows\system32\DTSGFXAPONS.dll
2010-11-03 23:25:20 901224 ----a-w- c:\windows\system32\DTSBoostDLL.dll
2010-11-03 23:25:20 448616 ----a-w- c:\windows\system32\DTSBassEnhancementDLL.dll
2010-11-03 23:25:20 236648 ----a-w- c:\windows\system32\DTSGainCompensatorDLL.dll
2010-11-02 14:32:22 1705816 ----a-w- c:\windows\system32\R4EEP32A.dll
2010-11-02 14:32:16 96600 ----a-w- c:\windows\system32\R4EEL32A.dll
2010-11-02 14:32:10 61784 ----a-w- c:\windows\system32\R4EEG32A.dll
2010-11-02 14:32:04 341848 ----a-w- c:\windows\system32\R4EED32A.dll
2010-11-02 14:31:16 81240 ----a-w- c:\windows\system32\R4EEA32A.dll
2010-11-02 04:41:36 442880 ----a-w- c:\windows\system32\XpsPrint.dll
2010-11-02 04:41:36 283648 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2010-11-02 04:41:36 135168 ----a-w- c:\windows\system32\XpsRasterService.dll
2010-11-02 04:41:12 351232 ----a-w- c:\windows\system32\wmicmiplugin.dll
2010-11-02 04:40:36 496128 ----a-w- c:\windows\system32\taskschd.dll
2010-11-02 04:40:36 305152 ----a-w- c:\windows\system32\taskcomp.dll
2010-11-02 04:39:32 749056 ----a-w- c:\windows\system32\schedsvc.dll
2010-11-02 04:34:44 192000 ----a-w- c:\windows\system32\taskeng.exe
2010-11-02 04:34:33 179712 ----a-w- c:\windows\system32\schtasks.exe
2010-11-02 04:26:21 804864 ----a-w- c:\windows\system32\FntCache.dll
2010-11-02 04:26:00 1076736 ----a-w- c:\windows\system32\DWrite.dll
2010-11-02 04:25:43 218624 ----a-w- c:\windows\system32\d3d10_1core.dll
2010-11-02 04:25:43 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2010-11-02 04:25:43 1170944 ----a-w- c:\windows\system32\d3d10warp.dll
2010-11-02 04:25:42 739840 ----a-w- c:\windows\system32\d2d1.dll
2010-11-02 04:23:44 107520 ----a-w- c:\windows\system32\cdd.dll
2010-10-29 15:28:58 1558944 ----a-w- c:\windows\system32\FMAPO.dll
2010-10-28 15:46:10 1251944 ----a-w- c:\windows\RtlExUpd.dll
2010-10-27 04:32:36 2048 ----a-w- c:\windows\system32\tzres.dll
2010-10-25 20:13:40 22936 ----a-w- c:\windows\system32\AdobePDFUI.dll
2010-10-25 20:13:38 47512 ----a-w- c:\windows\system32\AdobePDF.dll

============= FINISH: 22:39:45.57 ===============

Attach.txt file here:

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-12-12.01)

Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 1/30/2010 9:56:07 PM
System Uptime: 1/18/2011 6:02:30 PM (4 hours ago)

Motherboard: ASUSTeK Computer INC. | | M3A78-T
Processor: AMD Phenom™ 9600 Quad-Core Processor | CPU 1 | 2305/200mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 699 GiB total, 598.064 GiB free.
D: is Removable
E: is CDROM ()

==== Disabled Device Manager Items =============

Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: archlp
Device ID: ROOT\LEGACY_ARCHLP\0000
Manufacturer:
Name: archlp
PNP Device ID: ROOT\LEGACY_ARCHLP\0000
Service: archlp

==== System Restore Points ===================

RP669: 1/18/2011 7:39:50 PM - Scheduled Checkpoint

==== Installed Programs ======================

2007 Microsoft Office Suite Service Pack 2 (SP2)
ABBYY ScanTo Office 1.0
Abrosoft FantaMorph 5.0
Adobe Acrobat X Pro - English, Français, Deutsch
Adobe AIR
Adobe Community Help
Adobe Digital Editions
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Photoshop Elements 9
Adobe Photoshop.com Inspiration Browser
AIM 7
AMD Drag and Drop Transcoding
AnyBizSoft PDF Converter (Build 2.5.0)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ATI Catalyst Install Manager
ATI Catalyst Registration
AudioLabel
Aventail Connect
AVS Audio Converter version 6.1
AVS Audio Tools version 4.4
AVS Document Converter 1.0.2
AVS Video Converter 7
Bluetooth Stack for Windows by Toshiba
Bonjour
BTGuard 2.2
Camfrog Video Chat 5.5
CardRecovery
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
ccc-core-static
ccc-utility
CCC Help English
CCleaner
Centra Client
CloneDVD2
Combined Community Codec Pack 2009-09-09
Cook'n & Grill'n
Cook'n Lite & Healthy
CPUID CPU-Z 1.53.1
CrazyTalk v6.21 PRO
CyberLink PowerDirector
CyberLink PowerDVD 10
CyberLink WaveEditor
DesignPro 5
Diskeeper 2010 Pro Premier
Download Updater (AOL LLC)
Driver Genius Professional Edition
DVDInfoPro
Elements 9 Organizer
Elements STI Installer
FaceFilter Studio 2
Fast Mailer Pro
Google Chrome
Google Earth
Google Toolbar for Firefox
Google Toolbar for Internet Explorer
Google Update Helper
Hard Disk Sentinel PRO
HiDownloadPlatinum
High-Definition Video Playback 10
Hitman Pro 3.5
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)
HyperSnap 6
ImgBurn
Infix 4.22
INI_FCFG_V03.14A05
Internet TV for Windows Media Center
iSEEK AnswerWorks English Runtime
IsoBuster 2.8
iTunes
Java Auto Updater
Java™ 6 Update 23
Kaspersky Internet Security 2011
Logitech Harmony Remote Software 7
Logitech Webcam Software
Logitech Webcam Software Driver Package
Mafia II
Magic ISO Maker v5.5 (build 0281)
MagicDisc 2.7.106
Malwarebytes' Anti-Malware
Marvell Miniport Driver
Microsoft .NET Framework 1.1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Games for Windows - LIVE
Microsoft Games for Windows - LIVE Redistributable
Microsoft IntelliPoint 8.0
Microsoft IntelliType Pro 8.0
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Live Add-in 1.5
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Plus 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Primary Interoperability Assemblies 2005
Microsoft Research AutoCollage Touch 2009
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 x86 ATL Runtime 9.0.30729
Microsoft Visual C++ 2008 x86 CRT Runtime 9.0.30729
Microsoft Visual C++ 2008 x86 MFC Runtime 9.0.30729
Microsoft Visual C++ 2008 x86 OpenMP Runtime 9.0.30729
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft Visual Studio Tools for Applications 2.0 - ENU
Microsoft Visual Studio Tools for Applications 2.0 Runtime
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Moffsoft Calculator 2
Monopoly
Motorola Bluetooth
MSVC80_x86_v2
MSVC90_x86
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
muvee Reveal
Nero 10 Menu TemplatePack Basic
Nero 10 Movie ThemePack Basic
Nero BackItUp 10
Nero BackItUp 10 Help (CHM)
Nero Burning ROM 10
Nero BurningROM 10 Help (CHM)
Nero BurnRights 10
Nero BurnRights 10 Help (CHM)
Nero Control Center 10
Nero ControlCenter 10 Help (CHM)
Nero Core Components 10
Nero CoverDesigner 10
Nero CoverDesigner 10 Help (CHM)
Nero DiscCopy Gadget 10
Nero DiscCopyGadget 10 Help (CHM)
Nero DiscSpeed 10 Help (CHM)
Nero Dolby Files 10
Nero Express 10
Nero Express 10 Help (CHM)
Nero InfoTool 10
Nero InfoTool 10 Help (CHM)
Nero MediaHub 10 Help (CHM)
Nero Multimedia Suite 10
Nero Recode 10
Nero Recode 10 Help (CHM)
Nero RescueAgent 10
Nero RescueAgent 10 Help (CHM)
Nero SoundTrax 10
Nero SoundTrax 10 Help (CHM)
Nero StartSmart 10
Nero StartSmart 10 Help (CHM)
Nero Update
Nero Vision 10
Nero Vision 10 Help (CHM)
Nero WaveEditor 10
Nero WaveEditor 10 Help (CHM)
Nokia Connectivity Cable Driver
Nokia Map Loader
Nokia Ovi Suite
Nokia Ovi Suite Software Updater
Nokia PC Suite
Nokia Software Updater
Nuance OmniPage 17
NVIDIA PhysX
OGA Notifier 2.0.0048.0
OmniForm Premium 5.0
OutlookTempCleaner
Ovi Desktop Sync Engine
OviMPlatform
PC Connectivity Solution
PDF-XChange 4
Picasa 3
Pinnacle Studio 14
Pinnacle Studio Ultimate Collection Plugins
Pinnacle Video Driver
PlayReady PC Runtime x86
QuickTime
Readiris Pro 10
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
Remote Control USB Driver
Rosetta Stone Version 3
Samsung SCX-4x21 Series
Samsung Universal Print Driver
Savings Bond Wizard
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Skype™ 5.0
SmartSound Quicktracks 5
Spybot - Search & Destroy
The Lord of the Rings FREE Trial
TomTom HOME 2.7.6.2056
TomTom HOME Visual Studio Merge Modules
Trapcode 3DStroke Studio
Trapcode Particular Studio
Trapcode Shine Studio
Trend Micro Internet Security Pro
TurboTax 2009
TurboTax 2009 WinPerFedFormset
TurboTax 2009 WinPerReleaseEngine
TurboTax 2009 WinPerTaxSupport
TurboTax 2009 wrapper
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office Outlook 2007 (KB2412171)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2483110)
Verizon Help and Support Tool
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
Vz In Home Agent
WeatherBug
Windows Driver Package - Nokia Modem (06/01/2009 7.01.0.4)
Windows Driver Package - Nokia Modem (10/05/2009 4.2)
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
Windows Live ID Sign-in Assistant
Windows Media Center Add-in for Flash
Windows Media Player Firefox Plugin
WinPcap 4.1.1
WinRAR archiver
WMV9/VC-1 Video Playback
Xacti Simple Uploader

==== Event Viewer Messages From Past Week ========

1/18/2011 7:20:11 AM, Error: Schannel [36887] - The following fatal alert was received: 51.
1/18/2011 6:06:42 PM, Error: Microsoft-Windows-HttpEvent [15006] - Owner of the log file or directory \SystemRoot\System32\LogFiles\HTTPERR\httperr1.log is invalid. This could be because another user has already created the log file or the directory.
1/18/2011 6:03:49 PM, Error: Service Control Manager [7024] - The HomeGroup Listener service terminated with service-specific error %%-2147023143.
1/18/2011 6:03:23 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: archlp
1/18/2011 6:02:50 PM, Error: Service Control Manager [7001] - The SBSD Security Center Service service depends on the Security Center service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
1/18/2011 6:02:49 PM, Error: Service Control Manager [7001] - The Handsfree Headset Service service depends on the Bluetooth Support Service service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
1/18/2011 6:02:49 PM, Error: Service Control Manager [7000] - The DgiVecp service failed to start due to the following error: The system cannot find the device specified.
1/18/2011 6:01:54 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR9.
1/18/2011 5:48:17 PM, Error: Microsoft-Windows-DistributedCOM [10000] - Unable to start a DCOM Server: {548E275F-0290-40E7-B454-738B0C61DE60}. The error: "5" Happened while starting this command: C:\ProgramData\FLEXnet\Connect\11\agent.exe -Embedding
1/18/2011 2:54:44 AM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
1/16/2011 10:20:14 AM, Error: bowser [8003] - The master browser has received a server announcement from the computer HOWARD-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{1DE26A58-8686-4C59-9063-54A23858. The master browser is stopping or an election is being forced.
1/15/2011 3:12:08 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR3.
1/15/2011 12:17:09 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR2.
1/13/2011 3:17:11 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.

==== End Of File ===========================

#4 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:06:29 PM

Posted 18 January 2011 - 10:55 PM

Hmm.. Lets run these two programs and let see what they found..


Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
Be sure to download TDSSKiller.exe (v2.4.0.0) from Kaspersky's website and not TDSSKiller.zip which appears to be an older version 2.3.2.2 of the tool.
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.




Please download ComboFix by sUBs from HERE or HERE and save it to your Desktop.

During the download, rename Combofix to Combo-Fix as follows:

Posted Image

Posted Image


It is important you rename Combofix during the download, but not after.

**NOTE: If you are using Firefox, make sure that your download settings are as follows:
  • Tools->Options->Main tab
  • Set to "Always ask me where to Save the files".


After that, double-click and run Combo-Fix. Let it finish its job and post the log here

If ComboFix asked you to install Recovery Console, please do so.. It will be your best interest..

Note: DON'T do anything with your computer while ComboFix is running.. Let ComboFix finishes its job..

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users