TechSpot

[A] Hard drive clusters are partly damaged

By bradiglesias
Mar 20, 2012
  1. I think I got a virus or some sort that keeps telling me my Hard drive clusters are partly damaged and all my files and folders are hidden.
     
  2. bradiglesias

    bradiglesias TS Rookie Topic Starter

    Malwarebytes

    Malwarebytes Anti-Malware (Trial) 1.60.1.1000
    www.malwarebytes.org

    Database version: v2012.03.20.07

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 9.0.8112.16421
    Hailong Zhou :: HAILONGZHOU-PC [administrator]

    Protection: Disabled

    3/20/2012 1:48:20 PM
    mbam-log-2012-03-20 (13-48-20).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 197941
    Time elapsed: 5 minute(s), 1 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    (end)
     
  3. bradiglesias

    bradiglesias TS Rookie Topic Starter

    Gmer

    GMER 1.0.15.15641 - http://www.gmer.net
    Rootkit scan 2012-03-20 12:44:57
    Windows 6.1.7601 Service Pack 1
    Running: 8yp775dg.exe


    ---- Registry - GMER 1.0.15 ----

    Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\74f06dd14b61
    Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\74f06dd14b61@00237fae5679 0xA2 0x03 0x0C 0xA2 ...
    Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\74f06dd14b61 (not active ControlSet)
    Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\74f06dd14b61@00237fae5679 0xA2 0x03 0x0C 0xA2 ...

    ---- EOF - GMER 1.0.15 ----
     
  4. bradiglesias

    bradiglesias TS Rookie Topic Starter

    DDS Notepad

    .
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 9.0.8112.16421
    Run by Hailong Zhou at 13:55:18 on 2012-03-20
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8169.5274 [GMT -5:00]
    .
    AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
    AV: Trend Micro Titanium Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
    SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
    SP: Trend Micro Titanium Internet Security *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
    C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\TENCENT\AddrUpdate\AddrUpdate.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    C:\Windows\SysWOW64\lkads.exe
    C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
    C:\Program Files (x86)\National Instruments\MAX\nimxs.exe
    C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
    C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe
    C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe
    C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
    C:\Program Files\Intel\TurboBoost\TurboBoost.exe
    C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe
    C:\Windows\system32\conhost.exe
    C:\ExpressGateUtil\VAWinService.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
    C:\Windows\Explorer.EXE
    C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
    C:\Program Files\P4G\BatteryLife.exe
    C:\Windows\SysWOW64\lkcitdl.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
    C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
    C:\Windows\SysWOW64\lktsrv.exe
    C:\Windows\SysWOW64\ACEngSvr.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
    C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
    C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
    C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe
    C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
    C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
    C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
    C:\Windows\AsScrPro.exe
    C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
    C:\Windows\system32\conhost.exe
    C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe
    C:\ExpressGateUtil\VAWinAgent.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe
    D:\Program Files (x86)\QvodPlayer\QvodTerminal.exe
    C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
    D:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    C:\Program Files (x86)\Internet Explorer\IExplore.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Windows\system32\REGSVR32.exe
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\SysWOW64\cscript.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.com/
    uDefault_Page_URL = hxxp://asus.msn.com
    mStart Page = hxxp://asus.msn.com
    uInternet Settings,ProxyOverride = *.local
    mWinlogon: Userinit=userinit.exe,
    BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: TmIEPlugInBHO Class: {1ca1377b-dc1d-4a52-9585-6e06050fac53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
    BHO: {889D2FEB-5411-4565-8998-1DD2C5261283} - No File
    BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    BHO: QvodExtend: {a8502600-b272-4f68-a67b-a0305d46d297} - d:\Program Files (x86)\QvodPlayer\QvodExtend.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
    BHO: TmBpIeBHO Class: {bbacbafd-fa5e-4079-8b33-00eb9f13d4ac} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
    BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll
    TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
    uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet
    uRun: [NIRegistrationWizard] C:\Program Files (x86)\National Instruments\Shared\RegistrationWizard\Bin\RegistrationWizard.exe -autoDiscover 1 -displayIfNoneFound 0 -displayRegisterOptions 1 -sleepIfNoneFound 0 -locale 1033
    uRun: [MyTomTomSA.exe] "C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe"
    uRun: [Grid Service] "C:\Program Files\GridService\peer.exe" -n Grid
    uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
    mRun: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
    mRun: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
    mRun: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
    mRun: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
    mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
    mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
    mRun: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe
    mRun: [THX TruStudio NB Settings] "C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe" /r
    mRun: [UpdReg] C:\Windows\UpdReg.EXE
    mRun: [CPMonitor] "C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe"
    mRun: [SessionLogon] C:\ExpressGateUtil\SessionLogon.exe
    mRun: [VAWinAgent] C:\ExpressGateUtil\VAWinAgent.exe
    mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
    mRun: [Stormtray] d:\Program Files (x86)\StormII\Stormtray.exe /Start
    mRun: [FLxHCIm] "C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe"
    mRun: [NI Update Service] "C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe" -startupTask
    mRun: [QvodTerminal] "D:\Program Files (x86)\QvodPlayer\QvodTerminal.exe" -autorun
    mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun: [InstaLAN] "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [iTunesHelper] "D:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableLUA = 0 (0x0)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
    DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect118.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    TCP: DhcpNameServer = 131.151.247.40 131.151.247.41
    TCP: Interfaces\{CA96A27B-3C33-4B95-AE33-0EC5A82BAA12} : DhcpNameServer = 192.168.2.1
    TCP: Interfaces\{D7AE43A6-B451-4298-8FD4-421E0D3EAE4D} : DhcpNameServer = 131.151.247.40 131.151.247.41
    TCP: Interfaces\{D7AE43A6-B451-4298-8FD4-421E0D3EAE4D}\059627164756F524271646 : DhcpNameServer = 192.168.2.1
    TCP: Interfaces\{D7AE43A6-B451-4298-8FD4-421E0D3EAE4D}\2656C6B696E6E2633643 : DhcpNameServer = 192.168.2.1
    TCP: Interfaces\{D7AE43A6-B451-4298-8FD4-421E0D3EAE4D}\3557E63756470294E6E60263037237 : DhcpNameServer = 216.229.72.9 216.229.73.9 216.229.74.9
    TCP: Interfaces\{D7AE43A6-B451-4298-8FD4-421E0D3EAE4D}\37475756265627 : DhcpNameServer = 192.168.0.1
    TCP: Interfaces\{D7AE43A6-B451-4298-8FD4-421E0D3EAE4D}\7435D2242716E637475647475627 : DhcpNameServer = 192.168.1.254
    TCP: Interfaces\{D7AE43A6-B451-4298-8FD4-421E0D3EAE4D}\75966496 : DhcpNameServer = 209.237.60.18 209.237.0.4
    TCP: Interfaces\{D7AE43A6-B451-4298-8FD4-421E0D3EAE4D}\F6D6F6D6F6D6F6D6 : DhcpNameServer = 192.168.11.1
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
    Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll
    BHO-X64: 0x1 - No File
    BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO-X64: AcroIEHelperStub - No File
    BHO-X64: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
    BHO-X64: Trend Micro NSC BHO - No File
    BHO-X64: {889D2FEB-5411-4565-8998-1DD2C5261283} - No File
    BHO-X64: XunleiBHO - No File
    BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    BHO-X64: QvodExtend: {A8502600-B272-4F68-A67B-A0305D46D297} - d:\Program Files (x86)\QvodPlayer\QvodExtend.dll
    BHO-X64: QvodExtend - No File
    BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
    BHO-X64: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
    BHO-X64: TmBpIeBHO - No File
    BHO-X64: Google Dictionary Compression sdch: {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
    BHO-X64: Google Dictionary Compression sdch - No File
    BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
    TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll
    TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    TB-X64: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
    mRun-x64: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
    mRun-x64: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
    mRun-x64: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
    mRun-x64: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
    mRun-x64: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    mRun-x64: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
    mRun-x64: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
    mRun-x64: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe
    mRun-x64: [THX TruStudio NB Settings] "C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe" /r
    mRun-x64: [UpdReg] C:\Windows\UpdReg.EXE
    mRun-x64: [CPMonitor] "C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe"
    mRun-x64: [SessionLogon] C:\ExpressGateUtil\SessionLogon.exe
    mRun-x64: [VAWinAgent] C:\ExpressGateUtil\VAWinAgent.exe
    mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
    mRun-x64: [Stormtray] d:\Program Files (x86)\StormII\Stormtray.exe /Start
    mRun-x64: [FLxHCIm] "C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe"
    mRun-x64: [NI Update Service] "C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe" -startupTask
    mRun-x64: [QvodTerminal] "D:\Program Files (x86)\QvodPlayer\QvodTerminal.exe" -autorun
    mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun-x64: [InstaLAN] "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup
    mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun-x64: [iTunesHelper] "D:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    mRunOnce-x64: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
    R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
    R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
    R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-7-26 17024]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
    R2 ARUpdate;Tencent SOSO Update Service;C:\Program Files\TENCENT\AddrUpdate\AddrUpdate.exe [2012-3-20 116088]
    R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]
    R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
    R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
    R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-3-20 44768]
    R2 NIApplicationWebServer;NI Application Web Server;C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [2011-5-27 50336]
    R2 nimDNSResponder;National Instruments mDNS Responder Service;C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [2011-6-1 194224]
    R2 NINetworkDiscovery;NI Network Discovery;C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe [2011-6-10 121032]
    R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-3-6 378472]
    R2 TiMiniService;TiMiniService;C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [2010-10-26 241488]
    R2 tmevtmgr;tmevtmgr;C:\Windows\system32\DRIVERS\tmevtmgr.sys --> C:\Windows\system32\DRIVERS\tmevtmgr.sys [?]
    R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?]
    R2 TurboBoost;Intel(R) Turbo Boost Technology Monitor;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-4-16 134928]
    R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-4-17 2655768]
    R2 VideAceWindowsService;VideAceWindowsService;C:\ExpressGateUtil\VAWinService.exe [2010-8-20 77312]
    R3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;C:\Windows\system32\DRIVERS\FLxHCIc.sys --> C:\Windows\system32\DRIVERS\FLxHCIc.sys [?]
    R3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;C:\Windows\system32\DRIVERS\FLxHCIh.sys --> C:\Windows\system32\DRIVERS\FLxHCIh.sys [?]
    R3 MBfilt;MBfilt;C:\Windows\system32\drivers\MBfilt64.sys --> C:\Windows\system32\drivers\MBfilt64.sys [?]
    R3 MEIx64;Intel(R) Management Engine Interface ;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
    R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
    R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-4-17 135664]
    S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-3-20 652360]
    S3 Amsp;Trend Micro Solution Platform;C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2011-4-17 267480]
    S3 btusbflt;Bluetooth USB Filter;C:\Windows\system32\drivers\btusbflt.sys --> C:\Windows\system32\drivers\btusbflt.sys [?]
    S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]
    S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2011-4-17 79360]
    S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-4-17 79360]
    S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
    S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
    S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2011-8-12 130976]
    S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-4-17 135664]
    S3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
    S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUVStor.sys --> C:\Windows\system32\Drivers\RtsUVStor.sys [?]
    S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys --> C:\Windows\system32\DRIVERS\SiSG664.sys [?]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
    S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?]
    S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-7-22 61976]
    S4 NIApplicationWebServer64;NI Application Web Server (64-bit);D:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [2011-5-27 68256]
    S4 RsFx0105;RsFx0105 Driver;C:\Windows\system32\DRIVERS\RsFx0105.sys --> C:\Windows\system32\DRIVERS\RsFx0105.sys [?]
    S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2011-9-22 431464]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
    .
    =============== File Associations ===============
    .
    txtfile=C:\Windows\notepad.exe %1
    .
    =============== Created Last 30 ================
    .
    2012-03-20 18:47:19 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2012-03-20 18:04:57 53080 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
    2012-03-20 18:04:56 819032 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
    2012-03-20 18:04:56 69976 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
    2012-03-20 18:04:36 41184 ----a-w- C:\Windows\avastSS.scr
    2012-03-20 18:04:28 -------- d-----w- C:\ProgramData\AVAST Software
    2012-03-20 18:04:28 -------- d-----w- C:\Program Files\AVAST Software
    2012-03-20 16:22:14 -------- d--h--w- C:\Users\Hailong Zhou\AppData\Roaming\Malwarebytes
    2012-03-20 16:21:51 -------- d--h--w- C:\ProgramData\Malwarebytes
    2012-03-20 16:21:50 -------- d--h--w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2012-03-17 21:43:22 -------- d--h--w- C:\Program Files\iTunes
    2012-03-17 21:43:22 -------- d--h--w- C:\Program Files\iPod
    2012-03-15 14:06:16 5559152 ----a-w- C:\Windows\System32\ntoskrnl.exe
    2012-03-15 14:06:15 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
    2012-03-15 14:06:15 3913584 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
    2012-03-14 15:22:23 3145728 ----a-w- C:\Windows\System32\win32k.sys
    2012-03-14 15:22:19 1544192 ----a-w- C:\Windows\System32\DWrite.dll
    2012-03-14 15:22:19 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll
    2012-03-14 15:18:07 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
    2012-03-14 15:18:07 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
    2012-03-14 15:18:07 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
    2012-03-14 15:18:07 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
    2012-03-14 15:18:07 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
    2012-03-14 15:18:07 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
    2012-03-14 15:18:07 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
    .
    ==================== Find3M ====================
    .
    2012-03-20 18:39:05 45056 ----a-w- C:\Windows\System32\acovcnt.exe
    2012-01-04 10:44:20 509952 ----a-w- C:\Windows\System32\ntshrui.dll
    2012-01-04 08:58:41 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll
    2011-12-30 06:26:08 515584 ----a-w- C:\Windows\System32\timedate.cpl
    2011-12-30 05:27:56 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl
    2011-12-28 03:59:24 498688 ----a-w- C:\Windows\System32\drivers\afd.sys
    2011-12-22 19:09:48 0 ----a-w- C:\Windows\System32\nsm64B3.tmp
    2011-12-22 19:09:47 0 ---ha-w- C:\Windows\SysWow64\nsh63A9.tmp
    2011-12-22 19:09:40 0 ---ha-w- C:\Windows\SysWow64\nsh48D8.tmp
    2011-12-22 07:48:06 4747120 ----a-w- C:\Windows\System32\SogouPY.ime
    2011-12-22 07:48:06 2722672 ---ha-w- C:\Windows\SysWow64\SogouPY.ime
    .
    ============= FINISH: 14:04:14.97 ===============
     
  5. bradiglesias

    bradiglesias TS Rookie Topic Starter

    Attach Notepad

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2011-08-26.01)
    .
    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume2
    Install Date: 7/26/2011 10:21:47 AM
    System Uptime: 3/20/2012 1:38:22 PM (1 hours ago)
    .
    Motherboard: ASUSTeK Computer Inc. | | G73Sw
    Processor: Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz | CPU 1 | 2001/100mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 175 GiB total, 23.234 GiB free.
    D: is FIXED (NTFS) - 502 GiB total, 40.467 GiB free.
    E: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
    Description: BT-270
    Device ID: USB\VID_0B05&PID_1788\74F06DD14B61
    Manufacturer: Broadcom
    Name: BT-270
    PNP Device ID: USB\VID_0B05&PID_1788\74F06DD14B61
    Service: BTHUSB
    .
    ==== System Restore Points ===================
    .
    No restore point in system.
    .
    ==== Installed Programs ======================
    .
    Update for Microsoft Office 2007 (KB2508958)
    ??????? 6.1???
    ??????? Windows Live Mesh ActiveX ??(????)
    ??????? Windows Live Mesh ActiveX ???
    ??QQ2011
    ËÑË÷¸üзþÎñ
    ±©·çÓ°Òô
    3DMark Vantage
    Adobe Flash Player 10 Plugin
    Adobe Reader 9.5.0
    AimOne Video Joiner 1.36
    Apple Application Support
    Apple Software Update
    ASUS AI Recovery
    ASUS LifeFrame3
    ASUS Live Update
    ASUS SmartLogon
    ASUS Splendid Video Enhancement Technology
    ASUS Virtual Camera
    ASUS WebStorage
    Asus_G73_Screensaver
    AsusVibe2.0
    ATK Package
    avast! Free Antivirus
    Belkin Setup and Router Monitor
    Blackhawk Emulation Device Drivers for Windows
    Bookworm Deluxe
    Code Composer Studio v4.1.3
    Complemento Messenger
    Complément Messenger
    Contrôle ActiveX Windows Live Mesh pour connexions à distance
    Control ActiveX de Windows Live Mesh para conexiones remotas
    Controlo ActiveX do Windows Live Mesh para Ligações Remotas
    Cooking Dash
    CyberLink LabelPrint
    CyberLink Power2Go
    D3DX10
    Debug Server
    DirectX 9 Runtime
    DSP BIOS 5.41.02.14 CCSv4
    DSP BIOS 6.21.00.13
    EndNote X5
    ExpressGate Cloud
    Futuremark SystemInfo
    Galeria de Fotografias do Windows Live
    Galerie de photos Windows Live
    Galería fotográfica de Windows Live
    Game Park Console
    Google Chrome
    Google Toolbar for Internet Explorer
    Google Update Helper
    Governor of Poker
    Hewlett-Packard ACLM.NET v1.1.0.0
    Hotel Dash Suite Success
    Hotfix for Microsoft Visual C++ 2010 Express - ENU (KB2542054)
    Hotfix for Microsoft Visual C++ 2010 Express - ENU (KB2635973)
    Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2280741)
    Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2284668)
    Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2295689)
    Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2420513)
    Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2452649)
    Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2455033)
    Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2485545)
    Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982517)
    Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982721)
    Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB983233)
    HP Product Detection
    Intel(R) Control Center
    Intel(R) Management Engine Components
    Java Auto Updater
    Java(TM) 6 Update 29
    Jewel Quest 3
    Junk Mail filter update
    Luxor 3
    Mahjongg dimensions
    Malwarebytes Anti-Malware version 1.60.1.1000
    Mesh Runtime
    Messenger ????
    Messenger ?????
    Messenger Companion
    Microsoft .NET Framework 4 Multi-Targeting Pack
    Microsoft Application Error Reporting
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2010
    Microsoft Office Excel 2007
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office File Validation Add-In
    Microsoft Office PowerPoint 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Visio 2007 Service Pack 2 (SP2)
    Microsoft Office Visio MUI (English) 2007
    Microsoft Office Visio Professional 2007
    Microsoft Office Word 2007
    Microsoft Office Word MUI (English) 2007
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft SQL Server 2008 Browser
    Microsoft SQL Server Compact 3.5 SP2 ENU
    Microsoft Visual C++ Compilers 2010 Standard - enu - x86
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
    Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219
    Microsoft Visual C++ 2010 Express - ENU
    Microsoft Visual Studio 2010 Service Pack 1
    MSVC80_Runtime
    MSVCRT
    MSVCRT_amd64
    MSXML 4.0 SP3 Parser (KB973685)
    MyTomTom 3.1.0.530
    National Instruments Software
    NI-DAQmx/LabVIEW shared documentation 1.9.5
    NI-RPC 4.2.2f0
    NI-RPC 4.2.2f0 for Phar Lap ETS
    NI Assistant Framework
    NI Authentication 2.0
    NI CodeSignAPI
    NI Curl 1.1
    NI DataSocket 4.9
    NI Distributed System Manager 2011
    NI DN 2.0 SP1 installer
    NI DN 2.0 x64 SP1 installer
    NI Error Reporting 2011
    NI EulaDepot
    NI GMP Windows 32-bit Installer 11.0.0
    NI Help Assistant
    NI LabVIEW 2009 SP1 Run-Time Engine Web Services
    NI LabVIEW 2011 Deployable License
    NI LabVIEW 2011 Deployment Framework
    NI LabVIEW 2011 License
    NI LabVIEW 2011 Real-Time Error Dialog
    NI LabVIEW 2011 Real-Time NBFifo
    NI LabVIEW 2011 Run-Time Engine Non-English Support.
    NI LabVIEW 2011 VIPM Helper
    NI LabVIEW Broker
    NI LabVIEW C Interface
    NI LabVIEW MAX XML
    NI LabVIEW Real-Time NBFifo
    NI LabVIEW Run-Time Engine 2009 SP1
    NI LabVIEW Run-Time Engine 2011
    NI LabVIEW Run-Time Engine Interop 2009
    NI LabVIEW Run-Time Engine Interop 2011
    NI LabVIEW Web Server for Run-Time Engine
    NI LabWindows/CVI 2010 Code Generator
    NI LabWindows/CVI 2010 LabVIEW DLL Builder
    NI LabWindows/CVI 9.0 Run-Time Engine
    NI License Manager
    NI Logos 5.3.0
    NI Logos XT Support
    NI Math Kernel Libraries
    NI MAX Remote Configuration Installer 5.0
    NI MDF Support
    NI mDNS Responder 1.6.0
    NI Measurement & Automation Explorer 5.0.0
    NI Measurement Studio Recipe Processor
    NI MetaSuite Installer
    NI Microsoft Silverlight Wrapper
    NI MXS 5.0.0
    NI Network Discovery 5.0
    NI OPC Support
    NI Portable Configuration 5.0.0
    NI Registration Wizard
    NI Remote Provider for MAX 5.0.0
    NI Remote PXI Provider for MAX 5.0.0
    NI Software Provider for MAX 5.0.0
    NI SSL Support
    NI System API Client for WIF 5.0.0
    NI System API Web-Servce 32-bit 5.0.0
    NI System API Windows 32-bit 5.0.0
    NI System Configuration Runtime 5.0.0
    NI System State Publisher
    NI System Web Server 2.0
    NI System Web Server Base 2.0
    NI TDM Excel Add-In 3.3
    NI TDMS
    NI Trace Engine
    NI Uninstaller
    NI Update Service 2.0
    NI USI 1.9.0
    NI Variable Engine 2.5.0
    NI VC2005MSMs x86
    NI VC2008MSMs x86
    NI Web Application Server 2.0
    NI Web Interface Framework 2.0
    NI Web Pipeline 2.0.1
    NI Xalan Delay Load 1.10.1
    NI Xerces Delay Load 2.7.3
    Nuance PDF Reader
    NVIDIA PhysX
    NVIDIA Stereoscopic 3D Driver
    Plants vs Zombies
    QuickTime
    QvodPlayer 5.1.90
    RaySource 2.2.0.1
    Realtek Ethernet Controller Driver For Windows 7
    Realtek High Definition Audio Driver
    Realtek USB 2.0 Reader Driver
    ResearchSoft Direct Export Helper
    Reset NI Config 5.0.0
    Roxio AACS Certificate
    Roxio Activation Module
    Roxio CinePlayer
    Safari
    Security Update for 2007 Microsoft Office System (KB2288621)
    Security Update for 2007 Microsoft Office System (KB2288931)
    Security Update for 2007 Microsoft Office System (KB2345043)
    Security Update for 2007 Microsoft Office System (KB2553089)
    Security Update for 2007 Microsoft Office System (KB2553090)
    Security Update for 2007 Microsoft Office System (KB2584063)
    Security Update for 2007 Microsoft Office System (KB969559)
    Security Update for 2007 Microsoft Office System (KB976321)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
    Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
    Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
    Security Update for Microsoft Office InfoPath 2007 (KB979441)
    Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
    Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
    Security Update for Microsoft Office system 2007 (972581)
    Security Update for Microsoft Office system 2007 (KB974234)
    Security Update for Microsoft Office Visio 2007 (KB2553010)
    Security Update for Microsoft Office Word 2007 (KB2344993)
    Skype™ 5.6
    SOSO AddressBar Search
    StarCraft II
    syncables desktop SE
    THX TruStudio
    Update for 2007 Microsoft Office System (KB2284654)
    Update for 2007 Microsoft Office System (KB967642)
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft .NET Framework 4 Extended (KB2468871)
    Update for Microsoft .NET Framework 4 Extended (KB2533523)
    Update for Microsoft Office 2007 Help for Common Features (KB963673)
    Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
    Update for Microsoft Office 2007 System (KB2539530)
    Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
    Update for Microsoft Office Excel 2007 Help (KB963678)
    Update for Microsoft Office Powerpoint 2007 Help (KB963669)
    Update for Microsoft Office Script Editor Help (KB963671)
    Update for Microsoft Office Visio 2007 Help (KB963666)
    Update for Microsoft Office Word 2007 Help (KB963665)
    Visual Studio C++ 10.0 Runtime
    WIF Core Dependencies Windows 5.0.0
    Windows Live
    Windows Live ???
    Windows Live ????
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Installer
    Windows Live Mail
    Windows Live Mesh
    Windows Live Mesh ActiveX Control for Remote Connections
    Windows Live Messenger
    Windows Live Messenger Companion Core
    Windows Live Movie Maker
    Windows Live Photo Common
    Windows Live Photo Gallery
    Windows Live PIMT Platform
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer Resources
    WinFlash
    Wireless Console 3
    World of Goo
    XDCtools 3.16.02.32
    Yahoo! Messenger
    Yahoo! Software Update
    Yahoo! Toolbar
    .
    ==== Event Viewer Messages From Past Week ========
    .
    3/20/2012 9:46:43 AM, Error: Service Control Manager [7023] - The Peer Name Resolution Protocol service terminated with the following error: Access is denied.
    3/20/2012 9:46:43 AM, Error: Service Control Manager [7001] - The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: Access is denied.
    3/20/2012 9:46:43 AM, Error: Microsoft-Windows-PNRPSvc [102] - The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80070005.
    3/20/2012 9:05:33 AM, Error: iaStor [9] - The device, \Device\Ide\iaStor0, did not respond within the timeout period.
    3/20/2012 11:42:29 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the DNS Client service, but this action failed with the following error: An instance of the service is already running.
    3/20/2012 11:37:29 AM, Error: Service Control Manager [7034] - The Cryptographic Services service terminated unexpectedly. It has done this 2 time(s).
    3/20/2012 11:37:29 AM, Error: Service Control Manager [7031] - The Workstation service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
    3/20/2012 11:37:29 AM, Error: Service Control Manager [7031] - The Network Location Awareness service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
    3/20/2012 11:37:29 AM, Error: Service Control Manager [7031] - The DNS Client service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
    3/20/2012 11:35:22 AM, Error: Service Control Manager [7031] - The Workstation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
    3/20/2012 11:35:22 AM, Error: Service Control Manager [7031] - The Network Location Awareness service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
    3/20/2012 11:35:22 AM, Error: Service Control Manager [7031] - The DNS Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
    3/20/2012 11:35:22 AM, Error: Service Control Manager [7031] - The Cryptographic Services service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
    3/20/2012 11:32:50 AM, Error: Service Control Manager [7034] - The DNS Client service terminated unexpectedly. It has done this 12 time(s).
    3/20/2012 11:30:42 AM, Error: Service Control Manager [7034] - The DNS Client service terminated unexpectedly. It has done this 11 time(s).
    3/20/2012 11:29:20 AM, Error: Service Control Manager [7034] - The DNS Client service terminated unexpectedly. It has done this 10 time(s).
    3/20/2012 11:28:02 AM, Error: Service Control Manager [7034] - The DNS Client service terminated unexpectedly. It has done this 9 time(s).
    3/20/2012 11:26:44 AM, Error: Service Control Manager [7034] - The DNS Client service terminated unexpectedly. It has done this 8 time(s).
    3/20/2012 11:24:33 AM, Error: Service Control Manager [7034] - The DNS Client service terminated unexpectedly. It has done this 7 time(s).
    3/20/2012 11:22:52 AM, Error: Service Control Manager [7034] - The DNS Client service terminated unexpectedly. It has done this 6 time(s).
    3/20/2012 11:21:32 AM, Error: Service Control Manager [7034] - The DNS Client service terminated unexpectedly. It has done this 5 time(s).
    3/20/2012 11:20:11 AM, Error: Service Control Manager [7034] - The Workstation service terminated unexpectedly. It has done this 3 time(s).
    3/20/2012 11:20:11 AM, Error: Service Control Manager [7034] - The DNS Client service terminated unexpectedly. It has done this 4 time(s).
    3/20/2012 11:18:53 AM, Error: Service Control Manager [7034] - The Network Location Awareness service terminated unexpectedly. It has done this 3 time(s).
    3/20/2012 11:18:53 AM, Error: Service Control Manager [7034] - The DNS Client service terminated unexpectedly. It has done this 3 time(s).
    3/20/2012 11:17:16 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Cryptographic Services service, but this action failed with the following error: An instance of the service is already running.
    3/20/2012 1:42:23 PM, Error: Service Control Manager [7001] - The MBAMService service depends on the MBAMProtector service which failed to start because of the following error: The system cannot find the file specified.
    3/20/2012 1:42:23 PM, Error: Service Control Manager [7000] - The MBAMProtector service failed to start due to the following error: The system cannot find the file specified.
    3/20/2012 1:40:38 PM, Error: Microsoft-Windows-WMPNSS-Service [14346] - A new media server was not initialized because RegisterRunningDevice() encountered error '0x80070005'. Restart your computer, and then restart the WMPNetworkSvc service.
    3/17/2012 4:42:06 PM, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
    3/13/2012 11:21:00 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR2.
    .
    ==== End Of File ===========================
     
  6. bradiglesias

    bradiglesias TS Rookie Topic Starter

    PLEASE HELP ME!! Thanks so such!!!!

    PLEASE HELP ME!! Thanks so such!!!!
     
  7. Broni

    Broni Malware Annihilator Posts: 52,904   +344

    Welcome aboard [​IMG]

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running tools or applying updates other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

    ===============================================================

    You're running two AV programs, Avast and TrendMicro.
    You must uninstall one of them.
    Your choice.

    Then...
    Let's see, if we can recover your missing features.
    Download and run UnHide
    Let me know, if it worked.

    Next....

    Download aswMBR to your desktop.
    Double click the aswMBR.exe to run it.
    If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
    Click the "Scan" button to start scan.
    On completion of the scan click "Save log", save it to your desktop and post in your next reply.

    NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

    =====================================================================

    Download Bootkit Remover to your desktop.

    • Unzip downloaded file to your Desktop.
    • Double-click on boot_cleaner.exe to run the program (Vista/7 users,right click on boot_cleaner.exe and click Run As Administrator).
    • It will show a Black screen with some data on it.
    • Right click on the screen and click Select All.
    • Press CTRL+C
    • Open a Notepad and press CTRL+V
    • Post the output back here.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...