Hi, I went on a website earlier and as soon as I clicked on it my computer started going crazy. All my icons have dissapeared and so have all my programs and files. Well, I guess they may be hidden because if I search a file it will come up.
The virus pop up seemed to link back to some company called Secure Bill Inc, who were trying to get me to buy their product for the 'fix'. I was hoping you guys could help me get rid of this please! Typically this would happen to me about 5 hours before I've got a major essay due.. ah!
The virus itself 'seems' to be gone now, I don't have any more pop ups or anything, but all my files are still mia.
I think/hope I've followed the five steps exactly. Your help would be much appreciated, thanks! x
I've included the Malware bytes log & the DDS logs. GMER said it didn't find any modifications.
Malwarebytes Anti-Malware (Trial) 1.60.0.1800
www.malwarebytes.org
Database version: v2012.01.15.04
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Owner :: OWNER-PC [administrator]
Protection: Enabled
16/01/2012 03:33:52
mbam-log-2012-01-16 (03-33-52).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 186256
Time elapsed: 6 minute(s), 25 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 3
HKCR\CLSID\{61185BC9-732D-4C9C-3181-2B5009E87544} (Trojan.BHO) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{61185BC9-732D-4C9C-3181-2B5009E87544} (Trojan.BHO) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{61185BC9-732D-4C9C-3181-2B5009E87544} (Trojan.BHO) -> Quarantined and deleted successfully.
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowMyComputer (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowSearch (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully.
Folders Detected: 0
(No malicious items detected)
Files Detected: 2
C:\Windows\SysWOW64\WMSSPDMOD.DLL (Trojan.BHO) -> Quarantined and deleted successfully.
C:\Windows\System32\WMSSPDMOD.DLL (Trojan.BHO) -> Quarantined and deleted successfully.
(end)
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_24
Run by Owner at 4:25:28 on 2012-01-16
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.4095.1966 [GMT 0:00]
.
AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
AV: Norton 360 *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Lavasoft Ad-Watch Live! *Enabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\SysWOW64\svchost.exe -k Akamai
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Norton 360\Engine\3.8.3.6\ccSvcHst.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\Wacom_Tablet.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Norton 360\Engine\3.8.3.6\ccSvcHst.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\WTablet\Wacom_TabletUser.exe
C:\Windows\system32\Wacom_Tablet.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Users\Owner\AppData\Local\Akamai\netsession_win.exe
C:\Users\Owner\AppData\Local\Akamai\netsession_win.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Hewlett-Packard\KBD\kbd.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AWSC.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AWSC.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=91&bd=Pavilion&pf=cndt
uStart Page = hxxp://search.hotspotshield.com/g/?c=h
uInternet Settings,ProxyOverride = local;*.local
mWinlogon: Userinit=C:\Windows\SysWOW64\userinit.exe,
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton 360\Engine\3.8.3.6\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton 360\Engine\3.8.3.6\IPSBHO.DLL
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton 360\Engine\3.8.3.6\coIEPlg.dll
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [HPAdvisor] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW,SYSTRAY
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
uRun: [Skype] "C:\Program Files (x86)\Skype\\Phone\Skype.exe" /nosplash /minimized
uRun: [AdobeUpdater] C:\Program Files (x86)\Common Files\Adobe\Updater\AdobeUpdater.exe
uRun: [Akamai NetSession Interface] "C:\Users\Owner\AppData\Local\Akamai\netsession_win.exe"
uRun: [LlJwTeDMeFPCEj.exe] C:\ProgramData\LlJwTeDMeFPCEj.exe
mRun: [CLMLServer for HP TouchSmart] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
mRun: [DVDAgent] "C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"
mRun: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe
mRun: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE
mRun: [OsdMaestro] c:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe
mRun: [TSMAgent] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
mRun: [UpdateP2GoShortCut] "c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun: [UpdatePDIRShortCut] "c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
mRun: [UpdatePSTShortCut] "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
StartupFolder: C:\Users\Owner\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
StartupFolder: C:\Users\Owner\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ROLLER~1.LNK - C:\Users\Owner\AppData\Local\Temp\{54B9763F-B6DD-48EC-9D4E-BB9E82AAF9FE}\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\ATR1.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: Save video on Savevid.com - C:\Program Files (x86)\Savevid\redirect.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~3\OFFICE11\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{0DE46F63-55F3-4A2F-8058-2203380698B0} : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{0DE46F63-55F3-4A2F-8058-2203380698B0}\544696D61687021405 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{0DE46F63-55F3-4A2F-8058-2203380698B0}\E4544574541425 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{EEE6300E-B981-4EA2-8323-9AA672FE96C5} : DhcpNameServer = 192.168.2.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files (x86)\Norton 360\Engine\3.8.3.6\CoIEPlg.dll
BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO-X64: HP Print Enhancer - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\3.8.3.6\coIEPlg.dll
BHO-X64: Symantec NCO BHO - No File
BHO-X64: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\3.8.3.6\IPSBHO.DLL
BHO-X64: Symantec Intrusion Prevention - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
BHO-X64: HP Smart BHO Class - No File
TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\3.8.3.6\coIEPlg.dll
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
mRun-x64: [CLMLServer for HP TouchSmart] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
mRun-x64: [DVDAgent] "C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"
mRun-x64: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
mRun-x64: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun-x64: [hpsysdrv] c:\hp\support\hpsysdrv.exe
mRun-x64: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE
mRun-x64: [OsdMaestro] c:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe
mRun-x64: [TSMAgent] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
mRun-x64: [UpdateP2GoShortCut] "c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun-x64: [UpdatePDIRShortCut] "c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
mRun-x64: [UpdatePSTShortCut] "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
mRun-x64: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
mRun-x64: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\qo7mnct8.default\
FF - prefs.js: browser.search.defaulturl - hxxp://aim.search.aol.com/search/search?query={searchTerms}&invocationType=tb50-ff-aim-chromesbox-en-us
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage -
FF - prefs.js: keyword.URL - hxxp://search.hotspotshield.com/g/results.php?c=s&q=
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBook.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBookDB.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpNeoLogger.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSaturn.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSeymour.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartSelect.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartWebPrinting.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSWPOperation.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPLogging.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTC.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTL.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXREStub.dll
FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\components\coFFPlgn.dll
FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\IPSFFPlgn\components\IPSFFPl.dll
FF - plugin: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
FF - plugin: C:\Windows\system32\TVUAx\npTVUAx.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false
============= SERVICES / DRIVERS ===============
.
R0 Lbd;Lbd;C:\Windows\system32\DRIVERS\Lbd.sys --> C:\Windows\system32\DRIVERS\Lbd.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\N360x64\0308030.006\SYMEFA64.SYS --> C:\Windows\system32\drivers\N360x64\0308030.006\SYMEFA64.SYS [?]
R1 BHDrvx64;Symantec Heuristics Driver;C:\Windows\system32\Drivers\N360x64\0308030.006\BHDrvx64.sys --> C:\Windows\system32\Drivers\N360x64\0308030.006\BHDrvx64.sys [?]
R1 ccHP;Symantec Hash Provider;C:\Windows\system32\Drivers\N360x64\0308030.006\ccHPx64.sys --> C:\Windows\system32\Drivers\N360x64\0308030.006\ccHPx64.sys [?]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20120113.002\IDSviA64.sys [2012-1-14 488568]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2009/10/17 19:43:53];C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [2008-10-21 146928]
R2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe -k Akamai [2009-7-13 20992]
R2 HPBtnSrv;HP Easy Backup Button Service;C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe [2009-1-6 192512]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2010-12-3 2152152]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-1-16 652872]
R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\3.8.3.6\ccSvcHst.exe [2011-10-11 117648]
R2 TabletServiceWacom;TabletServiceWacom;C:\Windows\system32\Wacom_Tablet.exe --> C:\Windows\system32\Wacom_Tablet.exe [?]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-11-16 138360]
R3 HCW85BDA;Hauppauge WinTV 885 Video Capture;C:\Windows\system32\drivers\HCW85BDA.sys --> C:\Windows\system32\drivers\HCW85BDA.sys [?]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys [2010-12-3 17152]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista;C:\Windows\system32\DRIVERS\netr28x.sys --> C:\Windows\system32\DRIVERS\netr28x.sys [?]
R3 SYMNDISV;Symantec Network Filter Driver;C:\Windows\system32\Drivers\N360x64\0308030.006\SYMNDISV.SYS --> C:\Windows\system32\Drivers\N360x64\0308030.006\SYMNDISV.SYS [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 PCD5SRVC{8AAF211B-043E02A9-05040000};PCD5SRVC{8AAF211B-043E02A9-05040000} - PCDR Kernel Mode Service Helper Driver;C:\Program Files\PC-Doctor for Windows\pcd5srvc_x64.pkms [2008-9-10 25888]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2012-01-16 03:29:52 -------- d-----w- C:\Users\Owner\AppData\Roaming\Malwarebytes
2012-01-16 03:29:46 -------- d-----w- C:\ProgramData\Malwarebytes
2012-01-16 03:29:44 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-01-16 03:29:44 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-01-16 03:15:49 -------- d-----w- C:\Program Files (x86)\AVG
2012-01-16 03:08:22 -------- d--h--w- C:\ProgramData\Common Files
2012-01-16 03:08:03 -------- d-----w- C:\ProgramData\MFAData
2012-01-16 02:24:51 362278 ---ha-w- C:\ProgramData\LXpoCQenoqUKAH.exe
2012-01-15 19:45:10 -------- d--h--w- C:\Users\Owner\AppData\Local\{C877BB57-A7CF-43F6-9063-402FC4B8F6EF}
2012-01-15 19:44:24 -------- d--h--w- C:\Users\Owner\AppData\Local\{59028BF3-1B46-4482-B18D-B8C32A83C471}
2012-01-14 18:01:10 -------- d--h--w- C:\Users\Owner\AppData\Local\{8BBEA154-1763-4B78-B17F-AE292EEA9CC0}
2012-01-14 18:00:18 -------- d--h--w- C:\Users\Owner\AppData\Local\{C339147B-0121-423A-9A02-6CC815C9A940}
2012-01-13 14:08:41 -------- d--h--w- C:\Users\Owner\AppData\Local\{FA16B971-8B32-48C3-A965-3E038DCFCFEE}
2012-01-13 14:07:59 -------- d--h--w- C:\Users\Owner\AppData\Local\{0B958B19-D545-4132-9212-E7E1C3A9BCE9}
2012-01-12 17:35:30 -------- d--h--w- C:\Users\Owner\AppData\Local\{F847349B-9F0B-4C9C-AC61-F7F6E81BC91D}
2012-01-12 17:34:27 -------- d--h--w- C:\Users\Owner\AppData\Local\{A62B28B6-DF65-45DE-B063-D559DE64FA84}
2012-01-11 17:30:06 1572864 ----a-w- C:\Windows\System32\quartz.dll
2012-01-11 17:30:06 1328128 ----a-w- C:\Windows\SysWow64\quartz.dll
2012-01-11 17:30:05 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2012-01-11 17:30:05 366592 ----a-w- C:\Windows\System32\qdvd.dll
2012-01-11 17:29:57 1731920 ----a-w- C:\Windows\System32\ntdll.dll
2012-01-11 17:29:57 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll
2012-01-11 17:29:54 77312 ----a-w- C:\Windows\System32\packager.dll
2012-01-11 17:29:54 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2012-01-11 17:28:48 626688 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcr80.dll
2012-01-11 17:28:48 548864 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcp80.dll
2012-01-11 17:28:48 479232 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcm80.dll
2012-01-11 17:28:48 43992 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozutils.dll
2012-01-11 17:15:47 -------- d--h--w- C:\Users\Owner\AppData\Local\{248E8FD0-AC0C-4607-A51E-CA710B813A4E}
2012-01-11 17:15:08 -------- d--h--w- C:\Users\Owner\AppData\Local\{702A9064-713A-4DF9-B4C5-3ED31133AC69}
2012-01-10 17:08:48 -------- d--h--w- C:\Users\Owner\AppData\Local\{6477D7B5-307C-4DF8-B52B-C0F423F6D3E2}
2012-01-10 17:08:11 -------- d--h--w- C:\Users\Owner\AppData\Local\{A54DAABF-3379-40F5-8D9A-8DD96AA1AEC7}
2012-01-09 12:55:22 -------- d--h--w- C:\Users\Owner\AppData\Local\{75195F63-BAAE-4BFF-AC07-8BA34821B483}
2012-01-09 12:54:26 -------- d--h--w- C:\Users\Owner\AppData\Local\{F40D63C8-15C1-4CF8-A654-E709D043F3B4}
2012-01-08 20:44:48 -------- d--h--w- C:\Users\Owner\AppData\Local\{7A85B784-3223-4A4E-BD76-2D5CC095F0DD}
2012-01-08 20:44:07 -------- d--h--w- C:\Users\Owner\AppData\Local\{A4D9A4CF-006F-4115-B871-4546237983D7}
2012-01-07 15:37:44 -------- d--h--w- C:\Users\Owner\AppData\Local\{C1684389-CF30-4BF1-A8C2-8909BF00E62C}
2012-01-07 15:36:43 -------- d--h--w- C:\Users\Owner\AppData\Local\{B198A1C2-0F9D-4893-8720-0D740ECB1A95}
2012-01-06 14:46:18 -------- d--h--w- C:\Users\Owner\AppData\Local\{A8FA5841-0914-444E-93A2-ED291D1B7F57}
2012-01-06 14:45:44 -------- d--h--w- C:\Users\Owner\AppData\Local\{F7FA549B-02B6-484C-9A19-B4B294383645}
2012-01-05 23:39:54 -------- d--h--w- C:\Users\Owner\AppData\Local\{F27D3AB2-F1D8-4676-BF06-DF0F669D2EAC}
2012-01-05 23:39:04 -------- d--h--w- C:\Users\Owner\AppData\Local\{6CB981A5-C3D7-47F5-B662-5C782563A231}
2012-01-04 14:39:03 -------- d--h--w- C:\Users\Owner\AppData\Local\{BB033EA6-CBA1-40C3-B0FD-1255111884E6}
2012-01-04 14:38:27 -------- d--h--w- C:\Users\Owner\AppData\Local\{ECED6DF1-D325-4192-849B-D00CEEFB3974}
2012-01-03 16:10:06 -------- d--h--w- C:\Users\Owner\AppData\Local\{A707EB74-55E5-4CB2-9B3C-568E7712FC97}
2012-01-03 16:09:28 -------- d--h--w- C:\Users\Owner\AppData\Local\{2CF6CA3E-01A0-4226-8828-0D0E47A3FE7B}
2012-01-02 15:44:18 -------- d--h--w- C:\Users\Owner\AppData\Local\{E80FC64E-43C5-490B-96CF-495B59B06598}
2012-01-02 15:43:42 -------- d--h--w- C:\Users\Owner\AppData\Local\{8D5CE014-751C-4044-8F07-109722CE51D4}
2012-01-01 15:19:49 -------- d--h--w- C:\Users\Owner\AppData\Local\{D8A97F8A-9745-4FB4-A4C9-8A1616C23447}
2012-01-01 15:19:12 -------- d--h--w- C:\Users\Owner\AppData\Local\{415428DF-2BE3-450F-AFEA-16DDC8872F70}
2011-12-30 19:22:20 -------- d--h--w- C:\Users\Owner\AppData\Local\{89530221-8525-4A39-8438-E3CF7790F04F}
2011-12-30 19:21:34 -------- d--h--w- C:\Users\Owner\AppData\Local\{C4899700-2030-44BE-BF3F-4489433AF50B}
2011-12-29 23:05:52 -------- d--h--w- C:\Users\Owner\AppData\Local\{1265F0F7-E901-4CAA-817F-B72998243205}
2011-12-29 23:05:06 -------- d--h--w- C:\Users\Owner\AppData\Local\{BAD0EA34-41BD-4D64-9991-E9C738C298E0}
2011-12-26 21:21:48 -------- d--h--w- C:\Users\Owner\AppData\Local\{D2320C6F-2886-4BEA-8A64-4A5B253B9FD8}
2011-12-26 21:20:58 -------- d--h--w- C:\Users\Owner\AppData\Local\{1B3725C8-5072-4F1E-9AC6-0DB57605C542}
2011-12-22 15:31:34 -------- d--h--w- C:\Users\Owner\AppData\Local\{FED802F8-0BAC-420F-92F7-D29280E8390D}
2011-12-22 15:30:42 -------- d--h--w- C:\Users\Owner\AppData\Local\{092B0B34-DCA6-476C-AA6F-47267C433E71}
2011-12-21 15:35:50 -------- d--h--w- C:\Users\Owner\AppData\Local\{22B39944-4387-4CAD-BF72-E922B7DA32E2}
2011-12-21 15:32:14 -------- d--h--w- C:\Users\Owner\AppData\Local\{42FFBEFE-9FE6-4D11-B66A-744921CC0940}
2011-12-20 21:52:33 -------- d--h--w- C:\Users\Owner\AppData\Local\{264DE690-90D5-4605-AB37-8A696525D8B6}
2011-12-20 21:51:55 -------- d--h--w- C:\Users\Owner\AppData\Local\{C32884B8-EA0D-4D60-8145-E2B6F6A8872F}
2011-12-19 11:32:09 11137024 ----a-w- C:\Windows\SysWow64\libmfxsw32.dll
2011-12-19 10:47:19 -------- d--h--w- C:\Users\Owner\AppData\Local\{4E451737-4844-441A-B5D9-69AA82BED388}
2011-12-19 10:46:45 -------- d--h--w- C:\Users\Owner\AppData\Local\{3FA79DCE-0D85-4FB1-9746-B6472931D88D}
2011-12-18 22:44:22 -------- d--h--w- C:\Users\Owner\AppData\Local\{56EA666F-6694-4716-8D63-D9690413BF36}
2011-12-18 22:43:31 -------- d--h--w- C:\Users\Owner\AppData\Local\{D5630772-C2A5-4AB7-A0CF-A6141DE5322B}
.
==================== Find3M ====================
.
2011-11-24 04:52:09 3145216 ----a-w- C:\Windows\System32\win32k.sys
2011-11-05 05:41:43 1188864 ----a-w- C:\Windows\System32\wininet.dll
2011-11-05 05:32:50 2048 ----a-w- C:\Windows\System32\tzres.dll
2011-11-05 04:35:00 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-11-05 04:26:03 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2011-11-05 03:32:47 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2011-11-05 02:48:51 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-10-26 05:21:20 43520 ----a-w- C:\Windows\System32\csrsrv.dll
.
============= FINISH: 4:25:55.37 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 16/01/2010 20:41:44
System Uptime: 16/01/2012 03:43:25 (1 hours ago)
.
Motherboard: PEGATRON CORPORATION | | Benicia
Processor: Intel(R) Core(TM)2 Quad CPU Q9300 @ 2.50GHz | CPU 1 | 2500/1333mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 917 GiB total, 495.319 GiB free.
D: is FIXED (NTFS) - 14 GiB total, 1.978 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Photosmart C6100 series
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer: HP
Name: Photosmart C6100 series
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service:
.
Class GUID:
Description: Photosmart C6100 series
Device ID: ROOT\MULTIFUNCTION\0002
Manufacturer:
Name: Photosmart C6100 series
PNP Device ID: ROOT\MULTIFUNCTION\0002
Service:
.
==== System Restore Points ===================
.
RP132: 13/10/2011 03:00:52 - Windows Update
RP133: 20/10/2011 19:09:48 - Scheduled Checkpoint
RP134: 27/10/2011 03:00:48 - Windows Update
RP135: 03/11/2011 19:22:05 - Scheduled Checkpoint
RP136: 10/11/2011 01:35:15 - Windows Update
RP137: 11/11/2011 02:39:56 - Windows Update
RP138: 17/11/2011 00:12:06 - Installed Life Quest
RP139: 17/11/2011 02:43:44 - Removed Life Quest
RP140: 07/12/2011 17:15:25 - Scheduled Checkpoint
RP141: 13/12/2011 03:14:15 - Removed TweetDeck
RP142: 13/12/2011 03:15:25 - Removed twhirl
RP143: 15/12/2011 19:35:30 - Windows Update
RP144: 01/01/2012 18:25:23 - Scheduled Checkpoint
RP145: 09/01/2012 20:19:58 - Scheduled Checkpoint
RP146: 12/01/2012 02:45:21 - Windows Update
RP147: 16/01/2012 03:13:54 - Installed AVG 2012
.
==== Installed Programs ======================
.
AAC Decoder
ActiveCheck component for HP Active Support Library
Ad-Aware
Adobe AIR
Adobe Bridge 1.0
Adobe Common File Installer
Adobe Community Help
Adobe Download Assistant
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Help Center 1.0
Adobe Illustrator CS5.1
Adobe Photoshop CS2
Adobe Premiere Elements 8.0
Adobe Reader 9.4.3
Adobe Shockwave Player 11.5
Adobe Stock Photos 1.0
AIM 7
AIO_CDA_ProductContext
AIO_CDA_Software
AIO_Scan
Akamai NetSession Interface
Akamai NetSession Interface Service
Apple Application Support
Apple Software Update
Around the World in Eighty Days: The Challenge
µTorrent
AutoUpdate
AVS Update Manager 1.0
AVS Video Converter 8
AVS4YOU Software Navigator 1.4
Big Fish Games: Game Manager
BlackBerry Desktop Software 6.1
BlackBerry Device Software Updater
BufferChm
C6100
calibre
Compatibility Pack for the 2007 Office system
Copy
Corel DESIGNER Technical Suite X5
Corel DESIGNER Technical Suite X5 - EN
Corel DESIGNER Technical Suite X5 - IPM
Corel DESIGNER Technical Suite X5 - Setup Files
Corel DESIGNER Technical Suite X5 - WT
Corel Graphics - Windows Shell Extension
Corel Painter Essentials 3
CorelDRAW Graphics Suite X5 - Capture
CorelDRAW Graphics Suite X5 - Common
CorelDRAW Graphics Suite X5 - Connect
CorelDRAW Graphics Suite X5 - Custom Data
CorelDRAW Graphics Suite X5 - Designer
CorelDRAW Graphics Suite X5 - Draw
CorelDRAW Graphics Suite X5 - EN
CorelDRAW Graphics Suite X5 - Filters
CorelDRAW Graphics Suite X5 - FontNav
CorelDRAW Graphics Suite X5 - PHOTO-PAINT
CorelDRAW Graphics Suite X5 - Photozoom Plugin
CorelDRAW Graphics Suite X5 - Redist
CorelDRAW Graphics Suite X5 - VBA
CorelDRAW Graphics Suite X5 - VideoBrowser
CorelDRAW Graphics Suite X5 - VSTA
CustomerResearchQFolder
CyberLink DVD Suite Deluxe
D-Link Powerline AV Utility
D3DX10
Deep Exploration 6 CE
Destinations
DeviceDiscovery
DeviceManagementQFolder
Diaper Dash
DivX Codec
DivX Converter
DivX Player
DivX Plus DirectShow Filters
DivX Plus Web Player
DivX Version Checker
DocProc
DocProcQFolder
Download Updater (AOL LLC)
EA Download Manager
EA Download Manager UI
Enhanced Multimedia Keyboard Solution
eSupportQFolder
Express Burn
Express Rip
Fax
Free Mp3 Wma Converter V 1.81
Free Video Flip and Rotate version 1.8
GEAR driver installer for x86 and x64
GPBaseService2
H.264 Decoder
Hauppauge MCE XP/Vista Software Encoder (2.0.26268)
Hidden Object Movie Studios: I'll Believe You
Hotel Dash 2: Lost Luxuries
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)
HP Active Support Library
HP Advisor
HP Customer Experience Enhancements
HP Demo
HP Easy Backup
HP MediaSmart DVD
HP MediaSmart Music/Photo/Video
HP Photosmart Essential
HP Picasso Media Center Add-In
HP Recovery Manager RSS
HP Total Care Setup
HP Update
HP_Network_UserGuide
HPAsset component for HP Active Support Library
HPPhotoGadget
HPPhotoSmartDiscLabelContent1
HPPhotosmartEssential
HPProductAssistant
HPSSupply
Java Auto Updater
Java(TM) 6 Update 24
Java(TM) 6 Update 7
Jessica Secret of the Caribbean
LabelPrint
LightScribe System Software
Macabre Mysteries: Curse of the Nightingale
Malwarebytes Anti-Malware version 1.60.0.1800
MarketResearch
MediaCoder 2011
Microsoft Office File Validation Add-In
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Professional Edition 2003
Microsoft Silverlight
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual Studio Tools for Applications 2.0 - ENU
Microsoft Visual Studio Tools for Applications 2.0 Runtime
Microsoft Works
Microsoft WSE 3.0 Runtime
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFCLOC_x86
MixPad Audio Mixer
MKV Splitter
Mozilla Firefox 9.0.1 (x86 en-US)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
muvee Reveal
Nanny Mania 2 - Goes to HOLLYWOOD
Norton 360
Norton Security Scan
Paint Shop Pro 7 Anniversary Edition
PDF Settings CS5
Power2Go
PowerDirector
Python 2.5.2
QuickTime
Realtek High Definition Audio Driver
Sally's Studio Collector's Edition 1.00
SaveVid Plug-in
Scan
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Skype Toolbars
Skype™ 4.2
SmartSound Quicktracks for Premiere Elements 8.0
SmartWebPrinting
SoftMCE Encoder
SolutionCenter
Status
Switch Sound File Converter
The Sims™ 3
Toolbox
TrayApp
Uninstall 1.0.0.1
UnloadSupport
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
VC80CRTRedist - 8.0.50727.4053
VDownloader 1.12
Visual Basic for Applications (R) Core
Visual Basic for Applications (R) Core - English
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
Visual Studio 2008 x64 Redistributables
VLC media player 1.0.2
Wacom Tablet
WavePad Sound Editor
WebReg
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Messenger
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Player Firefox Plugin
WinPcap 4.1.1
.
==== Event Viewer Messages From Past Week ========
.
16/01/2012 03:48:15, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
16/01/2012 03:47:45, Error: Service Control Manager [7024] - The HomeGroup Listener service terminated with service-specific error %%-2147023143.
16/01/2012 03:44:42, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.
16/01/2012 03:44:40, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.
16/01/2012 03:44:40, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.
16/01/2012 03:42:39, Error: Service Control Manager [7016] - The NVIDIA Display Driver Service service has reported an invalid current state 32.
09/01/2012 12:55:48, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HomeGroupProvider service.
09/01/2012 12:55:48, Error: Service Control Manager [7000] - The HomeGroup Provider service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
09/01/2012 12:55:18, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.
.
==== End Of File ===========================
The virus pop up seemed to link back to some company called Secure Bill Inc, who were trying to get me to buy their product for the 'fix'. I was hoping you guys could help me get rid of this please! Typically this would happen to me about 5 hours before I've got a major essay due.. ah!
The virus itself 'seems' to be gone now, I don't have any more pop ups or anything, but all my files are still mia.
I think/hope I've followed the five steps exactly. Your help would be much appreciated, thanks! x
I've included the Malware bytes log & the DDS logs. GMER said it didn't find any modifications.
Malwarebytes Anti-Malware (Trial) 1.60.0.1800
www.malwarebytes.org
Database version: v2012.01.15.04
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Owner :: OWNER-PC [administrator]
Protection: Enabled
16/01/2012 03:33:52
mbam-log-2012-01-16 (03-33-52).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 186256
Time elapsed: 6 minute(s), 25 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 3
HKCR\CLSID\{61185BC9-732D-4C9C-3181-2B5009E87544} (Trojan.BHO) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{61185BC9-732D-4C9C-3181-2B5009E87544} (Trojan.BHO) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{61185BC9-732D-4C9C-3181-2B5009E87544} (Trojan.BHO) -> Quarantined and deleted successfully.
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowMyComputer (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowSearch (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully.
Folders Detected: 0
(No malicious items detected)
Files Detected: 2
C:\Windows\SysWOW64\WMSSPDMOD.DLL (Trojan.BHO) -> Quarantined and deleted successfully.
C:\Windows\System32\WMSSPDMOD.DLL (Trojan.BHO) -> Quarantined and deleted successfully.
(end)
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_24
Run by Owner at 4:25:28 on 2012-01-16
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.4095.1966 [GMT 0:00]
.
AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
AV: Norton 360 *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Lavasoft Ad-Watch Live! *Enabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\SysWOW64\svchost.exe -k Akamai
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Norton 360\Engine\3.8.3.6\ccSvcHst.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\Wacom_Tablet.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Norton 360\Engine\3.8.3.6\ccSvcHst.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\WTablet\Wacom_TabletUser.exe
C:\Windows\system32\Wacom_Tablet.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Users\Owner\AppData\Local\Akamai\netsession_win.exe
C:\Users\Owner\AppData\Local\Akamai\netsession_win.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Hewlett-Packard\KBD\kbd.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AWSC.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AWSC.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=91&bd=Pavilion&pf=cndt
uStart Page = hxxp://search.hotspotshield.com/g/?c=h
uInternet Settings,ProxyOverride = local;*.local
mWinlogon: Userinit=C:\Windows\SysWOW64\userinit.exe,
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton 360\Engine\3.8.3.6\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton 360\Engine\3.8.3.6\IPSBHO.DLL
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton 360\Engine\3.8.3.6\coIEPlg.dll
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [HPAdvisor] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW,SYSTRAY
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
uRun: [Skype] "C:\Program Files (x86)\Skype\\Phone\Skype.exe" /nosplash /minimized
uRun: [AdobeUpdater] C:\Program Files (x86)\Common Files\Adobe\Updater\AdobeUpdater.exe
uRun: [Akamai NetSession Interface] "C:\Users\Owner\AppData\Local\Akamai\netsession_win.exe"
uRun: [LlJwTeDMeFPCEj.exe] C:\ProgramData\LlJwTeDMeFPCEj.exe
mRun: [CLMLServer for HP TouchSmart] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
mRun: [DVDAgent] "C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"
mRun: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe
mRun: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE
mRun: [OsdMaestro] c:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe
mRun: [TSMAgent] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
mRun: [UpdateP2GoShortCut] "c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun: [UpdatePDIRShortCut] "c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
mRun: [UpdatePSTShortCut] "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
StartupFolder: C:\Users\Owner\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
StartupFolder: C:\Users\Owner\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ROLLER~1.LNK - C:\Users\Owner\AppData\Local\Temp\{54B9763F-B6DD-48EC-9D4E-BB9E82AAF9FE}\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\ATR1.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: Save video on Savevid.com - C:\Program Files (x86)\Savevid\redirect.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~3\OFFICE11\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{0DE46F63-55F3-4A2F-8058-2203380698B0} : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{0DE46F63-55F3-4A2F-8058-2203380698B0}\544696D61687021405 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{0DE46F63-55F3-4A2F-8058-2203380698B0}\E4544574541425 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{EEE6300E-B981-4EA2-8323-9AA672FE96C5} : DhcpNameServer = 192.168.2.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files (x86)\Norton 360\Engine\3.8.3.6\CoIEPlg.dll
BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO-X64: HP Print Enhancer - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\3.8.3.6\coIEPlg.dll
BHO-X64: Symantec NCO BHO - No File
BHO-X64: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\3.8.3.6\IPSBHO.DLL
BHO-X64: Symantec Intrusion Prevention - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
BHO-X64: HP Smart BHO Class - No File
TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\3.8.3.6\coIEPlg.dll
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
mRun-x64: [CLMLServer for HP TouchSmart] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
mRun-x64: [DVDAgent] "C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"
mRun-x64: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
mRun-x64: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun-x64: [hpsysdrv] c:\hp\support\hpsysdrv.exe
mRun-x64: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE
mRun-x64: [OsdMaestro] c:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe
mRun-x64: [TSMAgent] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
mRun-x64: [UpdateP2GoShortCut] "c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun-x64: [UpdatePDIRShortCut] "c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
mRun-x64: [UpdatePSTShortCut] "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
mRun-x64: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
mRun-x64: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\qo7mnct8.default\
FF - prefs.js: browser.search.defaulturl - hxxp://aim.search.aol.com/search/search?query={searchTerms}&invocationType=tb50-ff-aim-chromesbox-en-us
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage -
FF - prefs.js: keyword.URL - hxxp://search.hotspotshield.com/g/results.php?c=s&q=
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBook.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBookDB.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpNeoLogger.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSaturn.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSeymour.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartSelect.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartWebPrinting.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSWPOperation.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPLogging.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTC.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTL.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXREStub.dll
FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\components\coFFPlgn.dll
FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\IPSFFPlgn\components\IPSFFPl.dll
FF - plugin: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
FF - plugin: C:\Windows\system32\TVUAx\npTVUAx.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false
============= SERVICES / DRIVERS ===============
.
R0 Lbd;Lbd;C:\Windows\system32\DRIVERS\Lbd.sys --> C:\Windows\system32\DRIVERS\Lbd.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\N360x64\0308030.006\SYMEFA64.SYS --> C:\Windows\system32\drivers\N360x64\0308030.006\SYMEFA64.SYS [?]
R1 BHDrvx64;Symantec Heuristics Driver;C:\Windows\system32\Drivers\N360x64\0308030.006\BHDrvx64.sys --> C:\Windows\system32\Drivers\N360x64\0308030.006\BHDrvx64.sys [?]
R1 ccHP;Symantec Hash Provider;C:\Windows\system32\Drivers\N360x64\0308030.006\ccHPx64.sys --> C:\Windows\system32\Drivers\N360x64\0308030.006\ccHPx64.sys [?]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20120113.002\IDSviA64.sys [2012-1-14 488568]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2009/10/17 19:43:53];C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [2008-10-21 146928]
R2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe -k Akamai [2009-7-13 20992]
R2 HPBtnSrv;HP Easy Backup Button Service;C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe [2009-1-6 192512]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2010-12-3 2152152]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-1-16 652872]
R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\3.8.3.6\ccSvcHst.exe [2011-10-11 117648]
R2 TabletServiceWacom;TabletServiceWacom;C:\Windows\system32\Wacom_Tablet.exe --> C:\Windows\system32\Wacom_Tablet.exe [?]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-11-16 138360]
R3 HCW85BDA;Hauppauge WinTV 885 Video Capture;C:\Windows\system32\drivers\HCW85BDA.sys --> C:\Windows\system32\drivers\HCW85BDA.sys [?]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys [2010-12-3 17152]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista;C:\Windows\system32\DRIVERS\netr28x.sys --> C:\Windows\system32\DRIVERS\netr28x.sys [?]
R3 SYMNDISV;Symantec Network Filter Driver;C:\Windows\system32\Drivers\N360x64\0308030.006\SYMNDISV.SYS --> C:\Windows\system32\Drivers\N360x64\0308030.006\SYMNDISV.SYS [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 PCD5SRVC{8AAF211B-043E02A9-05040000};PCD5SRVC{8AAF211B-043E02A9-05040000} - PCDR Kernel Mode Service Helper Driver;C:\Program Files\PC-Doctor for Windows\pcd5srvc_x64.pkms [2008-9-10 25888]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2012-01-16 03:29:52 -------- d-----w- C:\Users\Owner\AppData\Roaming\Malwarebytes
2012-01-16 03:29:46 -------- d-----w- C:\ProgramData\Malwarebytes
2012-01-16 03:29:44 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-01-16 03:29:44 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-01-16 03:15:49 -------- d-----w- C:\Program Files (x86)\AVG
2012-01-16 03:08:22 -------- d--h--w- C:\ProgramData\Common Files
2012-01-16 03:08:03 -------- d-----w- C:\ProgramData\MFAData
2012-01-16 02:24:51 362278 ---ha-w- C:\ProgramData\LXpoCQenoqUKAH.exe
2012-01-15 19:45:10 -------- d--h--w- C:\Users\Owner\AppData\Local\{C877BB57-A7CF-43F6-9063-402FC4B8F6EF}
2012-01-15 19:44:24 -------- d--h--w- C:\Users\Owner\AppData\Local\{59028BF3-1B46-4482-B18D-B8C32A83C471}
2012-01-14 18:01:10 -------- d--h--w- C:\Users\Owner\AppData\Local\{8BBEA154-1763-4B78-B17F-AE292EEA9CC0}
2012-01-14 18:00:18 -------- d--h--w- C:\Users\Owner\AppData\Local\{C339147B-0121-423A-9A02-6CC815C9A940}
2012-01-13 14:08:41 -------- d--h--w- C:\Users\Owner\AppData\Local\{FA16B971-8B32-48C3-A965-3E038DCFCFEE}
2012-01-13 14:07:59 -------- d--h--w- C:\Users\Owner\AppData\Local\{0B958B19-D545-4132-9212-E7E1C3A9BCE9}
2012-01-12 17:35:30 -------- d--h--w- C:\Users\Owner\AppData\Local\{F847349B-9F0B-4C9C-AC61-F7F6E81BC91D}
2012-01-12 17:34:27 -------- d--h--w- C:\Users\Owner\AppData\Local\{A62B28B6-DF65-45DE-B063-D559DE64FA84}
2012-01-11 17:30:06 1572864 ----a-w- C:\Windows\System32\quartz.dll
2012-01-11 17:30:06 1328128 ----a-w- C:\Windows\SysWow64\quartz.dll
2012-01-11 17:30:05 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2012-01-11 17:30:05 366592 ----a-w- C:\Windows\System32\qdvd.dll
2012-01-11 17:29:57 1731920 ----a-w- C:\Windows\System32\ntdll.dll
2012-01-11 17:29:57 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll
2012-01-11 17:29:54 77312 ----a-w- C:\Windows\System32\packager.dll
2012-01-11 17:29:54 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2012-01-11 17:28:48 626688 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcr80.dll
2012-01-11 17:28:48 548864 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcp80.dll
2012-01-11 17:28:48 479232 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcm80.dll
2012-01-11 17:28:48 43992 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozutils.dll
2012-01-11 17:15:47 -------- d--h--w- C:\Users\Owner\AppData\Local\{248E8FD0-AC0C-4607-A51E-CA710B813A4E}
2012-01-11 17:15:08 -------- d--h--w- C:\Users\Owner\AppData\Local\{702A9064-713A-4DF9-B4C5-3ED31133AC69}
2012-01-10 17:08:48 -------- d--h--w- C:\Users\Owner\AppData\Local\{6477D7B5-307C-4DF8-B52B-C0F423F6D3E2}
2012-01-10 17:08:11 -------- d--h--w- C:\Users\Owner\AppData\Local\{A54DAABF-3379-40F5-8D9A-8DD96AA1AEC7}
2012-01-09 12:55:22 -------- d--h--w- C:\Users\Owner\AppData\Local\{75195F63-BAAE-4BFF-AC07-8BA34821B483}
2012-01-09 12:54:26 -------- d--h--w- C:\Users\Owner\AppData\Local\{F40D63C8-15C1-4CF8-A654-E709D043F3B4}
2012-01-08 20:44:48 -------- d--h--w- C:\Users\Owner\AppData\Local\{7A85B784-3223-4A4E-BD76-2D5CC095F0DD}
2012-01-08 20:44:07 -------- d--h--w- C:\Users\Owner\AppData\Local\{A4D9A4CF-006F-4115-B871-4546237983D7}
2012-01-07 15:37:44 -------- d--h--w- C:\Users\Owner\AppData\Local\{C1684389-CF30-4BF1-A8C2-8909BF00E62C}
2012-01-07 15:36:43 -------- d--h--w- C:\Users\Owner\AppData\Local\{B198A1C2-0F9D-4893-8720-0D740ECB1A95}
2012-01-06 14:46:18 -------- d--h--w- C:\Users\Owner\AppData\Local\{A8FA5841-0914-444E-93A2-ED291D1B7F57}
2012-01-06 14:45:44 -------- d--h--w- C:\Users\Owner\AppData\Local\{F7FA549B-02B6-484C-9A19-B4B294383645}
2012-01-05 23:39:54 -------- d--h--w- C:\Users\Owner\AppData\Local\{F27D3AB2-F1D8-4676-BF06-DF0F669D2EAC}
2012-01-05 23:39:04 -------- d--h--w- C:\Users\Owner\AppData\Local\{6CB981A5-C3D7-47F5-B662-5C782563A231}
2012-01-04 14:39:03 -------- d--h--w- C:\Users\Owner\AppData\Local\{BB033EA6-CBA1-40C3-B0FD-1255111884E6}
2012-01-04 14:38:27 -------- d--h--w- C:\Users\Owner\AppData\Local\{ECED6DF1-D325-4192-849B-D00CEEFB3974}
2012-01-03 16:10:06 -------- d--h--w- C:\Users\Owner\AppData\Local\{A707EB74-55E5-4CB2-9B3C-568E7712FC97}
2012-01-03 16:09:28 -------- d--h--w- C:\Users\Owner\AppData\Local\{2CF6CA3E-01A0-4226-8828-0D0E47A3FE7B}
2012-01-02 15:44:18 -------- d--h--w- C:\Users\Owner\AppData\Local\{E80FC64E-43C5-490B-96CF-495B59B06598}
2012-01-02 15:43:42 -------- d--h--w- C:\Users\Owner\AppData\Local\{8D5CE014-751C-4044-8F07-109722CE51D4}
2012-01-01 15:19:49 -------- d--h--w- C:\Users\Owner\AppData\Local\{D8A97F8A-9745-4FB4-A4C9-8A1616C23447}
2012-01-01 15:19:12 -------- d--h--w- C:\Users\Owner\AppData\Local\{415428DF-2BE3-450F-AFEA-16DDC8872F70}
2011-12-30 19:22:20 -------- d--h--w- C:\Users\Owner\AppData\Local\{89530221-8525-4A39-8438-E3CF7790F04F}
2011-12-30 19:21:34 -------- d--h--w- C:\Users\Owner\AppData\Local\{C4899700-2030-44BE-BF3F-4489433AF50B}
2011-12-29 23:05:52 -------- d--h--w- C:\Users\Owner\AppData\Local\{1265F0F7-E901-4CAA-817F-B72998243205}
2011-12-29 23:05:06 -------- d--h--w- C:\Users\Owner\AppData\Local\{BAD0EA34-41BD-4D64-9991-E9C738C298E0}
2011-12-26 21:21:48 -------- d--h--w- C:\Users\Owner\AppData\Local\{D2320C6F-2886-4BEA-8A64-4A5B253B9FD8}
2011-12-26 21:20:58 -------- d--h--w- C:\Users\Owner\AppData\Local\{1B3725C8-5072-4F1E-9AC6-0DB57605C542}
2011-12-22 15:31:34 -------- d--h--w- C:\Users\Owner\AppData\Local\{FED802F8-0BAC-420F-92F7-D29280E8390D}
2011-12-22 15:30:42 -------- d--h--w- C:\Users\Owner\AppData\Local\{092B0B34-DCA6-476C-AA6F-47267C433E71}
2011-12-21 15:35:50 -------- d--h--w- C:\Users\Owner\AppData\Local\{22B39944-4387-4CAD-BF72-E922B7DA32E2}
2011-12-21 15:32:14 -------- d--h--w- C:\Users\Owner\AppData\Local\{42FFBEFE-9FE6-4D11-B66A-744921CC0940}
2011-12-20 21:52:33 -------- d--h--w- C:\Users\Owner\AppData\Local\{264DE690-90D5-4605-AB37-8A696525D8B6}
2011-12-20 21:51:55 -------- d--h--w- C:\Users\Owner\AppData\Local\{C32884B8-EA0D-4D60-8145-E2B6F6A8872F}
2011-12-19 11:32:09 11137024 ----a-w- C:\Windows\SysWow64\libmfxsw32.dll
2011-12-19 10:47:19 -------- d--h--w- C:\Users\Owner\AppData\Local\{4E451737-4844-441A-B5D9-69AA82BED388}
2011-12-19 10:46:45 -------- d--h--w- C:\Users\Owner\AppData\Local\{3FA79DCE-0D85-4FB1-9746-B6472931D88D}
2011-12-18 22:44:22 -------- d--h--w- C:\Users\Owner\AppData\Local\{56EA666F-6694-4716-8D63-D9690413BF36}
2011-12-18 22:43:31 -------- d--h--w- C:\Users\Owner\AppData\Local\{D5630772-C2A5-4AB7-A0CF-A6141DE5322B}
.
==================== Find3M ====================
.
2011-11-24 04:52:09 3145216 ----a-w- C:\Windows\System32\win32k.sys
2011-11-05 05:41:43 1188864 ----a-w- C:\Windows\System32\wininet.dll
2011-11-05 05:32:50 2048 ----a-w- C:\Windows\System32\tzres.dll
2011-11-05 04:35:00 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-11-05 04:26:03 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2011-11-05 03:32:47 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2011-11-05 02:48:51 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-10-26 05:21:20 43520 ----a-w- C:\Windows\System32\csrsrv.dll
.
============= FINISH: 4:25:55.37 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 16/01/2010 20:41:44
System Uptime: 16/01/2012 03:43:25 (1 hours ago)
.
Motherboard: PEGATRON CORPORATION | | Benicia
Processor: Intel(R) Core(TM)2 Quad CPU Q9300 @ 2.50GHz | CPU 1 | 2500/1333mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 917 GiB total, 495.319 GiB free.
D: is FIXED (NTFS) - 14 GiB total, 1.978 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Photosmart C6100 series
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer: HP
Name: Photosmart C6100 series
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service:
.
Class GUID:
Description: Photosmart C6100 series
Device ID: ROOT\MULTIFUNCTION\0002
Manufacturer:
Name: Photosmart C6100 series
PNP Device ID: ROOT\MULTIFUNCTION\0002
Service:
.
==== System Restore Points ===================
.
RP132: 13/10/2011 03:00:52 - Windows Update
RP133: 20/10/2011 19:09:48 - Scheduled Checkpoint
RP134: 27/10/2011 03:00:48 - Windows Update
RP135: 03/11/2011 19:22:05 - Scheduled Checkpoint
RP136: 10/11/2011 01:35:15 - Windows Update
RP137: 11/11/2011 02:39:56 - Windows Update
RP138: 17/11/2011 00:12:06 - Installed Life Quest
RP139: 17/11/2011 02:43:44 - Removed Life Quest
RP140: 07/12/2011 17:15:25 - Scheduled Checkpoint
RP141: 13/12/2011 03:14:15 - Removed TweetDeck
RP142: 13/12/2011 03:15:25 - Removed twhirl
RP143: 15/12/2011 19:35:30 - Windows Update
RP144: 01/01/2012 18:25:23 - Scheduled Checkpoint
RP145: 09/01/2012 20:19:58 - Scheduled Checkpoint
RP146: 12/01/2012 02:45:21 - Windows Update
RP147: 16/01/2012 03:13:54 - Installed AVG 2012
.
==== Installed Programs ======================
.
AAC Decoder
ActiveCheck component for HP Active Support Library
Ad-Aware
Adobe AIR
Adobe Bridge 1.0
Adobe Common File Installer
Adobe Community Help
Adobe Download Assistant
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Help Center 1.0
Adobe Illustrator CS5.1
Adobe Photoshop CS2
Adobe Premiere Elements 8.0
Adobe Reader 9.4.3
Adobe Shockwave Player 11.5
Adobe Stock Photos 1.0
AIM 7
AIO_CDA_ProductContext
AIO_CDA_Software
AIO_Scan
Akamai NetSession Interface
Akamai NetSession Interface Service
Apple Application Support
Apple Software Update
Around the World in Eighty Days: The Challenge
µTorrent
AutoUpdate
AVS Update Manager 1.0
AVS Video Converter 8
AVS4YOU Software Navigator 1.4
Big Fish Games: Game Manager
BlackBerry Desktop Software 6.1
BlackBerry Device Software Updater
BufferChm
C6100
calibre
Compatibility Pack for the 2007 Office system
Copy
Corel DESIGNER Technical Suite X5
Corel DESIGNER Technical Suite X5 - EN
Corel DESIGNER Technical Suite X5 - IPM
Corel DESIGNER Technical Suite X5 - Setup Files
Corel DESIGNER Technical Suite X5 - WT
Corel Graphics - Windows Shell Extension
Corel Painter Essentials 3
CorelDRAW Graphics Suite X5 - Capture
CorelDRAW Graphics Suite X5 - Common
CorelDRAW Graphics Suite X5 - Connect
CorelDRAW Graphics Suite X5 - Custom Data
CorelDRAW Graphics Suite X5 - Designer
CorelDRAW Graphics Suite X5 - Draw
CorelDRAW Graphics Suite X5 - EN
CorelDRAW Graphics Suite X5 - Filters
CorelDRAW Graphics Suite X5 - FontNav
CorelDRAW Graphics Suite X5 - PHOTO-PAINT
CorelDRAW Graphics Suite X5 - Photozoom Plugin
CorelDRAW Graphics Suite X5 - Redist
CorelDRAW Graphics Suite X5 - VBA
CorelDRAW Graphics Suite X5 - VideoBrowser
CorelDRAW Graphics Suite X5 - VSTA
CustomerResearchQFolder
CyberLink DVD Suite Deluxe
D-Link Powerline AV Utility
D3DX10
Deep Exploration 6 CE
Destinations
DeviceDiscovery
DeviceManagementQFolder
Diaper Dash
DivX Codec
DivX Converter
DivX Player
DivX Plus DirectShow Filters
DivX Plus Web Player
DivX Version Checker
DocProc
DocProcQFolder
Download Updater (AOL LLC)
EA Download Manager
EA Download Manager UI
Enhanced Multimedia Keyboard Solution
eSupportQFolder
Express Burn
Express Rip
Fax
Free Mp3 Wma Converter V 1.81
Free Video Flip and Rotate version 1.8
GEAR driver installer for x86 and x64
GPBaseService2
H.264 Decoder
Hauppauge MCE XP/Vista Software Encoder (2.0.26268)
Hidden Object Movie Studios: I'll Believe You
Hotel Dash 2: Lost Luxuries
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)
HP Active Support Library
HP Advisor
HP Customer Experience Enhancements
HP Demo
HP Easy Backup
HP MediaSmart DVD
HP MediaSmart Music/Photo/Video
HP Photosmart Essential
HP Picasso Media Center Add-In
HP Recovery Manager RSS
HP Total Care Setup
HP Update
HP_Network_UserGuide
HPAsset component for HP Active Support Library
HPPhotoGadget
HPPhotoSmartDiscLabelContent1
HPPhotosmartEssential
HPProductAssistant
HPSSupply
Java Auto Updater
Java(TM) 6 Update 24
Java(TM) 6 Update 7
Jessica Secret of the Caribbean
LabelPrint
LightScribe System Software
Macabre Mysteries: Curse of the Nightingale
Malwarebytes Anti-Malware version 1.60.0.1800
MarketResearch
MediaCoder 2011
Microsoft Office File Validation Add-In
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Professional Edition 2003
Microsoft Silverlight
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual Studio Tools for Applications 2.0 - ENU
Microsoft Visual Studio Tools for Applications 2.0 Runtime
Microsoft Works
Microsoft WSE 3.0 Runtime
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFCLOC_x86
MixPad Audio Mixer
MKV Splitter
Mozilla Firefox 9.0.1 (x86 en-US)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
muvee Reveal
Nanny Mania 2 - Goes to HOLLYWOOD
Norton 360
Norton Security Scan
Paint Shop Pro 7 Anniversary Edition
PDF Settings CS5
Power2Go
PowerDirector
Python 2.5.2
QuickTime
Realtek High Definition Audio Driver
Sally's Studio Collector's Edition 1.00
SaveVid Plug-in
Scan
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Skype Toolbars
Skype™ 4.2
SmartSound Quicktracks for Premiere Elements 8.0
SmartWebPrinting
SoftMCE Encoder
SolutionCenter
Status
Switch Sound File Converter
The Sims™ 3
Toolbox
TrayApp
Uninstall 1.0.0.1
UnloadSupport
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
VC80CRTRedist - 8.0.50727.4053
VDownloader 1.12
Visual Basic for Applications (R) Core
Visual Basic for Applications (R) Core - English
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
Visual Studio 2008 x64 Redistributables
VLC media player 1.0.2
Wacom Tablet
WavePad Sound Editor
WebReg
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Messenger
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Player Firefox Plugin
WinPcap 4.1.1
.
==== Event Viewer Messages From Past Week ========
.
16/01/2012 03:48:15, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
16/01/2012 03:47:45, Error: Service Control Manager [7024] - The HomeGroup Listener service terminated with service-specific error %%-2147023143.
16/01/2012 03:44:42, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.
16/01/2012 03:44:40, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.
16/01/2012 03:44:40, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.
16/01/2012 03:42:39, Error: Service Control Manager [7016] - The NVIDIA Display Driver Service service has reported an invalid current state 32.
09/01/2012 12:55:48, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HomeGroupProvider service.
09/01/2012 12:55:48, Error: Service Control Manager [7000] - The HomeGroup Provider service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
09/01/2012 12:55:18, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.
.
==== End Of File ===========================