Inactive [A] Please help me remove a crypt.AQWL infection

[Jessica]

Hello,

I have a trojan horse on my computer (crypt.AQWL). I have tried to follow the 5-step plan to obtain the logs but my computer won't download anymore in firefox. I have tried it in explorer but then I get a pop-up from my anti-virus (AVG) that it detected a virus in the malwarebytes anti-malware and it's impossible to run it.
Should I turn of my anti-virus and try to download the anti-malware again in explorer?

Can somebody please help me? Thanks

 

[Jessica]

I have just tried to access windows firewall but I can't get in. The system can not makes changes and gives an error code. The same with AVG, I can't run any scan anymore and it says my computer is no longer protected. I'm starting to get worried now..

 

[Jessica]

I have run the scans. It was possible to download the programs in safe mode.

The first one from malware is in Dutch. I hope that's not a problem..

Malwarebytes Anti-Malware (-evaluatieversie-) 1.61.0.1400
www.malwarebytes.org

Databaseversie: v2012.04.16.01

Windows 7 x86 NTFS
Internet Explorer 9.0.8112.16421
Vaio :: VAIO-PC [administrator]

Realtime bescherming: Ingeschakeld

16/04/2012 13:23:03
mbam-log-2012-04-16 (13-23-03).txt

Scantype: Snelle scan
Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scanopties: P2P
Objecten gescand: 214470
Verstreken tijd: 13 minuut/minuten, 46 seconde(n)

Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 1
C:\Windows\System32\s217mdfl.dll (RootKit.0Access.H) -> Zal worden verwijderd tijdens het herstarten.

Registersleutels gedetecteerd: 62
HKCR\AppID\{0D82ACD6-A652-4496-A298-2BDE705F4227} (Adware.ClickPotato) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\AppID\{7025E484-D4B0-441a-9F0B-69063BD679CE} (Adware.ClickPotato) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\AppID\{8258B35C-05B8-4c0e-9525-9BCCC70F8F2D} (Adware.ClickPotato) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\AppID\{A89256AD-EC17-4a83-BEF5-4B8BC4F39306} (Adware.ClickPotato) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\CLSID\{396CFC12-932D-496b-A0A8-5D7201E105E1} (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\TypeLib\{573F4ABB-A1A2-44ED-9BA9-A8DAD40AAC46} (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\Interface\{71E02280-5212-45C3-B174-4D5A35DA254F} (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\ShopperReports.MozillaNvgtnTrpr.1 (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\ShopperReports.MozillaNvgtnTrpr (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\CLSID\{74C22317-5B90-471f-9AD2-FEC049870A16} (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\ShopperReports.Scopes.1 (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\ShopperReports.Scopes (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\Typelib\{ACC62306-9A63-4864-BD2F-C8825D2D7EA6} (Adware.ClickPotato) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\Interface\{21BA420E-161C-413A-B21E-4E42AE1F4226} (Adware.ClickPotato) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\Typelib\{CDCA70D8-C6A6-49EE-9BED-7429D6C477A2} (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\Interface\{8AD9AD05-36BE-4E40-BA62-5422EB0D02FB} (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\Typelib\{D136987F-E1C4-4CCC-A220-893DF03EC5DF} (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> Succesvol in quarantaine geplaatst en verwijderd.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{89F88394-3828-4d03-A0CF-8203604C3DA6} (Adware.Hotbar) -> Succesvol in quarantaine geplaatst en verwijderd.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4233F04-1789-483c-A137-731E8F113DD5} (Adware.Hotbar) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\HBLiteAx.Info (Adware.HotBar) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\HBLiteAx.Info.1 (Adware.HotBar) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\HBLiteAX.UserProfiles (Adware.HotBar) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\HBLiteAX.UserProfiles.1 (Adware.HotBar) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\ShopperReports.AsyncReporter (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\ShopperReports.AsyncReporter.1 (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\ShopperReports.Dwnldr (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\ShopperReports.Dwnldr.1 (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\ShopperReports.HbAx (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\ShopperReports.HbAx.1 (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\ShopperReports.HbGuru (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\ShopperReports.HbGuru.1 (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\ShopperReports.HbInfoBand (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\ShopperReports.HbInfoBand.1 (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\ShopperReports.IEButton (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\ShopperReports.IEButton.1 (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\ShopperReports.IEButtonA (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\ShopperReports.IEButtonA.1 (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\ShopperReports.MozillaPSExecuter (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\ShopperReports.MozillaPSExecuter.1 (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\ShopperReports.ReportData (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\ShopperReports.ReportData.1 (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\ShopperReports.Reporter (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\ShopperReports.Reporter.1 (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\ShopperReports.RprtCtrl (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\ShopperReports.RprtCtrl.1 (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\ShopperReports.Stock (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\ShopperReports.Stock.1 (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\ShopperReports.TriggerImmidiate (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\ShopperReports.TriggerImmidiate.1 (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\ShopperReports.TriggerImmidiateOrRandomTS (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\ShopperReports.TriggerImmidiateOrRandomTS.1 (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\ShopperReports.TriggerOnceInDay (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\ShopperReports.TriggerOnceInDay.1 (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\AppID\BRNstIE.DLL (Adware.ClickPotato) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\AppID\CmndFF.DLL (Adware.ClickPotato) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\AppID\mozillaps.dll (Adware.ClickPotato) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\AppID\Pltfrm.DLL (Adware.ClickPotato) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCU\SOFTWARE\ShopperReports3 (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCU\Software\hblitesa (Adware.HotBar) -> Succesvol in quarantaine geplaatst en verwijderd.
HKLM\SOFTWARE\HBLite (Adware.HotBar) -> Succesvol in quarantaine geplaatst en verwijderd.
HKLM\SOFTWARE\ShopperReports3 (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.

 

[Jessica]

Registerwaarden gedetecteerd: 4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform|ShopperReports 3.1.70.0 (Adware.HotBar) -> Data: -> Succesvol in quarantaine geplaatst en verwijderd.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform|SRS_IT_E8790675B47659503FA999 (Malware.Trace) -> Data: -> Succesvol in quarantaine geplaatst en verwijderd.
HKLM\SOFTWARE\Mozilla\Firefox\extensions|ShopperReports@ShopperReports.com (ShopperReports) -> Data: C:\Program Files\ShopperReports3\bin\3.1.70.0\firefox\firefoxtoolbar\extensions -> Succesvol in quarantaine geplaatst en verwijderd.
HKLM\SOFTWARE\Mozilla\Firefox\extensions|HBLite@HBLite.com (Adware.HotBar) -> Data: C:\Program Files\HBLite\bin\11.0.363.0\firefox\extensions -> Succesvol in quarantaine geplaatst en verwijderd.

Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 21
C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65 (Adware.Seekmo) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Vaio\AppData\Roaming\HBLite (Adware.Hotbar) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\ProgramData\HBLiteSA (Adware.Hotbar) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Vaio\AppData\Roaming\ShopperReports3 (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files\HBLite (Adware.Hotbar) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files\HBLite\bin (Adware.Hotbar) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files\HBLite\bin\11.0.363.0 (Adware.Hotbar) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files\HBLite\bin\11.0.363.0\firefox (Adware.Hotbar) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files\HBLite\bin\11.0.363.0\firefox\extensions (Adware.Hotbar) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files\HBLite\bin\11.0.363.0\firefox\extensions\plugins (Adware.Hotbar) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files\ShopperReports3 (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files\ShopperReports3\bin (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files\ShopperReports3\bin\3.1.70.0 (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files\ShopperReports3\bin\3.1.70.0\firefox (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files\ShopperReports3\bin\3.1.70.0\firefox\firefoxtoolbar (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files\ShopperReports3\bin\3.1.70.0\firefox\firefoxtoolbar\extensions (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files\ShopperReports3\bin\3.1.70.0\firefox\firefoxtoolbar\extensions\chrome (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files\ShopperReports3\bin\3.1.70.0\firefox\firefoxtoolbar\extensions\chrome\content (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files\ShopperReports3\bin\3.1.70.0\firefox\firefoxtoolbar\extensions\components (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotbar (Adware.Hotbar) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShopperReports (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.

Bestanden gedetecteerd: 48
C:\Windows\System32\s217mdfl.dll (RootKit.0Access.H) -> Zal worden verwijderd tijdens het herstarten.
C:\Windows\System32\CVPNDRVA.dll (RootKit.0Access.H) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Windows\System32\s716bus.dll (RootKit.0Access.H) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Windows\System32\osaio.dll (RootKit.0Access.H) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Windows\System32\flpydisk.dll (RootKit.0Access.H) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Windows\System32\lxce_device.dll (RootKit.0Access.H) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Windows\System32\bc_ip_f.dll (RootKit.0Access.H) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Windows\System32\ZTEusbmdm6k.dll (RootKit.0Access.H) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Windows\System32\websenseclientdeployservice.dll (RootKit.0Access.H) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Windows\System32\awecho.dll (RootKit.0Access.H) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Windows\System32\swenum.dll (RootKit.0Access.H) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Windows\System32\se44mdm.dll (RootKit.0Access.H) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Windows\System32\FreshIO.dll (RootKit.0Access.H) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Windows\System32\cdaudio.dll (RootKit.0Access.H) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Windows\System32\WcesComm.dll (RootKit.0Access.H) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Windows\System32\avfilter.dll (RootKit.0Access.H) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Windows\System32\lirsgt.dll (RootKit.0Access.H) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Windows\System32\nfmservice.dll (RootKit.0Access.H) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Windows\System32\pav_security.dll (RootKit.0Access.H) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Windows\System32\ser2pl.dll (RootKit.0Access.H) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Windows\System32\sharedaccess.dll (RootKit.0Access.H) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Windows\System32\YMIDUSB.dll (RootKit.0Access.H) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Windows\System32\w300mdfl.dll (RootKit.0Access.H) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Windows\System32\enecbpth.dll (RootKit.0Access.H) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Windows\System32\WinDriver6.dll (RootKit.0Access.H) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Windows\System32\cimnotify.dll (RootKit.0Access.H) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files\ShopperReports3\bin\3.1.70.0\CmndFF.dll (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Vaio\AppData\Local\Temp\nswC70B.tmp\uninstall.exe (Adware.QuestScan) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\ProgramData\HBLiteSA\HBLiteSA.dat (Adware.Hotbar) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\ProgramData\HBLiteSA\HBLiteSAAbout.mht (Adware.Hotbar) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\ProgramData\HBLiteSA\HBLiteSAau.dat (Adware.Hotbar) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\ProgramData\HBLiteSA\HBLiteSAEULA.mht (Adware.Hotbar) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\ProgramData\HBLiteSA\HBLiteSA_kyf.dat (Adware.Hotbar) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files\HBLite\bin\11.0.363.0\firefox\extensions\install.rdf (Adware.Hotbar) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files\HBLite\bin\11.0.363.0\firefox\extensions\plugins\npclntax_HBLiteSA.dll (Adware.Hotbar) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files\ShopperReports3\bin\3.1.70.0\link.ico (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files\ShopperReports3\bin\3.1.70.0\firefox\firefoxtoolbar\extensions\chrome.manifest (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files\ShopperReports3\bin\3.1.70.0\firefox\firefoxtoolbar\extensions\install.rdf (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files\ShopperReports3\bin\3.1.70.0\firefox\firefoxtoolbar\extensions\chrome\content\infopane.js (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files\ShopperReports3\bin\3.1.70.0\firefox\firefoxtoolbar\extensions\chrome\content\InfoPane.xul (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files\ShopperReports3\bin\3.1.70.0\firefox\firefoxtoolbar\extensions\components\BrowserExtensionFF.dll (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files\ShopperReports3\bin\3.1.70.0\firefox\firefoxtoolbar\extensions\components\BrowserExtensionFF.xpt (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotbar\About Hotbar.lnk (Adware.Hotbar) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotbar\Hotbar Customer Support Center.lnk (Adware.Hotbar) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotbar\Hotbar Uninstall Instructions.lnk (Adware.Hotbar) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShopperReports\About Us.lnk (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShopperReports\Customer Support.lnk (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShopperReports\ShopperReports Uninstall Instructions.lnk (Adware.ShopperReports) -> Succesvol in quarantaine geplaatst en verwijderd.

(einde)

 

[Jessica]

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2012-04-16 15:03:14
Windows 6.1.7600 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 FUJITSU_MHZ2400BT_G1 rev.0041000C
Running: uj5s2xg9.exe; Driver: C:\Users\Vaio\AppData\Local\Temp\kxldypog.sys


---- System - GMER 1.0.15 ----

Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0x90940D92]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software)

AttachedDevice \Driver\tdx \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\tdx \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

---- Services - GMER 1.0.15 ----

Service C:\Windows\system32\spool\prtprocs\svhost.exe (*** hidden *** ) [DISABLED] ComputerBrowser32 <-- ROOTKIT !!!

---- EOF - GMER 1.0.15 ----

 

[Jessica]

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_30
Run by Vaio at 15:07:00 on 2012-04-16
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.32.1033.18.3039.1880 [GMT 2:00]
.
AV: AVG Anti-Virus *Enabled/Updated* {0C939084-9E57-CBDB-EA61-0B0C7F62AF82}
SP: AVG Anti-Virus *Enabled/Updated* {B7F27160-B86D-C455-D0D1-307E04E5E53F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k Akamai
C:\Windows\system32\atieclxx.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\spool\prtprocs\svhost.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\Dwm.exe
C:\Program Files\HP\HP Photosmart Plus B210 series\bin\HPNetworkCommunicator.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Belgium Identity Card\beid35gui.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\Vaio\AppData\Local\Akamai\netsession_win.exe
C:\Users\Vaio\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT1750559
uSearch Bar = Preserve
uInternet Settings,ProxyOverride = *.local;127.0.0.1:9421;<local>
uURLSearchHooks: pdfforge Toolbar: {b922d405-6d13-4a2b-ae89-08a030da4402} - c:\program files\pdfforge toolbar\ie\5.4\pdfforgeToolbarIE.dll
mURLSearchHooks: BS Player Toolbar: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - c:\program files\bs_player\tbBS_P.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Windows Live Aanmelden - Help: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: pdfforge Toolbar: {b922d405-6d13-4a2b-ae89-08a030da4402} - c:\program files\pdfforge toolbar\ie\5.4\pdfforgeToolbarIE.dll
BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: BS Player Toolbar: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - c:\program files\bs_player\tbBS_P.dll
TB: BS Player Toolbar: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - c:\program files\bs_player\tbBS_P.dll
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: pdfforge Toolbar: {b922d405-6d13-4a2b-ae89-08a030da4402} - c:\program files\pdfforge toolbar\ie\5.4\pdfforgeToolbarIE.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe"
uRun: [Akamai NetSession Interface] "c:\users\vaio\appdata\local\akamai\netsession_win.exe"
uRun: [Spotify] "c:\users\vaio\appdata\roaming\spotify\Spotify.exe" /uri spotify:autostart
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [beid] "c:\program files\belgium identity card\beid35gui.exe" /startup
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe"
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [<NO NAME>]
mRun: [SearchSettings] "c:\program files\common files\spigot\search settings\SearchSettings.exe"
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
StartupFolder: c:\users\vaio\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {5067A26B-1337-4436-8AFE-EE169C2DA79F} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
LSP: mswsock.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
TCP: DhcpNameServer = 195.130.131.133 195.130.130.5
TCP: Interfaces\{29491F34-70FB-4A6B-9CAC-0F12D5A430A2} : DhcpNameServer = 195.130.131.133 195.130.130.5
TCP: Interfaces\{29491F34-70FB-4A6B-9CAC-0F12D5A430A2}\3756D696 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{29491F34-70FB-4A6B-9CAC-0F12D5A430A2}\4656661657C647 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{29491F34-70FB-4A6B-9CAC-0F12D5A430A2}\46C696E6B6 : DhcpNameServer = 192.168.0.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
.

 

[Jessica]

================= FIREFOX ===================
.
FF - ProfilePath - c:\users\vaio\appdata\roaming\mozilla\firefox\profiles\fcj7knfn.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT1750559&SearchSource=13
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=827316&p=
FF - component: c:\program files\common files\spigot\wtxpcom\components\WidgiToolbarFF.dll
FF - component: c:\programdata\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll
FF - component: c:\programdata\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordlegacyext.dll
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npclntax_HBLiteSA.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\users\vaio\appdata\roaming\facebook\npfbplugin_1_0_1.dll
FF - plugin: c:\users\vaio\appdata\roaming\facebook\npfbplugin_1_0_3.dll
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-4-16 612184]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-4-16 337880]
R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2009-7-14 20992]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-8-18 176128]
R2 Application Updater;Application Updater;c:\program files\application updater\ApplicationUpdater.exe [2012-4-12 784792]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-4-16 20696]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-4-16 57688]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-4-16 44768]
R2 ComputerBrowser32;ComputerBrowser32;c:\windows\system32\spool\prtprocs\svhost.exe --> c:\windows\system32\spool\prtprocs\svhost.exe [?]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-4-16 654408]
R2 vpnagent;Cisco AnyConnect VPN Agent;c:\program files\cisco\cisco anyconnect vpn client\vpnagent.exe [2009-12-18 497856]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-4-16 22344]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\netw5v32.sys [2009-6-10 4231168]
R3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2007-8-3 9344]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-14 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-14 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-14 661504]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-7-14 311296]
S2 DMUSBUSBDCam;Nvnforce;c:\windows\system32\svchost.exe -k netsvcs [2009-7-14 20992]
S2 gupdate;Google Updateservice (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-12-17 136176]
S2 mcproxy;XDva004;c:\windows\system32\svchost.exe -k netsvcs [2009-7-14 20992]
S2 pavagente;W700mdm;c:\windows\system32\svchost.exe -k netsvcs [2009-7-14 20992]
S2 ZDCNDIS5;Stirusb;c:\windows\system32\svchost.exe -k netsvcs [2009-7-14 20992]
S2 ZY202_XP;Netw4x32;c:\windows\system32\svchost.exe -k netsvcs [2009-7-14 20992]
S3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\drivers\a38usb.sys [2009-12-15 37632]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 gupdatem;Google Update-service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-12-17 136176]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-6-16 1343400]
.
=============== File Associations ===============
.
.txt=
.
=============== Created Last 30 ================
.
.
==================== Find3M ====================
.
2012-04-04 13:56:40 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-04-04 07:41:42 0 --sha-w- c:\windows\system32\dds_trash_log.cmd
2012-03-17 21:45:22 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-03-06 23:15:19 41184 ----a-w- c:\windows\avastSS.scr
2012-03-06 23:03:51 612184 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-03-06 23:02:14 44376 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-03-06 23:01:48 57688 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-03-02 18:30:09 801792 ----a-w- c:\windows\system32\FntCache.dll
2012-03-02 18:30:09 283648 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2012-03-02 18:30:09 1619456 ----a-w- c:\windows\system32\WMVDECOD.DLL
2012-03-02 18:30:09 135168 ----a-w- c:\windows\system32\XpsRasterService.dll
2012-03-02 18:30:08 728448 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2012-03-02 18:30:08 442880 ----a-w- c:\windows\system32\XpsPrint.dll
2012-03-02 18:30:08 3181568 ----a-w- c:\windows\system32\mf.dll
2012-03-02 18:30:08 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2012-03-02 18:30:08 196608 ----a-w- c:\windows\system32\mfreadwrite.dll
2012-03-02 18:30:08 1495040 ----a-w- c:\windows\system32\ExplorerFrame.dll
2012-03-02 18:30:08 107520 ----a-w- c:\windows\system32\cdd.dll
2012-03-01 05:53:27 19312 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-03-01 05:49:05 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-03-01 05:45:05 158720 ----a-w- c:\windows\system32\imagehlp.dll
2012-03-01 05:40:44 5120 ----a-w- c:\windows\system32\wmi.dll
2012-02-28 01:18:55 1799168 ----a-w- c:\windows\system32\jscript9.dll
2012-02-28 01:11:21 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2012-02-28 01:11:07 1127424 ----a-w- c:\windows\system32\wininet.dll
2012-02-28 01:03:16 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-02-15 05:44:57 826368 ----a-w- c:\windows\system32\rdpcore.dll
2012-02-15 04:22:43 177152 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-02-15 04:22:18 24064 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-02-10 05:41:38 1074176 ----a-w- c:\windows\system32\DWrite.dll
2012-02-10 05:41:20 218624 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-02-10 05:41:20 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2012-02-10 05:41:20 1170944 ----a-w- c:\windows\system32\d3d10warp.dll
2012-02-10 05:41:19 739840 ----a-w- c:\windows\system32\d2d1.dll
2012-02-07 09:02:40 1070352 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2012-02-03 04:01:58 2341376 ----a-w- c:\windows\system32\win32k.sys
2012-01-25 05:44:51 57856 ----a-w- c:\windows\system32\rdpwsx.dll
2012-01-25 05:44:50 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-01-25 05:40:26 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe
.
============= FINISH: 15:09:01,60 ===============

 

[Jessica]

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume2
Install Date: 26/09/2009 15:04:31
System Uptime: 16/04/2012 14:40:48 (1 hours ago)
.
Motherboard: Sony Corporation | | VAIO
Processor: Intel(R) Core(TM)2 Duo CPU P8600 @ 2.40GHz | N/A | 792/266mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 360 GiB total, 78,742 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows
Device ID: ROOT\NET\0000
Manufacturer: Cisco Systems
Name: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows
PNP Device ID: ROOT\NET\0000
Service: vpnva
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: 5689
Device ID: ROOT\LEGACY_5689\0000
Manufacturer:
Name: 5689
PNP Device ID: ROOT\LEGACY_5689\0000
Service: 5689
.
==== System Restore Points ===================
.
RP285: 8/03/2012 13:56:37 - Windows Update
RP286: 13/03/2012 20:26:49 - Windows Update
RP287: 14/03/2012 20:31:53 - Windows Update
RP288: 31/03/2012 23:00:12 - Scheduled Checkpoint
RP289: 11/04/2012 15:25:22 - Scheduled Checkpoint
RP290: 12/04/2012 22:18:21 - Windows Update
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
ACR38U PCSC Driver 1.1.6.1
Acrobat.com
Active@ ISO Burner
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 9.5.0 - Nederlands
Akamai NetSession Interface
Akamai NetSession Interface Service
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Ask Toolbar
Ask Toolbar Updater
µTorrent
avast! Free Antivirus
Belgium e-ID middleware 3.5.3 (build 6193)
biodiv 2010 nl Screen Saver
Bonjour
BS.Player FREE
BS_Player Toolbar
Cisco AnyConnect VPN Client
DivX Setup
Facebook Plug-In
Google Chrome
Google Update Helper
GTK+ Runtime 2.14.7 rev a (remove only)
HP Photosmart Plus B210 series Basic Device Software
HP Photosmart Plus B210 series Help
Intkey
iTunes
Java Auto Updater
Java(TM) 6 Update 30
Malwarebytes Anti-Malware versie 1.61.0.1400
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Mihov Image Resizer 1.2 (remove only)
Mozilla Firefox (3.5.8)
Mozilla Firefox 11.0 (x86 en-US)
MSVCRT
Nero 9.0.9.4 Lite
PDFCreator
pdfforge Toolbar v5.4
Pidgin
pidgin-otr 3.2.0-1
PyMOL (32 bit)
QuickTime
R for Windows 2.12.0
RapidShare Manager
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
RealUpgrade 1.1
Safari
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Skype web features
Skype™ 4.1
SoulSeek 157 NS 13e
SpeedyPC Pro
Spotify
The KMPlayer (remove only)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2598306) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VC80CRTRedist - 8.0.50727.4053
Windows Driver Package - ACS (ACSSCR) SmartCardReader (06/15/2009 1.1.6.1)
Windows Live - Hulpprogramma voor uploaden
Windows Live aanmeldhulp
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Messenger
WinRAR
.

 

[Jessica]

==== Event Viewer Messages From Past Week ========
.
16/04/2012 15:06:08, Error: Microsoft-Windows-DNS-Client [1012] - There was an error while attempting to read the local hosts file.
16/04/2012 14:43:06, Error: Service Control Manager [7024] - The HomeGroup Listener service terminated with service-specific error %%-2147023143.
16/04/2012 14:41:29, Error: Service Control Manager [7023] - The Usbser service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:29, Error: Service Control Manager [7023] - The Tossmbnt service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:29, Error: Service Control Manager [7023] - The StreamDispatcher service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:29, Error: Service Control Manager [7023] - The Stirusb service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:29, Error: Service Control Manager [7023] - The StickyMesger service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:29, Error: Service Control Manager [7023] - The Roxmediadb9 service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:29, Error: Service Control Manager [7023] - The Netw4x32 service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:29, Error: Service Control Manager [7023] - The Ini910u service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:29, Error: Service Control Manager [7023] - The Elockservice service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:29, Error: Service Control Manager [7023] - The CVPND service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:29, Error: Service Control Manager [7023] - The Atierecord service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:27, Error: Service Control Manager [7023] - The Ypcservice service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:27, Error: Service Control Manager [7023] - The Xmlprov service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:27, Error: Service Control Manager [7023] - The WNIPROT5 service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:27, Error: Service Control Manager [7023] - The W810mdfl service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:27, Error: Service Control Manager [7023] - The Uiusys service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:27, Error: Service Control Manager [7023] - The Trackcam4 service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:27, Error: Service Control Manager [7023] - The Sweepsrv.sys service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:27, Error: Service Control Manager [7023] - The Sprtsvc_ddoctorv2 service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:27, Error: Service Control Manager [7023] - The SI3112 service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:27, Error: Service Control Manager [7023] - The Sfilter service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:27, Error: Service Control Manager [7023] - The Se44unic service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:27, Error: Service Control Manager [7023] - The SE2Emdm service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:27, Error: Service Control Manager [7023] - The SE2Dmdm service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:27, Error: Service Control Manager [7023] - The SE2Cmdm service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:27, Error: Service Control Manager [7023] - The S7oppitx service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:27, Error: Service Control Manager [7023] - The Rxfilter service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:27, Error: Service Control Manager [7023] - The Psasrv service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:27, Error: Service Control Manager [7023] - The MSICPL service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:27, Error: Service Control Manager [7023] - The Mscsptisrv service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:27, Error: Service Control Manager [7023] - The Lpds service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:27, Error: Service Control Manager [7023] - The LMouFilt service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:27, Error: Service Control Manager [7023] - The Lmab_device service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:27, Error: Service Control Manager [7023] - The Ipsraidn service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:27, Error: Service Control Manager [7023] - The EntDrv51 service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:27, Error: Service Control Manager [7023] - The DLH5X service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:27, Error: Service Control Manager [7023] - The CiscoVpnInstallService service terminated with the following error: The specified module could not be found.

 

[Jessica]

16/04/2012 14:41:27, Error: Service Control Manager [7023] - The Cdrbsdrv service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:27, Error: Service Control Manager [7023] - The CdaC15BA service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:27, Error: Service Control Manager [7023] - The Btwaudio service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:26, Error: Service Control Manager [7023] - The Zpnodecollector service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:26, Error: Service Control Manager [7023] - The W550mdm service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:26, Error: Service Control Manager [7023] - The U81xmdfl service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:26, Error: Service Control Manager [7023] - The Twotrack service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:26, Error: Service Control Manager [7023] - The Sysaidagent service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:26, Error: Service Control Manager [7023] - The Susbser service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:26, Error: Service Control Manager [7023] - The SPLITCAM service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:26, Error: Service Control Manager [7023] - The Se2Bunic service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:26, Error: Service Control Manager [7023] - The Rksample service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:26, Error: Service Control Manager [7023] - The PEVSystemStart service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:26, Error: Service Control Manager [7023] - The Pdlndqll service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:26, Error: Service Control Manager [7023] - The Ntsecure service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:26, Error: Service Control Manager [7023] - The Nsysaudm service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:26, Error: Service Control Manager [7023] - The Mcmispupdmgr service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:26, Error: Service Control Manager [7023] - The Jtagserver service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:26, Error: Service Control Manager [7023] - The JL2005C service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:26, Error: Service Control Manager [7023] - The Ivscheduler service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:26, Error: Service Control Manager [7023] - The Igateway service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:26, Error: Service Control Manager [7023] - The IBM_LLC2 service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:26, Error: Service Control Manager [7023] - The Iaimtv0 service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:26, Error: Service Control Manager [7023] - The DVDRC service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:26, Error: Service Control Manager [7023] - The Cap7134 service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:26, Error: Service Control Manager [7023] - The CA561 service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:26, Error: Service Control Manager [7023] - The Avsvcmonitor service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:26, Error: Service Control Manager [7023] - The Asc3550 service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:26, Error: Service Control Manager [7023] - The Anydlc service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:26, Error: Service Control Manager [7023] - The {85ccb53b-23d8-4e73-b1b7-9ddb71827d9b} service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:26, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The ZY202_XP service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Z525mgmt service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The YahooAUService service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The XDva004 service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The XAudio service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The WSIMD service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Wmp54gv4svc service terminated with the following error: The specified module could not be found.

 

[Jessica]

16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Wlluc48b service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Windowblinds service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Wg5n service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The W700mdm service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The W2acehid service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Vncdrv service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The UxTuneUp service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Usbmate service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The U81xmdm service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The TVALG service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Tosrfbnp service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Tosporte service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Tfsndrct service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Superproserver service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The StMp3Rec service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The SQLAgent$MICROSOFTSMLBIZ service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Sprtsvc_dellsupportcenter service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Smtpd32 service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Slpsvdr service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Slave service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Sisidex service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The SiSGbeXP service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Si3114r5 service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Sgeclient service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Se58mdfl service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Se44obex service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The ScsiPort service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Scsiaccess service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Rp_fws service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Roxliveshare9 service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The RIOXDRV service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Pxfhserd service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Pdlndlpb service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Patrolagent service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Patrol_scheduler service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Padfsvr service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Nvnforce service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Nvata service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The NtMtlFax service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Nmraapache service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Ndasscsi service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The MREMP50a64 service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Moufiltr service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Mirrorv3 service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Mcafeeframework service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The M2500 service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Lpx service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Lckfldservice service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The KR10I service terminated with the following error: The specified module could not be found.

 

[Jessica]

16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Ipssvc service terminated with the following error: The specified module could not be found.16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Ihcservice service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Ibmpmdrv service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Ialm service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The HssDrv service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Hsfhwazl service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Hpgate service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The GBFSHook service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Fsdfwd service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Fetnd5bv service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The ESettingsService service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The DSXUSB service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Downloadmanagerlite service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The DMICall service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The DLARTL_M service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The DKbFltr service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Djsnetcn service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Clipsrv service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The BrPar service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Bridgemp service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The BoiHwsetup service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Bdrsdrv service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The BCMTPM service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Awhost32 service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Avipbb service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Ativraxx service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Areschatserver service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Apache service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Aolavupd service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The AmeLanPc service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Alertservice service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The AGV service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Aeclienthostservice service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Acprfmgrsvc service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The Acdpowerservice service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The A88xEnc service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7023] - The 61883 service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:25, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.
16/04/2012 14:41:24, Error: Service Control Manager [7023] - The VirtualCam service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:24, Error: Service Control Manager [7023] - The UBHelper service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:24, Error: Service Control Manager [7023] - The Tvicport service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:24, Error: Service Control Manager [7023] - The TryAndDecideService service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:24, Error: Service Control Manager [7023] - The Smrt service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:24, Error: Service Control Manager [7023] - The Pdlnacom service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:24, Error: Service Control Manager [7023] - The LRMINIPORT service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:24, Error: Service Control Manager [7023] - The HWSCtrl service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:24, Error: Service Control Manager [7023] - The Hmonitor service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:24, Error: Service Control Manager [7023] - The GT891x service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:24, Error: Service Control Manager [7023] - The Axsnmsvc service terminated with the following error: The specified module could not be found.

 

[Jessica]

16/04/2012 14:41:24, Error: Service Control Manager [7023] - The Aspnet_state service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:17, Error: Service Control Manager [7023] - The Websenseusagemonitor service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:17, Error: Service Control Manager [7023] - The Was service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:17, Error: Service Control Manager [7023] - The Udfreadr_xp service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:17, Error: Service Control Manager [7023] - The Tmtdi service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:17, Error: Service Control Manager [7023] - The Oracleorahomeagent service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:17, Error: Service Control Manager [7023] - The Nwlnkflt service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:17, Error: Service Control Manager [7023] - The Npkcrypt service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:17, Error: Service Control Manager [7023] - The Naimagent32 service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:17, Error: Service Control Manager [7023] - The Mclserviceatl service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:17, Error: Service Control Manager [7023] - The LMS service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:17, Error: Service Control Manager [7023] - The G400 service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:17, Error: Service Control Manager [7023] - The BUFADPT service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:17, Error: Service Control Manager [7023] - The Bthidenum service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:17, Error: Service Control Manager [7023] - The Btaudio service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:17, Error: Service Control Manager [7023] - The Anio service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:17, Error: Service Control Manager [7023] - The AEADIFilters service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:16, Error: Service Control Manager [7023] - The Wuolservice service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:16, Error: Service Control Manager [7023] - The Transactional service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:16, Error: Service Control Manager [7023] - The Pcx1unic service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:16, Error: Service Control Manager [7023] - The OdysseyIM3 service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:16, Error: Service Control Manager [7023] - The ELmon service terminated with the following error: The specified module could not be found.
16/04/2012 14:41:16, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.
16/04/2012 14:41:12, Error: Service Control Manager [7000] - The 5689 service failed to start due to the following error: The system cannot find the file specified.
16/04/2012 14:41:02, Error: atikmdag [52236] - CPLIB :: General - Invalid Parameter
16/04/2012 14:41:02, Error: atikmdag [43029] - Display is not active
16/04/2012 14:31:05, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
16/04/2012 14:29:22, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F}
16/04/2012 14:29:22, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
16/04/2012 14:28:33, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
16/04/2012 14:28:32, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
16/04/2012 14:28:32, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
16/04/2012 14:28:29, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
16/04/2012 14:28:22, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
16/04/2012 14:28:13, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache spldr Wanarpv6
16/04/2012 14:28:10, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
16/04/2012 14:14:41, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AvgLdx86 AvgMfx86 discache spldr Wanarpv6
16/04/2012 13:39:46, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AvgLdx86
16/04/2012 13:09:42, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service BITS with arguments "" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097}
.
==== End Of File =========

 

[Broni]

Welcome aboard

Please, observe following rules:

• Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
• If you're stuck, or you're not sure about certain step, always ask before doing anything else.
• Please refrain from running tools or applying updates other than those I suggest.
• Never run more than one scan at a time.
• Keep updating me regarding your computer behavior, good, or bad.
• The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
• If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
• I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

===========================================================================================

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

==========================================================================================

Download Bootkit Remover to your desktop.

• Unzip downloaded file to your Desktop.
• Double-click on boot_cleaner.exe to run the program (Vista/7 users,right click on boot_cleaner.exe and click Run As Administrator).
• It will show a Black screen with some data on it.
• Right click on the screen and click Select All.
• Press CTRL+C
• Open a Notepad and press CTRL+V
• Post the output back here.