Hello!
So I've tried my best to follow the 5 steps. My only issue was with the GMER run. It scanned for at least half an hour and then I got a pop up saying it hadn't detected any "system modification" and the log I saved was 0 bytes. If you would like me to, I can re-run the scan.
Here is my Malwarebytes log:
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org
Database version: 8030
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
10/27/2011 11:12:32 AM
mbam-log-2011-10-27 (11-12-32).txt
Scan type: Quick scan
Objects scanned: 216862
Time elapsed: 10 minute(s), 8 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 3
Registry Keys Infected: 1
Registry Values Infected: 3
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 10
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
c:\Users\ABC\AppData\Local\Adobe\adobeupdate\adobeupdt32.dll (Trojan.SHarpro) -> Delete on reboot.
c:\Users\ABC\AppData\Local\apple computer\appleupdate\appleupdt32.dll (Trojan.SHarpro) -> Delete on reboot.
c:\programdata\googletraybackup.dll (Trojan.SHarpro.PGen) -> Delete on reboot.
Registry Keys Infected:
HKEY_CLASSES_ROOT\.fsharproj (Trojan.BHO) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MainConcept Update (Trojan.SHarpro) -> Value: MainConcept Update -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Trolltech Update (Trojan.SHarpro) -> Value: Trolltech Update -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\GoogleTrayBackup (Trojan.SHarpro.PGen) -> Value: GoogleTrayBackup -> Delete on reboot.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
c:\Users\ABC\AppData\Local\Temp\thpm2633413151188715107.tmp (Exploit.Drop.3) -> Quarantined and deleted successfully.
c:\Users\ABC\AppData\Local\Temp\thpm3792846461391213763.tmp (Exploit.Drop.3) -> Quarantined and deleted successfully.
c:\Users\ABC\AppData\Local\Temp\thpm5926138642005400378.tmp (Exploit.Drop.3) -> Quarantined and deleted successfully.
c:\Users\ABC\AppData\Local\Temp\thpm5975660293103670068.tmp (Exploit.Drop.3) -> Quarantined and deleted successfully.
c:\Users\Butt\AppData\Local\Temp\thpm4413158692007424764.tmp (Exploit.Drop.3) -> Quarantined and deleted successfully.
c:\Users\ABC\local settings\application data\Adobe\adobeupdate\adobeupdt32.dll (Trojan.SHarpro) -> Quarantined and deleted successfully.
c:\Users\ABC\AppData\Local\Adobe\adobeupdate\adobeupdt32.dll (Trojan.SHarpro) -> Quarantined and deleted successfully.
c:\Users\ABC\local settings\application data\apple computer\appleupdate\appleupdt32.dll (Trojan.SHarpro) -> Quarantined and deleted successfully.
c:\Users\ABC\AppData\Local\apple computer\appleupdate\appleupdt32.dll (Trojan.SHarpro) -> Quarantined and deleted successfully.
c:\programdata\googletraybackup.dll (Trojan.SHarpro.PGen) -> Quarantined and deleted successfully.
GMER:
0 byte file
DDS.txt:
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7600.16385
Run by ABC at 12:14:22 on 2011-10-27
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.2812.1595 [GMT -4:00]
.
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe
C:\Program Files\LSI SoftModem\agr64svc.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\Program Files (x86)\Delicious Add-on for Internet Explorer\DeliciousManager.exe
C:\Windows\SysWow64\Macromed\Flash\FlashUtil10c.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe,
BHO: {01ca53af-50ee-4e51-a529-98273f104d9e} - C:\Users\ABC\AppData\Local\ServiceUser.dll
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: CDelHotkeys Object: {78875f5c-a685-4405-8dc5-d48dc65452b0} - C:\Program Files (x86)\Delicious Add-on for Internet Explorer\DeliciousExtension.dll
BHO: Diigo Toolbar Helper: {84053da7-03de-4fb6-80ae-202c04691d8a} - C:\Program Files (x86)\Diigo\DiigoToolbar.5.1.31.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Microsoft Live Search Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
TB: Delicious Toolbar: {61d1c847-df80-423a-8c6d-dc03b97e6ebe} - C:\Program Files (x86)\Delicious Add-on for Internet Explorer\DeliciousExtension.dll
TB: Diigo Toolbar: {09197ffb-c236-4153-b268-31051e4f3b6c} - C:\Program Files (x86)\Diigo\DiigoToolbar.5.1.31.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: Diigo Sidebar: {69523951-583f-418c-bde7-18efc9fd54b4} - C:\Program Files (x86)\Diigo\DiigoToolbar.5.1.31.dll
EB: Delicious Sidebar: {9d19c405-ba93-461b-871f-97992cc45972} - C:\Program Files (x86)\Delicious Add-on for Internet Explorer\DeliciousExtension.dll
uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
uRun: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [<NO NAME>]
mRun: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
StartupFolder: C:\Users\ABC\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\VIIKII~1.LNK - C:\Program Files (x86)\ViiKiiDesktopPlugin\ViiKiiDesktopPlugin.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MICROS~1.LNK - C:\Program Files (x86)\Microsoft Office\MSOFFICE2000\Office\OSA9.EXE
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
IE: {2C887991-08F0-11DC-A9B2-0012F0B227DD} - {B8D8B1D0-83AF-451B-8CD9-8F1BF4ED8FEA} - C:\Program Files (x86)\Delicious Add-on for Internet Explorer\DeliciousExtension.dll
IE: {2C887992-08F0-11DC-A9B2-0012F0B227DD} - {9D19C405-BA93-461b-871F-97992CC45972} - C:\Program Files (x86)\Delicious Add-on for Internet Explorer\DeliciousExtension.dll
IE: {2C887993-08F0-11DC-A9B2-0012F0B227DD} - {4D3D441F-9543-4941-B664-2EDCF9FC1B56} - C:\Program Files (x86)\Delicious Add-on for Internet Explorer\DeliciousExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
IE: {B952F2E0-5F9F-4898-89A8-4FB770625E09} - {84053DA7-03DE-4FB6-80AE-202C04691D8A} - C:\Program Files (x86)\Diigo\DiigoToolbar.5.1.31.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{1F2760FA-B0FA-4ECC-A12A-33767BB4B91B} : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{1F2760FA-B0FA-4ECC-A12A-33767BB4B91B}\16474777966696 : DhcpNameServer = 10.128.72.129 64.134.255.2 64.134.255.10
TCP: Interfaces\{1F2760FA-B0FA-4ECC-A12A-33767BB4B91B}\24C4555475942554C4543535 : DhcpNameServer = 10.254.0.50
TCP: Interfaces\{1F2760FA-B0FA-4ECC-A12A-33767BB4B91B}\2575A45584 : DhcpNameServer = 10.130.136.13
TCP: Interfaces\{1F2760FA-B0FA-4ECC-A12A-33767BB4B91B}\C696E6B6379737 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{FF81493C-3324-4975-A764-A34E1001F957} : DhcpNameServer = 40.7.1.100
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
C:\Users\ABC\AppData\Local\ServiceUser.dll
BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO-X64: HP Print Enhancer - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-X64: CDelHotkeys Object: {78875F5C-A685-4405-8DC5-D48DC65452B0} - C:\Program Files (x86)\Delicious Add-on for Internet Explorer\DeliciousExtension.dll
BHO-X64: Diigo Toolbar Helper: {84053DA7-03DE-4FB6-80AE-202C04691D8A} - C:\Program Files (x86)\Diigo\DiigoToolbar.5.1.31.dll
BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
BHO-X64: HP Smart BHO Class - No File
TB-X64: Microsoft Live Search Toolbar: {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
TB-X64: Delicious Toolbar: {61D1C847-DF80-423A-8C6D-DC03B97E6EBE} - C:\Program Files (x86)\Delicious Add-on for Internet Explorer\DeliciousExtension.dll
TB-X64: Diigo Toolbar: {09197FFB-C236-4153-B268-31051E4F3B6C} - C:\Program Files (x86)\Diigo\DiigoToolbar.5.1.31.dll
TB-X64: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
EB-X64: {69523951-583F-418C-BDE7-18EFC9FD54B4} - No File
EB-X64: {9D19C405-BA93-461B-871F-97992CC45972} - No File
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
mRun-x64: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun-x64: [(Default)]
mRun-x64: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
.
============= SERVICES / DRIVERS ===============
.
R1 avkmgr;avkmgr;C:\Windows\system32\DRIVERS\avkmgr.sys --> C:\Windows\system32\DRIVERS\avkmgr.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [2010-4-16 89600]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2011-10-27 86224]
R2 AntiVirService;Avira Realtime Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2011-10-27 110032]
R2 avgntflt;avgntflt;C:\Windows\system32\DRIVERS\avgntflt.sys --> C:\Windows\system32\DRIVERS\avgntflt.sys [?]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-10-27 366152]
R3 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-10-30 228408]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
.
=============== Created Last 30 ================
.
2011-10-27 15:17:26 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0225444F-E522-4F64-A85E-019CC66CF3E8}\offreg.dll
2011-10-27 15:00:46 -------- d-----w- C:\Users\ABC\AppData\Roaming\Malwarebytes
2011-10-27 15:00:27 -------- d-----w- C:\ProgramData\Malwarebytes
2011-10-27 15:00:15 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-10-27 15:00:14 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-10-27 14:48:21 -------- d-----w- C:\Users\ABC\AppData\Roaming\Avira
2011-10-27 14:45:29 97312 ----a-w- C:\Windows\System32\drivers\avgntflt.sys
2011-10-27 14:45:29 27760 ----a-w- C:\Windows\System32\drivers\avkmgr.sys
2011-10-27 14:45:27 -------- d-----w- C:\ProgramData\Avira
2011-10-27 14:45:27 -------- d-----w- C:\Program Files (x86)\Avira
2011-10-27 02:17:31 83456 ----a-w- C:\Windows\SysWow64\srrstr.dll
2011-10-25 19:57:55 8570192 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0225444F-E522-4F64-A85E-019CC66CF3E8}\mpengine.dll
2011-10-13 16:03:13 3134976 ----a-w- C:\Windows\System32\win32k.sys
2011-10-13 16:03:01 860672 ----a-w- C:\Program Files (x86)\Internet Explorer\iedvtool.dll
2011-10-13 16:03:01 1197568 ----a-w- C:\Windows\System32\wininet.dll
2011-10-13 16:03:01 1013248 ----a-w- C:\Program Files\Internet Explorer\iedvtool.dll
2011-10-06 19:50:08 -------- d-----w- C:\Users\ABC\Recorder
2011-09-27 17:22:20 -------- d-----w- C:\Program Files (x86)\Diigo
.
==================== Find3M ====================
.
2011-10-01 03:21:20 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2011-10-01 02:59:14 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-08-27 05:40:28 861184 ----a-w- C:\Windows\System32\oleaut32.dll
2011-08-27 05:40:28 331776 ----a-w- C:\Windows\System32\oleacc.dll
2011-08-27 04:43:07 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2011-08-27 04:43:06 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll
2011-08-20 05:41:16 57856 ----a-w- C:\Windows\System32\licmgr10.dll
2011-08-20 04:38:10 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-08-20 04:35:20 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2011-08-20 04:20:23 482816 ----a-w- C:\Windows\System32\html.iec
2011-08-20 03:26:38 386048 ----a-w- C:\Windows\SysWow64\html.iec
2011-08-17 05:32:24 613888 ----a-w- C:\Windows\System32\psisdecd.dll
2011-08-17 05:27:46 75776 ----a-w- C:\Windows\System32\MSDvbNP.ax
2011-08-17 05:27:46 288256 ----a-w- C:\Windows\System32\MSNP.ax
2011-08-17 05:27:46 108032 ----a-w- C:\Windows\System32\psisrndr.ax
2011-08-17 05:27:46 104960 ----a-w- C:\Windows\System32\Mpeg2Data.ax
2011-08-17 04:26:02 465408 ----a-w- C:\Windows\SysWow64\psisdecd.dll
2011-08-17 04:22:23 75776 ----a-w- C:\Windows\SysWow64\psisrndr.ax
2011-08-17 04:22:23 72704 ----a-w- C:\Windows\SysWow64\Mpeg2Data.ax
2011-08-17 04:22:23 59904 ----a-w- C:\Windows\SysWow64\MSDvbNP.ax
2011-08-17 04:22:23 204288 ----a-w- C:\Windows\SysWow64\MSNP.ax
.
============= FINISH: 12:15:50.58 ===============
Attach.txt:
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 6/6/2010 2:30:42 PM
System Uptime: 10/27/2011 11:14:09 AM (1 hours ago)
.
Motherboard: Hewlett-Packard | | 363F
Processor: AMD Athlon(tm) II Dual-Core M320 | Socket S1G3 | 1491/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 218 GiB total, 35.287 GiB free.
D: is FIXED (NTFS) - 14 GiB total, 2.341 GiB free.
E: is FIXED (FAT32) - 0 GiB total, 0.09 GiB free.
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP140: 10/14/2011 8:17:09 PM - Windows Update
RP141: 10/18/2011 5:42:17 PM - Windows Update
RP142: 10/21/2011 1:30:16 PM - Windows Update
RP143: 10/22/2011 3:00:13 AM - Windows Update
RP144: 10/25/2011 3:56:41 PM - Windows Update
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
µTorrent
Acrobat.com
ActiveCheck component for HP Active Support Library
Adobe Digital Editions
Adobe Flash Player 10 ActiveX
Adobe Reader 9.1 MUI
Adobe Shockwave Player
AMD USB Filter Driver
Apple Application Support
Apple Software Update
Atheros Driver Installation Program
Avira Free Antivirus
AviSynth 2.5
calibre
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Compatibility Pack for the 2007 Office system
CyberLink DVD Suite
CyberLink MediaShow
CyberLink PowerDVD 8
Delicious Add-on for Internet Explorer
Diigo Toolbar for Internet Explorer
HandBrake 0.9.5
HP Advisor
HP Customer Experience Enhancements
HP Games
HP Quick Launch Buttons
HP Setup
HP Smart Web Printing
HP Support Assistant
HP Update
HP User Guides 0148
HP Wireless Assistant
HPAsset component for HP Active Support Library
IDT Audio
Java Auto Updater
Java(TM) 6 Update 22
Junk Mail filter update
K-Lite Codec Pack 6.4.0 (Standard)
LabelPrint
LightScribe System Software
Malwarebytes' Anti-Malware version 1.51.2.1300
Microsoft Choice Guard
Microsoft Live Search Toolbar
Microsoft Office 2000 Professional
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Works
Move Media Player
MSVCRT
muvee Reveal
Norton Online Backup
Power2Go
PowerDirector
Professor Fizzwizzle
QLBCASL
QuickTime
Real Alternative 2.0.2
Realtek 8136 8168 8169 Ethernet Driver
Realtek USB 2.0 Card Reader
Recovery Manager
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553074)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft Office Excel 2007 (KB2553073)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Slingbox - Watch Your TV Anywhere
SlingPlayer
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update Installer for WildTangent Games App
VLC media player 1.0.5
WildTangent Games App (HP Games)
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
.
==== Event Viewer Messages From Past Week ========
.
10/27/2011 8:00:42 AM, Error: Microsoft-Windows-WMPNSS-Service [14365] - Proximity detection failed due to unknown error '0x80004004'. The best proximity time detected was -1 milliseconds.
10/27/2011 12:14:09 PM, Error: NetBT [4321] - The name "ABC-PC :0" could not be registered on the interface with IP address 192.168.2.7. The computer with the IP address 192.168.2.6 did not allow the name to be claimed by this computer.
10/27/2011 12:13:37 PM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{1F2760FA-B0FA-4ECC-A12A-33767BB4B91B} because another computer on the network has the same name. The server could not start.
10/27/2011 12:13:37 PM, Error: NetBT [4321] - The name "ABC-PC :20" could not be registered on the interface with IP address 192.168.2.7. The computer with the IP address 192.168.2.6 did not allow the name to be claimed by this computer.
10/27/2011 12:13:36 PM, Error: Service Control Manager [7023] - The Peer Name Resolution Protocol service terminated with the following error: %%-2140993535
10/27/2011 12:13:36 PM, Error: Service Control Manager [7001] - The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: %%-2140993535
10/27/2011 12:13:36 PM, Error: Microsoft-Windows-PNRPSvc [102] - The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.
10/27/2011 11:14:22 AM, Error: atikmdag [52236] - CPLIB :: General - Invalid Parameter
10/27/2011 10:55:53 AM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
10/27/2011 10:41:55 AM, Error: ACPI [13] - : The embedded controller (EC) did not respond within the specified timeout period. This may indicate that there is an error in the EC hardware or firmware or that the BIOS is accessing the EC incorrectly. You should check with your computer manufacturer for an upgraded BIOS. In some situations, this error may cause the computer to function incorrectly.
10/26/2011 8:28:55 PM, Error: NetBT [4319] - A duplicate name has been detected on the TCP network. The IP address of the computer that sent the message is in the data. Use nbtstat -n in a command window to see which name is in the Conflict state.
10/26/2011 2:54:30 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {B77C4C36-0154-4C52-AB49-FAA03837E47F} and APPID {EA022610-0748-4C24-B229-6C507EBDFDBB} to the user ABC-PC\Family SID (S-1-5-21-622587576-257219784-654518826-1003) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
10/26/2011 2:49:44 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.
10/25/2011 9:34:22 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SRTSP
10/25/2011 9:34:01 PM, Error: SRTSP [5] -
10/22/2011 7:32:34 PM, Error: atikmdag [52250] - CPLIB :: OPM - Failed the HFS
10/21/2011 7:11:19 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the PNRPsvc service.
10/21/2011 7:11:19 PM, Error: Service Control Manager [7001] - The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion.
10/21/2011 7:11:19 PM, Error: Service Control Manager [7000] - The Peer Name Resolution Protocol service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
.
==== End Of File ===========================
Thank you so much. Please let me know if I did anything wrong.
Should I try checking to see if my google search has fixed or should I stay disconnected to the internet?
So I've tried my best to follow the 5 steps. My only issue was with the GMER run. It scanned for at least half an hour and then I got a pop up saying it hadn't detected any "system modification" and the log I saved was 0 bytes. If you would like me to, I can re-run the scan.
Here is my Malwarebytes log:
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org
Database version: 8030
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
10/27/2011 11:12:32 AM
mbam-log-2011-10-27 (11-12-32).txt
Scan type: Quick scan
Objects scanned: 216862
Time elapsed: 10 minute(s), 8 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 3
Registry Keys Infected: 1
Registry Values Infected: 3
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 10
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
c:\Users\ABC\AppData\Local\Adobe\adobeupdate\adobeupdt32.dll (Trojan.SHarpro) -> Delete on reboot.
c:\Users\ABC\AppData\Local\apple computer\appleupdate\appleupdt32.dll (Trojan.SHarpro) -> Delete on reboot.
c:\programdata\googletraybackup.dll (Trojan.SHarpro.PGen) -> Delete on reboot.
Registry Keys Infected:
HKEY_CLASSES_ROOT\.fsharproj (Trojan.BHO) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MainConcept Update (Trojan.SHarpro) -> Value: MainConcept Update -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Trolltech Update (Trojan.SHarpro) -> Value: Trolltech Update -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\GoogleTrayBackup (Trojan.SHarpro.PGen) -> Value: GoogleTrayBackup -> Delete on reboot.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
c:\Users\ABC\AppData\Local\Temp\thpm2633413151188715107.tmp (Exploit.Drop.3) -> Quarantined and deleted successfully.
c:\Users\ABC\AppData\Local\Temp\thpm3792846461391213763.tmp (Exploit.Drop.3) -> Quarantined and deleted successfully.
c:\Users\ABC\AppData\Local\Temp\thpm5926138642005400378.tmp (Exploit.Drop.3) -> Quarantined and deleted successfully.
c:\Users\ABC\AppData\Local\Temp\thpm5975660293103670068.tmp (Exploit.Drop.3) -> Quarantined and deleted successfully.
c:\Users\Butt\AppData\Local\Temp\thpm4413158692007424764.tmp (Exploit.Drop.3) -> Quarantined and deleted successfully.
c:\Users\ABC\local settings\application data\Adobe\adobeupdate\adobeupdt32.dll (Trojan.SHarpro) -> Quarantined and deleted successfully.
c:\Users\ABC\AppData\Local\Adobe\adobeupdate\adobeupdt32.dll (Trojan.SHarpro) -> Quarantined and deleted successfully.
c:\Users\ABC\local settings\application data\apple computer\appleupdate\appleupdt32.dll (Trojan.SHarpro) -> Quarantined and deleted successfully.
c:\Users\ABC\AppData\Local\apple computer\appleupdate\appleupdt32.dll (Trojan.SHarpro) -> Quarantined and deleted successfully.
c:\programdata\googletraybackup.dll (Trojan.SHarpro.PGen) -> Quarantined and deleted successfully.
GMER:
0 byte file
DDS.txt:
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7600.16385
Run by ABC at 12:14:22 on 2011-10-27
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.2812.1595 [GMT -4:00]
.
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe
C:\Program Files\LSI SoftModem\agr64svc.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\Program Files (x86)\Delicious Add-on for Internet Explorer\DeliciousManager.exe
C:\Windows\SysWow64\Macromed\Flash\FlashUtil10c.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe,
BHO: {01ca53af-50ee-4e51-a529-98273f104d9e} - C:\Users\ABC\AppData\Local\ServiceUser.dll
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: CDelHotkeys Object: {78875f5c-a685-4405-8dc5-d48dc65452b0} - C:\Program Files (x86)\Delicious Add-on for Internet Explorer\DeliciousExtension.dll
BHO: Diigo Toolbar Helper: {84053da7-03de-4fb6-80ae-202c04691d8a} - C:\Program Files (x86)\Diigo\DiigoToolbar.5.1.31.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Microsoft Live Search Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
TB: Delicious Toolbar: {61d1c847-df80-423a-8c6d-dc03b97e6ebe} - C:\Program Files (x86)\Delicious Add-on for Internet Explorer\DeliciousExtension.dll
TB: Diigo Toolbar: {09197ffb-c236-4153-b268-31051e4f3b6c} - C:\Program Files (x86)\Diigo\DiigoToolbar.5.1.31.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: Diigo Sidebar: {69523951-583f-418c-bde7-18efc9fd54b4} - C:\Program Files (x86)\Diigo\DiigoToolbar.5.1.31.dll
EB: Delicious Sidebar: {9d19c405-ba93-461b-871f-97992cc45972} - C:\Program Files (x86)\Delicious Add-on for Internet Explorer\DeliciousExtension.dll
uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
uRun: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [<NO NAME>]
mRun: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
StartupFolder: C:\Users\ABC\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\VIIKII~1.LNK - C:\Program Files (x86)\ViiKiiDesktopPlugin\ViiKiiDesktopPlugin.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MICROS~1.LNK - C:\Program Files (x86)\Microsoft Office\MSOFFICE2000\Office\OSA9.EXE
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
IE: {2C887991-08F0-11DC-A9B2-0012F0B227DD} - {B8D8B1D0-83AF-451B-8CD9-8F1BF4ED8FEA} - C:\Program Files (x86)\Delicious Add-on for Internet Explorer\DeliciousExtension.dll
IE: {2C887992-08F0-11DC-A9B2-0012F0B227DD} - {9D19C405-BA93-461b-871F-97992CC45972} - C:\Program Files (x86)\Delicious Add-on for Internet Explorer\DeliciousExtension.dll
IE: {2C887993-08F0-11DC-A9B2-0012F0B227DD} - {4D3D441F-9543-4941-B664-2EDCF9FC1B56} - C:\Program Files (x86)\Delicious Add-on for Internet Explorer\DeliciousExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
IE: {B952F2E0-5F9F-4898-89A8-4FB770625E09} - {84053DA7-03DE-4FB6-80AE-202C04691D8A} - C:\Program Files (x86)\Diigo\DiigoToolbar.5.1.31.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{1F2760FA-B0FA-4ECC-A12A-33767BB4B91B} : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{1F2760FA-B0FA-4ECC-A12A-33767BB4B91B}\16474777966696 : DhcpNameServer = 10.128.72.129 64.134.255.2 64.134.255.10
TCP: Interfaces\{1F2760FA-B0FA-4ECC-A12A-33767BB4B91B}\24C4555475942554C4543535 : DhcpNameServer = 10.254.0.50
TCP: Interfaces\{1F2760FA-B0FA-4ECC-A12A-33767BB4B91B}\2575A45584 : DhcpNameServer = 10.130.136.13
TCP: Interfaces\{1F2760FA-B0FA-4ECC-A12A-33767BB4B91B}\C696E6B6379737 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{FF81493C-3324-4975-A764-A34E1001F957} : DhcpNameServer = 40.7.1.100
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
C:\Users\ABC\AppData\Local\ServiceUser.dll
BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO-X64: HP Print Enhancer - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-X64: CDelHotkeys Object: {78875F5C-A685-4405-8DC5-D48DC65452B0} - C:\Program Files (x86)\Delicious Add-on for Internet Explorer\DeliciousExtension.dll
BHO-X64: Diigo Toolbar Helper: {84053DA7-03DE-4FB6-80AE-202C04691D8A} - C:\Program Files (x86)\Diigo\DiigoToolbar.5.1.31.dll
BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
BHO-X64: HP Smart BHO Class - No File
TB-X64: Microsoft Live Search Toolbar: {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
TB-X64: Delicious Toolbar: {61D1C847-DF80-423A-8C6D-DC03B97E6EBE} - C:\Program Files (x86)\Delicious Add-on for Internet Explorer\DeliciousExtension.dll
TB-X64: Diigo Toolbar: {09197FFB-C236-4153-B268-31051E4F3B6C} - C:\Program Files (x86)\Diigo\DiigoToolbar.5.1.31.dll
TB-X64: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
EB-X64: {69523951-583F-418C-BDE7-18EFC9FD54B4} - No File
EB-X64: {9D19C405-BA93-461B-871F-97992CC45972} - No File
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
mRun-x64: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun-x64: [(Default)]
mRun-x64: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
.
============= SERVICES / DRIVERS ===============
.
R1 avkmgr;avkmgr;C:\Windows\system32\DRIVERS\avkmgr.sys --> C:\Windows\system32\DRIVERS\avkmgr.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [2010-4-16 89600]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2011-10-27 86224]
R2 AntiVirService;Avira Realtime Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2011-10-27 110032]
R2 avgntflt;avgntflt;C:\Windows\system32\DRIVERS\avgntflt.sys --> C:\Windows\system32\DRIVERS\avgntflt.sys [?]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-10-27 366152]
R3 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-10-30 228408]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
.
=============== Created Last 30 ================
.
2011-10-27 15:17:26 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0225444F-E522-4F64-A85E-019CC66CF3E8}\offreg.dll
2011-10-27 15:00:46 -------- d-----w- C:\Users\ABC\AppData\Roaming\Malwarebytes
2011-10-27 15:00:27 -------- d-----w- C:\ProgramData\Malwarebytes
2011-10-27 15:00:15 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-10-27 15:00:14 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-10-27 14:48:21 -------- d-----w- C:\Users\ABC\AppData\Roaming\Avira
2011-10-27 14:45:29 97312 ----a-w- C:\Windows\System32\drivers\avgntflt.sys
2011-10-27 14:45:29 27760 ----a-w- C:\Windows\System32\drivers\avkmgr.sys
2011-10-27 14:45:27 -------- d-----w- C:\ProgramData\Avira
2011-10-27 14:45:27 -------- d-----w- C:\Program Files (x86)\Avira
2011-10-27 02:17:31 83456 ----a-w- C:\Windows\SysWow64\srrstr.dll
2011-10-25 19:57:55 8570192 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0225444F-E522-4F64-A85E-019CC66CF3E8}\mpengine.dll
2011-10-13 16:03:13 3134976 ----a-w- C:\Windows\System32\win32k.sys
2011-10-13 16:03:01 860672 ----a-w- C:\Program Files (x86)\Internet Explorer\iedvtool.dll
2011-10-13 16:03:01 1197568 ----a-w- C:\Windows\System32\wininet.dll
2011-10-13 16:03:01 1013248 ----a-w- C:\Program Files\Internet Explorer\iedvtool.dll
2011-10-06 19:50:08 -------- d-----w- C:\Users\ABC\Recorder
2011-09-27 17:22:20 -------- d-----w- C:\Program Files (x86)\Diigo
.
==================== Find3M ====================
.
2011-10-01 03:21:20 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2011-10-01 02:59:14 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-08-27 05:40:28 861184 ----a-w- C:\Windows\System32\oleaut32.dll
2011-08-27 05:40:28 331776 ----a-w- C:\Windows\System32\oleacc.dll
2011-08-27 04:43:07 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2011-08-27 04:43:06 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll
2011-08-20 05:41:16 57856 ----a-w- C:\Windows\System32\licmgr10.dll
2011-08-20 04:38:10 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-08-20 04:35:20 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2011-08-20 04:20:23 482816 ----a-w- C:\Windows\System32\html.iec
2011-08-20 03:26:38 386048 ----a-w- C:\Windows\SysWow64\html.iec
2011-08-17 05:32:24 613888 ----a-w- C:\Windows\System32\psisdecd.dll
2011-08-17 05:27:46 75776 ----a-w- C:\Windows\System32\MSDvbNP.ax
2011-08-17 05:27:46 288256 ----a-w- C:\Windows\System32\MSNP.ax
2011-08-17 05:27:46 108032 ----a-w- C:\Windows\System32\psisrndr.ax
2011-08-17 05:27:46 104960 ----a-w- C:\Windows\System32\Mpeg2Data.ax
2011-08-17 04:26:02 465408 ----a-w- C:\Windows\SysWow64\psisdecd.dll
2011-08-17 04:22:23 75776 ----a-w- C:\Windows\SysWow64\psisrndr.ax
2011-08-17 04:22:23 72704 ----a-w- C:\Windows\SysWow64\Mpeg2Data.ax
2011-08-17 04:22:23 59904 ----a-w- C:\Windows\SysWow64\MSDvbNP.ax
2011-08-17 04:22:23 204288 ----a-w- C:\Windows\SysWow64\MSNP.ax
.
============= FINISH: 12:15:50.58 ===============
Attach.txt:
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 6/6/2010 2:30:42 PM
System Uptime: 10/27/2011 11:14:09 AM (1 hours ago)
.
Motherboard: Hewlett-Packard | | 363F
Processor: AMD Athlon(tm) II Dual-Core M320 | Socket S1G3 | 1491/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 218 GiB total, 35.287 GiB free.
D: is FIXED (NTFS) - 14 GiB total, 2.341 GiB free.
E: is FIXED (FAT32) - 0 GiB total, 0.09 GiB free.
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP140: 10/14/2011 8:17:09 PM - Windows Update
RP141: 10/18/2011 5:42:17 PM - Windows Update
RP142: 10/21/2011 1:30:16 PM - Windows Update
RP143: 10/22/2011 3:00:13 AM - Windows Update
RP144: 10/25/2011 3:56:41 PM - Windows Update
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
µTorrent
Acrobat.com
ActiveCheck component for HP Active Support Library
Adobe Digital Editions
Adobe Flash Player 10 ActiveX
Adobe Reader 9.1 MUI
Adobe Shockwave Player
AMD USB Filter Driver
Apple Application Support
Apple Software Update
Atheros Driver Installation Program
Avira Free Antivirus
AviSynth 2.5
calibre
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Compatibility Pack for the 2007 Office system
CyberLink DVD Suite
CyberLink MediaShow
CyberLink PowerDVD 8
Delicious Add-on for Internet Explorer
Diigo Toolbar for Internet Explorer
HandBrake 0.9.5
HP Advisor
HP Customer Experience Enhancements
HP Games
HP Quick Launch Buttons
HP Setup
HP Smart Web Printing
HP Support Assistant
HP Update
HP User Guides 0148
HP Wireless Assistant
HPAsset component for HP Active Support Library
IDT Audio
Java Auto Updater
Java(TM) 6 Update 22
Junk Mail filter update
K-Lite Codec Pack 6.4.0 (Standard)
LabelPrint
LightScribe System Software
Malwarebytes' Anti-Malware version 1.51.2.1300
Microsoft Choice Guard
Microsoft Live Search Toolbar
Microsoft Office 2000 Professional
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Works
Move Media Player
MSVCRT
muvee Reveal
Norton Online Backup
Power2Go
PowerDirector
Professor Fizzwizzle
QLBCASL
QuickTime
Real Alternative 2.0.2
Realtek 8136 8168 8169 Ethernet Driver
Realtek USB 2.0 Card Reader
Recovery Manager
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553074)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft Office Excel 2007 (KB2553073)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Slingbox - Watch Your TV Anywhere
SlingPlayer
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update Installer for WildTangent Games App
VLC media player 1.0.5
WildTangent Games App (HP Games)
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
.
==== Event Viewer Messages From Past Week ========
.
10/27/2011 8:00:42 AM, Error: Microsoft-Windows-WMPNSS-Service [14365] - Proximity detection failed due to unknown error '0x80004004'. The best proximity time detected was -1 milliseconds.
10/27/2011 12:14:09 PM, Error: NetBT [4321] - The name "ABC-PC :0" could not be registered on the interface with IP address 192.168.2.7. The computer with the IP address 192.168.2.6 did not allow the name to be claimed by this computer.
10/27/2011 12:13:37 PM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{1F2760FA-B0FA-4ECC-A12A-33767BB4B91B} because another computer on the network has the same name. The server could not start.
10/27/2011 12:13:37 PM, Error: NetBT [4321] - The name "ABC-PC :20" could not be registered on the interface with IP address 192.168.2.7. The computer with the IP address 192.168.2.6 did not allow the name to be claimed by this computer.
10/27/2011 12:13:36 PM, Error: Service Control Manager [7023] - The Peer Name Resolution Protocol service terminated with the following error: %%-2140993535
10/27/2011 12:13:36 PM, Error: Service Control Manager [7001] - The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: %%-2140993535
10/27/2011 12:13:36 PM, Error: Microsoft-Windows-PNRPSvc [102] - The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.
10/27/2011 11:14:22 AM, Error: atikmdag [52236] - CPLIB :: General - Invalid Parameter
10/27/2011 10:55:53 AM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
10/27/2011 10:41:55 AM, Error: ACPI [13] - : The embedded controller (EC) did not respond within the specified timeout period. This may indicate that there is an error in the EC hardware or firmware or that the BIOS is accessing the EC incorrectly. You should check with your computer manufacturer for an upgraded BIOS. In some situations, this error may cause the computer to function incorrectly.
10/26/2011 8:28:55 PM, Error: NetBT [4319] - A duplicate name has been detected on the TCP network. The IP address of the computer that sent the message is in the data. Use nbtstat -n in a command window to see which name is in the Conflict state.
10/26/2011 2:54:30 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {B77C4C36-0154-4C52-AB49-FAA03837E47F} and APPID {EA022610-0748-4C24-B229-6C507EBDFDBB} to the user ABC-PC\Family SID (S-1-5-21-622587576-257219784-654518826-1003) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
10/26/2011 2:49:44 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.
10/25/2011 9:34:22 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SRTSP
10/25/2011 9:34:01 PM, Error: SRTSP [5] -
10/22/2011 7:32:34 PM, Error: atikmdag [52250] - CPLIB :: OPM - Failed the HFS
10/21/2011 7:11:19 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the PNRPsvc service.
10/21/2011 7:11:19 PM, Error: Service Control Manager [7001] - The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion.
10/21/2011 7:11:19 PM, Error: Service Control Manager [7000] - The Peer Name Resolution Protocol service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
.
==== End Of File ===========================
Thank you so much. Please let me know if I did anything wrong.
Should I try checking to see if my google search has fixed or should I stay disconnected to the internet?