Hello community, I've stupidly downloaded a .exe file which upon opening, deleted itself and I instantly knew that I have just obtained a nice friendly virus. I then continued to try scan for it using "SUPERAntiSpyware" then after with "Avast" but the virus gave me a blue screen and after it booted up again, tried to use the programs again.. They opened once then crashed mid scan and when I try to open it again, it gave me this error:
"Windows cannot access the specified device, path, or file. You may no have the appropriate permissions to access the item."
This happen to every single antivirus program I tried to use.. "SUPERAntiSpyware", "Avast", "Adaware" (this one couldn't connect to the network), "Malwarebytes' Anti-Malware" and "GMER".. it also changed the program's files inside the folder..
"Spybot search and destroy" didn't find anything when finished scanning.
*Extra notes..
147603851:1958622199.exe was on the task manager, which I couldn't end task or tree..
After the blue screen, everything else was performed in Safe Mode
I also tried to run Autoruns which just auto closes.. I wanted to see what was loading on start up, so i checked msconfig and nothing suspicious
When using firefox, when I try searching stuff on google, it 'redirects' me it a different site .. random advertising sites, but reloading or refreshing fixes it.. checked host files and it seemed normal but i'm no expert
I also understand that ad-aware and avast aren't ment to be used together but i only use adaware for scanning.. i always disable the other scanner before using one.
Since I couldn't get "Malwarebytes' Anti-Malware" and "GMER" to load, here is the DDS logs. I've also included my ESET scan logs but haven't deleted them yet.
.
DDS (Ver_2011-08-26.01) - NTFSx86 NETWORK
Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.7.0
Run by Administrator at 15:53:43 on 2011-09-24
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3327.2598 [GMT 10:00]
.
AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ===============
.
C:\WINDOWS\147603851:1958622199.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\ESET\ESET Online Scanner\OnlineScannerApp.exe
C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
C:\Program Files\Analog Devices\SoundMAX\smax4.exe
D:\My Documents\Downloads\Defogger.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~4\office12\GRA8E1~1.DLL
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe"
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [SoundMax] "c:\program files\analog devices\soundmax\smax4.exe" /tray
mRun: [SwitchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe
mRun: [Samsung PanelMgr] c:\windows\samsung\panelmgr\SSMMgr.exe /autorun
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 10.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRunOnce: [RunNarrator] Narrator.exe
StartupFolder: c:\docume~1\admini~1\startm~1\programs\startup\dropbox.lnk - c:\documents and settings\administrator\application data\dropbox\bin\Dropbox.exe
mPolicies-system: DisableStatusMessages = 1 (0x1)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~4\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office12\REFIEBAR.DLL
LSP: mswsock.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: {483EB14D-AF1C-4951-81B0-4E2B41829FF6} - hxxps://www.select2perform.com/cabs/QOLCheck.ocx
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{67D259BD-7EA9-4110-B5A5-C8160919D49E} : DhcpNameServer = 192.168.1.254
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~4\office12\GR99D3~1.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~4\office12\GRA8E1~1.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\administrator\application data\mozilla\firefox\profiles\qiklkga9.default\
FF - prefs.js: network.proxy.type - 0
FF - component: c:\program files\mozilla firefox\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}\components\SkypeFfComponent.dll
FF - plugin: c:\documents and settings\administrator\local settings\application data\google\update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: c:\documents and settings\administrator\local settings\application data\unity\webplayer\loader\npUnity3D32.dll
FF - plugin: c:\documents and settings\all users\application data\nexonus\ngm\npNxGameUS.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\new_plugin\npjp2.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npijjiautoinstallpluginff.dll
FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}
FF - Ext: Skype extension: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - c:\program files\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: DivX Plus Web Player HTML5 <video>: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files\divx\divx plus web player\firefox\DivXHTML5
.
---- FIREFOX POLICIES ----
FF - user.js: browser.sessionstore.resume_from_crash - false
.
============= SERVICES / DRIVERS ===============
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2011-8-18 64512]
R4 a347bus;a347bus;c:\windows\system32\drivers\a347bus.sys [2010-12-31 160640]
R4 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [2010-12-31 5248]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-8-18 441176]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-8-18 309848]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-8-18 19544]
S2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-8-18 42184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2011-7-21 2152152]
S3 DroidCam;DroidCam Virtual Audio;c:\windows\system32\drivers\droidcam.sys [2011-2-12 21376]
S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [2011-1-1 24576]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\lavasoft\ad-aware\kernexplorer.sys [2011-7-21 15232]
S3 Samsung UPD Service;Samsung UPD Service;c:\windows\system32\SUPDSvc.exe [2011-2-25 132464]
S3 SwitchBoard;SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
SUnknown SASKUTIL;SASKUTIL; [x]
.
=============== Created Last 30 ================
.
2011-09-24 02:56:26 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-09-24 02:56:05 -------- d-----w- c:\documents and settings\administrator\application data\Malwarebytes
2011-09-24 02:56:00 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2011-09-24 02:45:20 -------- d-----w- c:\program files\ESET
2011-09-24 02:13:05 -------- d-----w- c:\documents and settings\administrator\local settings\application data\Sunbelt Software
2011-09-24 01:18:19 -------- d-----w- c:\documents and settings\administrator\application data\GeoVid
2011-09-24 01:04:46 212992 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\ILog.dll
2011-09-24 00:57:37 -------- d-----w- c:\documents and settings\administrator\application data\DuckLink
2011-09-23 05:35:58 -------- d-----w- c:\documents and settings\administrator\application data\TortoiseSVN
2011-09-23 05:35:17 -------- d-----w- c:\documents and settings\administrator\application data\Subversion
2011-09-23 05:32:19 -------- d-----w- c:\documents and settings\administrator\local settings\application data\TSVNCache
2011-09-23 05:30:10 -------- d-----w- c:\program files\TortoiseSVN
2011-09-23 05:30:10 -------- d-----w- c:\program files\common files\TortoiseOverlays
2011-09-21 00:54:44 -------- d-----w- c:\documents and settings\administrator\application data\Sony Online Entertainment
2011-09-21 00:54:43 -------- d-----w- c:\documents and settings\administrator\local settings\application data\SCE
2011-09-21 00:20:01 -------- d-----w- c:\program files\Sony Online Entertainment
2011-09-20 00:00:27 -------- d-----w- c:\documents and settings\administrator\application data\pymclevel
2011-09-18 23:37:33 -------- d-----w- C:\Canon DIGITAL IXUS 75
2011-09-18 23:37:24 -------- d-----w- c:\documents and settings\administrator\application data\ZoomBrowser EX
2011-09-18 23:30:08 -------- d-----w- c:\documents and settings\all users\application data\ZoomBrowser
2011-09-18 23:28:39 2700288 ----a-w- c:\windows\system32\opapi11.dll
2011-09-18 23:28:38 -------- d-----w- c:\program files\Canon
2011-09-18 23:28:30 304128 ----a-w- c:\windows\IsUninst.exe
2011-09-18 23:28:30 -------- d-----w- c:\documents and settings\administrator\WINDOWS
2011-09-18 23:25:24 -------- d-----w- c:\program files\common files\Canon
2011-09-07 06:26:25 -------- d-----w- c:\program files\Runes of Magic
2011-09-06 00:07:25 -------- d-----w- c:\documents and settings\administrator\application data\FOG Downloader
.
==================== Find3M ====================
.
2011-09-21 00:55:27 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-08-29 23:42:57 138520 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-08-29 23:42:49 234536 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-08-29 23:42:49 234536 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-08-29 23:40:35 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-08-17 20:02:57 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-08-17 20:02:53 16432 ----a-w- c:\windows\system32\lsdelete.exe
2011-07-22 20:51:50 94208 ----a-w- c:\windows\system32\dpl100.dll
2011-07-21 04:59:08 64512 ----a-w- c:\windows\system32\drivers\Lbd.sys
2011-07-18 04:08:17 249856 ------w- c:\windows\Setup1.exe
2011-07-18 04:08:16 73216 ----a-w- c:\windows\ST6UNST.EXE
2011-07-10 02:25:44 17408 ----a-w- C:\psapi.dll
2011-07-04 11:43:53 40112 ----a-w- c:\windows\avastSS.scr
2011-07-04 11:36:43 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
.
============= FINISH: 15:54:31.92 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume5
Install Date: 12/31/2010 3:59:15 AM
System Uptime: 9/24/2011 12:34:56 PM (3 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | P5E
Processor: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz | LGA775 | 2405/266mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 932 GiB total, 566.615 GiB free.
D: is FIXED (NTFS) - 75 GiB total, 13.341 GiB free.
E: is FIXED (NTFS) - 112 GiB total, 12.078 GiB free.
F: is FIXED (NTFS) - 56 GiB total, 6.369 GiB free.
H: is FIXED (NTFS) - 34 GiB total, 16.508 GiB free.
I: is CDROM (CDFS)
L: is CDROM ()
M: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description:
Device ID: ACPI\ATK0110\1010110
Manufacturer:
Name:
PNP Device ID: ACPI\ATK0110\1010110
Service:
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Hamachi Network Interface
Device ID: ROOT\NET\0000
Manufacturer: LogMeIn, Inc.
Name: Hamachi Network Interface #6
PNP Device ID: ROOT\NET\0000
Service: hamachi
.
==== System Restore Points ===================
.
RP8: 1/1/2011 1:59:59 AM - Installed Windows Media Format Runtime
RP9: 1/1/2011 7:08:19 PM - Installed HTC Driver Installer.
RP10: 1/1/2011 7:08:33 PM - Installed HTC Sync.
RP11: 1/1/2011 7:09:59 PM - Installed Windows XP Wdf01007.
RP12: 1/1/2011 8:27:05 PM - Installed LogMeIn Hamachi
RP13: 1/2/2011 1:25:49 AM - Installed GTA San Andreas
RP14: 1/2/2011 11:00:16 PM - Installed Tom Clancy's H.A.W.X
RP15: 1/3/2011 11:32:03 PM - Installed Battlefield 2: Deluxe Edition
RP16: 1/3/2011 11:48:34 PM - Installed DirectX 9.0
RP17: 1/5/2011 12:21:45 AM - System Checkpoint
RP18: 1/6/2011 1:02:29 AM - System Checkpoint
RP19: 1/6/2011 10:31:07 AM - Installed The Sims 3
RP20: 1/6/2011 10:40:18 AM - Installed The Sims 3
RP21: 1/6/2011 12:59:53 PM - Installed DirectX
RP22: 1/7/2011 1:02:29 PM - System Checkpoint
RP23: 1/8/2011 1:02:33 PM - System Checkpoint
RP24: 1/8/2011 8:38:54 PM - Installed DirectX
RP25: 1/9/2011 9:02:33 PM - System Checkpoint
RP26: 1/10/2011 8:20:50 PM - Installed ProductName from default.wxl
RP27: 1/11/2011 4:14:19 PM - Installed Adobe Reader X.
RP28: 1/11/2011 10:19:45 PM - Installed DirectX
RP29: 1/12/2011 11:03:09 PM - System Checkpoint
RP30: 1/13/2011 6:05:41 PM - Installed DirectX
RP31: 1/14/2011 7:30:55 PM - System Checkpoint
RP32: 1/15/2011 8:03:16 PM - System Checkpoint
RP33: 1/16/2011 2:51:17 AM - Installed Microsoft Office Enterprise 2007
RP34: 1/16/2011 2:55:25 AM - Printer Driver Send To Microsoft OneNote Driver Installed
RP35: 1/17/2011 3:00:21 AM - System Checkpoint
RP36: 1/18/2011 3:03:17 AM - System Checkpoint
RP37: 1/18/2011 7:46:35 PM - avast! Free Antivirus Setup
RP38: 1/18/2011 7:50:32 PM - avast! Free Antivirus Setup
RP39: 1/18/2011 8:06:40 PM - Installed Kaspersky Anti-Virus 2011.
RP40: 1/19/2011 8:10:45 PM - System Checkpoint
RP41: 1/21/2011 5:27:09 AM - System Checkpoint
RP42: 1/26/2011 2:44:19 AM - Installed SWAT 4 - The Stetchkov Syndicate
RP43: 1/30/2011 3:54:57 AM - Installed Battlefield 2 Patch v1.41
RP44: 1/30/2011 3:00:34 PM - Installed Battlefield 2 Patch
RP45: 2/1/2011 12:24:38 AM - Removed HTC Sync.
RP46: 2/1/2011 12:33:58 AM - Update to an unsigned driver
RP47: 2/7/2011 7:01:47 PM - Installed GenesisAD_Setup
RP48: 2/7/2011 7:05:31 PM - Installed REACTOR
RP49: 2/7/2011 7:06:21 PM - Installed GenesisAD
RP50: 2/9/2011 9:34:08 PM - Removed The Sims 3
RP51: 2/9/2011 9:35:05 PM - Removed SWAT 4 - The Stetchkov Syndicate
RP52: 2/15/2011 3:30:23 AM - Installed Java(TM) 6 Update 23
RP53: 2/25/2011 11:24:17 AM - Printer Driver Samsung ML-2010 Series Installed
RP54: 3/2/2011 4:22:19 AM - Installed Windows Media Format 9 Series Runtime Setup
RP55: 3/2/2011 2:35:25 PM - Installed Kaspersky Anti-Virus 2011.
RP56: 3/3/2011 2:30:07 PM - SPTD setup V1.62
RP57: 3/3/2011 3:08:43 PM - Installed DirectX
RP58: 3/11/2011 5:09:18 PM - Installed Windows Media Format Runtime
RP59: 3/11/2011 5:09:49 PM - Installed Windows XP Wudf01000.
RP60: 3/11/2011 5:11:13 PM - Installed ACID Pro 7.0
RP61: 3/24/2011 2:04:33 AM - Installed Dead Rising 2
RP62: 3/28/2011 12:53:24 AM - Installed DirectX
RP63: 3/28/2011 12:54:26 AM - Installed Microsoft Visual C++ 2005 Redistributable
RP64: 3/29/2011 1:08:30 AM - ComboFix created restore point
RP65: 4/1/2011 8:25:31 PM - Installed Rockstar Games Social Club
RP66: 4/1/2011 8:38:51 PM - Installed Grand Theft Auto IV
RP67: 4/4/2011 2:05:16 AM - Installed Java(TM) SE Development Kit 6 Update 24
RP68: 4/4/2011 2:06:17 AM - Removed Java(TM) 6 Update 23
RP69: 4/4/2011 2:30:12 AM - Removed Java(TM) SE Development Kit 6 Update 24
RP70: 4/4/2011 2:31:55 AM - Installed Java(TM) SE Development Kit 6 Update 24
RP71: 4/5/2011 3:12:37 PM - Removed LogMeIn Hamachi
RP72: 4/5/2011 3:33:53 PM - Installed LogMeIn Hamachi
RP73: 4/5/2011 3:39:28 PM - Removed LogMeIn Hamachi
RP74: 4/7/2011 12:53:27 AM - Installed Java(TM) 7
RP75: 4/20/2011 9:50:58 PM - Printer Driver VNC Printer (PS) Installed
RP76: 4/20/2011 9:51:06 PM - Printer Driver VNC Printer (UD) Installed
RP77: 5/28/2011 7:26:03 PM - Installed Kaspersky Anti-Virus 2011.
RP78: 6/11/2011 12:24:31 PM - Removed GenesisAD_Setup
RP79: 6/11/2011 12:26:35 PM - Removed GenesisAD
RP80: 6/12/2011 10:33:01 AM - Installed Game Fire
RP81: 7/22/2011 8:30:11 PM - Installed DirectX
RP82: 7/31/2011 10:43:14 AM - Installed League of Legends
RP83: 8/14/2011 6:04:40 PM - Installed Windows Media Format 9 Series Runtime Setup
RP84: 8/15/2011 9:54:15 AM - Removed Game Fire
RP85: 8/15/2011 9:54:50 AM - Removed ACID Pro 7.0
RP86: 8/15/2011 9:59:54 AM - Removed Grand Theft Auto IV
RP87: 8/15/2011 10:02:00 AM - Removed GTA San Andreas
RP88: 8/15/2011 10:06:11 AM - Removed Need for Speed(TM) Hot Pursuit
RP89: 8/15/2011 10:15:59 AM - Removed Rockstar Games Social Club
RP90: 8/15/2011 10:26:13 AM - Removed Tom Clancy's H.A.W.X
RP91: 8/18/2011 5:54:32 AM - Installed Ad-Aware
RP92: 8/18/2011 5:54:52 AM - Installed Ad-Aware
RP93: 8/18/2011 6:00:19 AM - avast! Free Antivirus Setup
RP94: 8/28/2011 11:21:16 AM - Installed Battlefield Bad Company 2
RP95: 8/30/2011 5:22:54 PM - Installed PreVisor Simulation Player 2.0e Update
RP96: 9/23/2011 3:30:06 PM - Installed TortoiseSVN 1.6.16.21511 (32 bit)
RP97: 9/24/2011 3:45:02 PM - Installed Windows Media Format 9 Series Runtime Setup
.
==== Installed Programs ======================
.
.
µTorrent
Ad-Aware
Adobe AIR
Adobe Community Help
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Media Player
Adobe Photoshop CS5
Adobe Reader X
Adobe Shockwave Player 11.5
Amplify 5.0 Unregistered
Auslogics Disk Defrag
avast! Free Antivirus
Battle of the Immortals
Battlefield 2: Deluxe Edition
Battlefield: Bad Company™ 2
Camtasia Studio 5
Canon Camera Access Library
Canon Camera Support Core Library
Canon G.726 WMP-Decoder
Canon MovieEdit Task for ZoomBrowser EX
Canon RAW Image Task for ZoomBrowser EX
Canon Utilities CameraWindow
Canon Utilities CameraWindow DC
Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
Canon Utilities MyCamera
Canon Utilities MyCamera DC
Canon Utilities RemoteCapture DC
Canon Utilities RemoteCapture Task for ZoomBrowser EX
Canon Utilities ZoomBrowser EX
Canon ZoomBrowser EX Memory Card Utility
CEDP Stealer 6.0 for Messenger
DC Universe Online Live
DivX Setup
ESET Online Scanner v3
FL Studio v7.0
ForceBindIP
Google Chrome
Google Earth
Google Update Helper
Hamachi 1.0.1.5
Hotfix for Windows XP (KB942288-v3)
HTC Driver Installer
Java Auto Updater
Java DB 10.6.2.1
Java(TM) 6 Update 24
Java(TM) 7
Java(TM) SE Development Kit 6 Update 24
League of Legends
Marvell Miniport Driver
Messenger Plus! Live
Microsoft .NET Framework 2.0
Microsoft .NET Framework 3.0
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Games for Windows - LIVE Redistributable
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Software Update for Web Folders (English) 12
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft WinUsb 1.0
Microsoft WSE 3.0 Runtime
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Mozilla Firefox (3.6.22)
MSVCRT
MSXML 6.0 Parser (KB925673)
Nexon Game Manager
NVIDIA Control Panel 260.99
NVIDIA Graphics Driver 260.99
NVIDIA Install Application
NVIDIA nView 135.36
NVIDIA nView Desktop Manager
NVIDIA PhysX
NVIDIA PhysX System Software 9.10.0514
Pando Media Booster
PDF Settings CS5
PeerBlock 1.1 (r518)
PFPortChecker 1.0.39
PortPeeker
REACTOR
ReaJPEG Pro 4.0
RF Uninstall
Runes of Magic
Samsung ML-2010 Series
Samsung Universal Print Driver
Segoe UI
Skype Toolbars
Skype™ 5.3
SoundMAX
Spybot - Search & Destroy
Starcraft
TortoiseSVN 1.6.16.21511 (32 bit)
Unity Web Player
VC80CRTRedist - 8.0.50727.6195
Virtual DJ - Atomix Productions
VLC media player 1.1.5
VNC Enterprise Edition E4.6.0
VNC Mirror Driver 1.8.0
VNC Printer Driver 1.7.0
WebFldrs XP
Winamp
Windows Communication Foundation
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Messenger
Windows Live OneCare safety scanner
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows Media Format 11 runtime
Windows Presentation Foundation
Windows Workflow Foundation
WinRAR 4.00 beta 4 (32-bit)
XML Paper Specification Shared Components Pack 1.0
.
==== Event Viewer Messages From Past Week ========
.
9/24/2011 3:46:04 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
9/24/2011 12:29:28 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service ImapiService with arguments "-Service" in order to run the server: {520CCA63-51A5-11D3-9144-00104BA11C5E}
9/24/2011 12:24:28 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
9/24/2011 12:11:51 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Aavmker4 aswSnx aswSP aswTdi Fips intelppm SASDIFSV SASKUTIL SCDEmu sptd
9/24/2011 12:10:43 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
9/24/2011 12:10:26 PM, error: sptd [4] - Driver detected an internal error in its data structures for .
9/24/2011 11:32:54 AM, error: Service Control Manager [7000] - The Lavasoft Ad-Aware Service service failed to start due to the following error: Access is denied.
9/24/2011 11:29:27 AM, error: Service Control Manager [7034] - The Lavasoft Ad-Aware Service service terminated unexpectedly. It has done this 1 time(s).
9/24/2011 11:29:16 AM, error: Service Control Manager [7000] - The avast! Antivirus service failed to start due to the following error: Access is denied.
9/24/2011 11:29:11 AM, error: Service Control Manager [7031] - The avast! Antivirus service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
9/24/2011 1:32:41 PM, error: Service Control Manager [7031] - The SAS Core Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.
9/22/2011 1:27:58 PM, error: Service Control Manager [7034] - The Canon Camera Access Library 8 service terminated unexpectedly. It has done this 1 time(s).
9/19/2011 9:34:29 AM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service upnphost with arguments "" in order to run the server: {204810B9-73B2-11D4-BF42-00B0D0118B56}
9/18/2011 12:42:36 PM, error: Service Control Manager [7034] - The PnkBstrB service terminated unexpectedly. It has done this 1 time(s).
9/18/2011 12:42:36 PM, error: Service Control Manager [7034] - The PnkBstrA service terminated unexpectedly. It has done this 1 time(s).
.
==== End Of File ===========================
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\0\546fa200-1c5e4d3d multiple threats
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\27\7061701b-72240eee multiple threats
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\31\281e7c9f-618ce1d9 multiple threats
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\34\c669a2-329e2d01 multiple threats
C:\Documents and Settings\Administrator\Desktop\HSS-1.57-install-anchorfree-247-conduit3.exe a variant of Win32/HotSpotShield application
C:\Documents and Settings\Administrator\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\38\7dae97e6-528a3064 Java/Agent.DM trojan
C:\Program Files\Canon\CAL\CALMAIN.exe Win32/Patched.HN trojan
C:\System Volume Information\_restore{6AF0BF0A-56E6-420C-A2FC-876D3BA440CD}\RP42\A0008856.exe probably a variant of Win32/Adware.RK.AB application
C:\System Volume Information\_restore{6AF0BF0A-56E6-420C-A2FC-876D3BA440CD}\RP42\A0008917.exe probably a variant of Win32/Adware.RK.AD application
C:\System Volume Information\_restore{6AF0BF0A-56E6-420C-A2FC-876D3BA440CD}\RP42\A0009890.dll probably a variant of Win32/Adware.RK application
C:\System Volume Information\_restore{6AF0BF0A-56E6-420C-A2FC-876D3BA440CD}\RP42\A0009891.exe a variant of Win32/Adware.RK.AE application
C:\System Volume Information\_restore{6AF0BF0A-56E6-420C-A2FC-876D3BA440CD}\RP64\A0028393.exe a variant of Win32/HotSpotShield application
C:\System Volume Information\_restore{6AF0BF0A-56E6-420C-A2FC-876D3BA440CD}\RP93\A0041151.exe a variant of Win32/Keygen.AR application
C:\System Volume Information\_restore{6AF0BF0A-56E6-420C-A2FC-876D3BA440CD}\RP93\A0042565.inf INF/Autorun virus
C:\System Volume Information\_restore{6AF0BF0A-56E6-420C-A2FC-876D3BA440CD}\RP97\A0044360.exe probably a variant of Win32/TrojanDropper.Agent.NKB trojan
C:\System Volume Information\_restore{6AF0BF0A-56E6-420C-A2FC-876D3BA440CD}\RP97\A0046197.ini a variant of Win32/Sirefef.CH trojan
C:\System Volume Information\_restore{6AF0BF0A-56E6-420C-A2FC-876D3BA440CD}\RP97\A0046244.ini a variant of Win32/Sirefef.CH trojan
C:\System Volume Information\_restore{6AF0BF0A-56E6-420C-A2FC-876D3BA440CD}\RP97\A0046343.exe Win32/Patched.HN trojan
"Windows cannot access the specified device, path, or file. You may no have the appropriate permissions to access the item."
This happen to every single antivirus program I tried to use.. "SUPERAntiSpyware", "Avast", "Adaware" (this one couldn't connect to the network), "Malwarebytes' Anti-Malware" and "GMER".. it also changed the program's files inside the folder..
"Spybot search and destroy" didn't find anything when finished scanning.
*Extra notes..
147603851:1958622199.exe was on the task manager, which I couldn't end task or tree..
After the blue screen, everything else was performed in Safe Mode
I also tried to run Autoruns which just auto closes.. I wanted to see what was loading on start up, so i checked msconfig and nothing suspicious
When using firefox, when I try searching stuff on google, it 'redirects' me it a different site .. random advertising sites, but reloading or refreshing fixes it.. checked host files and it seemed normal but i'm no expert
I also understand that ad-aware and avast aren't ment to be used together but i only use adaware for scanning.. i always disable the other scanner before using one.
Since I couldn't get "Malwarebytes' Anti-Malware" and "GMER" to load, here is the DDS logs. I've also included my ESET scan logs but haven't deleted them yet.
.
DDS (Ver_2011-08-26.01) - NTFSx86 NETWORK
Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.7.0
Run by Administrator at 15:53:43 on 2011-09-24
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3327.2598 [GMT 10:00]
.
AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ===============
.
C:\WINDOWS\147603851:1958622199.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\ESET\ESET Online Scanner\OnlineScannerApp.exe
C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
C:\Program Files\Analog Devices\SoundMAX\smax4.exe
D:\My Documents\Downloads\Defogger.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~4\office12\GRA8E1~1.DLL
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe"
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [SoundMax] "c:\program files\analog devices\soundmax\smax4.exe" /tray
mRun: [SwitchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe
mRun: [Samsung PanelMgr] c:\windows\samsung\panelmgr\SSMMgr.exe /autorun
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 10.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRunOnce: [RunNarrator] Narrator.exe
StartupFolder: c:\docume~1\admini~1\startm~1\programs\startup\dropbox.lnk - c:\documents and settings\administrator\application data\dropbox\bin\Dropbox.exe
mPolicies-system: DisableStatusMessages = 1 (0x1)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~4\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office12\REFIEBAR.DLL
LSP: mswsock.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: {483EB14D-AF1C-4951-81B0-4E2B41829FF6} - hxxps://www.select2perform.com/cabs/QOLCheck.ocx
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{67D259BD-7EA9-4110-B5A5-C8160919D49E} : DhcpNameServer = 192.168.1.254
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~4\office12\GR99D3~1.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~4\office12\GRA8E1~1.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\administrator\application data\mozilla\firefox\profiles\qiklkga9.default\
FF - prefs.js: network.proxy.type - 0
FF - component: c:\program files\mozilla firefox\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}\components\SkypeFfComponent.dll
FF - plugin: c:\documents and settings\administrator\local settings\application data\google\update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: c:\documents and settings\administrator\local settings\application data\unity\webplayer\loader\npUnity3D32.dll
FF - plugin: c:\documents and settings\all users\application data\nexonus\ngm\npNxGameUS.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\new_plugin\npjp2.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npijjiautoinstallpluginff.dll
FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}
FF - Ext: Skype extension: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - c:\program files\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: DivX Plus Web Player HTML5 <video>: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files\divx\divx plus web player\firefox\DivXHTML5
.
---- FIREFOX POLICIES ----
FF - user.js: browser.sessionstore.resume_from_crash - false
.
============= SERVICES / DRIVERS ===============
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2011-8-18 64512]
R4 a347bus;a347bus;c:\windows\system32\drivers\a347bus.sys [2010-12-31 160640]
R4 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [2010-12-31 5248]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-8-18 441176]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-8-18 309848]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-8-18 19544]
S2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-8-18 42184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2011-7-21 2152152]
S3 DroidCam;DroidCam Virtual Audio;c:\windows\system32\drivers\droidcam.sys [2011-2-12 21376]
S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [2011-1-1 24576]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\lavasoft\ad-aware\kernexplorer.sys [2011-7-21 15232]
S3 Samsung UPD Service;Samsung UPD Service;c:\windows\system32\SUPDSvc.exe [2011-2-25 132464]
S3 SwitchBoard;SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
SUnknown SASKUTIL;SASKUTIL; [x]
.
=============== Created Last 30 ================
.
2011-09-24 02:56:26 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-09-24 02:56:05 -------- d-----w- c:\documents and settings\administrator\application data\Malwarebytes
2011-09-24 02:56:00 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2011-09-24 02:45:20 -------- d-----w- c:\program files\ESET
2011-09-24 02:13:05 -------- d-----w- c:\documents and settings\administrator\local settings\application data\Sunbelt Software
2011-09-24 01:18:19 -------- d-----w- c:\documents and settings\administrator\application data\GeoVid
2011-09-24 01:04:46 212992 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\ILog.dll
2011-09-24 00:57:37 -------- d-----w- c:\documents and settings\administrator\application data\DuckLink
2011-09-23 05:35:58 -------- d-----w- c:\documents and settings\administrator\application data\TortoiseSVN
2011-09-23 05:35:17 -------- d-----w- c:\documents and settings\administrator\application data\Subversion
2011-09-23 05:32:19 -------- d-----w- c:\documents and settings\administrator\local settings\application data\TSVNCache
2011-09-23 05:30:10 -------- d-----w- c:\program files\TortoiseSVN
2011-09-23 05:30:10 -------- d-----w- c:\program files\common files\TortoiseOverlays
2011-09-21 00:54:44 -------- d-----w- c:\documents and settings\administrator\application data\Sony Online Entertainment
2011-09-21 00:54:43 -------- d-----w- c:\documents and settings\administrator\local settings\application data\SCE
2011-09-21 00:20:01 -------- d-----w- c:\program files\Sony Online Entertainment
2011-09-20 00:00:27 -------- d-----w- c:\documents and settings\administrator\application data\pymclevel
2011-09-18 23:37:33 -------- d-----w- C:\Canon DIGITAL IXUS 75
2011-09-18 23:37:24 -------- d-----w- c:\documents and settings\administrator\application data\ZoomBrowser EX
2011-09-18 23:30:08 -------- d-----w- c:\documents and settings\all users\application data\ZoomBrowser
2011-09-18 23:28:39 2700288 ----a-w- c:\windows\system32\opapi11.dll
2011-09-18 23:28:38 -------- d-----w- c:\program files\Canon
2011-09-18 23:28:30 304128 ----a-w- c:\windows\IsUninst.exe
2011-09-18 23:28:30 -------- d-----w- c:\documents and settings\administrator\WINDOWS
2011-09-18 23:25:24 -------- d-----w- c:\program files\common files\Canon
2011-09-07 06:26:25 -------- d-----w- c:\program files\Runes of Magic
2011-09-06 00:07:25 -------- d-----w- c:\documents and settings\administrator\application data\FOG Downloader
.
==================== Find3M ====================
.
2011-09-21 00:55:27 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-08-29 23:42:57 138520 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-08-29 23:42:49 234536 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-08-29 23:42:49 234536 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-08-29 23:40:35 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-08-17 20:02:57 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-08-17 20:02:53 16432 ----a-w- c:\windows\system32\lsdelete.exe
2011-07-22 20:51:50 94208 ----a-w- c:\windows\system32\dpl100.dll
2011-07-21 04:59:08 64512 ----a-w- c:\windows\system32\drivers\Lbd.sys
2011-07-18 04:08:17 249856 ------w- c:\windows\Setup1.exe
2011-07-18 04:08:16 73216 ----a-w- c:\windows\ST6UNST.EXE
2011-07-10 02:25:44 17408 ----a-w- C:\psapi.dll
2011-07-04 11:43:53 40112 ----a-w- c:\windows\avastSS.scr
2011-07-04 11:36:43 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
.
============= FINISH: 15:54:31.92 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume5
Install Date: 12/31/2010 3:59:15 AM
System Uptime: 9/24/2011 12:34:56 PM (3 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | P5E
Processor: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz | LGA775 | 2405/266mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 932 GiB total, 566.615 GiB free.
D: is FIXED (NTFS) - 75 GiB total, 13.341 GiB free.
E: is FIXED (NTFS) - 112 GiB total, 12.078 GiB free.
F: is FIXED (NTFS) - 56 GiB total, 6.369 GiB free.
H: is FIXED (NTFS) - 34 GiB total, 16.508 GiB free.
I: is CDROM (CDFS)
L: is CDROM ()
M: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description:
Device ID: ACPI\ATK0110\1010110
Manufacturer:
Name:
PNP Device ID: ACPI\ATK0110\1010110
Service:
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Hamachi Network Interface
Device ID: ROOT\NET\0000
Manufacturer: LogMeIn, Inc.
Name: Hamachi Network Interface #6
PNP Device ID: ROOT\NET\0000
Service: hamachi
.
==== System Restore Points ===================
.
RP8: 1/1/2011 1:59:59 AM - Installed Windows Media Format Runtime
RP9: 1/1/2011 7:08:19 PM - Installed HTC Driver Installer.
RP10: 1/1/2011 7:08:33 PM - Installed HTC Sync.
RP11: 1/1/2011 7:09:59 PM - Installed Windows XP Wdf01007.
RP12: 1/1/2011 8:27:05 PM - Installed LogMeIn Hamachi
RP13: 1/2/2011 1:25:49 AM - Installed GTA San Andreas
RP14: 1/2/2011 11:00:16 PM - Installed Tom Clancy's H.A.W.X
RP15: 1/3/2011 11:32:03 PM - Installed Battlefield 2: Deluxe Edition
RP16: 1/3/2011 11:48:34 PM - Installed DirectX 9.0
RP17: 1/5/2011 12:21:45 AM - System Checkpoint
RP18: 1/6/2011 1:02:29 AM - System Checkpoint
RP19: 1/6/2011 10:31:07 AM - Installed The Sims 3
RP20: 1/6/2011 10:40:18 AM - Installed The Sims 3
RP21: 1/6/2011 12:59:53 PM - Installed DirectX
RP22: 1/7/2011 1:02:29 PM - System Checkpoint
RP23: 1/8/2011 1:02:33 PM - System Checkpoint
RP24: 1/8/2011 8:38:54 PM - Installed DirectX
RP25: 1/9/2011 9:02:33 PM - System Checkpoint
RP26: 1/10/2011 8:20:50 PM - Installed ProductName from default.wxl
RP27: 1/11/2011 4:14:19 PM - Installed Adobe Reader X.
RP28: 1/11/2011 10:19:45 PM - Installed DirectX
RP29: 1/12/2011 11:03:09 PM - System Checkpoint
RP30: 1/13/2011 6:05:41 PM - Installed DirectX
RP31: 1/14/2011 7:30:55 PM - System Checkpoint
RP32: 1/15/2011 8:03:16 PM - System Checkpoint
RP33: 1/16/2011 2:51:17 AM - Installed Microsoft Office Enterprise 2007
RP34: 1/16/2011 2:55:25 AM - Printer Driver Send To Microsoft OneNote Driver Installed
RP35: 1/17/2011 3:00:21 AM - System Checkpoint
RP36: 1/18/2011 3:03:17 AM - System Checkpoint
RP37: 1/18/2011 7:46:35 PM - avast! Free Antivirus Setup
RP38: 1/18/2011 7:50:32 PM - avast! Free Antivirus Setup
RP39: 1/18/2011 8:06:40 PM - Installed Kaspersky Anti-Virus 2011.
RP40: 1/19/2011 8:10:45 PM - System Checkpoint
RP41: 1/21/2011 5:27:09 AM - System Checkpoint
RP42: 1/26/2011 2:44:19 AM - Installed SWAT 4 - The Stetchkov Syndicate
RP43: 1/30/2011 3:54:57 AM - Installed Battlefield 2 Patch v1.41
RP44: 1/30/2011 3:00:34 PM - Installed Battlefield 2 Patch
RP45: 2/1/2011 12:24:38 AM - Removed HTC Sync.
RP46: 2/1/2011 12:33:58 AM - Update to an unsigned driver
RP47: 2/7/2011 7:01:47 PM - Installed GenesisAD_Setup
RP48: 2/7/2011 7:05:31 PM - Installed REACTOR
RP49: 2/7/2011 7:06:21 PM - Installed GenesisAD
RP50: 2/9/2011 9:34:08 PM - Removed The Sims 3
RP51: 2/9/2011 9:35:05 PM - Removed SWAT 4 - The Stetchkov Syndicate
RP52: 2/15/2011 3:30:23 AM - Installed Java(TM) 6 Update 23
RP53: 2/25/2011 11:24:17 AM - Printer Driver Samsung ML-2010 Series Installed
RP54: 3/2/2011 4:22:19 AM - Installed Windows Media Format 9 Series Runtime Setup
RP55: 3/2/2011 2:35:25 PM - Installed Kaspersky Anti-Virus 2011.
RP56: 3/3/2011 2:30:07 PM - SPTD setup V1.62
RP57: 3/3/2011 3:08:43 PM - Installed DirectX
RP58: 3/11/2011 5:09:18 PM - Installed Windows Media Format Runtime
RP59: 3/11/2011 5:09:49 PM - Installed Windows XP Wudf01000.
RP60: 3/11/2011 5:11:13 PM - Installed ACID Pro 7.0
RP61: 3/24/2011 2:04:33 AM - Installed Dead Rising 2
RP62: 3/28/2011 12:53:24 AM - Installed DirectX
RP63: 3/28/2011 12:54:26 AM - Installed Microsoft Visual C++ 2005 Redistributable
RP64: 3/29/2011 1:08:30 AM - ComboFix created restore point
RP65: 4/1/2011 8:25:31 PM - Installed Rockstar Games Social Club
RP66: 4/1/2011 8:38:51 PM - Installed Grand Theft Auto IV
RP67: 4/4/2011 2:05:16 AM - Installed Java(TM) SE Development Kit 6 Update 24
RP68: 4/4/2011 2:06:17 AM - Removed Java(TM) 6 Update 23
RP69: 4/4/2011 2:30:12 AM - Removed Java(TM) SE Development Kit 6 Update 24
RP70: 4/4/2011 2:31:55 AM - Installed Java(TM) SE Development Kit 6 Update 24
RP71: 4/5/2011 3:12:37 PM - Removed LogMeIn Hamachi
RP72: 4/5/2011 3:33:53 PM - Installed LogMeIn Hamachi
RP73: 4/5/2011 3:39:28 PM - Removed LogMeIn Hamachi
RP74: 4/7/2011 12:53:27 AM - Installed Java(TM) 7
RP75: 4/20/2011 9:50:58 PM - Printer Driver VNC Printer (PS) Installed
RP76: 4/20/2011 9:51:06 PM - Printer Driver VNC Printer (UD) Installed
RP77: 5/28/2011 7:26:03 PM - Installed Kaspersky Anti-Virus 2011.
RP78: 6/11/2011 12:24:31 PM - Removed GenesisAD_Setup
RP79: 6/11/2011 12:26:35 PM - Removed GenesisAD
RP80: 6/12/2011 10:33:01 AM - Installed Game Fire
RP81: 7/22/2011 8:30:11 PM - Installed DirectX
RP82: 7/31/2011 10:43:14 AM - Installed League of Legends
RP83: 8/14/2011 6:04:40 PM - Installed Windows Media Format 9 Series Runtime Setup
RP84: 8/15/2011 9:54:15 AM - Removed Game Fire
RP85: 8/15/2011 9:54:50 AM - Removed ACID Pro 7.0
RP86: 8/15/2011 9:59:54 AM - Removed Grand Theft Auto IV
RP87: 8/15/2011 10:02:00 AM - Removed GTA San Andreas
RP88: 8/15/2011 10:06:11 AM - Removed Need for Speed(TM) Hot Pursuit
RP89: 8/15/2011 10:15:59 AM - Removed Rockstar Games Social Club
RP90: 8/15/2011 10:26:13 AM - Removed Tom Clancy's H.A.W.X
RP91: 8/18/2011 5:54:32 AM - Installed Ad-Aware
RP92: 8/18/2011 5:54:52 AM - Installed Ad-Aware
RP93: 8/18/2011 6:00:19 AM - avast! Free Antivirus Setup
RP94: 8/28/2011 11:21:16 AM - Installed Battlefield Bad Company 2
RP95: 8/30/2011 5:22:54 PM - Installed PreVisor Simulation Player 2.0e Update
RP96: 9/23/2011 3:30:06 PM - Installed TortoiseSVN 1.6.16.21511 (32 bit)
RP97: 9/24/2011 3:45:02 PM - Installed Windows Media Format 9 Series Runtime Setup
.
==== Installed Programs ======================
.
.
µTorrent
Ad-Aware
Adobe AIR
Adobe Community Help
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Media Player
Adobe Photoshop CS5
Adobe Reader X
Adobe Shockwave Player 11.5
Amplify 5.0 Unregistered
Auslogics Disk Defrag
avast! Free Antivirus
Battle of the Immortals
Battlefield 2: Deluxe Edition
Battlefield: Bad Company™ 2
Camtasia Studio 5
Canon Camera Access Library
Canon Camera Support Core Library
Canon G.726 WMP-Decoder
Canon MovieEdit Task for ZoomBrowser EX
Canon RAW Image Task for ZoomBrowser EX
Canon Utilities CameraWindow
Canon Utilities CameraWindow DC
Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
Canon Utilities MyCamera
Canon Utilities MyCamera DC
Canon Utilities RemoteCapture DC
Canon Utilities RemoteCapture Task for ZoomBrowser EX
Canon Utilities ZoomBrowser EX
Canon ZoomBrowser EX Memory Card Utility
CEDP Stealer 6.0 for Messenger
DC Universe Online Live
DivX Setup
ESET Online Scanner v3
FL Studio v7.0
ForceBindIP
Google Chrome
Google Earth
Google Update Helper
Hamachi 1.0.1.5
Hotfix for Windows XP (KB942288-v3)
HTC Driver Installer
Java Auto Updater
Java DB 10.6.2.1
Java(TM) 6 Update 24
Java(TM) 7
Java(TM) SE Development Kit 6 Update 24
League of Legends
Marvell Miniport Driver
Messenger Plus! Live
Microsoft .NET Framework 2.0
Microsoft .NET Framework 3.0
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Games for Windows - LIVE Redistributable
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Software Update for Web Folders (English) 12
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft WinUsb 1.0
Microsoft WSE 3.0 Runtime
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Mozilla Firefox (3.6.22)
MSVCRT
MSXML 6.0 Parser (KB925673)
Nexon Game Manager
NVIDIA Control Panel 260.99
NVIDIA Graphics Driver 260.99
NVIDIA Install Application
NVIDIA nView 135.36
NVIDIA nView Desktop Manager
NVIDIA PhysX
NVIDIA PhysX System Software 9.10.0514
Pando Media Booster
PDF Settings CS5
PeerBlock 1.1 (r518)
PFPortChecker 1.0.39
PortPeeker
REACTOR
ReaJPEG Pro 4.0
RF Uninstall
Runes of Magic
Samsung ML-2010 Series
Samsung Universal Print Driver
Segoe UI
Skype Toolbars
Skype™ 5.3
SoundMAX
Spybot - Search & Destroy
Starcraft
TortoiseSVN 1.6.16.21511 (32 bit)
Unity Web Player
VC80CRTRedist - 8.0.50727.6195
Virtual DJ - Atomix Productions
VLC media player 1.1.5
VNC Enterprise Edition E4.6.0
VNC Mirror Driver 1.8.0
VNC Printer Driver 1.7.0
WebFldrs XP
Winamp
Windows Communication Foundation
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Messenger
Windows Live OneCare safety scanner
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows Media Format 11 runtime
Windows Presentation Foundation
Windows Workflow Foundation
WinRAR 4.00 beta 4 (32-bit)
XML Paper Specification Shared Components Pack 1.0
.
==== Event Viewer Messages From Past Week ========
.
9/24/2011 3:46:04 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
9/24/2011 12:29:28 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service ImapiService with arguments "-Service" in order to run the server: {520CCA63-51A5-11D3-9144-00104BA11C5E}
9/24/2011 12:24:28 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
9/24/2011 12:11:51 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Aavmker4 aswSnx aswSP aswTdi Fips intelppm SASDIFSV SASKUTIL SCDEmu sptd
9/24/2011 12:10:43 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
9/24/2011 12:10:26 PM, error: sptd [4] - Driver detected an internal error in its data structures for .
9/24/2011 11:32:54 AM, error: Service Control Manager [7000] - The Lavasoft Ad-Aware Service service failed to start due to the following error: Access is denied.
9/24/2011 11:29:27 AM, error: Service Control Manager [7034] - The Lavasoft Ad-Aware Service service terminated unexpectedly. It has done this 1 time(s).
9/24/2011 11:29:16 AM, error: Service Control Manager [7000] - The avast! Antivirus service failed to start due to the following error: Access is denied.
9/24/2011 11:29:11 AM, error: Service Control Manager [7031] - The avast! Antivirus service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
9/24/2011 1:32:41 PM, error: Service Control Manager [7031] - The SAS Core Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.
9/22/2011 1:27:58 PM, error: Service Control Manager [7034] - The Canon Camera Access Library 8 service terminated unexpectedly. It has done this 1 time(s).
9/19/2011 9:34:29 AM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service upnphost with arguments "" in order to run the server: {204810B9-73B2-11D4-BF42-00B0D0118B56}
9/18/2011 12:42:36 PM, error: Service Control Manager [7034] - The PnkBstrB service terminated unexpectedly. It has done this 1 time(s).
9/18/2011 12:42:36 PM, error: Service Control Manager [7034] - The PnkBstrA service terminated unexpectedly. It has done this 1 time(s).
.
==== End Of File ===========================
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\0\546fa200-1c5e4d3d multiple threats
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\27\7061701b-72240eee multiple threats
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\31\281e7c9f-618ce1d9 multiple threats
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\34\c669a2-329e2d01 multiple threats
C:\Documents and Settings\Administrator\Desktop\HSS-1.57-install-anchorfree-247-conduit3.exe a variant of Win32/HotSpotShield application
C:\Documents and Settings\Administrator\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\38\7dae97e6-528a3064 Java/Agent.DM trojan
C:\Program Files\Canon\CAL\CALMAIN.exe Win32/Patched.HN trojan
C:\System Volume Information\_restore{6AF0BF0A-56E6-420C-A2FC-876D3BA440CD}\RP42\A0008856.exe probably a variant of Win32/Adware.RK.AB application
C:\System Volume Information\_restore{6AF0BF0A-56E6-420C-A2FC-876D3BA440CD}\RP42\A0008917.exe probably a variant of Win32/Adware.RK.AD application
C:\System Volume Information\_restore{6AF0BF0A-56E6-420C-A2FC-876D3BA440CD}\RP42\A0009890.dll probably a variant of Win32/Adware.RK application
C:\System Volume Information\_restore{6AF0BF0A-56E6-420C-A2FC-876D3BA440CD}\RP42\A0009891.exe a variant of Win32/Adware.RK.AE application
C:\System Volume Information\_restore{6AF0BF0A-56E6-420C-A2FC-876D3BA440CD}\RP64\A0028393.exe a variant of Win32/HotSpotShield application
C:\System Volume Information\_restore{6AF0BF0A-56E6-420C-A2FC-876D3BA440CD}\RP93\A0041151.exe a variant of Win32/Keygen.AR application
C:\System Volume Information\_restore{6AF0BF0A-56E6-420C-A2FC-876D3BA440CD}\RP93\A0042565.inf INF/Autorun virus
C:\System Volume Information\_restore{6AF0BF0A-56E6-420C-A2FC-876D3BA440CD}\RP97\A0044360.exe probably a variant of Win32/TrojanDropper.Agent.NKB trojan
C:\System Volume Information\_restore{6AF0BF0A-56E6-420C-A2FC-876D3BA440CD}\RP97\A0046197.ini a variant of Win32/Sirefef.CH trojan
C:\System Volume Information\_restore{6AF0BF0A-56E6-420C-A2FC-876D3BA440CD}\RP97\A0046244.ini a variant of Win32/Sirefef.CH trojan
C:\System Volume Information\_restore{6AF0BF0A-56E6-420C-A2FC-876D3BA440CD}\RP97\A0046343.exe Win32/Patched.HN trojan