This is happening to both my desktop and laptop. Laptop networked via a wireless router. Internet Explorer and Firefox are affected. I have scanned with AVG, Malwarebytes, Spybot S&D, and have SpywareBlaster enabled. None report problems. Running Vista Home Premium on both computers.
Pages that are opening do not appear to be malicious and are easily closed. I have not clicked on any of the links provided.
I have carefully followed your instructions for Preliminary Removal which went as described except that Gmer didn't seem to do much. I noticed the button for "Scan" but I did not select it since it was not indicated in your instructions. Logs follow
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Database version: 5733
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19019
2/10/2011 1:16:14 PM
mbam-log-2011-02-10 (13-16-14).txt
Scan type: Quick scan
Objects scanned: 151154
Time elapsed: 4 minute(s), 9 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
GMER 1.0.15.15530 - http://www.gmer.net
Rootkit quick scan 2011-02-10 13:21:13
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 ST332083 rev.3.AA
Running: c5oisnhl.exe; Driver: C:\Users\John\AppData\Local\Temp\kflcapog.sys
---- Disk sectors - GMER 1.0.15 ----
Disk \Device\Harddisk0\DR0 sector 60: copy of MBR
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\Ntfs \Ntfs AVGIDSFilter.Sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )
AttachedDevice \Driver\tdx \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\tdx \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\tdx \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\tdx \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
---- EOF - GMER 1.0.15 ----
DDS (Ver_10-12-12.02) - NTFSx86
Run by John at 13:21:43.73 on Thu 02/10/2011
Internet Explorer: 8.0.6001.19019 BrowserJavaVersion: 1.6.0_23
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2021.1141 [GMT -5:00]
AV: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
C:\Program Files\DS Clock\dsetime.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k wdisvc
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\Explorer.exe
C:\Windows\system32\taskeng.exe
C:\Users\John\Download\VirusRemoval\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uStart Page = hxxp://my.yahoo.com/
mStart Page = hxxp://www.gateway.com/g/startpage.html?Ch=Retail&Br=GTW&Loc=ENG_US&Sys=DTP&M=GM5420
uInternet Settings,ProxyOverride = <local>
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: {9D425283-D487-4337-BAB6-AB8354A81457} - No File
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: {9D425283-D487-4337-BAB6-AB8354A81457} - No File
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe
mRunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe
uPolicies-explorer: NoStrCmpLogical = 1 (0x1)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444543540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} - hxxp://download.abacast.com/download/files/abasetup162.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll
Notify: igfxcui - igfxdev.dll
Hosts: 127.0.0.1 www.spywareinfo.com
================= FIREFOX ===================
FF - ProfilePath - c:\users\john\appdata\roaming\mozilla\firefox\profiles\mkrc2kst.default\
FF - prefs.js: browser.startup.homepage - hxxp://my.yahoo.com/
FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4cb7b07e&v=6.010.006.004&i=23&tp=ab&iy=&ychte=us&lng=en-US&q=
FF - component: c:\program files\avg\avg10\firefox\components\avgssff.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npmozax.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPTURNMED.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll
FF - plugin: c:\program files\veetle\player\npvlc.dll
FF - plugin: c:\program files\veetle\plugins\npVeetle.dll
FF - plugin: c:\program files\veetle\vlcbroadcast\npvbp.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\john\appdata\roaming\move networks\plugins\npqmp071504000001.dll
FF - plugin: c:\users\john\appdata\roaming\mozilla\plugins\npoctoshape.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: AVG Safe Search: {3f963a5b-e555-4543-90e2-c3908898db71} - c:\program files\avg\avg10\Firefox
============= SERVICES / DRIVERS ===============
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2010-9-13 25680]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 26064]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-12-8 251728]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 34384]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-11-12 299984]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg10\avgwdsvc.exe [2010-10-22 265400]
R2 DQLWinService;DQLWinService;c:\program files\common files\intel\inteldh\nms\adpplugins\DQLWinService.exe [2006-10-29 208896]
R2 DSClockSyncTime;DS Clock Synchronization Service www.dualitysoft.com;c:\program files\ds clock\dsetime.exe [2011-1-18 62264]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-9-19 21504]
R2 nmsgopro;GoProto Protocol Driver for NMS;c:\windows\system32\drivers\nmsgopro.sys [2006-9-27 28672]
R2 nmsunidr;UniDriver for NMS;c:\windows\system32\drivers\nmsunidr.sys [2006-10-19 7424]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2009-8-24 1153368]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2010-8-19 123472]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2010-8-19 30288]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2010-8-19 27216]
R3 IntelDH;IntelDH Driver;c:\windows\system32\drivers\IntelDH.sys [2006-12-18 5504]
R3 xcbdaNtsc;ViXS Tuner Card (NTSC);c:\windows\system32\drivers\xcbda.sys [2007-5-22 155648]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [2011-1-6 6128720]
S2 gupdate1c99825db5dda72;Google Update Service (gupdate1c99825db5dda72);c:\program files\google\update\GoogleUpdate.exe [2009-2-26 133104]
S2 IntelDHSvcConf;Intel DH Service;c:\program files\intel\inteldh\intel media server\tools\IntelDHSvcConf.exe [2006-11-18 36312]
S3 MCLServiceATL;Intel(R) Application Tracker;c:\program files\intel\inteldh\intel media server\shells\MCLServiceATL.exe [2006-11-18 174552]
S3 NETw2v32;Intel(R) PRO/Wireless 2200BG Network Connection Driver for Windows Vista;c:\windows\system32\drivers\NETw2v32.sys [2006-11-2 2589184]
S3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\system32\svchost.exe -k nosGetPlusHelper [2008-9-19 21504]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
SUnknown WPFFontCache_v0400;WPFFontCache_v0400; [x]
=============== Created Last 30 ================
2011-02-10 09:30:04 -------- d-----w- c:\progra~2\SITEguard
2011-02-10 09:29:02 -------- d-----w- c:\program files\common files\iS3
2011-02-10 09:29:02 -------- d-----w- c:\progra~2\STOPzilla!
2011-02-08 09:47:19 -------- d-----w- C:\TDSSKiller_Quarantine
2011-02-05 17:39:59 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-02-05 17:39:59 472808 ----a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll
2011-02-05 16:11:25 -------- d-----w- c:\program files\Winamp Detect
2011-01-29 13:54:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-01-29 13:54:48 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-01-29 13:54:48 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-01-18 09:52:41 -------- d-----w- c:\users\john\appdata\roaming\Duality Software
2011-01-18 09:52:41 -------- d-----w- c:\program files\DS Clock
2011-01-18 09:52:41 -------- d-----w- c:\progra~2\Duality Software
2011-01-12 10:02:40 708608 ----a-w- c:\program files\common files\system\ado\msado15.dll
2011-01-12 10:02:40 57344 ----a-w- c:\program files\common files\system\msadc\msadcs.dll
2011-01-12 10:02:40 413696 ----a-w- c:\windows\system32\odbc32.dll
2011-01-12 10:02:40 253952 ----a-w- c:\program files\common files\system\ado\msadox.dll
2011-01-12 10:02:40 241664 ----a-w- c:\program files\common files\system\ado\msadomd.dll
2011-01-12 10:02:40 180224 ----a-w- c:\program files\common files\system\msadc\msadco.dll
2011-01-12 10:02:38 1169408 ----a-w- c:\windows\system32\sdclt.exe
==================== Find3M ====================
2011-01-22 02:46:38 499712 ----a-w- c:\windows\system32\msvcp71.dll
2011-01-22 02:46:38 348160 ----a-w- c:\windows\system32\msvcr71.dll
2011-01-20 16:08:16 478720 ----a-w- c:\windows\system32\dxgi.dll
2011-01-20 16:08:06 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2011-01-20 16:08:06 189952 ----a-w- c:\windows\system32\d3d10core.dll
2011-01-20 16:08:06 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2011-01-20 16:08:06 1029120 ----a-w- c:\windows\system32\d3d10.dll
2011-01-20 16:07:58 37376 ----a-w- c:\windows\system32\cdd.dll
2011-01-20 16:07:42 258048 ----a-w- c:\windows\system32\winspool.drv
2011-01-20 16:07:16 586240 ----a-w- c:\windows\system32\stobject.dll
2011-01-20 16:06:38 2873344 ----a-w- c:\windows\system32\mf.dll
2011-01-20 16:06:35 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
2011-01-20 16:04:54 98816 ----a-w- c:\windows\system32\mfps.dll
2011-01-20 16:04:54 209920 ----a-w- c:\windows\system32\mfplat.dll
2011-01-20 14:28:38 1554432 ----a-w- c:\windows\system32\xpsservices.dll
2011-01-20 14:27:50 876032 ----a-w- c:\windows\system32\XpsPrint.dll
2011-01-20 14:26:30 667648 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2011-01-20 14:25:25 847360 ----a-w- c:\windows\system32\OpcServices.dll
2011-01-20 14:24:32 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-01-20 14:24:26 135680 ----a-w- c:\windows\system32\XpsRasterService.dll
2011-01-20 14:15:10 979456 ----a-w- c:\windows\system32\MFH264Dec.dll
2011-01-20 14:14:39 357376 ----a-w- c:\windows\system32\MFHEAACdec.dll
2011-01-20 14:14:03 302592 ----a-w- c:\windows\system32\mfmp4src.dll
2011-01-20 14:14:03 261632 ----a-w- c:\windows\system32\mfreadwrite.dll
2011-01-20 14:12:46 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2011-01-20 14:11:34 486400 ----a-w- c:\windows\system32\d3d10level9.dll
2011-01-20 13:47:51 683008 ----a-w- c:\windows\system32\d2d1.dll
2011-01-20 13:44:05 1068544 ----a-w- c:\windows\system32\DWrite.dll
2011-01-20 13:44:03 797184 ----a-w- c:\windows\system32\FntCache.dll
2011-01-08 08:47:50 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-01-08 06:28:49 292352 ----a-w- c:\windows\system32\atmfd.dll
2010-12-31 13:57:01 2039808 ----a-w- c:\windows\system32\win32k.sys
2010-12-18 06:27:04 916480 ----a-w- c:\windows\system32\wininet.dll
2010-12-18 06:22:41 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-12-18 06:22:27 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-12-18 06:22:11 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-12-18 06:22:11 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-12-18 05:25:26 385024 ----a-w- c:\windows\system32\html.iec
2010-12-18 04:48:39 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-12-18 04:47:11 1638912 ----a-w- c:\windows\system32\mshtml.tlb
============= FINISH: 13:22:22.75 ===============
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_10-12-12.02)
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume3
Install Date: 12/18/2006 12:06:57 PM
System Uptime: 2/10/2011 1:03:30 PM (0 hours ago)
Motherboard: Intel Corporation | | DG965OT
Processor: Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz | LGA 775 | 1862/266mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 288 GiB total, 174.896 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 3.203 GiB free.
E: is Removable
F: is Removable
G: is Removable
H: is CDROM (CDFS)
I: is FIXED (NTFS) - 112 GiB total, 92.565 GiB free.
J: is Removable
==== Disabled Device Manager Items =============
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Intel(R) 82562V 10/100 Network Connection
Device ID: PCI\VEN_8086&DEV_104C&SUBSYS_0001107B&REV_02\3&2B8E0B4B&0&C8
Manufacturer: Intel
Name: Intel(R) 82562V 10/100 Network Connection
PNP Device ID: PCI\VEN_8086&DEV_104C&SUBSYS_0001107B&REV_02\3&2B8E0B4B&0&C8
Service: e1express
==== System Restore Points ===================
==== Installed Programs ======================
Leawo Free AVI Converter version 2.3.0.8
Abacast Client
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 8.1.2 Security Update 1 (KB403742)
Adobe Reader 9.4.1
Adobe Shockwave Player 11
Apple Application Support
Apple Software Update
Arachnophilia 5.3
AutoUpdate
AVG 2011
AVIcodec (remove only)
CCleaner
CDDRV_Installer
Championship Spades All-Stars 7.40
Creative Mass Storage Drivers
Digital Media Reader
DirectVobSub (remove only)
DivX Converter
DivX Player
DivX Web Player
Doom 3
DS Clock
Filzip 3.06
Free Video Joiner 1.1
FxVisor
Gateway Recovery Center Installer
getPlus(R) for Adobe
Google Earth
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Intel(R) Graphics Media Accelerator Driver
Intel(R) Management Engine Interface
Intel(R) Matrix Storage Manager
Intel(R) PRO Network Connections Drivers
Intel(R) Viiv(TM) Software
IrfanView (remove only)
Java Auto Updater
Java(TM) 6 Update 23
JGsoft EditPad Lite 6.2.1
K-Lite Codec Pack 5.4.4 (Basic)
KhalInstallWrapper
Logitech SetPoint
Malwarebytes' Anti-Malware
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Links 2001
Microsoft Money 2006
Microsoft Office 97, Professional Edition
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Works
Move Media Player
Moyea FLV Editor Lite version: 1.1.1.835
Mozilla Firefox (3.6.13)
MSA20XX Device Manager
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Octoshape Streaming Services
Orban/Coding Technologies AAC/aacPlus Player Plugin™ 1.0
Personal Ancestral File 5
PopMan 1.3
QuickTime
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
SigmaTel Audio
SolveigMM AVI Trimmer
SopCast 3.2.9
Spelling Dictionaries Support For Adobe Reader 8
Spybot - Search & Destroy
SpywareBlaster 4.4
Symantec Technical Support Web Controls
TBS WMP Plug-in
TWC Customer Controls
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Veetle TV 0.9.18
Virtual Pool 3 DL
Winamp
Winamp Detector Plug-in
Windows Driver Package - ViXS Systems Inc. ViXS PureTV-U (11/17/2006 6.2.77.1)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Media Player Firefox Plugin
WinRAR archiver
==== End Of File ===========================
Pages that are opening do not appear to be malicious and are easily closed. I have not clicked on any of the links provided.
I have carefully followed your instructions for Preliminary Removal which went as described except that Gmer didn't seem to do much. I noticed the button for "Scan" but I did not select it since it was not indicated in your instructions. Logs follow
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Database version: 5733
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19019
2/10/2011 1:16:14 PM
mbam-log-2011-02-10 (13-16-14).txt
Scan type: Quick scan
Objects scanned: 151154
Time elapsed: 4 minute(s), 9 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
GMER 1.0.15.15530 - http://www.gmer.net
Rootkit quick scan 2011-02-10 13:21:13
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 ST332083 rev.3.AA
Running: c5oisnhl.exe; Driver: C:\Users\John\AppData\Local\Temp\kflcapog.sys
---- Disk sectors - GMER 1.0.15 ----
Disk \Device\Harddisk0\DR0 sector 60: copy of MBR
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\Ntfs \Ntfs AVGIDSFilter.Sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )
AttachedDevice \Driver\tdx \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\tdx \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\tdx \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\tdx \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
---- EOF - GMER 1.0.15 ----
DDS (Ver_10-12-12.02) - NTFSx86
Run by John at 13:21:43.73 on Thu 02/10/2011
Internet Explorer: 8.0.6001.19019 BrowserJavaVersion: 1.6.0_23
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2021.1141 [GMT -5:00]
AV: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
C:\Program Files\DS Clock\dsetime.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k wdisvc
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\Explorer.exe
C:\Windows\system32\taskeng.exe
C:\Users\John\Download\VirusRemoval\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uStart Page = hxxp://my.yahoo.com/
mStart Page = hxxp://www.gateway.com/g/startpage.html?Ch=Retail&Br=GTW&Loc=ENG_US&Sys=DTP&M=GM5420
uInternet Settings,ProxyOverride = <local>
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: {9D425283-D487-4337-BAB6-AB8354A81457} - No File
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: {9D425283-D487-4337-BAB6-AB8354A81457} - No File
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe
mRunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe
uPolicies-explorer: NoStrCmpLogical = 1 (0x1)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444543540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} - hxxp://download.abacast.com/download/files/abasetup162.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll
Notify: igfxcui - igfxdev.dll
Hosts: 127.0.0.1 www.spywareinfo.com
================= FIREFOX ===================
FF - ProfilePath - c:\users\john\appdata\roaming\mozilla\firefox\profiles\mkrc2kst.default\
FF - prefs.js: browser.startup.homepage - hxxp://my.yahoo.com/
FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4cb7b07e&v=6.010.006.004&i=23&tp=ab&iy=&ychte=us&lng=en-US&q=
FF - component: c:\program files\avg\avg10\firefox\components\avgssff.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npmozax.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPTURNMED.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll
FF - plugin: c:\program files\veetle\player\npvlc.dll
FF - plugin: c:\program files\veetle\plugins\npVeetle.dll
FF - plugin: c:\program files\veetle\vlcbroadcast\npvbp.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\john\appdata\roaming\move networks\plugins\npqmp071504000001.dll
FF - plugin: c:\users\john\appdata\roaming\mozilla\plugins\npoctoshape.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: AVG Safe Search: {3f963a5b-e555-4543-90e2-c3908898db71} - c:\program files\avg\avg10\Firefox
============= SERVICES / DRIVERS ===============
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2010-9-13 25680]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 26064]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-12-8 251728]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 34384]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-11-12 299984]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg10\avgwdsvc.exe [2010-10-22 265400]
R2 DQLWinService;DQLWinService;c:\program files\common files\intel\inteldh\nms\adpplugins\DQLWinService.exe [2006-10-29 208896]
R2 DSClockSyncTime;DS Clock Synchronization Service www.dualitysoft.com;c:\program files\ds clock\dsetime.exe [2011-1-18 62264]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-9-19 21504]
R2 nmsgopro;GoProto Protocol Driver for NMS;c:\windows\system32\drivers\nmsgopro.sys [2006-9-27 28672]
R2 nmsunidr;UniDriver for NMS;c:\windows\system32\drivers\nmsunidr.sys [2006-10-19 7424]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2009-8-24 1153368]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2010-8-19 123472]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2010-8-19 30288]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2010-8-19 27216]
R3 IntelDH;IntelDH Driver;c:\windows\system32\drivers\IntelDH.sys [2006-12-18 5504]
R3 xcbdaNtsc;ViXS Tuner Card (NTSC);c:\windows\system32\drivers\xcbda.sys [2007-5-22 155648]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [2011-1-6 6128720]
S2 gupdate1c99825db5dda72;Google Update Service (gupdate1c99825db5dda72);c:\program files\google\update\GoogleUpdate.exe [2009-2-26 133104]
S2 IntelDHSvcConf;Intel DH Service;c:\program files\intel\inteldh\intel media server\tools\IntelDHSvcConf.exe [2006-11-18 36312]
S3 MCLServiceATL;Intel(R) Application Tracker;c:\program files\intel\inteldh\intel media server\shells\MCLServiceATL.exe [2006-11-18 174552]
S3 NETw2v32;Intel(R) PRO/Wireless 2200BG Network Connection Driver for Windows Vista;c:\windows\system32\drivers\NETw2v32.sys [2006-11-2 2589184]
S3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\system32\svchost.exe -k nosGetPlusHelper [2008-9-19 21504]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
SUnknown WPFFontCache_v0400;WPFFontCache_v0400; [x]
=============== Created Last 30 ================
2011-02-10 09:30:04 -------- d-----w- c:\progra~2\SITEguard
2011-02-10 09:29:02 -------- d-----w- c:\program files\common files\iS3
2011-02-10 09:29:02 -------- d-----w- c:\progra~2\STOPzilla!
2011-02-08 09:47:19 -------- d-----w- C:\TDSSKiller_Quarantine
2011-02-05 17:39:59 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-02-05 17:39:59 472808 ----a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll
2011-02-05 16:11:25 -------- d-----w- c:\program files\Winamp Detect
2011-01-29 13:54:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-01-29 13:54:48 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-01-29 13:54:48 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-01-18 09:52:41 -------- d-----w- c:\users\john\appdata\roaming\Duality Software
2011-01-18 09:52:41 -------- d-----w- c:\program files\DS Clock
2011-01-18 09:52:41 -------- d-----w- c:\progra~2\Duality Software
2011-01-12 10:02:40 708608 ----a-w- c:\program files\common files\system\ado\msado15.dll
2011-01-12 10:02:40 57344 ----a-w- c:\program files\common files\system\msadc\msadcs.dll
2011-01-12 10:02:40 413696 ----a-w- c:\windows\system32\odbc32.dll
2011-01-12 10:02:40 253952 ----a-w- c:\program files\common files\system\ado\msadox.dll
2011-01-12 10:02:40 241664 ----a-w- c:\program files\common files\system\ado\msadomd.dll
2011-01-12 10:02:40 180224 ----a-w- c:\program files\common files\system\msadc\msadco.dll
2011-01-12 10:02:38 1169408 ----a-w- c:\windows\system32\sdclt.exe
==================== Find3M ====================
2011-01-22 02:46:38 499712 ----a-w- c:\windows\system32\msvcp71.dll
2011-01-22 02:46:38 348160 ----a-w- c:\windows\system32\msvcr71.dll
2011-01-20 16:08:16 478720 ----a-w- c:\windows\system32\dxgi.dll
2011-01-20 16:08:06 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2011-01-20 16:08:06 189952 ----a-w- c:\windows\system32\d3d10core.dll
2011-01-20 16:08:06 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2011-01-20 16:08:06 1029120 ----a-w- c:\windows\system32\d3d10.dll
2011-01-20 16:07:58 37376 ----a-w- c:\windows\system32\cdd.dll
2011-01-20 16:07:42 258048 ----a-w- c:\windows\system32\winspool.drv
2011-01-20 16:07:16 586240 ----a-w- c:\windows\system32\stobject.dll
2011-01-20 16:06:38 2873344 ----a-w- c:\windows\system32\mf.dll
2011-01-20 16:06:35 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
2011-01-20 16:04:54 98816 ----a-w- c:\windows\system32\mfps.dll
2011-01-20 16:04:54 209920 ----a-w- c:\windows\system32\mfplat.dll
2011-01-20 14:28:38 1554432 ----a-w- c:\windows\system32\xpsservices.dll
2011-01-20 14:27:50 876032 ----a-w- c:\windows\system32\XpsPrint.dll
2011-01-20 14:26:30 667648 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2011-01-20 14:25:25 847360 ----a-w- c:\windows\system32\OpcServices.dll
2011-01-20 14:24:32 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-01-20 14:24:26 135680 ----a-w- c:\windows\system32\XpsRasterService.dll
2011-01-20 14:15:10 979456 ----a-w- c:\windows\system32\MFH264Dec.dll
2011-01-20 14:14:39 357376 ----a-w- c:\windows\system32\MFHEAACdec.dll
2011-01-20 14:14:03 302592 ----a-w- c:\windows\system32\mfmp4src.dll
2011-01-20 14:14:03 261632 ----a-w- c:\windows\system32\mfreadwrite.dll
2011-01-20 14:12:46 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2011-01-20 14:11:34 486400 ----a-w- c:\windows\system32\d3d10level9.dll
2011-01-20 13:47:51 683008 ----a-w- c:\windows\system32\d2d1.dll
2011-01-20 13:44:05 1068544 ----a-w- c:\windows\system32\DWrite.dll
2011-01-20 13:44:03 797184 ----a-w- c:\windows\system32\FntCache.dll
2011-01-08 08:47:50 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-01-08 06:28:49 292352 ----a-w- c:\windows\system32\atmfd.dll
2010-12-31 13:57:01 2039808 ----a-w- c:\windows\system32\win32k.sys
2010-12-18 06:27:04 916480 ----a-w- c:\windows\system32\wininet.dll
2010-12-18 06:22:41 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-12-18 06:22:27 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-12-18 06:22:11 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-12-18 06:22:11 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-12-18 05:25:26 385024 ----a-w- c:\windows\system32\html.iec
2010-12-18 04:48:39 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-12-18 04:47:11 1638912 ----a-w- c:\windows\system32\mshtml.tlb
============= FINISH: 13:22:22.75 ===============
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_10-12-12.02)
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume3
Install Date: 12/18/2006 12:06:57 PM
System Uptime: 2/10/2011 1:03:30 PM (0 hours ago)
Motherboard: Intel Corporation | | DG965OT
Processor: Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz | LGA 775 | 1862/266mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 288 GiB total, 174.896 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 3.203 GiB free.
E: is Removable
F: is Removable
G: is Removable
H: is CDROM (CDFS)
I: is FIXED (NTFS) - 112 GiB total, 92.565 GiB free.
J: is Removable
==== Disabled Device Manager Items =============
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Intel(R) 82562V 10/100 Network Connection
Device ID: PCI\VEN_8086&DEV_104C&SUBSYS_0001107B&REV_02\3&2B8E0B4B&0&C8
Manufacturer: Intel
Name: Intel(R) 82562V 10/100 Network Connection
PNP Device ID: PCI\VEN_8086&DEV_104C&SUBSYS_0001107B&REV_02\3&2B8E0B4B&0&C8
Service: e1express
==== System Restore Points ===================
==== Installed Programs ======================
Leawo Free AVI Converter version 2.3.0.8
Abacast Client
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 8.1.2 Security Update 1 (KB403742)
Adobe Reader 9.4.1
Adobe Shockwave Player 11
Apple Application Support
Apple Software Update
Arachnophilia 5.3
AutoUpdate
AVG 2011
AVIcodec (remove only)
CCleaner
CDDRV_Installer
Championship Spades All-Stars 7.40
Creative Mass Storage Drivers
Digital Media Reader
DirectVobSub (remove only)
DivX Converter
DivX Player
DivX Web Player
Doom 3
DS Clock
Filzip 3.06
Free Video Joiner 1.1
FxVisor
Gateway Recovery Center Installer
getPlus(R) for Adobe
Google Earth
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Intel(R) Graphics Media Accelerator Driver
Intel(R) Management Engine Interface
Intel(R) Matrix Storage Manager
Intel(R) PRO Network Connections Drivers
Intel(R) Viiv(TM) Software
IrfanView (remove only)
Java Auto Updater
Java(TM) 6 Update 23
JGsoft EditPad Lite 6.2.1
K-Lite Codec Pack 5.4.4 (Basic)
KhalInstallWrapper
Logitech SetPoint
Malwarebytes' Anti-Malware
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Links 2001
Microsoft Money 2006
Microsoft Office 97, Professional Edition
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Works
Move Media Player
Moyea FLV Editor Lite version: 1.1.1.835
Mozilla Firefox (3.6.13)
MSA20XX Device Manager
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Octoshape Streaming Services
Orban/Coding Technologies AAC/aacPlus Player Plugin™ 1.0
Personal Ancestral File 5
PopMan 1.3
QuickTime
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
SigmaTel Audio
SolveigMM AVI Trimmer
SopCast 3.2.9
Spelling Dictionaries Support For Adobe Reader 8
Spybot - Search & Destroy
SpywareBlaster 4.4
Symantec Technical Support Web Controls
TBS WMP Plug-in
TWC Customer Controls
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Veetle TV 0.9.18
Virtual Pool 3 DL
Winamp
Winamp Detector Plug-in
Windows Driver Package - ViXS Systems Inc. ViXS PureTV-U (11/17/2006 6.2.77.1)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Media Player Firefox Plugin
WinRAR archiver
==== End Of File ===========================