[Searchqu invasion]

That didn't work.... same error message. So I uninstalled again, searched out any files or folders with the name Mozilla or Firefox and deleted them. Then reinstalled Firefox and it is working now. Thanks, Chris for your help over the past few weeks. I thing we can say my computer is clean now!

Best wishes

[Searchqu invasion]

I did those things, and I still have the error message when I try to start Firefox:

Firefox is already running, but is not responding. To open a new window, you must first close the existing Firefox process, or restart your system.

My instinct would be to unistall/reistall Firefox, but I tried that before and it didn't help. I'll wait to see what you recommend.

Thanks

[Searchqu invasion]

Yes, I uninstalled Viewpoint Manager and Viewpoint Media Player. Those were the only ones present in Add/Remove Programs. After running the tasks you requested, I still cannot open Firefox I get same error message : Firefox is already running, but is not responding. To open a new window, you must first close the existing Firefox process, or restart your system. Everything else seems to be running smoothly. Thank you.

Here's the other stuff you asked for:

ESETSmartInstaller@High as CAB hook log:

OnlineScanner.ocx - registred OK

# version=7

# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)

# OnlineScanner.ocx=1.0.0.6427

# api_version=3.0.2

# EOSSerial=0414ead44c347c4297c28803abbfa5b6

# end=finished

# remove_checked=true

# archives_checked=false

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2011-06-30 09:26:45

# local_time=2011-06-30 02:26:45 (-0800, Pacific Daylight Time)

# country="United States"

# lang=9

# osver=5.1.2600 NT Service Pack 3

# compatibility_mode=512 16777215 100 0 1546151 1546151 0 0

# compatibility_mode=768 16777215 100 0 12880289 12880289 0 0

# compatibility_mode=2560 16777215 100 0 0 0 0 0

# compatibility_mode=8192 67108863 100 0 0 0 0 0

# scanned=229897

# found=4

# cleaned=4

# scan_time=9067

C:\Documents and Settings\Rick Ross\My Documents\Downloads\WhiteSmokeInstaller_9147.exe a variant of Win32/InstallCore.A application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Drivers&Downloads\registryfix.exe a variant of Win32/Adware.ErrorClean application (deleted - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{7D83713C-ADAB-4793-AA3D-B89DDB8C654A}\RP119\A0026535.exe a variant of Win32/InstallCore.A application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{7D83713C-ADAB-4793-AA3D-B89DDB8C654A}\RP119\A0026536.exe a variant of Win32/Adware.ErrorClean application (deleted - quarantined) 00000000000000000000000000000000 C

Results of screen317's Security Check version 0.99.17

Windows XP Service Pack 3

Internet Explorer 8

``````````````````````````````

Antivirus/Firewall Check:

Windows Firewall Enabled!

avast! Free Antivirus

ESET Online Scanner v3

Antivirus up to date! (On Access scanning disabled!)

```````````````````````````````

Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware

CCleaner

Java 6 Update 23

Java 6 Update 3

Java 2 Runtime Environment, SE v1.4.2_05

Out of date Java installed!

Adobe Flash Player 10.3.181.14

````````````````````````````````

Process Check:

objlist.exe by Laurent

Alwil Software Avast5 AvastSvc.exe

Alwil Software Avast5 avastUI.exe

``````````End of Log````````````

[Searchqu invasion]

ComboFix 11-06-26.01 - Rick Ross 06/26/2011 23:02:24.4.2 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1408 [GMT -7:00]

Running from: c:\documents and settings\Rick Ross\Desktop\ComboFix.exe

Command switches used :: c:\documents and settings\Rick Ross\Desktop\CFScript.txt

AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\windows\TEMP\logishrd\LVPrcInj01.dll

N:\AUTORUN.INF

.

.

((((((((((((((((((((((((( Files Created from 2011-05-27 to 2011-06-27 )))))))))))))))))))))))))))))))

.

.

2011-06-15 23:12 . 2011-04-21 13:37 105472 -c----w- c:\windows\system32\dllcache\mup.sys

2011-06-15 20:13 . 2001-08-17 20:28 762780 -c--a-w- c:\windows\system32\dllcache\3cwmcru.sys

2011-06-15 20:13 . 2001-08-17 21:06 11264 -c--a-w- c:\windows\system32\dllcache\1394vdbg.sys

2011-06-15 19:58 . 2001-08-17 21:56 66048 -c--a-w- c:\windows\system32\dllcache\s3legacy.dll

2011-06-15 18:48 . 2011-06-15 18:48 -------- d-----w- c:\program files\Common Files\Skype

2011-06-13 06:54 . 2011-06-15 18:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype Extras

2011-06-11 20:26 . 2011-06-11 20:26 -------- d-----w- c:\program files\Trend Micro

2011-06-11 19:20 . 2011-06-11 20:12 -------- d-----w- c:\program files\PC Health Optimizer Free Edition

2011-06-11 18:11 . 2010-07-16 21:59 656320 ----a-w- c:\windows\system32\drivers\pctEFA.sys

2011-06-11 18:11 . 2010-07-16 21:59 338880 ----a-w- c:\windows\system32\drivers\pctDS.sys

2011-06-11 18:11 . 2011-01-17 16:10 251560 ----a-w- c:\windows\system32\drivers\pctgntdi.sys

2011-06-11 18:11 . 2010-12-10 23:57 160448 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys

2011-06-11 18:11 . 2010-12-10 20:24 239168 ----a-w- c:\windows\system32\drivers\PCTCore.sys

2011-06-11 18:11 . 2010-12-16 15:46 70536 ----a-w- c:\windows\system32\drivers\pctplsg.sys

2011-06-11 18:10 . 2011-06-11 18:58 -------- d-----w- c:\program files\PC Tools Security

2011-06-11 18:10 . 2011-06-11 18:15 -------- d-----w- c:\program files\Common Files\PC Tools

2011-06-11 18:10 . 2011-06-11 18:10 -------- d-----w- c:\documents and settings\Rick Ross\Application Data\PC Tools

2011-06-11 08:50 . 2011-06-11 08:50 -------- d-----w- c:\documents and settings\Rick Ross\Application Data\SUPERAntiSpyware.com

2011-06-11 08:50 . 2011-06-11 08:50 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com

2011-06-11 08:49 . 2011-06-11 08:50 -------- d-----w- c:\program files\SUPERAntiSpyware

2011-06-01 03:48 . 2011-06-01 03:49 -------- d-----w- C:\+to ipod

2011-05-29 02:01 . 2011-06-01 17:41 -------- d-----w- C:\MOVIES

2011-05-29 01:22 . 2011-05-29 01:22 -------- d-----w- c:\documents and settings\Rick Ross\Local Settings\Application Data\PackageAware

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-06-15 23:18 . 2005-01-25 19:08 118784 ----a-w- c:\windows\dsdxirmv.exe

2011-05-29 16:11 . 2011-01-22 01:12 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-05-29 16:11 . 2011-01-22 01:12 22712 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-05-25 06:00 . 2011-05-25 06:00 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-05-10 12:10 . 2011-01-22 01:04 40112 ----a-w- c:\windows\avastSS.scr

2011-05-10 12:10 . 2011-01-22 01:04 199304 ----a-w- c:\windows\system32\aswBoot.exe

2011-05-10 12:03 . 2011-05-24 02:25 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2011-05-10 12:03 . 2011-01-22 01:04 307928 ----a-w- c:\windows\system32\drivers\aswSP.sys

2011-05-10 12:02 . 2011-01-22 01:04 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2011-05-10 12:02 . 2011-01-22 01:04 102616 ----a-w- c:\windows\system32\drivers\aswmon2.sys

2011-05-10 12:02 . 2011-01-22 01:04 96344 ----a-w- c:\windows\system32\drivers\aswmon.sys

2011-05-10 11:59 . 2011-01-22 01:04 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys

2011-05-10 11:59 . 2011-01-22 01:04 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys

2011-05-10 11:59 . 2011-01-22 01:04 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2011-05-02 15:31 . 2004-09-28 20:04 692736 ----a-w- c:\windows\system32\inetcomm.dll

2011-04-29 16:19 . 2004-09-28 19:54 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys

2011-04-25 16:11 . 2004-09-28 19:54 916480 ----a-w- c:\windows\system32\wininet.dll

2011-04-25 16:11 . 2004-09-28 19:54 43520 ----a-w- c:\windows\system32\licmgr10.dll

2011-04-25 16:11 . 2004-09-28 19:54 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2011-04-25 12:01 . 2004-09-28 19:54 385024 ----a-w- c:\windows\system32\html.iec

2011-04-21 13:37 . 2004-09-28 19:54 105472 ----a-w- c:\windows\system32\drivers\mup.sys

2011-04-13 22:40 . 2011-04-13 22:40 4284416 ----a-w- c:\windows\system32\GPhotos.scr

2001-10-05 19:53 . 2008-02-04 18:11 21866 ----a-w- c:\program files\Common Files\tppupd2k.dll

1998-02-09 09:59 . 2005-01-29 21:24 6416 ----a-w- c:\program files\FAC_PT63.EXE

2010-03-31 17:09 . 2010-03-31 17:09 10437264 ----a-w- c:\program files\mozilla firefox\plugins\PDFNetC.dll

2010-04-08 19:36 . 2010-04-08 19:36 107760 ----a-w- c:\program files\mozilla firefox\plugins\ScorchPDFWrapper.dll

2011-04-14 16:26 . 2011-06-12 02:51 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2011-05-10 12:10 122512 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-05-28 68856]

"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-06-10 2424192]

"AOL Fast Start"="c:\program files\AOL 9.1\AOL.EXE" [2008-11-06 50472]

"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"VAIO Recovery"="c:\windows\Sonysys\VAIO Recovery\PartSeal.exe" [2003-04-20 28672]

"SoundMan"="SOUNDMAN.EXE" [2004-07-29 77824]

"sHotKey"="c:\program files\SONY\sHotKey\sHotKey.exe" [2003-08-22 45056]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-01-25 421160]

"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2011-05-10 3459712]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]

2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"midi1"=usbmn2x2.dll

"midi4"=usbns4x4.dll

"midi3"=usbns4x4.dll

"midi5"=usbns4x4.dll

"midi7"=usbns4x4.dll

"MIDI10"=vpnt.dll

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Acrobat Assistant.lnk]

backup=c:\windows\pss\Acrobat Assistant.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^AOL 9.0 Tray-Symbol.lnk]

backup=c:\windows\pss\AOL 9.0 Tray-Symbol.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Image Transfer.lnk]

backup=c:\windows\pss\Image Transfer.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]

backup=c:\windows\pss\WinZip Quick Pick.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^Rick Ross^Start Menu^Programs^Startup^Launch Microsoft Office Outlook.lnk]

backup=c:\windows\pss\Launch Microsoft Office Outlook.lnkStartup

.

[HKLM\~\startupfolder\C:^Documents and Settings^Rick Ross^Start Menu^Programs^Startup^M-Audio Quattro Control Panel Launcher.lnk]

backup=c:\windows\pss\M-Audio Quattro Control Panel Launcher.lnkStartup

.

[HKLM\~\startupfolder\C:^Documents and Settings^Rick Ross^Start Menu^Programs^Startup^Picture Motion Browser Media Check Tool.lnk]

backup=c:\windows\pss\Picture Motion Browser Media Check Tool.lnkStartup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]

c:\windows\system32\dumprep 0 -k [X]

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdaptecDirectCD]

2001-01-11 13:00 643072 ----a-w- c:\program files\Adaptec\Easy CD Creator 5\DirectCD\Directcd.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2007-10-11 03:51 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOL Fast Start]

2008-11-06 11:42 50472 ----a-w- c:\program files\AOL 9.1\aol.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOL Spyware Protection]

2004-10-19 00:42 79448 ----a-w- c:\progra~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOLDialer]

2006-10-23 12:50 71216 ----a-r- c:\program files\Common Files\AOL\ACS\AOLDial.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]

2010-12-15 01:17 47904 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]

2004-09-29 14:15 344064 ----a-w- c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]

2008-12-19 02:03 342848 ----a-w- c:\program files\DNA\btdna.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CreateCD50]

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]

2008-04-14 00:12 15360 ----a-w- c:\windows\system32\ctfmon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EasyLinkAdvisor]

2007-03-16 02:16 454784 ----a-w- c:\program files\Linksys EasyLink Advisor\LinksysAgent.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]

2005-08-05 20:56 64512 ----a-w- c:\windows\ehome\ehtray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EverioService]

2006-11-23 04:10 151552 ------w- c:\program files\CyberLink\PCM4Everio\EverioService.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EzPrint]

2010-01-18 17:27 139944 ----a-w- c:\program files\Lexmark S300-S400 Series\ezprint.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]

2007-01-01 21:22 3739648 ----a-w- c:\program files\Google\Google Talk\googletalk.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\High Definition Audio Property Page Shortcut]

2004-03-17 22:10 61952 ----a-w- c:\windows\system32\Hdaudpropshortcut.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]

2007-05-25 17:16 42032 ----a-w- c:\program files\Common Files\AOL\1129216511\ee\aolsoftware.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]

2003-01-31 02:55 196608 ----a-w- c:\windows\system32\spool\drivers\w32x86\3\hpztsb04.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]

2004-03-23 19:16 135168 ----a-w- c:\program files\Intel\Intel Application Accelerator\IAAnotif.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

2011-01-25 23:08 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager]

2008-08-15 00:11 565008 ----a-w- c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxeamon.exe]

2010-01-18 17:27 770728 ----a-w- c:\program files\Lexmark S300-S400 Series\lxeamon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MediaFace Integration]

2002-07-23 21:31 53248 ----a-w- c:\program files\Neato\MediaFACE 4.0\SetHook.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

2008-04-14 00:12 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nero PhotoShow Media Manager]

2006-05-10 19:52 249856 ----a-w- c:\progra~1\Nero\NEROPH~1\data\Xtras\mssysmgr.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Omnipage]

2002-06-03 19:38 49152 ----a-w- c:\program files\ScanSoft\OmniPageSE\opware32.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2010-11-30 01:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]

2008-03-27 03:14 214560 ----a-w- c:\program files\Real\RealPlayer\realplay.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]

2011-05-27 04:50 15147400 ----a-r- c:\program files\Skype\Phone\Skype.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sonic RecordNow!]

2004-06-22 15:02 1912832 ----a-w- c:\program files\Sonic\RecordNow!\RecordNow.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

2008-05-28 02:37 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPP Auto Loader]

2001-10-05 19:54 118784 ----a-w- c:\windows\tppaldr.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ulead AutoDetector v2]

2004-08-28 02:22 90112 ----a-w- c:\program files\Common Files\Ulead Systems\AutoDetector\Monitor.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VAIO Update 2]

2004-01-17 10:36 135168 ----a-w- c:\program files\Sony\VAIO Update 2\VAIOUpdt.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VAIO Update 3]

2007-05-16 03:46 551032 ----a-w- c:\program files\Sony\VAIO Update 3\VAIOUpdt.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\{0228e555-4f9c-4e35-a3ec-b109a192b4c2}]

2005-07-15 21:48 479232 ----a-w- c:\program files\Google\Gmail Notifier\gnotify.exe

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Sony\\VAIO Media Integrated Server\\Platform\\SV_Httpd.exe"=

"c:\\Program Files\\Sony\\VAIO Media Integrated Server\\Platform\\UPnPFramework.exe"=

"c:\\Program Files\\Sony\\VAIO Media Integrated Server\\Platform\\VMConsole.exe"=

"c:\\Program Files\\Messenger\\msmsgs.exe"=

"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLAcsd.exe"=

"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=

"c:\\Program Files\\AOL(DE) 9.0\\waol.exe"=

"c:\\Program Files\\America Online 9.0\\waol.exe"=

"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=

"c:\\Program Files\\Common Files\\AOL\\1129216511\\ee\\aolsoftware.exe"=

"c:\\Program Files\\Common Files\\AOL\\1129216511\\ee\\aim6.exe"=

"c:\\Program Files\\America Online 9.0a\\waol.exe"=

"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltsmon.exe"=

"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltpspd.exe"=

"c:\\Program Files\\Common Files\\AOL\\1129216511\\ee\\AOLServiceHost.exe"=

"c:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"=

"c:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\AOLSP Scheduler.exe"=

"c:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\asp.exe"=

"c:\\Program Files\\Common Files\\AolCoach\\en_en\\player\\AOLNySEV.exe"=

"c:\\Program Files\\Sony\\Click to DVD 2\\CtoDvd.exe"=

"c:\\Program Files\\CyberLink\\PCM4Everio\\PCM4Everio.exe"=

"c:\\Program Files\\CyberLink\\PCM4Everio\\EverioService.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\WINDOWS\\system32\\dpvsetup.exe"=

"c:\\Program Files\\Google\\Google Talk\\googletalk.exe"=

"c:\\Program Files\\DNA\\btdna.exe"=

"c:\\Program Files\\AOL 9.0\\waol.exe"=

"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\3.0\\aoltpsd3.exe"=

"c:\\WINDOWS\\system32\\fxsclnt.exe"=

"c:\\Program Files\\AOL 9.1\\waol.exe"=

"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=

"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=

"c:\\WINDOWS\\system32\\lxeacoms.exe"=

"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=

"c:\\Documents and Settings\\Rick Ross\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=

"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

.

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [6/11/2011 11:11 AM 239168]

R0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS.sys [6/11/2011 11:11 AM 338880]

R0 pctEFA;PC Tools Extended File Attributes;c:\windows\system32\drivers\pctEFA.sys [6/11/2011 11:11 AM 656320]

R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [5/23/2011 7:25 PM 441176]

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [1/21/2011 6:04 PM 307928]

R1 GearAspiSys;GearAspiSys;c:\windows\system32\drivers\GEARASPISYS.SYS [11/5/2005 11:22 AM 53412]

R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2/17/2010 11:25 AM 12872]

R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [5/10/2010 11:41 AM 67656]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [1/21/2011 6:04 PM 19544]

R2 lxea_device;lxea_device;c:\windows\system32\lxeacoms.exe -service --> c:\windows\system32\lxeacoms.exe -service [?]

R2 lxeaCATSCustConnectService;lxeaCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxeaserv.exe [5/29/2010 1:56 PM 98984]

R2 QuattroInstallerService;Quattro Installer;c:\program files\M-Audio USB Quattro\Install\QuatInst.exe [2/14/2005 12:05 PM 86016]

R2 SBKUPNT;SBKUPNT;c:\windows\system32\drivers\SBKUPNT.SYS [10/9/2008 12:27 PM 14976]

R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\PC Tools Security\pctsAuxs.exe [6/11/2011 11:10 AM 366840]

R3 USBMN2X2;M-Audio USB MidiSport 2x2;c:\windows\system32\drivers\usbmn2x2.sys [1/22/2005 6:41 PM 22304]

R3 X10Hid;X10 Hid Device;c:\windows\system32\drivers\x10hid.sys [3/24/2008 2:41 PM 7040]

S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2/8/2010 1:04 AM 135664]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2/8/2010 1:04 AM 135664]

S3 m763001b;M-Audio Quattro Base Driver;c:\windows\system32\drivers\m763001b.sys [1/22/2005 6:34 PM 9216]

S3 m763001d;M-Audio Quattro Legacy Driver;c:\windows\system32\drivers\m763001d.sys [1/22/2005 6:34 PM 6656]

S3 ma763001;M-Audio Quattro;c:\windows\system32\drivers\MA763001.sys [1/22/2005 6:34 PM 41856]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [1/21/2011 6:12 PM 22712]

S3 PL-40R;CASIO USB MIDI;c:\windows\system32\drivers\pl40rwdm.sys [5/3/2009 5:12 PM 18048]

S3 USB22LDR;M-Audio USB MidiSport 2x2 Loader;c:\windows\system32\drivers\usb22ldr.sys [1/22/2005 6:41 PM 14272]

S3 USBNS4X4;M-Audio USB Quattro Midi;c:\windows\system32\drivers\usbns4x4.sys [1/22/2005 6:34 PM 22368]

S4 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [1/21/2011 6:12 PM 366640]

S4 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [12/29/2007 12:26 PM 24652]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

getPlusHelper REG_MULTI_SZ getPlusHelper

.

Contents of the 'Scheduled Tasks' folder

.

2011-06-21 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-04-12 19:34]

.

2011-06-27 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job

- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 19:20]

.

2011-06-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-08 08:04]

.

2011-06-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-08 08:04]

.

2011-06-27 c:\windows\Tasks\User_Feed_Synchronization-{A04A00E0-C5DA-4502-A5D0-ABBF91C9B966}.job

- c:\windows\system32\msfeedssync.exe [2006-10-17 12:31]

.

.

------- Supplementary Scan -------

.

uDefault_Search_URL = hxxp://search.msn.com

uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7

IE: &AOL Toolbar Search - c:\documents and settings\All Users\Application Data\AOL\ieToolbar\resources\en-US\local\search.html

IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html

LSP: c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll

TCP: DhcpNameServer = 209.18.47.61 209.18.47.62

DPF: {4EC8E993-32C1-47F5-A07A-5B0574655AD4} - hxxp://us.dl1.yimg.com/download.yahoo.com/dl/controls/ysftcntr/ysftcntr_current.cab

FF - ProfilePath -

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2011-06-26 23:29

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'winlogon.exe'(828)

c:\program files\SUPERAntiSpyware\SASWINLO.DLL

c:\windows\system32\WININET.dll

.

- - - - - - - > 'lsass.exe'(884)

c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll

.

- - - - - - - > 'explorer.exe'(4188)

c:\windows\system32\WININET.dll

c:\windows\TEMP\logishrd\LVPrcInj01.dll

c:\windows\system32\ieframe.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\program files\Common Files\aolshare\aolshcpy.dll

c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Other Running Processes ------------------------

.

c:\windows\system32\Ati2evxx.exe

c:\program files\Alwil Software\Avast5\AvastSvc.exe

c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

c:\program files\Common Files\AOL\ACS\AOLAcsd.exe

c:\program files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe

c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe

c:\windows\eHome\ehRecvr.exe

c:\windows\eHome\ehSched.exe

c:\program files\Intel\Intel Application Accelerator\iaantmon.exe

c:\program files\Java\jre6\bin\jqs.exe

c:\windows\system32\lxeacoms.exe

c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

c:\program files\CyberLink\Shared Files\RichVideo.exe

c:\program files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe

c:\program files\Sony\Sony TV Tuner Library\SMceMan.exe

c:\program files\Sony\VAIO Media Integrated Server\VMISrv.exe

c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe

c:\windows\wanmpsvc.exe

c:\windows\system32\MsPMSPSv.exe

c:\windows\ehome\mcrdsvc.exe

c:\program files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe

c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

c:\program files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe

c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

c:\windows\system32\dllhost.exe

c:\program files\Sony\Sony TV Tuner Library\RM_SV.exe

c:\windows\system32\wscntfy.exe

c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe

c:\windows\SOUNDMAN.EXE

c:\program files\AOL 9.1\waol.exe

c:\program files\iPod\bin\iPodService.exe

c:\program files\Common Files\Java\Java Update\jucheck.exe

c:\program files\AOL 9.1\shellmon.exe

.

**************************************************************************

.

Completion time: 2011-06-26 23:44:15 - machine was rebooted

ComboFix-quarantined-files.txt 2011-06-27 06:44

ComboFix2.txt 2011-06-16 05:58

ComboFix3.txt 2011-06-10 18:22

ComboFix4.txt 2011-06-08 22:41

.

Pre-Run: 47,897,325,568 bytes free

Post-Run: 47,928,807,424 bytes free

.

- - End Of File - - C11DF9AE6079668A354E2E2005A3B024

.

DDS (Ver_2011-06-02.03) - NTFSx86

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_23

Run by Rick Ross at 23:45:32 on 2011-06-26

.

============== Running Processes ===============

.

C:\WINDOWS\system32\Ati2evxx.exe

C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe

C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\WINDOWS\eHome\ehSched.exe

C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxeaserv.exe

C:\WINDOWS\system32\lxeacoms.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\M-Audio USB Quattro\Install\QuatInst.exe

C:\Program Files\CyberLink\Shared Files\RichVideo.exe

C:\Program Files\PC Tools Security\pctsAuxs.exe

C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe

C:\Program Files\Sony\Sony TV Tuner Library\SMceMan.exe

C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe

C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe

C:\WINDOWS\wanmpsvc.exe

C:\WINDOWS\system32\MsPMSPSv.exe

C:\WINDOWS\ehome\mcrdsvc.exe

C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe

C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe

C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

C:\WINDOWS\system32\dllhost.exe

C:\Program Files\Sony\Sony TV Tuner Library\RM_SV.exe

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Program Files\SONY\sHotKey\sHotKey.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Alwil Software\Avast5\avastUI.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Program Files\AOL 9.1\waol.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Common Files\Java\Java Update\jucheck.exe

C:\Program Files\AOL 9.1\shellmon.exe

C:\WINDOWS\explorer.exe

C:\WINDOWS\system32\notepad.exe

C:\Documents and Settings\Rick Ross\Desktop\dds.com

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

C:\WINDOWS\system32\svchost.exe -k rpcss

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

.

============== Pseudo HJT Report ===============

.

uDefault_Search_URL = hxxp://search.msn.com

uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files\lexmark toolbar\toolband.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll

BHO: AOL Toolbar Loader: {7c554162-8cb7-45a4-b8f4-8ea1c75885f9} - c:\program files\aol toolbar\aoltb.dll

BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll

BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: AcroIEToolbarHelper Class: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll

BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll

BHO: Windows Live Toolbar Helper: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll

BHO: 1 (0x1) - No File

BHO: Lexmark Printable Web: {d2c5e510-be6d-42cc-9f61-e4f939078474} - c:\program files\lexmark printable web\bho.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll

TB: Windows Live Toolbar: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll

TB: AOL Toolbar: {de9c389f-3316-41a7-809b-aa305ed9d922} - c:\program files\aol toolbar\aoltb.dll

TB: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files\lexmark toolbar\toolband.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll

TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File

TB: {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No File

TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File

TB: {6ADB0F93-1AA5-4BCF-9DF4-CEA689A3C111} - No File

EB: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - No File

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe

uRun: [AOL Fast Start] "c:\program files\aol 9.1\AOL.EXE" -b

mRun: [VAIO Recovery] c:\windows\sonysys\vaio recovery\PartSeal.exe

mRun: [soundMan] SOUNDMAN.EXE

mRun: [sHotKey] "c:\program files\sony\shotkey\sHotKey.exe"

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [avast] "c:\program files\alwil software\avast5\avastUI.exe" /nogui

dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t

IE: &AOL Toolbar Search - c:\documents and settings\all users\application data\aol\ietoolbar\resources\en-us\local\search.html

IE: &Windows Live Search - c:\program files\windows live toolbar\msntb.dll/search.htm

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html

IE: {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE}

IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL

LSP: c:\program files\common files\pc tools\lsp\PCTLsp.dll

DPF: {00000055-9980-0010-8000-00AA00389B71} - hxxp://codecs.microsoft.com/codecs/i386/fhg.CAB

DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} - hxxp://esupport.sony.com/VaioInfo.CAB

DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://support.microsoft.com/OAS/ActiveX/MSDcode.cab

DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab

DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} - hxxp://www.kaspersky.com/downloads/kws/kavwebscan.cab

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/5/b/0/5b0d4654-aa20-495c-b89f-c1c34c691085/LegitCheckControl.cab

DPF: {341FF14B-00CB-49F5-A427-A164DF1D5E1F} - hxxp://musicstore.connect.com/assets/activexplayer/SMALStreaming.cab

DPF: {37DF41B2-61DB-4CAC-A755-CFB3C7EE7F40} - hxxp://esupport.aol.com/help/acp2/engine/aolcoach_core_1.cab

DPF: {474F00F5-3853-492C-AC3A-476512BBC336} - hxxp://picasaweb.google.com/s/v/32.70/uploader2.cab

DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} - hxxp://aolcc.aol.com/computercheckup/qdiagcc.cab

DPF: {4EC8E993-32C1-47F5-A07A-5B0574655AD4} - hxxp://us.dl1.yimg.com/download.yahoo.com/dl/controls/ysftcntr/ysftcntr_current.cab

DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab

DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5483.cab

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1140818082843

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab

DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} - hxxp://www.sibelius.com/download/software/win/ActiveXPlugin.cab

DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

TCP: DhcpNameServer = 209.18.47.61 209.18.47.62

TCP: Interfaces\{C3C77818-ACF1-43AD-84ED-E3A61B2EABAF} : DhcpNameServer = 209.18.47.61 209.18.47.62

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

.

================= FIREFOX ===================

.

FF - ProfilePath -

.

============= SERVICES / DRIVERS ===============

.

R? gupdate;Google Update Service (gupdate)

R? gupdatem;Google Update Service (gupdatem)

R? m763001b;M-Audio Quattro Base Driver

R? m763001d;M-Audio Quattro Legacy Driver

R? ma763001;M-Audio Quattro

R? MBAMProtector;MBAMProtector

R? MBAMService;MBAMService

R? PL-40R;CASIO USB MIDI

R? sdCoreService;PC Tools Security Service

R? USB22LDR;M-Audio USB MidiSport 2x2 Loader

R? USBNS4X4;M-Audio USB Quattro Midi

R? Viewpoint Manager Service;Viewpoint Manager Service

S? aswFsBlk;aswFsBlk

S? aswSnx;aswSnx

S? aswSP;aswSP

S? avast! Antivirus;avast! Antivirus

S? GearAspiSys;GearAspiSys

S? lxea_device;lxea_device

S? lxeaCATSCustConnectService;lxeaCATSCustConnectService

S? McrdSvc;Media Center Extender Service

S? PCTCore;PCTools KDS

S? pctDS;PC Tools Data Store

S? pctEFA;PC Tools Extended File Attributes

S? QuattroInstallerService;Quattro Installer

S? SASDIFSV;SASDIFSV

S? SASKUTIL;SASKUTIL

S? SBKUPNT;SBKUPNT

S? sdAuxService;PC Tools Auxiliary Service

S? USBMN2X2;M-Audio USB MidiSport 2x2

S? X10Hid;X10 Hid Device

.

=============== Created Last 30 ================

.

2011-06-15 23:12:17 105472 -c----w- c:\windows\system32\dllcache\mup.sys

2011-06-15 20:13:20 762780 -c--a-w- c:\windows\system32\dllcache\3cwmcru.sys

2011-06-15 20:13:19 11264 -c--a-w- c:\windows\system32\dllcache\1394vdbg.sys

2011-06-15 19:58:18 66048 -c--a-w- c:\windows\system32\dllcache\s3legacy.dll

2011-06-13 06:54:19 -------- d-----w- c:\documents and settings\all users\application data\Skype Extras

2011-06-11 20:26:29 -------- d-----w- c:\program files\Trend Micro

2011-06-11 19:20:58 -------- d-----w- c:\program files\PC Health Optimizer Free Edition

2011-06-11 18:11:26 656320 ----a-w- c:\windows\system32\drivers\pctEFA.sys

2011-06-11 18:11:26 338880 ----a-w- c:\windows\system32\drivers\pctDS.sys

2011-06-11 18:11:24 251560 ----a-w- c:\windows\system32\drivers\pctgntdi.sys

2011-06-11 18:11:18 239168 ----a-w- c:\windows\system32\drivers\PCTCore.sys

2011-06-11 18:11:18 160448 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys

2011-06-11 18:11:06 70536 ----a-w- c:\windows\system32\drivers\pctplsg.sys

2011-06-11 18:10:53 -------- d-----w- c:\program files\PC Tools Security

2011-06-11 18:10:53 -------- d-----w- c:\program files\common files\PC Tools

2011-06-11 18:10:53 -------- d-----w- c:\documents and settings\rick ross\application data\PC Tools

2011-06-11 08:50:19 -------- d-----w- c:\documents and settings\rick ross\application data\SUPERAntiSpyware.com

2011-06-11 08:50:19 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com

2011-06-11 08:49:52 -------- d-----w- c:\program files\SUPERAntiSpyware

2011-06-08 22:02:00 -------- d-sha-r- C:\cmdcons

2011-06-08 21:57:29 98816 ----a-w- c:\windows\sed.exe

2011-06-08 21:57:29 518144 ----a-w- c:\windows\SWREG.exe

2011-06-08 21:57:29 256512 ----a-w- c:\windows\PEV.exe

2011-06-08 21:57:29 208896 ----a-w- c:\windows\MBR.exe

2011-06-02 05:57:49 -------- d--h--w- c:\documents and settings\rick ross\Recent(3)

2011-06-01 23:00:48 -------- d--h--w- c:\documents and settings\rick ross\Recent(2)

2011-06-01 03:48:08 -------- d-----w- C:\+to ipod

2011-05-29 02:01:12 -------- d-----w- C:\MOVIES

2011-05-29 01:22:04 -------- d-----w- c:\documents and settings\rick ross\local settings\application data\PackageAware

.

==================== Find3M ====================

.

2011-06-15 23:18:51 118784 ----a-w- c:\windows\dsdxirmv.exe

2011-05-29 16:11:30 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-05-29 16:11:20 22712 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-05-25 06:00:27 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-05-10 12:10:59 40112 ----a-w- c:\windows\avastSS.scr

2011-05-10 12:03:54 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2011-05-02 15:31:52 692736 ----a-w- c:\windows\system32\inetcomm.dll

2011-04-29 16:19:43 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys

2011-04-25 16:11:12 916480 ----a-w- c:\windows\system32\wininet.dll

2011-04-25 16:11:11 43520 ----a-w- c:\windows\system32\licmgr10.dll

2011-04-25 16:11:11 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2011-04-25 12:01:22 385024 ----a-w- c:\windows\system32\html.iec

2011-04-21 13:37:43 105472 ----a-w- c:\windows\system32\drivers\mup.sys

2011-04-13 22:40:10 4284416 ----a-w- c:\windows\system32\GPhotos.scr

2001-10-05 19:53:04 21866 ----a-w- c:\program files\common files\tppupd2k.dll

1998-02-09 09:59:18 6416 ----a-w- c:\program files\FAC_PT63.EXE

.

============= FINISH: 23:47:23.46 ===============

.

==== Installed Programs ======================

.

Adobe Acrobat - Reader 6.0.2 Update

Adobe Acrobat 6.0 Professional

Adobe Download Manager

Adobe Download Manager 1.2 (Remove Only)

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Photoshop Album 2.0 Starter Edition

Adobe Photoshop Elements 2.0

Adobe Premiere Standard

Adobe Reader 6.0.1

Adobe Reader 8.1.2 Security Update 1 (KB403742)

Adobe Reader 8.1.4

AOL Deutschland

AOL Setup

AOL Toolbar

AOL Uninstaller (Choose which Products to Remove)

Apple Application Support

Apple Mobile Device Support

Apple Software Update

ArcSoft PhotoBase 3

ATI - Software Uninstall Utility

ATI Control Panel

ATI Display Driver

AutoUpdate

avast! Free Antivirus

Bing Maps 3D

Bonjour

BRAVO2 FIRMWARE UPDATER

Cakewalk Pyro 1.5

Cakewalk VST Adapter 4

Canon CanoScan Toolbox 4.1

CCleaner

Click to DVD 2.0 Menu Data

Click to DVD 2.4.12

Click to DVD 2.5.32

CraigsPalFree version 3.08

Critical Update for Windows Media Player 11 (KB959772)

Digital Photo Navigator 1.5

DivX

DivX Player

DreamStation DXi2

Drivers Install For Linksys Easylink Advisor

DVgate Plus

Easy CD Creator 5 Platinum

Free CD to MP3 Converter

Google Chrome

Google Earth Plug-in

Google Gmail Notifier

Google Talk (remove only)

Google Talk Plugin

Google Toolbar for Internet Explorer

Google Update Helper

High-Speed Internet Options

High Definition Audio Driver Package - KB835221

Highlight Viewer (Windows Live Toolbar)

HiJackThis

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows Internet Explorer 7 (KB947864)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows Media Player 10 (KB903157)

Hotfix for Windows Media Player 11 (KB939683)

Hotfix for Windows XP (KB2443685)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB961118)

Hotfix for Windows XP (KB981793)

Image Transfer

ImageMixer for Sony

Intel Application Accelerator

Intel® PRO Network Adapters and Drivers

InterVideo WinDVD 5 for VAIO

iTunes

J2SE Runtime Environment 5.0 Update 4

J2SE Runtime Environment 5.0 Update 6

Java 2 Runtime Environment, SE v1.4.2_05

Java Auto Updater

Java 6 Update 23

Java 6 Update 3

Lexmark Printable Web

Lexmark S300-S400 Series

Lexmark Toolbar

Linksys EasyLink Advisor 1.6 (0032)

Logitech Legacy USB Camera Driver Package

Logitech QuickCam

Macromedia Shockwave Player

Malwarebytes' Anti-Malware version 1.51.0.1200

Manual CanoScan 3000,3000F

Map Button (Windows Live Toolbar)

MD Simple Burner 2.0.05

MediaFACE 4.0

Memory Stick Formatter

Microsoft .NET Framework 1.0 Hotfix (KB953295)

Microsoft .NET Framework 1.0 Hotfix (KB979904)

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2416447)

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft Application Error Reporting

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Data Access Components KB870669

Microsoft Internationalized Domain Names Mitigation APIs

Microsoft National Language Support Downlevel APIs

Microsoft Office Professional Edition 2003

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Works

MicroStaff WINASPI

MobileMe Control Panel

MoodLogic

Movielink eHome version 1.1

Mozilla Firefox 4.0.1 (x86 en-US)

MP3 Wav Editor 2.4

MSXML 4.0 SP2 (KB925672)

MSXML 4.0 SP2 (KB927978)

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Neato MediaFACE 4.0

Nero PhotoShow Express 4

neroxml

Netflix Movie Viewer

OmniPage SE

OpenMG Limited Patch 4.7-07-14-05-01

OpenMG Metadata Extractor for Windows Media Player

OpenMG Secure Module 4.4.00

OpenMG Secure Module 4.7.00

PC Health Optimizer Free Edition

Picasa 3

PowerCinema NE for Everio

PowerDirector Express

PowerProducer

PrimoDVD (English)

Quicken 2008

QuickTime

RealPlayer

Realtek High Definition Audio Driver

Rhapsody Player Engine

Safari

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 2.0 (KB928365)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)

Security Update for Step By Step Interactive Training (KB898458)

Security Update for Step By Step Interactive Training (KB923723)

Security Update for Windows Internet Explorer 7 (KB929969)

Security Update for Windows Internet Explorer 7 (KB931768)

Security Update for Windows Internet Explorer 7 (KB933566)

Security Update for Windows Internet Explorer 7 (KB937143)

Security Update for Windows Internet Explorer 7 (KB938127)

Security Update for Windows Internet Explorer 7 (KB939653)

Security Update for Windows Internet Explorer 7 (KB942615)

Security Update for Windows Internet Explorer 7 (KB944533)

Security Update for Windows Internet Explorer 7 (KB950759)

Security Update for Windows Internet Explorer 8 (KB2416400)

Security Update for Windows Internet Explorer 8 (KB2482017)

Security Update for Windows Internet Explorer 8 (KB2497640)

Security Update for Windows Internet Explorer 8 (KB2510531)

Security Update for Windows Internet Explorer 8 (KB2530548)

Security Update for Windows Internet Explorer 8 (KB2544521)

Security Update for Windows Internet Explorer 8 (KB971961)

Security Update for Windows Internet Explorer 8 (KB981332)

Security Update for Windows Internet Explorer 8 (KB982381)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player 10 (KB911565)

Security Update for Windows Media Player 10 (KB917734)

Security Update for Windows Media Player 11 (KB936782)

Security Update for Windows Media Player 11 (KB954154)

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2121546)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2259922)

Security Update for Windows XP (KB2286198)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2296199)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2436673)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476490)

Security Update for Windows XP (KB2476687)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479628)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485376)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2491683)

Security Update for Windows XP (KB2503658)

Security Update for Windows XP (KB2503665)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2506223)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2508272)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2511455)

Security Update for Windows XP (KB2524375)

Security Update for Windows XP (KB2535512)

Security Update for Windows XP (KB2536276)

Security Update for Windows XP (KB2544893)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950760)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951066)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951698)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956841)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971468)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979559)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980218)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981852)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982214)

Security Update for Windows XP (KB982665)

Sibelius Scorch (ActiveX Only)

Sibelius Scorch (Firefox, Opera, Netscape only)

Skype Toolbars

Skype™ 5.3

Smart Menus (Windows Live Toolbar)

SONAR 7 Studio Edition

Sonic Encoders

Sonic RecordNow!

SonicStage 4.3

SonicStage Mastering Studio 1.4

SonicStage Mastering Studio Audio Filter

SonicStage Mastering Studio Plugins 1.3

Sony Certificate PCH

Sony Download Taxi 1.5.0.0

Sony Picture Utility

Sony TV Tuner Library 1.0

Sony USB Driver

Sony Video Shared Library

Spyware Doctor 8.0

SUPERAntiSpyware

SureThing CD Labeler Primera Edition 5

TPP Storage Driver Installation

Ulead PhotoImpact 10 ESD

Update for Windows Internet Explorer 8 (KB976662)

Update for Windows Media Player 10 (KB913800)

Update for Windows XP (KB2141007)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2467659)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

Update Rollup 2 for Windows XP Media Center Edition 2005

USB Storage Adapter (TPP)

USB Storage Adapter V2 (TPP)

USB Storage Adapter V3 (TPP)

VAIO Edit Components

VAIO Entertainment Platform

VAIO Help and Support

VAIO Media 4.0

VAIO Media Integrated Server 4.1

VAIO Media Redistribution 4.0

VAIO Media Registration Tool 4.0

VAIO Registration

VAIO SLIT-C Screen Saver

VAIO SLIT Pattern Wallpaper

VAIO Survey Standalone

VAIO System Information

VAIO Update 2

VAIO Update 3

Viewpoint Manager (Remove Only)

Viewpoint Media Player

WavePad Uninstall

WebFldrs XP

Welcome to VAIO life

Windows Defender Signatures

Windows Genuine Advantage Notifications (KB905474)

Windows Genuine Advantage v1.3.0254.0

Windows Genuine Advantage Validation Tool (KB892130)

Windows Imaging Component

Windows Installer Clean Up

Windows Internet Explorer 7

Windows Internet Explorer 8

Windows Live Favorites for Windows Live Toolbar

Windows Live installer

Windows Live Mail

Windows Live OneCare safety scanner

Windows Live Photo Gallery

Windows Live Sign-in Assistant

Windows Live Toolbar

Windows Live Toolbar Extension (Windows Live Toolbar)

Windows Live Writer

Windows Media Format 11 runtime

Windows Media Player 10 Hotfix [see KB886612 for more information]

Windows Media Player 11

Windows Media Player Firefox Plugin

Windows Vista Upgrade Advisor

Windows XP Media Center Edition 2005 KB2502898

Windows XP Media Center Edition 2005 KB925766

Windows XP Media Center Edition 2005 KB973768

Windows XP Service Pack 3

WinRAR archiver

WinZip

.

==== End Of File ===========================

[Searchqu invasion]

OK here you go.. Thanks

SystemLook 04.09.10 by jpshortstuff

Log created at 10:32 on 23/06/2011 by Rick Ross

Administrator - Elevation successful

========== regfind ==========

Searching for "searchqu"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}]

"URL"="http://www.searchqu.com/web?src=ieb&systemid=406&q={searchTerms}"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}]

"SuggestionsURL_JSON"="http://www.searchqu.com/suggest.php?src=ieb&systemid=406&qu={searchTerms}&ft=json"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard\CurVer]

@="SearchQUIEHelper.UrlHelper.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}\1.0]

@="SearchQUIEBHO 1.0 Type Library"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}]

"URL"="http://www.searchqu.com/web?src=ieb&systemid=406&q={searchTerms}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}]

"SuggestionsURL_JSON"="http://www.searchqu.com/suggest.php?src=ieb&systemid=406&qu={searchTerms}&ft=json"

[HKEY_USERS\S-1-5-21-3601482034-2425735451-1963320471-1004\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}]

"URL"="http://www.searchqu.com/web?src=ieb&systemid=406&q={searchTerms}"

[HKEY_USERS\S-1-5-21-3601482034-2425735451-1963320471-1004\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}]

"SuggestionsURL_JSON"="http://www.searchqu.com/suggest.php?src=ieb&systemid=406&qu={searchTerms}&ft=json"

========== filefind ==========

Searching for "searchqu"

No files found.

-= EOF =-

[Searchqu invasion]

Thank You Chris,

Here is the SystemLook log:

SystemLook 04.09.10 by jpshortstuff

Log created at 13:36 on 20/06/2011 by Rick Ross

Administrator - Elevation successful

========== regfind ==========

Searching for "searchqu"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}]

"URL"="http://www.searchqu.com/web?src=ieb&systemid=406&q={searchTerms}"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}]

"SuggestionsURL_JSON"="http://www.searchqu.com/suggest.php?src=ieb&systemid=406&qu={searchTerms}&ft=json"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard\CurVer]

@="SearchQUIEHelper.UrlHelper.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}\1.0]

@="SearchQUIEBHO 1.0 Type Library"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}]

"URL"="http://www.searchqu.com/web?src=ieb&systemid=406&q={searchTerms}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}]

"SuggestionsURL_JSON"="http://www.searchqu.com/suggest.php?src=ieb&systemid=406&qu={searchTerms}&ft=json"

[HKEY_USERS\S-1-5-21-3601482034-2425735451-1963320471-1004\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}]

"URL"="http://www.searchqu.com/web?src=ieb&systemid=406&q={searchTerms}"

[HKEY_USERS\S-1-5-21-3601482034-2425735451-1963320471-1004\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}]

"SuggestionsURL_JSON"="http://www.searchqu.com/suggest.php?src=ieb&systemid=406&qu={searchTerms}&ft=json"

Invalid Context: fildfind

No Context: searchqu

-= EOF =-

[Searchqu invasion]

Sorry I misinterpreted your last reply and began to work on finding a remedy on my own. I have removed the utorrent which I have no use for. I am out of town frequently but hope to hear back from you and reply as quickly as I can to clean this system. Here is where things stand:

My normal toolbar had been replaced with an unwanted toolbar called searchqu. Every time I opened the browser or use the searchbar, I would get an alert from Malwarebytes stating it has successfully blocked access to a potentially malicious website 202.232.22.60. I tried to use system restore to return settings to several different points before I had this problem, but the utility always stalls , reboots , then says restore was unsuccessful. I am afraid that this is an infection that will worsen over time. I also tried to several different virus, malware and spyware scans. MBAM,Avast,PCHealth,Combofix, Eusing Registry Fix and more... I even ran them in safe mode. I ran Hijackthis, but don't know what to do with it. OTL showed me some Folders that had searchqu in their names, so I deleted those. I no longer get the alert from MBAM. But now when I try to open Firefox, I get a message that Firefox is already running. I uninstalled and reinstalled Firefox, but I still cant use that browser. I am able to use Google Chrome and IE, but IE still tells me that Searchqu is my default. I know just enough to get myself in trouble so I thought I would ask you for help before I mess up something trying to fix it on my own. I hope I'm not too late. Can you please help me regain the use of System Restore and clean up whatever's bugging my computer? Another of my favorite programs called Sonar4 now gives me a error message and tells me to reinstall. I did that and I still get the same error message. I'd like to get Firefox working again, too. Thanks.

ComboFix 11-06-15.02 - Rick Ross 06/15/2011 16:55:42.3.2 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1084 [GMT -7:00]

Running from: c:\documents and settings\Rick Ross\My Documents\Downloads\ComboFix.exe

AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\windows\TEMP\logishrd\LVPrcInj01.dll

.

.

((((((((((((((((((((((((( Files Created from 2011-05-16 to 2011-06-16 )))))))))))))))))))))))))))))))

.

.

2011-06-15 20:13 . 2001-08-17 20:28 762780 -c--a-w- c:\windows\system32\dllcache\3cwmcru.sys

2011-06-15 20:13 . 2001-08-17 21:06 11264 -c--a-w- c:\windows\system32\dllcache\1394vdbg.sys

2011-06-15 19:58 . 2001-08-17 21:56 66048 -c--a-w- c:\windows\system32\dllcache\s3legacy.dll

2011-06-15 18:48 . 2011-06-15 18:48 -------- d-----w- c:\program files\Common Files\Skype

2011-06-13 06:54 . 2011-06-15 18:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype Extras

2011-06-11 20:26 . 2011-06-11 20:26 -------- d-----w- c:\program files\Trend Micro

2011-06-11 19:20 . 2011-06-11 20:12 -------- d-----w- c:\program files\PC Health Optimizer Free Edition

2011-06-11 18:11 . 2010-07-16 21:59 656320 ----a-w- c:\windows\system32\drivers\pctEFA.sys

2011-06-11 18:11 . 2010-07-16 21:59 338880 ----a-w- c:\windows\system32\drivers\pctDS.sys

2011-06-11 18:11 . 2011-01-17 16:10 251560 ----a-w- c:\windows\system32\drivers\pctgntdi.sys

2011-06-11 18:11 . 2010-12-10 23:57 160448 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys

2011-06-11 18:11 . 2010-12-10 20:24 239168 ----a-w- c:\windows\system32\drivers\PCTCore.sys

2011-06-11 18:11 . 2010-12-16 15:46 70536 ----a-w- c:\windows\system32\drivers\pctplsg.sys

2011-06-11 18:10 . 2011-06-11 18:58 -------- d-----w- c:\program files\PC Tools Security

2011-06-11 18:10 . 2011-06-11 18:15 -------- d-----w- c:\program files\Common Files\PC Tools

2011-06-11 18:10 . 2011-06-11 18:10 -------- d-----w- c:\documents and settings\Rick Ross\Application Data\PC Tools

2011-06-11 08:50 . 2011-06-11 08:50 -------- d-----w- c:\documents and settings\Rick Ross\Application Data\SUPERAntiSpyware.com

2011-06-11 08:50 . 2011-06-11 08:50 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com

2011-06-11 08:49 . 2011-06-11 08:50 -------- d-----w- c:\program files\SUPERAntiSpyware

2011-06-01 03:48 . 2011-06-01 03:49 -------- d-----w- C:\+to ipod

2011-05-29 02:01 . 2011-06-01 17:41 -------- d-----w- C:\MOVIES

2011-05-29 01:22 . 2011-05-29 01:22 -------- d-----w- c:\documents and settings\Rick Ross\Local Settings\Application Data\PackageAware

2011-05-25 06:00 . 2011-05-25 06:00 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-05-24 02:25 . 2011-05-10 12:03 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2011-05-18 18:36 . 2011-05-18 18:36 -------- d-----w- c:\documents and settings\Rick Ross\Application Data\Sibelius Software

2011-05-18 17:52 . 2011-05-18 17:52 -------- d-----w- c:\program files\Sibelius Software

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-06-15 23:18 . 2005-01-25 19:08 118784 ----a-w- c:\windows\dsdxirmv.exe

2011-05-29 16:11 . 2011-01-22 01:12 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-05-29 16:11 . 2011-01-22 01:12 22712 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-05-10 12:10 . 2011-01-22 01:04 40112 ----a-w- c:\windows\avastSS.scr

2011-05-10 12:10 . 2011-01-22 01:04 199304 ----a-w- c:\windows\system32\aswBoot.exe

2011-05-10 12:03 . 2011-01-22 01:04 307928 ----a-w- c:\windows\system32\drivers\aswSP.sys

2011-05-10 12:02 . 2011-01-22 01:04 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2011-05-10 12:02 . 2011-01-22 01:04 102616 ----a-w- c:\windows\system32\drivers\aswmon2.sys

2011-05-10 12:02 . 2011-01-22 01:04 96344 ----a-w- c:\windows\system32\drivers\aswmon.sys

2011-05-10 11:59 . 2011-01-22 01:04 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys

2011-05-10 11:59 . 2011-01-22 01:04 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys

2011-05-10 11:59 . 2011-01-22 01:04 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2011-04-13 22:40 . 2011-04-13 22:40 4284416 ----a-w- c:\windows\system32\GPhotos.scr

2001-10-05 19:53 . 2008-02-04 18:11 21866 ----a-w- c:\program files\Common Files\tppupd2k.dll

1998-02-09 09:59 . 2005-01-29 21:24 6416 ----a-w- c:\program files\FAC_PT63.EXE

2010-03-31 17:09 . 2010-03-31 17:09 10437264 ----a-w- c:\program files\mozilla firefox\plugins\PDFNetC.dll

2010-04-08 19:36 . 2010-04-08 19:36 107760 ----a-w- c:\program files\mozilla firefox\plugins\ScorchPDFWrapper.dll

2011-04-14 16:26 . 2011-06-12 02:51 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2011-05-10 12:10 122512 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-05-28 68856]

"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-06-10 2424192]

"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"VAIO Recovery"="c:\windows\Sonysys\VAIO Recovery\PartSeal.exe" [2003-04-20 28672]

"SoundMan"="SOUNDMAN.EXE" [2004-07-29 77824]

"sHotKey"="c:\program files\SONY\sHotKey\sHotKey.exe" [2003-08-22 45056]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-01-25 421160]

"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2011-05-10 3459712]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]

2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"midi1"=usbmn2x2.dll

"midi4"=usbns4x4.dll

"midi3"=usbns4x4.dll

"midi5"=usbns4x4.dll

"midi7"=usbns4x4.dll

"MIDI10"=vpnt.dll

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Acrobat Assistant.lnk]

backup=c:\windows\pss\Acrobat Assistant.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^AOL 9.0 Tray-Symbol.lnk]

backup=c:\windows\pss\AOL 9.0 Tray-Symbol.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Image Transfer.lnk]

backup=c:\windows\pss\Image Transfer.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]

backup=c:\windows\pss\WinZip Quick Pick.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^Rick Ross^Start Menu^Programs^Startup^Launch Microsoft Office Outlook.lnk]

backup=c:\windows\pss\Launch Microsoft Office Outlook.lnkStartup

.

[HKLM\~\startupfolder\C:^Documents and Settings^Rick Ross^Start Menu^Programs^Startup^M-Audio Quattro Control Panel Launcher.lnk]

backup=c:\windows\pss\M-Audio Quattro Control Panel Launcher.lnkStartup

.

[HKLM\~\startupfolder\C:^Documents and Settings^Rick Ross^Start Menu^Programs^Startup^Picture Motion Browser Media Check Tool.lnk]

backup=c:\windows\pss\Picture Motion Browser Media Check Tool.lnkStartup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]

c:\windows\system32\dumprep 0 -k [X]

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdaptecDirectCD]

2001-01-11 13:00 643072 ----a-w- c:\program files\Adaptec\Easy CD Creator 5\DirectCD\Directcd.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2007-10-11 03:51 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOL Fast Start]

2008-11-06 11:42 50472 ----a-w- c:\program files\AOL 9.1\aol.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOL Spyware Protection]

2004-10-19 00:42 79448 ----a-w- c:\progra~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOLDialer]

2006-10-23 12:50 71216 ----a-r- c:\program files\Common Files\AOL\ACS\AOLDial.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]

2010-12-15 01:17 47904 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]

2004-09-29 14:15 344064 ----a-w- c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]

2008-12-19 02:03 342848 ----a-w- c:\program files\DNA\btdna.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CreateCD50]

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]

2008-04-14 00:12 15360 ----a-w- c:\windows\system32\ctfmon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EasyLinkAdvisor]

2007-03-16 02:16 454784 ----a-w- c:\program files\Linksys EasyLink Advisor\LinksysAgent.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]

2005-08-05 20:56 64512 ----a-w- c:\windows\ehome\ehtray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EverioService]

2006-11-23 04:10 151552 ------w- c:\program files\CyberLink\PCM4Everio\EverioService.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EzPrint]

2010-01-18 17:27 139944 ----a-w- c:\program files\Lexmark S300-S400 Series\ezprint.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]

2007-01-01 21:22 3739648 ----a-w- c:\program files\Google\Google Talk\googletalk.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\High Definition Audio Property Page Shortcut]

2004-03-17 22:10 61952 ----a-w- c:\windows\system32\Hdaudpropshortcut.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]

2007-05-25 17:16 42032 ----a-w- c:\program files\Common Files\AOL\1129216511\ee\aolsoftware.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]

2003-01-31 02:55 196608 ----a-w- c:\windows\system32\spool\drivers\w32x86\3\hpztsb04.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]

2004-03-23 19:16 135168 ----a-w- c:\program files\Intel\Intel Application Accelerator\IAAnotif.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

2011-01-25 23:08 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager]

2008-08-15 00:11 565008 ----a-w- c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxeamon.exe]

2010-01-18 17:27 770728 ----a-w- c:\program files\Lexmark S300-S400 Series\lxeamon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MediaFace Integration]

2002-07-23 21:31 53248 ----a-w- c:\program files\Neato\MediaFACE 4.0\SetHook.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

2008-04-14 00:12 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nero PhotoShow Media Manager]

2006-05-10 19:52 249856 ----a-w- c:\progra~1\Nero\NEROPH~1\data\Xtras\mssysmgr.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Omnipage]

2002-06-03 19:38 49152 ----a-w- c:\program files\ScanSoft\OmniPageSE\opware32.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2010-11-30 01:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]

2008-03-27 03:14 214560 ----a-w- c:\program files\Real\RealPlayer\realplay.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]

2011-05-27 04:50 15147400 ----a-r- c:\program files\Skype\Phone\Skype.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sonic RecordNow!]

2004-06-22 15:02 1912832 ----a-w- c:\program files\Sonic\RecordNow!\RecordNow.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

2008-05-28 02:37 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPP Auto Loader]

2001-10-05 19:54 118784 ----a-w- c:\windows\tppaldr.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ulead AutoDetector v2]

2004-08-28 02:22 90112 ----a-w- c:\program files\Common Files\Ulead Systems\AutoDetector\Monitor.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VAIO Update 2]

2004-01-17 10:36 135168 ----a-w- c:\program files\Sony\VAIO Update 2\VAIOUpdt.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VAIO Update 3]

2007-05-16 03:46 551032 ----a-w- c:\program files\Sony\VAIO Update 3\VAIOUpdt.exe

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Sony\\VAIO Media Integrated Server\\Platform\\SV_Httpd.exe"=

"c:\\Program Files\\Sony\\VAIO Media Integrated Server\\Platform\\UPnPFramework.exe"=

"c:\\Program Files\\Sony\\VAIO Media Integrated Server\\Platform\\VMConsole.exe"=

"c:\\Program Files\\Messenger\\msmsgs.exe"=

"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLAcsd.exe"=

"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=

"c:\\Program Files\\AOL(DE) 9.0\\waol.exe"=

"c:\\Program Files\\America Online 9.0\\waol.exe"=

"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=

"c:\\Program Files\\Common Files\\AOL\\1129216511\\ee\\aolsoftware.exe"=

"c:\\Program Files\\Common Files\\AOL\\1129216511\\ee\\aim6.exe"=

"c:\\Program Files\\America Online 9.0a\\waol.exe"=

"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltsmon.exe"=

"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltpspd.exe"=

"c:\\Program Files\\Common Files\\AOL\\1129216511\\ee\\AOLServiceHost.exe"=

"c:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"=

"c:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\AOLSP Scheduler.exe"=

"c:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\asp.exe"=

"c:\\Program Files\\Common Files\\AolCoach\\en_en\\player\\AOLNySEV.exe"=

"c:\\Program Files\\Sony\\Click to DVD 2\\CtoDvd.exe"=

"c:\\Program Files\\CyberLink\\PCM4Everio\\PCM4Everio.exe"=

"c:\\Program Files\\CyberLink\\PCM4Everio\\EverioService.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\WINDOWS\\system32\\dpvsetup.exe"=

"c:\\Program Files\\Google\\Google Talk\\googletalk.exe"=

"c:\\Program Files\\DNA\\btdna.exe"=

"c:\\Program Files\\AOL 9.0\\waol.exe"=

"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\3.0\\aoltpsd3.exe"=

"c:\\WINDOWS\\system32\\fxsclnt.exe"=

"c:\\Program Files\\AOL 9.1\\waol.exe"=

"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=

"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=

"c:\\WINDOWS\\system32\\lxeacoms.exe"=

"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=

"c:\\Documents and Settings\\Rick Ross\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=

"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

.

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [6/11/2011 11:11 AM 239168]

R0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS.sys [6/11/2011 11:11 AM 338880]

R0 pctEFA;PC Tools Extended File Attributes;c:\windows\system32\drivers\pctEFA.sys [6/11/2011 11:11 AM 656320]

R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [5/23/2011 7:25 PM 441176]

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [1/21/2011 6:04 PM 307928]

R1 GearAspiSys;GearAspiSys;c:\windows\system32\drivers\GEARASPISYS.SYS [11/5/2005 11:22 AM 53412]

R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2/17/2010 11:25 AM 12872]

R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [5/10/2010 11:41 AM 67656]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [1/21/2011 6:04 PM 19544]

R2 lxea_device;lxea_device;c:\windows\system32\lxeacoms.exe -service --> c:\windows\system32\lxeacoms.exe -service [?]

R2 lxeaCATSCustConnectService;lxeaCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxeaserv.exe [5/29/2010 1:56 PM 98984]

R2 QuattroInstallerService;Quattro Installer;c:\program files\M-Audio USB Quattro\Install\QuatInst.exe [2/14/2005 12:05 PM 86016]

R2 SBKUPNT;SBKUPNT;c:\windows\system32\drivers\SBKUPNT.SYS [10/9/2008 12:27 PM 14976]

R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\PC Tools Security\pctsAuxs.exe [6/11/2011 11:10 AM 366840]

R3 m763001b;M-Audio Quattro Base Driver;c:\windows\system32\drivers\m763001b.sys [1/22/2005 6:34 PM 9216]

R3 m763001d;M-Audio Quattro Legacy Driver;c:\windows\system32\drivers\m763001d.sys [1/22/2005 6:34 PM 6656]

R3 ma763001;M-Audio Quattro;c:\windows\system32\drivers\MA763001.sys [1/22/2005 6:34 PM 41856]

R3 USBMN2X2;M-Audio USB MidiSport 2x2;c:\windows\system32\drivers\usbmn2x2.sys [1/22/2005 6:41 PM 22304]

R3 USBNS4X4;M-Audio USB Quattro Midi;c:\windows\system32\drivers\usbns4x4.sys [1/22/2005 6:34 PM 22368]

R3 X10Hid;X10 Hid Device;c:\windows\system32\drivers\x10hid.sys [3/24/2008 2:41 PM 7040]

S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2/8/2010 1:04 AM 135664]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2/8/2010 1:04 AM 135664]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [1/21/2011 6:12 PM 22712]

S3 PL-40R;CASIO USB MIDI;c:\windows\system32\drivers\pl40rwdm.sys [5/3/2009 5:12 PM 18048]

S3 USB22LDR;M-Audio USB MidiSport 2x2 Loader;c:\windows\system32\drivers\usb22ldr.sys [1/22/2005 6:41 PM 14272]

S4 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [1/21/2011 6:12 PM 366640]

S4 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [12/29/2007 12:26 PM 24652]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

getPlusHelper REG_MULTI_SZ getPlusHelper

.

Contents of the 'Scheduled Tasks' folder

.

2011-06-14 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-04-12 19:34]

.

2011-06-16 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job

- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 19:20]

.

2011-06-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-08 08:04]

.

2011-06-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-08 08:04]

.

2011-06-16 c:\windows\Tasks\User_Feed_Synchronization-{A04A00E0-C5DA-4502-A5D0-ABBF91C9B966}.job

- c:\windows\system32\msfeedssync.exe [2006-10-17 12:31]

.

.

------- Supplementary Scan -------

.

uDefault_Search_URL = hxxp://search.msn.com

uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7

IE: &AOL Toolbar Search - c:\documents and settings\All Users\Application Data\AOL\ieToolbar\resources\en-US\local\search.html

IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html

LSP: c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll

TCP: DhcpNameServer = 209.18.47.61 209.18.47.62

DPF: {4EC8E993-32C1-47F5-A07A-5B0574655AD4} - hxxp://us.dl1.yimg.com/download.yahoo.com/dl/controls/ysftcntr/ysftcntr_current.cab

FF - ProfilePath - c:\documents and settings\Rick Ross\Application Data\Mozilla\Firefox\Profiles\fk3uq85c.default\

.

- - - - ORPHANS REMOVED - - - -

.

ShellExecuteHooks-{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - (no file)

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2011-06-15 22:47

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'winlogon.exe'(812)

c:\windows\system32\usbns4x4.dll

c:\program files\SUPERAntiSpyware\SASWINLO.DLL

c:\windows\system32\WININET.dll

.

- - - - - - - > 'lsass.exe'(872)

c:\windows\system32\usbns4x4.dll

c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll

.

- - - - - - - > 'explorer.exe'(5576)

c:\windows\system32\WININET.dll

c:\windows\system32\usbns4x4.dll

c:\windows\TEMP\logishrd\LVPrcInj01.dll

c:\windows\system32\ieframe.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\program files\Common Files\aolshare\aolshcpy.dll

c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Other Running Processes ------------------------

.

c:\windows\system32\Ati2evxx.exe

c:\program files\Alwil Software\Avast5\AvastSvc.exe

c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

c:\program files\Common Files\AOL\ACS\AOLAcsd.exe

c:\program files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe

c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe

c:\windows\eHome\ehRecvr.exe

c:\windows\eHome\ehSched.exe

c:\program files\Intel\Intel Application Accelerator\iaantmon.exe

c:\program files\Java\jre6\bin\jqs.exe

c:\windows\system32\lxeacoms.exe

c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

c:\program files\CyberLink\Shared Files\RichVideo.exe

c:\program files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe

c:\program files\Sony\Sony TV Tuner Library\SMceMan.exe

c:\program files\Sony\VAIO Media Integrated Server\VMISrv.exe

c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe

c:\windows\wanmpsvc.exe

c:\windows\system32\MsPMSPSv.exe

c:\windows\ehome\mcrdsvc.exe

c:\program files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe

c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

c:\program files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe

c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

c:\windows\system32\dllhost.exe

c:\program files\Sony\Sony TV Tuner Library\RM_SV.exe

c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe

c:\windows\system32\wscntfy.exe

c:\windows\SOUNDMAN.EXE

c:\program files\iPod\bin\iPodService.exe

c:\program files\Common Files\Java\Java Update\jucheck.exe

.

**************************************************************************

.

Completion time: 2011-06-15 22:58:52 - machine was rebooted

ComboFix-quarantined-files.txt 2011-06-16 05:58

ComboFix2.txt 2011-06-10 18:22

ComboFix3.txt 2011-06-08 22:41

.

Pre-Run: 49,015,664,640 bytes free

Post-Run: 49,032,433,664 bytes free

.

- - End Of File - - BF44BF383CC802E19A2A857BB355BF03

.

DDS (Ver_2011-06-02.03) - NTFSx86

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_23

Run by Rick Ross at 23:01:08 on 2011-06-15

.

============== Running Processes ===============

.

C:\WINDOWS\system32\Ati2evxx.exe

C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe

C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\WINDOWS\eHome\ehSched.exe

C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxeaserv.exe

C:\WINDOWS\system32\lxeacoms.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\M-Audio USB Quattro\Install\QuatInst.exe

C:\Program Files\CyberLink\Shared Files\RichVideo.exe

C:\Program Files\PC Tools Security\pctsAuxs.exe

C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe

C:\Program Files\Sony\Sony TV Tuner Library\SMceMan.exe

C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe

C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe

C:\WINDOWS\wanmpsvc.exe

C:\WINDOWS\system32\MsPMSPSv.exe

C:\WINDOWS\ehome\mcrdsvc.exe

C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe

C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe

C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

C:\WINDOWS\system32\dllhost.exe

C:\Program Files\Sony\Sony TV Tuner Library\RM_SV.exe

C:\WINDOWS\System32\alg.exe

C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Program Files\SONY\sHotKey\sHotKey.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Alwil Software\Avast5\avastUI.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Common Files\Java\Java Update\jucheck.exe

C:\WINDOWS\explorer.exe

C:\WINDOWS\system32\notepad.exe

C:\Documents and Settings\Rick Ross\My Documents\Downloads\dds.com

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

C:\WINDOWS\system32\svchost.exe -k rpcss

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

.

============== Pseudo HJT Report ===============

.

uDefault_Search_URL = hxxp://search.msn.com

uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files\lexmark toolbar\toolband.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll

BHO: AOL Toolbar Loader: {7c554162-8cb7-45a4-b8f4-8ea1c75885f9} - c:\program files\aol toolbar\aoltb.dll

BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll

BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: AcroIEToolbarHelper Class: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll

BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll

BHO: Windows Live Toolbar Helper: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll

BHO: 1 (0x1) - No File

BHO: Lexmark Printable Web: {d2c5e510-be6d-42cc-9f61-e4f939078474} - c:\program files\lexmark printable web\bho.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll

TB: Windows Live Toolbar: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll

TB: AOL Toolbar: {de9c389f-3316-41a7-809b-aa305ed9d922} - c:\program files\aol toolbar\aoltb.dll

TB: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files\lexmark toolbar\toolband.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll

TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File

TB: {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No File

TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File

TB: {6ADB0F93-1AA5-4BCF-9DF4-CEA689A3C111} - No File

EB: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - No File

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe

mRun: [VAIO Recovery] c:\windows\sonysys\vaio recovery\PartSeal.exe

mRun: [soundMan] SOUNDMAN.EXE

mRun: [sHotKey] "c:\program files\sony\shotkey\sHotKey.exe"

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [avast] "c:\program files\alwil software\avast5\avastUI.exe" /nogui

dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t

IE: &AOL Toolbar Search - c:\documents and settings\all users\application data\aol\ietoolbar\resources\en-us\local\search.html

IE: &Windows Live Search - c:\program files\windows live toolbar\msntb.dll/search.htm

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html

IE: {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE}

IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL

LSP: c:\program files\common files\pc tools\lsp\PCTLsp.dll

DPF: {00000055-9980-0010-8000-00AA00389B71} - hxxp://codecs.microsoft.com/codecs/i386/fhg.CAB

DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} - hxxp://esupport.sony.com/VaioInfo.CAB

DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://support.microsoft.com/OAS/ActiveX/MSDcode.cab

DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab

DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} - hxxp://www.kaspersky.com/downloads/kws/kavwebscan.cab

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/5/b/0/5b0d4654-aa20-495c-b89f-c1c34c691085/LegitCheckControl.cab

DPF: {341FF14B-00CB-49F5-A427-A164DF1D5E1F} - hxxp://musicstore.connect.com/assets/activexplayer/SMALStreaming.cab

DPF: {37DF41B2-61DB-4CAC-A755-CFB3C7EE7F40} - hxxp://esupport.aol.com/help/acp2/engine/aolcoach_core_1.cab

DPF: {474F00F5-3853-492C-AC3A-476512BBC336} - hxxp://picasaweb.google.com/s/v/32.70/uploader2.cab

DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} - hxxp://aolcc.aol.com/computercheckup/qdiagcc.cab

DPF: {4EC8E993-32C1-47F5-A07A-5B0574655AD4} - hxxp://us.dl1.yimg.com/download.yahoo.com/dl/controls/ysftcntr/ysftcntr_current.cab

DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab

DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5483.cab

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1140818082843

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab

DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} - hxxp://www.sibelius.com/download/software/win/ActiveXPlugin.cab

DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

TCP: DhcpNameServer = 209.18.47.61 209.18.47.62

TCP: Interfaces\{C3C77818-ACF1-43AD-84ED-E3A61B2EABAF} : DhcpNameServer = 209.18.47.61 209.18.47.62

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

.

================= FIREFOX ===================

.

FF - ProfilePath -

.

============= SERVICES / DRIVERS ===============

.

R? gupdate;Google Update Service (gupdate)

R? gupdatem;Google Update Service (gupdatem)

R? MBAMProtector;MBAMProtector

R? MBAMService;MBAMService

R? PL-40R;CASIO USB MIDI

R? sdCoreService;PC Tools Security Service

R? USB22LDR;M-Audio USB MidiSport 2x2 Loader

R? Viewpoint Manager Service;Viewpoint Manager Service

S? aswFsBlk;aswFsBlk

S? aswSnx;aswSnx

S? aswSP;aswSP

S? avast! Antivirus;avast! Antivirus

S? GearAspiSys;GearAspiSys

S? lxea_device;lxea_device

S? lxeaCATSCustConnectService;lxeaCATSCustConnectService

S? m763001b;M-Audio Quattro Base Driver

S? m763001d;M-Audio Quattro Legacy Driver

S? ma763001;M-Audio Quattro

S? McrdSvc;Media Center Extender Service

S? PCTCore;PCTools KDS

S? pctDS;PC Tools Data Store

S? pctEFA;PC Tools Extended File Attributes

S? QuattroInstallerService;Quattro Installer

S? SASDIFSV;SASDIFSV

S? SASKUTIL;SASKUTIL

S? SBKUPNT;SBKUPNT

S? sdAuxService;PC Tools Auxiliary Service

S? USBMN2X2;M-Audio USB MidiSport 2x2

S? USBNS4X4;M-Audio USB Quattro Midi

S? X10Hid;X10 Hid Device

.

=============== Created Last 30 ================

.

2011-06-15 20:13:20 762780 -c--a-w- c:\windows\system32\dllcache\3cwmcru.sys

2011-06-15 20:13:19 11264 -c--a-w- c:\windows\system32\dllcache\1394vdbg.sys

2011-06-15 19:58:18 66048 -c--a-w- c:\windows\system32\dllcache\s3legacy.dll

2011-06-13 06:54:19 -------- d-----w- c:\documents and settings\all users\application data\Skype Extras

2011-06-11 20:26:29 -------- d-----w- c:\program files\Trend Micro

2011-06-11 19:20:58 -------- d-----w- c:\program files\PC Health Optimizer Free Edition

2011-06-11 18:11:26 656320 ----a-w- c:\windows\system32\drivers\pctEFA.sys

2011-06-11 18:11:26 338880 ----a-w- c:\windows\system32\drivers\pctDS.sys

2011-06-11 18:11:24 251560 ----a-w- c:\windows\system32\drivers\pctgntdi.sys

2011-06-11 18:11:18 239168 ----a-w- c:\windows\system32\drivers\PCTCore.sys

2011-06-11 18:11:18 160448 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys

2011-06-11 18:11:06 70536 ----a-w- c:\windows\system32\drivers\pctplsg.sys

2011-06-11 18:10:53 -------- d-----w- c:\program files\PC Tools Security

2011-06-11 18:10:53 -------- d-----w- c:\program files\common files\PC Tools

2011-06-11 18:10:53 -------- d-----w- c:\documents and settings\rick ross\application data\PC Tools

2011-06-11 08:50:19 -------- d-----w- c:\documents and settings\rick ross\application data\SUPERAntiSpyware.com

2011-06-11 08:50:19 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com

2011-06-11 08:49:52 -------- d-----w- c:\program files\SUPERAntiSpyware

2011-06-08 22:02:00 -------- d-sha-r- C:\cmdcons

2011-06-08 21:57:29 98816 ----a-w- c:\windows\sed.exe

2011-06-08 21:57:29 518144 ----a-w- c:\windows\SWREG.exe

2011-06-08 21:57:29 256512 ----a-w- c:\windows\PEV.exe

2011-06-08 21:57:29 208896 ----a-w- c:\windows\MBR.exe

2011-06-02 05:57:49 -------- d--h--w- c:\documents and settings\rick ross\Recent(3)

2011-06-01 23:00:48 -------- d--h--w- c:\documents and settings\rick ross\Recent(2)

2011-06-01 03:48:08 -------- d-----w- C:\+to ipod

2011-05-29 02:01:12 -------- d-----w- C:\MOVIES

2011-05-29 01:22:04 -------- d-----w- c:\documents and settings\rick ross\local settings\application data\PackageAware

2011-05-25 06:00:27 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-05-24 02:25:10 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2011-05-18 18:36:02 -------- d-----w- c:\documents and settings\rick ross\application data\Sibelius Software

2011-05-18 17:52:10 -------- d-----w- c:\program files\Sibelius Software

.

==================== Find3M ====================

.

2011-06-15 23:18:51 118784 ----a-w- c:\windows\dsdxirmv.exe

2011-05-29 16:11:30 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-05-29 16:11:20 22712 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-05-10 12:10:59 40112 ----a-w- c:\windows\avastSS.scr

2011-04-13 22:40:10 4284416 ----a-w- c:\windows\system32\GPhotos.scr

2001-10-05 19:53:04 21866 ----a-w- c:\program files\common files\tppupd2k.dll

1998-02-09 09:59:18 6416 ----a-w- c:\program files\FAC_PT63.EXE

.

============= FINISH: 23:08:13.34 ===============

Malwarebytes' Anti-Malware 1.51.0.1200

www.malwarebytes.org

Database version: 6863

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

6/15/2011 4:38:36 PM

mbam-log-2011-06-15 (16-38-36).txt

Scan type: Quick scan

Objects scanned: 186109

Time elapsed: 10 minute(s), 38 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

[Resending "Searchqu Invasion"]

I read that I should wait 48 hours before resending my post. I haven't heard back, and I really need some help I hope I am doing this the right way. Here's everything for the previous post:

*********

After searching for a video torrent,I ended up with iLivid on my computer and it has resulted in giving me a Searchqu toolbar I cannot get rid of. My System Restore will not run. I have tried my Avast and Malwarebytes. They found a couple of infections. I removed them, but I still have the Searchqu. It is causing Malwarebytes to alert every time I access the internet. I presume other problems will follow. Can you help me get my system back to normal? thanks

.

DDS (Ver_2011-06-02.03) - NTFSx86

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_23

Run by Rick Ross at 14:24:04 on 2011-06-02

.

============== Running Processes ===============

.

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe

C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\WINDOWS\eHome\ehSched.exe

C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxeaserv.exe

C:\WINDOWS\system32\lxeacoms.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\M-Audio USB Quattro\Install\QuatInst.exe

C:\Program Files\CyberLink\Shared Files\RichVideo.exe

C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe

C:\Program Files\Sony\Sony TV Tuner Library\SMceMan.exe

C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe

C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe

C:\Program Files\Viewpoint\Common\ViewpointService.exe

C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

C:\WINDOWS\wanmpsvc.exe

C:\WINDOWS\system32\MsPMSPSv.exe

C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

C:\WINDOWS\ehome\mcrdsvc.exe

C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe

C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe

C:\WINDOWS\system32\dllhost.exe

C:\Program Files\Sony\Sony TV Tuner Library\RM_SV.exe

C:\WINDOWS\System32\alg.exe

C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe

C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Program Files\SONY\sHotKey\sHotKey.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Alwil Software\Avast5\avastUI.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Common Files\Java\Java Update\jucheck.exe

C:\Documents and Settings\Rick Ross\My Documents\Downloads\8myt0um1.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Documents and Settings\Rick Ross\My Documents\Downloads\dds.com

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.searchqu.com/406

uSearch Bar = hxxp://www.google.com/ie

uDefault_Search_URL = hxxp://search.msn.com

uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7

mDefault_Page_URL = hxxp://www.sony.com/vaiopeople

mSearch Page =

uURLSearchHooks: IAOLTBSearch Class: {ea756889-2338-43db-8f07-d1ca6fb9c90d} - c:\program files\aol toolbar\aoltb.dll

uURLSearchHooks: H - No File

mURLSearchHooks: IAOLTBSearch Class: {ea756889-2338-43db-8f07-d1ca6fb9c90d} - c:\program files\aol toolbar\aoltb.dll

BHO: {02478D38-C3F9-4EFB-9B51-7695ECA05670} - No File

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files\lexmark toolbar\toolband.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll

BHO: {465E08E7-F005-4389-980F-1D8764B3486C} - No File

BHO: AOL Toolbar Loader: {7c554162-8cb7-45a4-b8f4-8ea1c75885f9} - c:\program files\aol toolbar\aoltb.dll

BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll

BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\progra~1\wi371a~1\toolbar\searchqudtx.dll

BHO: UrlHelper Class: {a40dc6c5-79d0-4ca8-a185-8ff989af1115} - c:\progra~1\wi371a~1\datamngr\IEBHO.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: AcroIEToolbarHelper Class: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll

BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll

BHO: Windows Live Toolbar Helper: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll

BHO: 1 (0x1) - No File

BHO: Lexmark Printable Web: {d2c5e510-be6d-42cc-9f61-e4f939078474} - c:\program files\lexmark printable web\bho.dll

BHO: Java

[Searchqu invasion]

After searching for a video torrent,I ended up with iLivid on my computer and it has resulted in giving me a Searchqu toolbar I cannot get rid of. My System Restore will not run. I have tried my Avast and Malwarebytes. They found a couple of infections. I removed them, but I still have the Searchqu. It is causing Malwarebytes to alert every time I access the internet. I presume other problems will follow. Can you help me get my system back to normal? thanks

.

DDS (Ver_2011-06-02.03) - NTFSx86

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_23

Run by Rick Ross at 14:24:04 on 2011-06-02

.

============== Running Processes ===============

.

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe

C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\WINDOWS\eHome\ehSched.exe

C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxeaserv.exe

C:\WINDOWS\system32\lxeacoms.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\M-Audio USB Quattro\Install\QuatInst.exe

C:\Program Files\CyberLink\Shared Files\RichVideo.exe

C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe

C:\Program Files\Sony\Sony TV Tuner Library\SMceMan.exe

C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe

C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe

C:\Program Files\Viewpoint\Common\ViewpointService.exe

C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

C:\WINDOWS\wanmpsvc.exe

C:\WINDOWS\system32\MsPMSPSv.exe

C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

C:\WINDOWS\ehome\mcrdsvc.exe

C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe

C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe

C:\WINDOWS\system32\dllhost.exe

C:\Program Files\Sony\Sony TV Tuner Library\RM_SV.exe

C:\WINDOWS\System32\alg.exe

C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe

C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Program Files\SONY\sHotKey\sHotKey.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Alwil Software\Avast5\avastUI.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Common Files\Java\Java Update\jucheck.exe

C:\Documents and Settings\Rick Ross\My Documents\Downloads\8myt0um1.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Documents and Settings\Rick Ross\My Documents\Downloads\dds.com

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.searchqu.com/406

uSearch Bar = hxxp://www.google.com/ie

uDefault_Search_URL = hxxp://search.msn.com

uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7

mDefault_Page_URL = hxxp://www.sony.com/vaiopeople

mSearch Page =

uURLSearchHooks: IAOLTBSearch Class: {ea756889-2338-43db-8f07-d1ca6fb9c90d} - c:\program files\aol toolbar\aoltb.dll

uURLSearchHooks: H - No File

mURLSearchHooks: IAOLTBSearch Class: {ea756889-2338-43db-8f07-d1ca6fb9c90d} - c:\program files\aol toolbar\aoltb.dll

BHO: {02478D38-C3F9-4EFB-9B51-7695ECA05670} - No File

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files\lexmark toolbar\toolband.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll

BHO: {465E08E7-F005-4389-980F-1D8764B3486C} - No File

BHO: AOL Toolbar Loader: {7c554162-8cb7-45a4-b8f4-8ea1c75885f9} - c:\program files\aol toolbar\aoltb.dll

BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll

BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\progra~1\wi371a~1\toolbar\searchqudtx.dll

BHO: UrlHelper Class: {a40dc6c5-79d0-4ca8-a185-8ff989af1115} - c:\progra~1\wi371a~1\datamngr\IEBHO.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: AcroIEToolbarHelper Class: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll

BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll

BHO: Windows Live Toolbar Helper: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll

BHO: 1 (0x1) - No File

BHO: Lexmark Printable Web: {d2c5e510-be6d-42cc-9f61-e4f939078474} - c:\program files\lexmark printable web\bho.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll

TB: Windows Live Toolbar: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll

TB: AOL Toolbar: {de9c389f-3316-41a7-809b-aa305ed9d922} - c:\program files\aol toolbar\aoltb.dll

TB: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files\lexmark toolbar\toolband.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll

TB: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\progra~1\wi371a~1\toolbar\searchqudtx.dll

TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File

TB: {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No File

TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File

TB: {6ADB0F93-1AA5-4BCF-9DF4-CEA689A3C111} - No File

TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll

EB: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - No File

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

mRun: [VAIO Recovery] c:\windows\sonysys\vaio recovery\PartSeal.exe

mRun: [soundMan] SOUNDMAN.EXE

mRun: [sHotKey] "c:\program files\sony\shotkey\sHotKey.exe"

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t

IE: &AOL Toolbar Search - c:\documents and settings\all users\application data\aol\ietoolbar\resources\en-us\local\search.html

IE: &Windows Live Search - c:\program files\windows live toolbar\msntb.dll/search.htm

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html

IE: {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE}

IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL

DPF: {00000055-9980-0010-8000-00AA00389B71} - hxxp://codecs.microsoft.com/codecs/i386/fhg.CAB

DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} - hxxp://esupport.sony.com/VaioInfo.CAB

DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://support.microsoft.com/OAS/ActiveX/MSDcode.cab

DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab

DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} - hxxp://www.kaspersky.com/downloads/kws/kavwebscan.cab

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/5/b/0/5b0d4654-aa20-495c-b89f-c1c34c691085/LegitCheckControl.cab

DPF: {341FF14B-00CB-49F5-A427-A164DF1D5E1F} - hxxp://musicstore.connect.com/assets/activexplayer/SMALStreaming.cab

DPF: {37DF41B2-61DB-4CAC-A755-CFB3C7EE7F40} - hxxp://esupport.aol.com/help/acp2/engine/aolcoach_core_1.cab

DPF: {474F00F5-3853-492C-AC3A-476512BBC336} - hxxp://picasaweb.google.com/s/v/32.70/uploader2.cab

DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} - hxxp://aolcc.aol.com/computercheckup/qdiagcc.cab

DPF: {4EC8E993-32C1-47F5-A07A-5B0574655AD4} - hxxp://us.dl1.yimg.com/download.yahoo.com/dl/controls/ysftcntr/ysftcntr_current.cab

DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab

DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5483.cab

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1140818082843

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab

DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} - hxxp://www.sibelius.com/download/software/win/ActiveXPlugin.cab

DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

TCP: DhcpNameServer = 209.18.47.61 209.18.47.62

TCP: Interfaces\{C3C77818-ACF1-43AD-84ED-E3A61B2EABAF} : DhcpNameServer = 209.18.47.61 209.18.47.62

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

AppInit_DLLs: c:\progra~1\wi371a~1\datamngr\datamngr.dll c:\progra~1\wi371a~1\datamngr\IEBHO.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

Hosts: 127.0.0.1 www.spywareinfo.com

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\rick ross\application data\mozilla\firefox\profiles\fk3uq85c.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.aol.com/aolcom/search?invocationType=tb50-ff-aolmailtb-chromesbox-en-us&query=

FF - prefs.js: browser.search.selectedEngine - Web Search

FF - prefs.js: browser.startup.homepage - hxxps://mail.google.com/mail/?zx=ea49c3qx0q9n&zx=co595wvlqlf8&shva=1#inbox

FF - prefs.js: keyword.URL - hxxp://www.searchqu.com/web?src=ffb&systemid=406&q=

FF - plugin: c:\documents and settings\rick ross\application data\facebook\npfbplugin_1_0_3.dll

FF - plugin: c:\documents and settings\rick ross\application data\move networks\plugins\071803000001\npqmp071803000001.dll

FF - plugin: c:\documents and settings\rick ross\application data\mozilla\plugins\npgoogletalk.dll

FF - plugin: c:\documents and settings\rick ross\application data\mozilla\plugins\npgtpo3dautoplugin.dll

FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\google\picasa3\npPicasa3.dll

FF - plugin: c:\program files\google\update\1.3.21.53\npGoogleUpdate3.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\microsoft silverlight\4.0.60310.0\npctrlui.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npmusicn.dll

FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll

FF - plugin: c:\program files\virtual earth 3d\npVE3D.dll

.

---- FIREFOX POLICIES ----

FF - user.js: yahoo.ytff.general.dontshowhpoffer - true

============= SERVICES / DRIVERS ===============

.

R? avast! Antivirus;avast! Antivirus

R? gupdate;Google Update Service (gupdate)

R? gupdatem;Google Update Service (gupdatem)

R? m763001b;M-Audio Quattro Base Driver

R? m763001d;M-Audio Quattro Legacy Driver

R? ma763001;M-Audio Quattro

R? MBAMSwissArmy;MBAMSwissArmy

R? PL-40R;CASIO USB MIDI

R? USB22LDR;M-Audio USB MidiSport 2x2 Loader

R? USBNS4X4;M-Audio USB Quattro Midi

S? aswFsBlk;aswFsBlk

S? aswSnx;aswSnx

S? aswSP;aswSP

S? GearAspiSys;GearAspiSys

S? lxea_device;lxea_device

S? lxeaCATSCustConnectService;lxeaCATSCustConnectService

S? MBAMProtector;MBAMProtector

S? MBAMService;MBAMService

S? McrdSvc;Media Center Extender Service

S? QuattroInstallerService;Quattro Installer

S? SBKUPNT;SBKUPNT

S? USBMN2X2;M-Audio USB MidiSport 2x2

S? Viewpoint Manager Service;Viewpoint Manager Service

S? X10Hid;X10 Hid Device

.

=============== Created Last 30 ================

.

2011-06-02 05:57:49 -------- d--h--w- c:\documents and settings\rick ross\Recent(3)

2011-06-01 23:00:48 -------- d--h--w- c:\documents and settings\rick ross\Recent(2)

2011-06-01 03:48:08 -------- d-----w- C:\+to ipod

2011-06-01 03:31:23 -------- d-----w- c:\documents and settings\rick ross\application data\searchquband

2011-05-29 02:01:12 -------- d-----w- C:\MOVIES

2011-05-29 01:24:54 -------- d-----w- c:\documents and settings\rick ross\local settings\application data\Ilivid Player

2011-05-29 01:22:32 -------- d-----w- c:\documents and settings\rick ross\application data\searchqutoolbar

2011-05-29 01:22:23 -------- d-----w- c:\program files\Windows iLivid Toolbar

2011-05-29 01:22:04 -------- d-----w- c:\documents and settings\rick ross\local settings\application data\PackageAware

2011-05-25 06:00:27 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-05-24 02:25:10 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2011-05-18 18:36:02 -------- d-----w- c:\documents and settings\rick ross\application data\Sibelius Software

2011-05-18 17:52:10 -------- d-----w- c:\program files\Sibelius Software

2011-05-10 21:34:16 781272 ----a-w- c:\program files\mozilla firefox\mozsqlite3.dll

2011-05-10 21:34:16 1874904 ----a-w- c:\program files\mozilla firefox\mozjs.dll

2011-05-10 21:34:15 89048 ----a-w- c:\program files\mozilla firefox\libEGL.dll

2011-05-10 21:34:15 465880 ----a-w- c:\program files\mozilla firefox\libGLESv2.dll

2011-05-10 21:34:15 15832 ----a-w- c:\program files\mozilla firefox\mozalloc.dll

2011-05-10 21:34:14 1892184 ----a-w- c:\program files\mozilla firefox\d3dx9_42.dll

2011-05-10 21:34:14 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

2011-05-10 21:34:13 1974616 ----a-w- c:\program files\mozilla firefox\D3DCompiler_42.dll

.

==================== Find3M ====================

.

2011-05-29 16:11:30 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-05-29 16:11:20 22712 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-05-10 12:10:59 40112 ----a-w- c:\windows\avastSS.scr

2011-04-13 22:40:10 4284416 ----a-w- c:\windows\system32\GPhotos.scr

2011-03-07 05:33:50 692736 ----a-w- c:\windows\system32\inetcomm.dll

2008-11-14 17:49:43 1754240 ----a-w- c:\program files\BitTorrent-6.1.2a.exe

2001-10-05 19:53:04 21866 ----a-w- c:\program files\common files\tppupd2k.dll

1998-02-09 09:59:18 6416 ----a-w- c:\program files\FAC_PT63.EXE

.

============= FINISH: 14:31:23.35 ===============

Malwarebytes' Anti-Malware 1.51.0.1200

www.malwarebytes.org

Database version: 6814

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

6/8/2011 2:32:18 PM

mbam-log-2011-06-08 (14-32-18).txt

Scan type: Quick scan

Objects scanned: 190594

Time elapsed: 14 minute(s), 27 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

DDS LOG:

.

DDS (Ver_2011-06-02.03) - NTFSx86

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_23

Run by Rick Ross at 16:00:25 on 2011-06-08

.

============== Running Processes ===============

.

C:\WINDOWS\system32\Ati2evxx.exe

C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe

C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\WINDOWS\eHome\ehSched.exe

C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxeaserv.exe

C:\WINDOWS\system32\lxeacoms.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\M-Audio USB Quattro\Install\QuatInst.exe

C:\Program Files\CyberLink\Shared Files\RichVideo.exe

C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe

C:\Program Files\Sony\Sony TV Tuner Library\SMceMan.exe

C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe

C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe

C:\Program Files\Viewpoint\Common\ViewpointService.exe

C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

C:\WINDOWS\wanmpsvc.exe

C:\WINDOWS\system32\MsPMSPSv.exe

C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

C:\WINDOWS\ehome\mcrdsvc.exe

C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe

C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe

C:\WINDOWS\system32\dllhost.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Program Files\Sony\Sony TV Tuner Library\RM_SV.exe

C:\WINDOWS\System32\alg.exe

C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe

C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Program Files\SONY\sHotKey\sHotKey.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Alwil Software\Avast5\avastUI.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Common Files\Java\Java Update\jucheck.exe

C:\WINDOWS\explorer.exe

C:\WINDOWS\system32\notepad.exe

C:\Documents and Settings\Rick Ross\My Documents\Downloads\gyfir1g8.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Documents and Settings\Rick Ross\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe

C:\Documents and Settings\Rick Ross\My Documents\Downloads\dds.com

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

C:\WINDOWS\system32\svchost.exe -k rpcss

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.searchqu.com/406

uDefault_Search_URL = hxxp://search.msn.com

uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7

uURLSearchHooks: IAOLTBSearch Class: {ea756889-2338-43db-8f07-d1ca6fb9c90d} - c:\program files\aol toolbar\aoltb.dll

uURLSearchHooks: H - No File

mURLSearchHooks: IAOLTBSearch Class: {ea756889-2338-43db-8f07-d1ca6fb9c90d} - c:\program files\aol toolbar\aoltb.dll

BHO: {02478D38-C3F9-4EFB-9B51-7695ECA05670} - No File

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files\lexmark toolbar\toolband.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll

BHO: {465E08E7-F005-4389-980F-1D8764B3486C} - No File

BHO: AOL Toolbar Loader: {7c554162-8cb7-45a4-b8f4-8ea1c75885f9} - c:\program files\aol toolbar\aoltb.dll

BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll

BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: AcroIEToolbarHelper Class: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll

BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll

BHO: Windows Live Toolbar Helper: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll

BHO: 1 (0x1) - No File

BHO: Lexmark Printable Web: {d2c5e510-be6d-42cc-9f61-e4f939078474} - c:\program files\lexmark printable web\bho.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll

TB: Windows Live Toolbar: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll

TB: AOL Toolbar: {de9c389f-3316-41a7-809b-aa305ed9d922} - c:\program files\aol toolbar\aoltb.dll

TB: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files\lexmark toolbar\toolband.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll

TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File

TB: {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No File

TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File

TB: {6ADB0F93-1AA5-4BCF-9DF4-CEA689A3C111} - No File

EB: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - No File

mRun: [VAIO Recovery] c:\windows\sonysys\vaio recovery\PartSeal.exe

mRun: [soundMan] SOUNDMAN.EXE

mRun: [sHotKey] "c:\program files\sony\shotkey\sHotKey.exe"

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

mRun: [avast] "c:\program files\alwil software\avast5\avastUI.exe" /nogui

dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t

IE: &AOL Toolbar Search - c:\documents and settings\all users\application data\aol\ietoolbar\resources\en-us\local\search.html

IE: &Windows Live Search - c:\program files\windows live toolbar\msntb.dll/search.htm

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html

IE: {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE}

IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL

DPF: {00000055-9980-0010-8000-00AA00389B71} - hxxp://codecs.microsoft.com/codecs/i386/fhg.CAB

DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} - hxxp://esupport.sony.com/VaioInfo.CAB

DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://support.microsoft.com/OAS/ActiveX/MSDcode.cab

DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab

DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} - hxxp://www.kaspersky.com/downloads/kws/kavwebscan.cab

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/5/b/0/5b0d4654-aa20-495c-b89f-c1c34c691085/LegitCheckControl.cab

DPF: {341FF14B-00CB-49F5-A427-A164DF1D5E1F} - hxxp://musicstore.connect.com/assets/activexplayer/SMALStreaming.cab

DPF: {37DF41B2-61DB-4CAC-A755-CFB3C7EE7F40} - hxxp://esupport.aol.com/help/acp2/engine/aolcoach_core_1.cab

DPF: {474F00F5-3853-492C-AC3A-476512BBC336} - hxxp://picasaweb.google.com/s/v/32.70/uploader2.cab

DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} - hxxp://aolcc.aol.com/computercheckup/qdiagcc.cab

DPF: {4EC8E993-32C1-47F5-A07A-5B0574655AD4} - hxxp://us.dl1.yimg.com/download.yahoo.com/dl/controls/ysftcntr/ysftcntr_current.cab

DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab

DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5483.cab

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1140818082843

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab

DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} - hxxp://www.sibelius.com/download/software/win/ActiveXPlugin.cab

DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

TCP: DhcpNameServer = 209.18.47.61 209.18.47.62

TCP: Interfaces\{C3C77818-ACF1-43AD-84ED-E3A61B2EABAF} : DhcpNameServer = 209.18.47.61 209.18.47.62

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\rick ross\application data\mozilla\firefox\profiles\fk3uq85c.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.aol.com/aolcom/search?invocationType=tb50-ff-aolmailtb-chromesbox-en-us&query=

FF - prefs.js: browser.search.selectedEngine - Web Search

FF - prefs.js: browser.startup.homepage - hxxps://mail.google.com/mail/?zx=ea49c3qx0q9n&zx=co595wvlqlf8&shva=1#inbox

FF - prefs.js: keyword.URL - hxxp://www.searchqu.com/web?src=ffb&systemid=406&q=

FF - plugin: c:\documents and settings\rick ross\application data\facebook\npfbplugin_1_0_3.dll

FF - plugin: c:\documents and settings\rick ross\application data\move networks\plugins\071803000001\npqmp071803000001.dll

FF - plugin: c:\documents and settings\rick ross\application data\mozilla\plugins\npgoogletalk.dll

FF - plugin: c:\documents and settings\rick ross\application data\mozilla\plugins\npgtpo3dautoplugin.dll

FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\google\picasa3\npPicasa3.dll

FF - plugin: c:\program files\google\update\1.3.21.53\npGoogleUpdate3.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\microsoft silverlight\4.0.60310.0\npctrlui.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npmusicn.dll

FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll

FF - plugin: c:\program files\virtual earth 3d\npVE3D.dll

.

---- FIREFOX POLICIES ----

FF - user.js: yahoo.ytff.general.dontshowhpoffer - true

.

============= SERVICES / DRIVERS ===============

.

R? gupdate;Google Update Service (gupdate)

R? gupdatem;Google Update Service (gupdatem)

R? m763001b;M-Audio Quattro Base Driver

R? m763001d;M-Audio Quattro Legacy Driver

R? ma763001;M-Audio Quattro

R? PL-40R;CASIO USB MIDI

R? USB22LDR;M-Audio USB MidiSport 2x2 Loader

R? USBNS4X4;M-Audio USB Quattro Midi

S? aswFsBlk;aswFsBlk

S? aswSnx;aswSnx

S? aswSP;aswSP

S? avast! Antivirus;avast! Antivirus

S? GearAspiSys;GearAspiSys

S? lxea_device;lxea_device

S? lxeaCATSCustConnectService;lxeaCATSCustConnectService

S? MBAMProtector;MBAMProtector

S? MBAMService;MBAMService

S? McrdSvc;Media Center Extender Service

S? QuattroInstallerService;Quattro Installer

S? SBKUPNT;SBKUPNT

S? USBMN2X2;M-Audio USB MidiSport 2x2

S? Viewpoint Manager Service;Viewpoint Manager Service

S? X10Hid;X10 Hid Device

.

=============== Created Last 30 ================

.

2011-06-08 22:02:00 -------- d-sha-r- C:\cmdcons

2011-06-08 21:57:29 98816 ----a-w- c:\windows\sed.exe

2011-06-08 21:57:29 518144 ----a-w- c:\windows\SWREG.exe

2011-06-08 21:57:29 256512 ----a-w- c:\windows\PEV.exe

2011-06-08 21:57:29 208896 ----a-w- c:\windows\MBR.exe

2011-06-02 05:57:49 -------- d--h--w- c:\documents and settings\rick ross\Recent(3)

2011-06-01 23:00:48 -------- d--h--w- c:\documents and settings\rick ross\Recent(2)

2011-06-01 03:48:08 -------- d-----w- C:\+to ipod

2011-06-01 03:31:23 -------- d-----w- c:\documents and settings\rick ross\application data\searchquband

2011-05-29 02:01:12 -------- d-----w- C:\MOVIES

2011-05-29 01:24:54 -------- d-----w- c:\documents and settings\rick ross\local settings\application data\Ilivid Player

2011-05-29 01:22:32 -------- d-----w- c:\documents and settings\rick ross\application data\searchqutoolbar

2011-05-29 01:22:23 -------- d-----w- c:\program files\Windows iLivid Toolbar

2011-05-29 01:22:04 -------- d-----w- c:\documents and settings\rick ross\local settings\application data\PackageAware

2011-05-25 06:00:27 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-05-24 02:25:10 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2011-05-18 18:36:02 -------- d-----w- c:\documents and settings\rick ross\application data\Sibelius Software

2011-05-18 17:52:10 -------- d-----w- c:\program files\Sibelius Software

2011-05-10 21:34:16 781272 ----a-w- c:\program files\mozilla firefox\mozsqlite3.dll

2011-05-10 21:34:16 1874904 ----a-w- c:\program files\mozilla firefox\mozjs.dll

2011-05-10 21:34:15 89048 ----a-w- c:\program files\mozilla firefox\libEGL.dll

2011-05-10 21:34:15 465880 ----a-w- c:\program files\mozilla firefox\libGLESv2.dll

2011-05-10 21:34:15 15832 ----a-w- c:\program files\mozilla firefox\mozalloc.dll

2011-05-10 21:34:14 1892184 ----a-w- c:\program files\mozilla firefox\d3dx9_42.dll

2011-05-10 21:34:14 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

2011-05-10 21:34:13 1974616 ----a-w- c:\program files\mozilla firefox\D3DCompiler_42.dll

.

==================== Find3M ====================

.

2011-05-29 16:11:30 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-05-29 16:11:20 22712 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-05-10 12:10:59 40112 ----a-w- c:\windows\avastSS.scr

2011-04-13 22:40:10 4284416 ----a-w- c:\windows\system32\GPhotos.scr

2008-11-14 17:49:43 1754240 ----a-w- c:\program files\BitTorrent-6.1.2a.exe

2001-10-05 19:53:04 21866 ----a-w- c:\program files\common files\tppupd2k.dll

1998-02-09 09:59:18 6416 ----a-w- c:\program files\FAC_PT63.EXE

.

============= FINISH: 16:02:17.42 ===============

COMBOFIX LOG:

ComboFix 11-06-08.01 - Rick Ross 06/08/2011 15:06:18.1.2 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1062 [GMT -7:00]

Running from: c:\documents and settings\Rick Ross\My Documents\Downloads\ComboFix.exe

AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}

* Created a new restore point

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\documents and settings\Rick Ross\System

c:\documents and settings\Rick Ross\System\win_qs8.jqx

c:\documents and settings\Rick Ross\WINDOWS

c:\progra~1\WI371A~1\Datamngr\IEBHo.dll

c:\progra~1\WI371A~1\ToolBar\seARchqudtx.dll

c:\windows\explorer(3).exe

c:\windows\system32\msMAsk32.ocx

c:\windows\TEMP\logishrd\LVPrcInj01.dll

.

.

((((((((((((((((((((((((( Files Created from 2011-05-08 to 2011-06-08 )))))))))))))))))))))))))))))))

.

.

2011-06-01 03:48 . 2011-06-01 03:49 -------- d-----w- C:\+to ipod

2011-06-01 03:31 . 2011-06-01 03:31 -------- d-----w- c:\documents and settings\Rick Ross\Application Data\searchquband

2011-05-29 02:01 . 2011-06-01 17:41 -------- d-----w- C:\MOVIES

2011-05-29 01:24 . 2011-05-29 01:24 -------- d-----w- c:\documents and settings\Rick Ross\Local Settings\Application Data\Ilivid Player

2011-05-29 01:22 . 2011-06-01 18:13 -------- d-----w- c:\documents and settings\Rick Ross\Application Data\searchqutoolbar

2011-05-29 01:22 . 2011-05-29 01:22 -------- d-----w- c:\program files\Windows iLivid Toolbar

2011-05-29 01:22 . 2011-05-29 01:22 -------- d-----w- c:\documents and settings\Rick Ross\Local Settings\Application Data\PackageAware

2011-05-25 06:00 . 2011-05-25 06:00 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-05-24 02:25 . 2011-05-10 12:03 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2011-05-18 18:36 . 2011-05-18 18:36 -------- d-----w- c:\documents and settings\Rick Ross\Application Data\Sibelius Software

2011-05-18 17:52 . 2011-05-18 17:52 -------- d-----w- c:\program files\Sibelius Software

2011-05-10 21:34 . 2011-05-10 21:34 781272 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll

2011-05-10 21:34 . 2011-05-10 21:34 1874904 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll

2011-05-10 21:34 . 2011-05-10 21:34 89048 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll

2011-05-10 21:34 . 2011-05-10 21:34 465880 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll

2011-05-10 21:34 . 2011-05-10 21:34 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll

2011-05-10 21:34 . 2011-05-10 21:34 1892184 ----a-w- c:\program files\Mozilla Firefox\d3dx9_42.dll

2011-05-10 21:34 . 2011-05-10 21:34 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll

2011-05-10 21:34 . 2011-05-10 21:34 1974616 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_42.dll

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-05-29 16:11 . 2011-01-22 01:12 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-05-29 16:11 . 2011-01-22 01:12 22712 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-05-10 12:10 . 2011-01-22 01:04 40112 ----a-w- c:\windows\avastSS.scr

2011-05-10 12:10 . 2011-01-22 01:04 199304 ----a-w- c:\windows\system32\aswBoot.exe

2011-05-10 12:03 . 2011-01-22 01:04 307928 ----a-w- c:\windows\system32\drivers\aswSP.sys

2011-05-10 12:02 . 2011-01-22 01:04 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2011-05-10 12:02 . 2011-01-22 01:04 102616 ----a-w- c:\windows\system32\drivers\aswmon2.sys

2011-05-10 12:02 . 2011-01-22 01:04 96344 ----a-w- c:\windows\system32\drivers\aswmon.sys

2011-05-10 11:59 . 2011-01-22 01:04 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys

2011-05-10 11:59 . 2011-01-22 01:04 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys

2011-05-10 11:59 . 2011-01-22 01:04 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2011-04-13 22:40 . 2011-04-13 22:40 4284416 ----a-w- c:\windows\system32\GPhotos.scr

2008-11-14 17:49 . 2008-11-14 17:49 1754240 ----a-w- c:\program files\BitTorrent-6.1.2a.exe

2001-10-05 19:53 . 2008-02-04 18:11 21866 ----a-w- c:\program files\Common Files\tppupd2k.dll

1998-02-09 09:59 . 2005-01-29 21:24 6416 ----a-w- c:\program files\FAC_PT63.EXE

2010-03-31 17:09 . 2010-03-31 17:09 10437264 ----a-w- c:\program files\mozilla firefox\plugins\PDFNetC.dll

2010-04-08 19:36 . 2010-04-08 19:36 107760 ----a-w- c:\program files\mozilla firefox\plugins\ScorchPDFWrapper.dll

2011-05-10 21:34 . 2011-05-10 21:34 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2011-05-10 12:10 122512 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"VAIO Recovery"="c:\windows\Sonysys\VAIO Recovery\PartSeal.exe" [2003-04-20 28672]

"SoundMan"="SOUNDMAN.EXE" [2004-07-29 77824]

"sHotKey"="c:\program files\SONY\sHotKey\sHotKey.exe" [2003-08-22 45056]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-01-25 421160]

"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-05-29 449584]

"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2011-05-10 3459712]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"midi1"=usbmn2x2.dll

"midi4"=usbns4x4.dll

"midi3"=usbns4x4.dll

"midi5"=usbns4x4.dll

"midi7"=usbns4x4.dll

"MIDI10"=vpnt.dll

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Acrobat Assistant.lnk]

backup=c:\windows\pss\Acrobat Assistant.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^AOL 9.0 Tray-Symbol.lnk]

backup=c:\windows\pss\AOL 9.0 Tray-Symbol.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Image Transfer.lnk]

backup=c:\windows\pss\Image Transfer.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]

backup=c:\windows\pss\WinZip Quick Pick.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^Rick Ross^Start Menu^Programs^Startup^Launch Microsoft Office Outlook.lnk]

backup=c:\windows\pss\Launch Microsoft Office Outlook.lnkStartup

.

[HKLM\~\startupfolder\C:^Documents and Settings^Rick Ross^Start Menu^Programs^Startup^M-Audio Quattro Control Panel Launcher.lnk]

backup=c:\windows\pss\M-Audio Quattro Control Panel Launcher.lnkStartup

.

[HKLM\~\startupfolder\C:^Documents and Settings^Rick Ross^Start Menu^Programs^Startup^Picture Motion Browser Media Check Tool.lnk]

backup=c:\windows\pss\Picture Motion Browser Media Check Tool.lnkStartup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]

c:\windows\system32\dumprep 0 -k [X]

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdaptecDirectCD]

2001-01-11 13:00 643072 ----a-w- c:\program files\Adaptec\Easy CD Creator 5\DirectCD\Directcd.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2007-10-11 03:51 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOL Fast Start]

2008-11-06 11:42 50472 ----a-w- c:\program files\AOL 9.1\aol.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOL Spyware Protection]

2004-10-19 00:42 79448 ----a-w- c:\progra~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOLDialer]

2006-10-23 12:50 71216 ----a-r- c:\program files\Common Files\AOL\ACS\AOLDial.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]

2010-12-15 01:17 47904 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]

2004-09-29 14:15 344064 ----a-w- c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]

2008-12-19 02:03 342848 ----a-w- c:\program files\DNA\btdna.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CreateCD50]

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]

2008-04-14 00:12 15360 ----a-w- c:\windows\system32\ctfmon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DATAMNGR]

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EasyLinkAdvisor]

2007-03-16 02:16 454784 ----a-w- c:\program files\Linksys EasyLink Advisor\LinksysAgent.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]

2005-08-05 20:56 64512 ----a-w- c:\windows\ehome\ehtray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EverioService]

2006-11-23 04:10 151552 ------w- c:\program files\CyberLink\PCM4Everio\EverioService.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EzPrint]

2010-01-18 17:27 139944 ----a-w- c:\program files\Lexmark S300-S400 Series\ezprint.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]

2007-01-01 21:22 3739648 ----a-w- c:\program files\Google\Google Talk\googletalk.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\High Definition Audio Property Page Shortcut]

2004-03-17 22:10 61952 ----a-w- c:\windows\system32\Hdaudpropshortcut.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]

2007-05-25 17:16 42032 ----a-w- c:\program files\Common Files\AOL\1129216511\ee\aolsoftware.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]

2003-01-31 02:55 196608 ----a-w- c:\windows\system32\spool\drivers\w32x86\3\hpztsb04.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]

2004-03-23 19:16 135168 ----a-w- c:\program files\Intel\Intel Application Accelerator\IAAnotif.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

2011-01-25 23:08 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager]

2008-08-15 00:11 565008 ----a-w- c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxeamon.exe]

2010-01-18 17:27 770728 ----a-w- c:\program files\Lexmark S300-S400 Series\lxeamon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MediaFace Integration]

2002-07-23 21:31 53248 ----a-w- c:\program files\Neato\MediaFACE 4.0\SetHook.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

2008-04-14 00:12 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nero PhotoShow Media Manager]

2006-05-10 19:52 249856 ----a-w- c:\progra~1\Nero\NEROPH~1\data\Xtras\mssysmgr.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Omnipage]

2002-06-03 19:38 49152 ----a-w- c:\program files\ScanSoft\OmniPageSE\opware32.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2010-11-30 01:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]

2008-03-27 03:14 214560 ----a-w- c:\program files\Real\RealPlayer\realplay.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]

2010-05-13 23:12 26192168 ----a-r- c:\program files\Skype\Phone\Skype.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sonic RecordNow!]

2004-06-22 15:02 1912832 ----a-w- c:\program files\Sonic\RecordNow!\RecordNow.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

2008-05-28 02:37 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPP Auto Loader]

2001-10-05 19:54 118784 ----a-w- c:\windows\tppaldr.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ulead AutoDetector v2]

2004-08-28 02:22 90112 ----a-w- c:\program files\Common Files\Ulead Systems\AutoDetector\Monitor.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VAIO Update 2]

2004-01-17 10:36 135168 ----a-w- c:\program files\Sony\VAIO Update 2\VAIOUpdt.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VAIO Update 3]

2007-05-16 03:46 551032 ----a-w- c:\program files\Sony\VAIO Update 3\VAIOUpdt.exe

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Sony\\VAIO Media Integrated Server\\Platform\\SV_Httpd.exe"=

"c:\\Program Files\\Sony\\VAIO Media Integrated Server\\Platform\\UPnPFramework.exe"=

"c:\\Program Files\\Sony\\VAIO Media Integrated Server\\Platform\\VMConsole.exe"=

"c:\\Program Files\\Messenger\\msmsgs.exe"=

"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLAcsd.exe"=

"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=

"c:\\Program Files\\AOL(DE) 9.0\\waol.exe"=

"c:\\Program Files\\America Online 9.0\\waol.exe"=

"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=

"c:\\Program Files\\Common Files\\AOL\\1129216511\\ee\\aolsoftware.exe"=

"c:\\Program Files\\Common Files\\AOL\\1129216511\\ee\\aim6.exe"=

"c:\\Program Files\\America Online 9.0a\\waol.exe"=

"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltsmon.exe"=

"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltpspd.exe"=

"c:\\Program Files\\Common Files\\AOL\\1129216511\\ee\\AOLServiceHost.exe"=

"c:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"=

"c:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\AOLSP Scheduler.exe"=

"c:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\asp.exe"=

"c:\\Program Files\\Common Files\\AolCoach\\en_en\\player\\AOLNySEV.exe"=

"c:\\Program Files\\Sony\\Click to DVD 2\\CtoDvd.exe"=

"c:\\Program Files\\CyberLink\\PCM4Everio\\PCM4Everio.exe"=

"c:\\Program Files\\CyberLink\\PCM4Everio\\EverioService.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\WINDOWS\\system32\\dpvsetup.exe"=

"c:\\Program Files\\Google\\Google Talk\\googletalk.exe"=

"c:\\Program Files\\DNA\\btdna.exe"=

"c:\\Program Files\\AOL 9.0\\waol.exe"=

"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\3.0\\aoltpsd3.exe"=

"c:\\WINDOWS\\system32\\fxsclnt.exe"=

"c:\\Drivers&Downloads\\utorrent.exe"=

"c:\\Program Files\\AOL 9.1\\waol.exe"=

"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=

"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=

"c:\\WINDOWS\\system32\\lxeacoms.exe"=

"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=

"c:\\Documents and Settings\\Rick Ross\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=

"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=

"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Program Files\\Windows iLivid Toolbar\\ToolBar\\dtUser.exe"=

.

R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [5/23/2011 7:25 PM 441176]

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [1/21/2011 6:04 PM 307928]

R1 GearAspiSys;GearAspiSys;c:\windows\system32\drivers\GEARASPISYS.SYS [11/5/2005 11:22 AM 53412]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [1/21/2011 6:04 PM 19544]

R2 lxea_device;lxea_device;c:\windows\system32\lxeacoms.exe -service --> c:\windows\system32\lxeacoms.exe -service [?]

R2 lxeaCATSCustConnectService;lxeaCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxeaserv.exe [5/29/2010 1:56 PM 98984]

R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [1/21/2011 6:12 PM 366640]

R2 QuattroInstallerService;Quattro Installer;c:\program files\M-Audio USB Quattro\Install\QuatInst.exe [2/14/2005 12:05 PM 86016]

R2 SBKUPNT;SBKUPNT;c:\windows\system32\drivers\SBKUPNT.SYS [10/9/2008 12:27 PM 14976]

R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [12/29/2007 12:26 PM 24652]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [1/21/2011 6:12 PM 22712]

R3 USBMN2X2;M-Audio USB MidiSport 2x2;c:\windows\system32\drivers\usbmn2x2.sys [1/22/2005 6:41 PM 22304]

R3 X10Hid;X10 Hid Device;c:\windows\system32\drivers\x10hid.sys [3/24/2008 2:41 PM 7040]

S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2/8/2010 1:04 AM 135664]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2/8/2010 1:04 AM 135664]

S3 m763001b;M-Audio Quattro Base Driver;c:\windows\system32\drivers\m763001b.sys [1/22/2005 6:34 PM 9216]

S3 m763001d;M-Audio Quattro Legacy Driver;c:\windows\system32\drivers\m763001d.sys [1/22/2005 6:34 PM 6656]

S3 ma763001;M-Audio Quattro;c:\windows\system32\drivers\MA763001.sys [1/22/2005 6:34 PM 41856]

S3 PL-40R;CASIO USB MIDI;c:\windows\system32\drivers\pl40rwdm.sys [5/3/2009 5:12 PM 18048]

S3 USB22LDR;M-Audio USB MidiSport 2x2 Loader;c:\windows\system32\drivers\usb22ldr.sys [1/22/2005 6:41 PM 14272]

S3 USBNS4X4;M-Audio USB Quattro Midi;c:\windows\system32\drivers\usbns4x4.sys [1/22/2005 6:34 PM 22368]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

getPlusHelper REG_MULTI_SZ getPlusHelper

.

Contents of the 'Scheduled Tasks' folder

.

2011-05-31 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-04-12 19:34]

.

2011-06-08 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job

- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 19:20]

.

2011-06-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-08 08:04]

.

2011-06-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-08 08:04]

.

2011-06-08 c:\windows\Tasks\User_Feed_Synchronization-{A04A00E0-C5DA-4502-A5D0-ABBF91C9B966}.job

- c:\windows\system32\msfeedssync.exe [2006-10-17 12:31]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.searchqu.com/406

uDefault_Search_URL = hxxp://search.msn.com

uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7

IE: &AOL Toolbar Search - c:\documents and settings\All Users\Application Data\AOL\ieToolbar\resources\en-US\local\search.html

IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html

TCP: DhcpNameServer = 209.18.47.61 209.18.47.62

DPF: {4EC8E993-32C1-47F5-A07A-5B0574655AD4} - hxxp://us.dl1.yimg.com/download.yahoo.com/dl/controls/ysftcntr/ysftcntr_current.cab

FF - ProfilePath - c:\documents and settings\Rick Ross\Application Data\Mozilla\Firefox\Profiles\fk3uq85c.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.aol.com/aolcom/search?invocationType=tb50-ff-aolmailtb-chromesbox-en-us&query=

FF - prefs.js: browser.search.selectedEngine - Web Search

FF - prefs.js: browser.startup.homepage - hxxps://mail.google.com/mail/?zx=ea49c3qx0q9n&zx=co595wvlqlf8&shva=1#inbox

FF - prefs.js: keyword.URL - hxxp://www.searchqu.com/web?src=ffb&systemid=406&q=

FF - user.js: yahoo.ytff.general.dontshowhpoffer - true

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-10 - (no file)

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

MSConfigStartUp-HPHmon03 - c:\windows\system32\hphmon03.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2011-06-08 15:31

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'explorer.exe'(7328)

c:\windows\system32\WININET.dll

c:\windows\TEMP\logishrd\LVPrcInj01.dll

c:\windows\system32\ieframe.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\program files\Common Files\aolshare\aolshcpy.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Other Running Processes ------------------------

.

c:\windows\system32\Ati2evxx.exe

c:\program files\Alwil Software\Avast5\AvastSvc.exe

c:\windows\system32\rundll32.exe

c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

c:\program files\Common Files\AOL\ACS\AOLAcsd.exe

c:\program files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe

c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe

c:\windows\eHome\ehRecvr.exe

c:\windows\eHome\ehSched.exe

c:\program files\Intel\Intel Application Accelerator\iaantmon.exe

c:\program files\Java\jre6\bin\jqs.exe

c:\windows\system32\lxeacoms.exe

c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

c:\program files\CyberLink\Shared Files\RichVideo.exe

c:\program files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe

c:\program files\Sony\Sony TV Tuner Library\SMceMan.exe

c:\program files\Sony\VAIO Media Integrated Server\VMISrv.exe

c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe

c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

c:\windows\wanmpsvc.exe

c:\windows\system32\MsPMSPSv.exe

c:\progra~1\COMMON~1\X10\Common\x10nets.exe

c:\windows\ehome\mcrdsvc.exe

c:\program files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe

c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

c:\program files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe

c:\windows\system32\dllhost.exe

c:\windows\system32\wscntfy.exe

c:\program files\Sony\Sony TV Tuner Library\RM_SV.exe

c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe

c:\program files\Viewpoint\Viewpoint Manager\ViewMgr.exe

c:\windows\SOUNDMAN.EXE

c:\program files\iPod\bin\iPodService.exe

c:\program files\Common Files\Java\Java Update\jucheck.exe

.

**************************************************************************

.

Completion time: 2011-06-08 15:41:39 - machine was rebooted

ComboFix-quarantined-files.txt 2011-06-08 22:41

.

Pre-Run: 49,005,502,464 bytes free

Post-Run: 49,267,216,384 bytes free

.

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

UnsupportedDebug="do not select this" /debug

multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect

.

- - End Of File - - 0812E71E8A4FFD68F9739483EDF68863

THANK YOU!!!

[Searchqu invasion]

After searching for a video torrent,I ended up with iLivid on my computer and it has resulted in giving me a Searchqu toolbar I cannot get rid of. My System Restore will not run. I have tried my Avast and Malwarebytes. They found a couple of infections. I removed them, but I still have the Searchqu. It is causing Malwarebytes to alert every time I access the internet. I presume other problems will follow. Can you help me get my system back to normal? thanks

.

DDS (Ver_2011-06-02.03) - NTFSx86

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_23

Run by Rick Ross at 14:24:04 on 2011-06-02

.

============== Running Processes ===============

.

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe

C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\WINDOWS\eHome\ehSched.exe

C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxeaserv.exe

C:\WINDOWS\system32\lxeacoms.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\M-Audio USB Quattro\Install\QuatInst.exe

C:\Program Files\CyberLink\Shared Files\RichVideo.exe

C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe

C:\Program Files\Sony\Sony TV Tuner Library\SMceMan.exe

C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe

C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe

C:\Program Files\Viewpoint\Common\ViewpointService.exe

C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

C:\WINDOWS\wanmpsvc.exe

C:\WINDOWS\system32\MsPMSPSv.exe

C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

C:\WINDOWS\ehome\mcrdsvc.exe

C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe

C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe

C:\WINDOWS\system32\dllhost.exe

C:\Program Files\Sony\Sony TV Tuner Library\RM_SV.exe

C:\WINDOWS\System32\alg.exe

C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe

C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Program Files\SONY\sHotKey\sHotKey.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Alwil Software\Avast5\avastUI.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Common Files\Java\Java Update\jucheck.exe

C:\Documents and Settings\Rick Ross\My Documents\Downloads\8myt0um1.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Documents and Settings\Rick Ross\My Documents\Downloads\dds.com

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.searchqu.com/406

uSearch Bar = hxxp://www.google.com/ie

uDefault_Search_URL = hxxp://search.msn.com

uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7

mDefault_Page_URL = hxxp://www.sony.com/vaiopeople

mSearch Page =

uURLSearchHooks: IAOLTBSearch Class: {ea756889-2338-43db-8f07-d1ca6fb9c90d} - c:\program files\aol toolbar\aoltb.dll

uURLSearchHooks: H - No File

mURLSearchHooks: IAOLTBSearch Class: {ea756889-2338-43db-8f07-d1ca6fb9c90d} - c:\program files\aol toolbar\aoltb.dll

BHO: {02478D38-C3F9-4EFB-9B51-7695ECA05670} - No File

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files\lexmark toolbar\toolband.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll

BHO: {465E08E7-F005-4389-980F-1D8764B3486C} - No File

BHO: AOL Toolbar Loader: {7c554162-8cb7-45a4-b8f4-8ea1c75885f9} - c:\program files\aol toolbar\aoltb.dll

BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll

BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\progra~1\wi371a~1\toolbar\searchqudtx.dll

BHO: UrlHelper Class: {a40dc6c5-79d0-4ca8-a185-8ff989af1115} - c:\progra~1\wi371a~1\datamngr\IEBHO.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: AcroIEToolbarHelper Class: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll

BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll

BHO: Windows Live Toolbar Helper: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll

BHO: 1 (0x1) - No File

BHO: Lexmark Printable Web: {d2c5e510-be6d-42cc-9f61-e4f939078474} - c:\program files\lexmark printable web\bho.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll

TB: Windows Live Toolbar: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll

TB: AOL Toolbar: {de9c389f-3316-41a7-809b-aa305ed9d922} - c:\program files\aol toolbar\aoltb.dll

TB: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files\lexmark toolbar\toolband.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll

TB: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\progra~1\wi371a~1\toolbar\searchqudtx.dll

TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File

TB: {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No File

TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File

TB: {6ADB0F93-1AA5-4BCF-9DF4-CEA689A3C111} - No File

TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll

EB: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - No File

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

mRun: [VAIO Recovery] c:\windows\sonysys\vaio recovery\PartSeal.exe

mRun: [soundMan] SOUNDMAN.EXE

mRun: [sHotKey] "c:\program files\sony\shotkey\sHotKey.exe"

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t

IE: &AOL Toolbar Search - c:\documents and settings\all users\application data\aol\ietoolbar\resources\en-us\local\search.html

IE: &Windows Live Search - c:\program files\windows live toolbar\msntb.dll/search.htm

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html

IE: {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE}

IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL

DPF: {00000055-9980-0010-8000-00AA00389B71} - hxxp://codecs.microsoft.com/codecs/i386/fhg.CAB

DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} - hxxp://esupport.sony.com/VaioInfo.CAB

DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://support.microsoft.com/OAS/ActiveX/MSDcode.cab

DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab

DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} - hxxp://www.kaspersky.com/downloads/kws/kavwebscan.cab

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/5/b/0/5b0d4654-aa20-495c-b89f-c1c34c691085/LegitCheckControl.cab

DPF: {341FF14B-00CB-49F5-A427-A164DF1D5E1F} - hxxp://musicstore.connect.com/assets/activexplayer/SMALStreaming.cab

DPF: {37DF41B2-61DB-4CAC-A755-CFB3C7EE7F40} - hxxp://esupport.aol.com/help/acp2/engine/aolcoach_core_1.cab

DPF: {474F00F5-3853-492C-AC3A-476512BBC336} - hxxp://picasaweb.google.com/s/v/32.70/uploader2.cab

DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} - hxxp://aolcc.aol.com/computercheckup/qdiagcc.cab

DPF: {4EC8E993-32C1-47F5-A07A-5B0574655AD4} - hxxp://us.dl1.yimg.com/download.yahoo.com/dl/controls/ysftcntr/ysftcntr_current.cab

DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab

DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5483.cab

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1140818082843

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab

DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} - hxxp://www.sibelius.com/download/software/win/ActiveXPlugin.cab

DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

TCP: DhcpNameServer = 209.18.47.61 209.18.47.62

TCP: Interfaces\{C3C77818-ACF1-43AD-84ED-E3A61B2EABAF} : DhcpNameServer = 209.18.47.61 209.18.47.62

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

AppInit_DLLs: c:\progra~1\wi371a~1\datamngr\datamngr.dll c:\progra~1\wi371a~1\datamngr\IEBHO.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

Hosts: 127.0.0.1 www.spywareinfo.com

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\rick ross\application data\mozilla\firefox\profiles\fk3uq85c.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.aol.com/aolcom/search?invocationType=tb50-ff-aolmailtb-chromesbox-en-us&query=

FF - prefs.js: browser.search.selectedEngine - Web Search

FF - prefs.js: browser.startup.homepage - hxxps://mail.google.com/mail/?zx=ea49c3qx0q9n&zx=co595wvlqlf8&shva=1#inbox

FF - prefs.js: keyword.URL - hxxp://www.searchqu.com/web?src=ffb&systemid=406&q=

FF - plugin: c:\documents and settings\rick ross\application data\facebook\npfbplugin_1_0_3.dll

FF - plugin: c:\documents and settings\rick ross\application data\move networks\plugins\071803000001\npqmp071803000001.dll

FF - plugin: c:\documents and settings\rick ross\application data\mozilla\plugins\npgoogletalk.dll

FF - plugin: c:\documents and settings\rick ross\application data\mozilla\plugins\npgtpo3dautoplugin.dll

FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\google\picasa3\npPicasa3.dll

FF - plugin: c:\program files\google\update\1.3.21.53\npGoogleUpdate3.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\microsoft silverlight\4.0.60310.0\npctrlui.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npmusicn.dll

FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll

FF - plugin: c:\program files\virtual earth 3d\npVE3D.dll

.

---- FIREFOX POLICIES ----

FF - user.js: yahoo.ytff.general.dontshowhpoffer - true

============= SERVICES / DRIVERS ===============

.

R? avast! Antivirus;avast! Antivirus

R? gupdate;Google Update Service (gupdate)

R? gupdatem;Google Update Service (gupdatem)

R? m763001b;M-Audio Quattro Base Driver

R? m763001d;M-Audio Quattro Legacy Driver

R? ma763001;M-Audio Quattro

R? MBAMSwissArmy;MBAMSwissArmy

R? PL-40R;CASIO USB MIDI

R? USB22LDR;M-Audio USB MidiSport 2x2 Loader

R? USBNS4X4;M-Audio USB Quattro Midi

S? aswFsBlk;aswFsBlk

S? aswSnx;aswSnx

S? aswSP;aswSP

S? GearAspiSys;GearAspiSys

S? lxea_device;lxea_device

S? lxeaCATSCustConnectService;lxeaCATSCustConnectService

S? MBAMProtector;MBAMProtector

S? MBAMService;MBAMService

S? McrdSvc;Media Center Extender Service

S? QuattroInstallerService;Quattro Installer

S? SBKUPNT;SBKUPNT

S? USBMN2X2;M-Audio USB MidiSport 2x2

S? Viewpoint Manager Service;Viewpoint Manager Service

S? X10Hid;X10 Hid Device

.

=============== Created Last 30 ================

.

2011-06-02 05:57:49 -------- d--h--w- c:\documents and settings\rick ross\Recent(3)

2011-06-01 23:00:48 -------- d--h--w- c:\documents and settings\rick ross\Recent(2)

2011-06-01 03:48:08 -------- d-----w- C:\+to ipod

2011-06-01 03:31:23 -------- d-----w- c:\documents and settings\rick ross\application data\searchquband

2011-05-29 02:01:12 -------- d-----w- C:\MOVIES

2011-05-29 01:24:54 -------- d-----w- c:\documents and settings\rick ross\local settings\application data\Ilivid Player

2011-05-29 01:22:32 -------- d-----w- c:\documents and settings\rick ross\application data\searchqutoolbar

2011-05-29 01:22:23 -------- d-----w- c:\program files\Windows iLivid Toolbar

2011-05-29 01:22:04 -------- d-----w- c:\documents and settings\rick ross\local settings\application data\PackageAware

2011-05-25 06:00:27 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-05-24 02:25:10 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2011-05-18 18:36:02 -------- d-----w- c:\documents and settings\rick ross\application data\Sibelius Software

2011-05-18 17:52:10 -------- d-----w- c:\program files\Sibelius Software

2011-05-10 21:34:16 781272 ----a-w- c:\program files\mozilla firefox\mozsqlite3.dll

2011-05-10 21:34:16 1874904 ----a-w- c:\program files\mozilla firefox\mozjs.dll

2011-05-10 21:34:15 89048 ----a-w- c:\program files\mozilla firefox\libEGL.dll

2011-05-10 21:34:15 465880 ----a-w- c:\program files\mozilla firefox\libGLESv2.dll

2011-05-10 21:34:15 15832 ----a-w- c:\program files\mozilla firefox\mozalloc.dll

2011-05-10 21:34:14 1892184 ----a-w- c:\program files\mozilla firefox\d3dx9_42.dll

2011-05-10 21:34:14 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

2011-05-10 21:34:13 1974616 ----a-w- c:\program files\mozilla firefox\D3DCompiler_42.dll

.

==================== Find3M ====================

.

2011-05-29 16:11:30 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-05-29 16:11:20 22712 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-05-10 12:10:59 40112 ----a-w- c:\windows\avastSS.scr

2011-04-13 22:40:10 4284416 ----a-w- c:\windows\system32\GPhotos.scr

2011-03-07 05:33:50 692736 ----a-w- c:\windows\system32\inetcomm.dll

2008-11-14 17:49:43 1754240 ----a-w- c:\program files\BitTorrent-6.1.2a.exe

2001-10-05 19:53:04 21866 ----a-w- c:\program files\common files\tppupd2k.dll

1998-02-09 09:59:18 6416 ----a-w- c:\program files\FAC_PT63.EXE

.

============= FINISH: 14:31:23.35 ===============

attach.zip

ark.zip

dds.zip

protection-log-2011-06-02.zip

[Searchqu invasion]

After searching for a video torrent,I ended up with iLivid on my computer and it has resulted in giving me a Searchqu toolbar I cannot get rid of. My System Restore will not run. I have tried my Avast and Malwarebytes. They found a couple of infections. I removed them, but I still have the Searchqu. Can you help me get my system back to normal?