Jump to content

Constant "access to malicious website block" pop=ups.


Recommended Posts

I started getting these symptoms about a week ago. I've run a deep scan with MBPro and a few other scanners. I also ran ComboFix to no avail. I keep getting a pop-up that says MB is blocking access to a malicious site and list the connection as "outgoing" and the process either firefox.exe or svchost.exe. As instructed, here's my dds and Attach text files:

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_21

Run by Owner at 10:04:52 on 2012-04-05

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6142.1986 [GMT -4:00]

.

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\rundll32.exe

C:\Windows\system32\WUDFHost.exe

C:\Windows\system32\WUDFHost.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\ActivIdentity\ActivClient\accoca.exe

C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\ActivIdentity\ActivClient\acevents.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe

C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe

C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe

C:\Windows\SysWOW64\IoctlSvc.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

C:\Program Files (x86)\TVersity\Media Server\MediaServer.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Windows\system32\DRIVERS\xaudio64.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\WUDFHost.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe

C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe

C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe

C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe

C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\MMonitor.exe

C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe

C:\Program Files\ActivIdentity\ActivClient\acsagent.exe

C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe

C:\hp\support\hpsysdrv.exe

C:\Program Files\ActivIdentity\ActivClient\acevents.exe

C:\Program Files (x86)\lg_fwupdate\fwupdate.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe

C:\Program Files (x86)\CyberLink\Shared Files\brs.exe

C:\Program Files (x86)\Fisher-Price\iXL\iXL.Middleware.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\hp\kbd\kbd.exe

C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe

C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Windows\system32\taskhost.exe

C:\Windows\ehome\ehRecvr.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\system32\taskeng.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\vssvc.exe

C:\Windows\System32\svchost.exe -k swprv

C:\Windows\SysWOW64\NOTEPAD.EXE

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.mystart.com?pr=photopos2_0

uInternet Settings,ProxyOverride = 192.168.*.*;*.local

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll

BHO: PhotoPos Toolbar: {5d0ec45b-d2e4-4dd0-a5b2-69ddefe852a8} - C:\Program Files (x86)\PhotoposComTbr\PhotoposComTbrLib.dll

BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll

TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File

TB: PhotoPos Toolbar: {5d0ec45b-d2e4-4dd0-a5b2-69ddefe852a8} - C:\Program Files (x86)\PhotoposComTbr\PhotoposComTbrLib.dll

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

uRun: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"

uRun: [ehTray.exe] C:\Windows\ehome\ehTray.exe

uRun: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"

uRun: [OM2_Monitor] "C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\MMonitor.exe"

mRun: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe

mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe

mRun: [KBD] C:\HP\KBD\KbdStub.EXE

mRun: [LGODDFU] "C:\Program Files (x86)\lg_fwupdate\fwupdate.exe" blrun

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"

mRun: [bDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [Conime] %windir%\system32\conime.exe

mRun: [iXL_MiddleWare] C:\Program Files (x86)\Fisher-Price\iXL\iXL.Middleware.exe

mRun: [OM2_Monitor] "C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [EKIJ5000StatusMonitor] C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.EXE

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ACTIVC~1.LNK - C:\Program Files (x86)\ActivIdentity\ActivClient\acsagent.exe

uPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)

mPolicies-system: EnableLUA = 0 (0x0)

mPolicies-system: PromptOnSecureDesktop = 0 (0x0)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL

Trusted Zone: clonewarsadventures.com

Trusted Zone: freerealms.com

Trusted Zone: intuit.com\ttlc

Trusted Zone: soe.com

Trusted Zone: sony.com

DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll

DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://juniper.net/dana-cached/sc/JuniperSetupClient.cab

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{06E394E1-023E-4067-ADDA-4F8F7C1E9F09} : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{899B73D2-CA09-4310-BB63-3DE4BA764663} : DhcpNameServer = 192.168.42.129

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

SubSystems: Windows = basesrv,1 winsrv:UserServerDllInitialization,3 consrv:ConServerDllInitialization,2 sxssrv,4

BHO-X64: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File

BHO-X64: 0x1 - No File

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll

BHO-X64: AskBar BHO - No File

BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll

BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File

BHO-X64: PhotoPos Toolbar: {5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8} - C:\Program Files (x86)\PhotoposComTbr\PhotoposComTbrLib.dll

BHO-X64: PhotoPos Toolbar - No File

BHO-X64: SSVHelper Class: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB-X64: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll

TB-X64: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File

TB-X64: PhotoPos Toolbar: {5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8} - C:\Program Files (x86)\PhotoposComTbr\PhotoposComTbrLib.dll

mRun-x64: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

mRun-x64: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe

mRun-x64: [hpsysdrv] c:\hp\support\hpsysdrv.exe

mRun-x64: [KBD] C:\HP\KBD\KbdStub.EXE

mRun-x64: [LGODDFU] "C:\Program Files (x86)\lg_fwupdate\fwupdate.exe" blrun

mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRun-x64: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"

mRun-x64: [bDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun-x64: [Conime] %windir%\system32\conime.exe

mRun-x64: [iXL_MiddleWare] C:\Program Files (x86)\Fisher-Price\iXL\iXL.Middleware.exe

mRun-x64: [OM2_Monitor] "C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM

mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun-x64: [EKIJ5000StatusMonitor] C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.EXE

mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\9q2pw9bu.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.ebay.com/

FF - prefs.js: keyword.URL - hxxp://dts.search-results.com/sr?src=ffb&appid=169&systemid=406&sr=0&q=

FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npyaxmpb.dll

FF - plugin: C:\Program Files (x86)\Roblox\Versions\version-3929645dd67b46a9\NPRobloxProxy.dll

FF - plugin: C:\Program Files (x86)\Unity\WebPlayer\loader\npUnity3D32.dll

FF - plugin: C:\Program Files (x86)\Virtools\3D Life Player\npvirtools.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Users\Owner\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll

FF - plugin: C:\Users\Owner\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

FF - plugin: C:\Users\Owner\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll

FF - plugin: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\9q2pw9bu.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll

FF - plugin: C:\Users\Owner\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll

FF - plugin: C:\Users\Owner\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll

FF - plugin: C:\Users\Owner\AppData\Roaming\Mozilla\plugins\npPxPlay.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

.

============= SERVICES / DRIVERS ===============

.

R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/04/18 16:58:12];C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl [2010-3-13 146928]

R2 accoca;ActivClient Middleware Service;C:\Program Files\ActivIdentity\ActivClient\accoca.exe [2007-6-25 241456]

R2 DeviceMonitorService;DeviceMonitorService;C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe [2011-7-7 87368]

R2 IntuitUpdateServiceV4;Intuit Update Service v4;C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2011-8-25 13672]

R2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [2011-12-19 394672]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-3-12 652360]

R2 MotoHelper;MotoHelper Service;C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2011-12-6 214896]

R2 TomTomHOMEService;TomTomHOMEService;C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2010-8-24 92008]

R3 HCW85BDA;Hauppauge WinTV 885 Video Capture;C:\Windows\system32\drivers\HCW85BDA.sys --> C:\Windows\system32\drivers\HCW85BDA.sys [?]

R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]

R3 motandroidusb;Mot ADB Interface Driver;C:\Windows\system32\Drivers\motoandroid.sys --> C:\Windows\system32\Drivers\motoandroid.sys [?]

S1 fxjaodze;fxjaodze;\??\C:\Windows\system32\drivers\fxjaodze.sys --> C:\Windows\system32\drivers\fxjaodze.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S3 androidusb;ADB Interface Driver;C:\Windows\system32\Drivers\motoandroid.sys --> C:\Windows\system32\Drivers\motoandroid.sys [?]

S3 CAXHWBS3;CAXHWBS3;C:\Windows\system32\DRIVERS\CAXHWBS3.sys --> C:\Windows\system32\DRIVERS\CAXHWBS3.sys [?]

S3 motccgp;Motorola USB Composite Device Driver;C:\Windows\system32\DRIVERS\motccgp.sys --> C:\Windows\system32\DRIVERS\motccgp.sys [?]

S3 motccgpfl;MotCcgpFlService;C:\Windows\system32\DRIVERS\motccgpfl.sys --> C:\Windows\system32\DRIVERS\motccgpfl.sys [?]

S3 PCD5SRVC{E2AF211B-86DA020A-05040000};PCD5SRVC{E2AF211B-86DA020A-05040000} - PCDR Kernel Mode Service Helper Driver;C:\PROGRA~2\PC-DOC~1\PCD5SRVC_x64.pkms [2008-5-22 25888]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

.

=============== Created Last 30 ================

.

2012-04-05 13:27:18 50000 ----a-w- C:\Windows\System32\drivers\fxjaodze.sys

2012-04-05 13:26:51 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{44A3F51D-2CE3-4E1A-8EA3-973606D09188}\offreg.dll

2012-04-05 13:15:48 -------- d-----w- C:\Users\Owner\AppData\Local\{90D32A17-402B-4277-803C-093A93975A89}

2012-04-05 01:15:36 -------- d-----w- C:\Users\Owner\AppData\Local\{F0B47300-7EC9-49FC-B19D-EBF3D488C3BA}

2012-04-04 13:15:24 -------- d-----w- C:\Users\Owner\AppData\Local\{165F96E2-418C-4B25-92F2-C414D824C8F7}

2012-04-04 01:15:13 -------- d-----w- C:\Users\Owner\AppData\Local\{3EDEE599-67E2-4F43-A48F-8AF494FB2EEA}

2012-04-03 13:15:01 -------- d-----w- C:\Users\Owner\AppData\Local\{1F3E70C5-8A13-42F1-BB76-3D1C6682C2C2}

2012-04-03 09:49:14 8669240 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{44A3F51D-2CE3-4E1A-8EA3-973606D09188}\mpengine.dll

2012-04-03 00:55:02 -------- d-----w- C:\$RECYCLE.BIN

2012-04-03 00:34:27 98816 ----a-w- C:\Windows\sed.exe

2012-04-03 00:34:27 518144 ----a-w- C:\Windows\SWREG.exe

2012-04-03 00:34:27 256000 ----a-w- C:\Windows\PEV.exe

2012-04-03 00:34:27 208896 ----a-w- C:\Windows\MBR.exe

2012-04-02 14:14:51 -------- d-----w- C:\Users\Owner\AppData\Local\{1C48901A-D4FB-4F55-9E14-102098722E04}

2012-04-02 02:14:39 -------- d-----w- C:\Users\Owner\AppData\Local\{F36EDCCB-B281-41CA-AA11-1C5C4A80DD79}

2012-04-01 14:14:28 -------- d-----w- C:\Users\Owner\AppData\Local\{39A7115C-5038-4199-B572-AA6BAC6E85E5}

2012-03-31 10:01:43 -------- d-----w- C:\Users\Owner\AppData\Local\{8AB6A807-E037-4CD5-8023-63E534CAC56D}

2012-03-30 22:01:32 -------- d-----w- C:\Users\Owner\AppData\Local\{A8FA8E11-57F4-410A-8AEE-6F1710BF5B0A}

2012-03-30 10:01:20 -------- d-----w- C:\Users\Owner\AppData\Local\{159CA1AA-B340-46D2-95AE-66AFD21B1257}

2012-03-29 22:01:08 -------- d-----w- C:\Users\Owner\AppData\Local\{124B1D80-590A-4E2E-BBB1-63D9EFD10C82}

2012-03-29 10:00:57 -------- d-----w- C:\Users\Owner\AppData\Local\{DC4171D0-2912-4F0F-B8C4-CA5D015B2E30}

2012-03-28 22:00:43 -------- d-----w- C:\Users\Owner\AppData\Local\{82BE1861-B5A0-42C7-895D-A369AA517FBA}

2012-03-28 22:00:32 -------- d-----w- C:\Users\Owner\AppData\Local\{7E01DF41-5ED9-4932-9F86-E9601ED0BB73}

2012-03-28 14:18:30 -------- d-----w- C:\Program Files (x86)\ESET

2012-03-26 13:08:57 -------- d-----w- C:\Users\Owner\AppData\Local\{B6681FCA-2810-4BFD-BBD9-D7E2A7D33D5A}

2012-03-26 13:08:45 -------- d-----w- C:\Users\Owner\AppData\Local\{918723F1-952F-4D42-83E8-66260ED55991}

2012-03-25 21:59:05 -------- d-----w- C:\TDSSKiller_Quarantine

2012-03-25 14:24:29 -------- d-----w- C:\Users\Owner\AppData\Local\{19E5305A-C8FA-4349-8A04-D1DD750317F4}

2012-03-25 14:24:09 -------- d-----w- C:\Users\Owner\AppData\Local\{377F041D-6560-4ED8-929D-9E5563F2BD97}

2012-03-24 11:50:18 -------- d-----w- C:\Users\Owner\AppData\Local\{FADB9C35-061C-4AC8-9002-268A5966897C}

2012-03-24 11:50:07 -------- d-----w- C:\Users\Owner\AppData\Local\{A92D2481-7EFE-4C3D-AF31-552C5BF47B07}

2012-03-23 23:49:53 -------- d-----w- C:\Users\Owner\AppData\Local\{6B7645D7-2095-44CC-8FD2-9DC8F0366127}

2012-03-23 23:49:42 -------- d-----w- C:\Users\Owner\AppData\Local\{D52952AA-A82E-407F-B0B6-1C69F5A142CC}

2012-03-23 11:49:27 -------- d-----w- C:\Users\Owner\AppData\Local\{C13CD7ED-6EEF-4138-A3A2-CDD3F23940BB}

2012-03-23 11:49:16 -------- d-----w- C:\Users\Owner\AppData\Local\{1DECE903-BB45-4E8F-BF44-CA3AA3F608AC}

2012-03-22 12:29:59 -------- d-----w- C:\Users\Owner\AppData\Local\{D64E35F5-FC3D-43F6-A29A-1C7D6345F901}

2012-03-22 12:29:48 -------- d-----w- C:\Users\Owner\AppData\Local\{965A9F7F-095A-469A-B4FF-F3A44D28C49A}

2012-03-21 20:34:01 -------- d-----w- C:\Users\Owner\AppData\Local\{B14953B6-62AF-4A30-BEA0-8060470FDF04}

2012-03-21 20:33:49 -------- d-----w- C:\Users\Owner\AppData\Local\{F028E15D-AADA-44E7-86B1-2E4069792013}

2012-03-21 16:54:15 -------- d-----w- C:\Program Files (x86)\Lavasoft

2012-03-21 08:33:21 -------- d-----w- C:\Users\Owner\AppData\Local\{90FF5202-E0F4-4B56-AD1C-15FDB607C9C4}

2012-03-21 08:33:10 -------- d-----w- C:\Users\Owner\AppData\Local\{F92E4AF7-618B-4AEC-AA4E-C87E27FC1D7D}

2012-03-20 20:32:54 -------- d-----w- C:\Users\Owner\AppData\Local\{0385ADBA-0EE0-4D8E-B80C-034612915D30}

2012-03-20 20:32:43 -------- d-----w- C:\Users\Owner\AppData\Local\{FDE46F40-F129-45D5-B834-CCD66817124E}

2012-03-20 03:38:24 -------- d-----w- C:\Users\Owner\AppData\Local\{6399B27F-D50E-488A-8A47-8534A20A8166}

2012-03-20 03:38:13 -------- d-----w- C:\Users\Owner\AppData\Local\{2973D0C3-2240-4726-B0F9-34382A37C483}

2012-03-19 15:37:59 -------- d-----w- C:\Users\Owner\AppData\Local\{51E19E2C-4BAB-4834-B699-56943B527166}

2012-03-19 15:37:48 -------- d-----w- C:\Users\Owner\AppData\Local\{31790535-071E-47D9-BFE9-3FDB743516AE}

2012-03-19 03:37:22 -------- d-----w- C:\Users\Owner\AppData\Local\{58515BB7-E2C2-4B02-B1D9-93131132FB34}

2012-03-19 03:37:11 -------- d-----w- C:\Users\Owner\AppData\Local\{7EFEAC1C-9C73-4EE5-B9F3-1C0A76813A1F}

2012-03-18 15:36:57 -------- d-----w- C:\Users\Owner\AppData\Local\{FE55317E-4C4A-4B95-8C3A-9D23E00C1961}

2012-03-18 15:36:46 -------- d-----w- C:\Users\Owner\AppData\Local\{1819B733-EBCE-4429-86B8-B679F3E35683}

2012-03-18 03:36:32 -------- d-----w- C:\Users\Owner\AppData\Local\{5590F778-F4F3-49B4-B36E-83508EC81159}

2012-03-18 03:36:21 -------- d-----w- C:\Users\Owner\AppData\Local\{F4DB4167-8C03-4E8D-A4B0-FE88D47C74B8}

2012-03-17 15:36:05 -------- d-----w- C:\Users\Owner\AppData\Local\{673D4726-9CDA-4E31-A55C-8E9131CDDA77}

2012-03-17 15:35:51 -------- d-----w- C:\Users\Owner\AppData\Local\{530B4360-90AB-48AF-A22E-99DD0963D816}

2012-03-16 03:06:44 -------- d-----w- C:\Users\Owner\AppData\Local\{399806D0-1C47-4128-AC55-CE3606D635E7}

2012-03-16 03:06:33 -------- d-----w- C:\Users\Owner\AppData\Local\{E870EE79-7EAB-4BD9-8416-D8D127D85B01}

2012-03-15 15:06:18 -------- d-----w- C:\Users\Owner\AppData\Local\{64857312-B058-4E85-9F9C-2DF5F43A7822}

2012-03-15 15:06:07 -------- d-----w- C:\Users\Owner\AppData\Local\{24A2317E-0005-4320-99C2-5C56EA85491C}

2012-03-15 07:04:55 5559152 ----a-w- C:\Windows\System32\ntoskrnl.exe

2012-03-15 07:04:54 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2012-03-15 07:04:54 3913584 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2012-03-15 03:05:40 -------- d-----w- C:\Users\Owner\AppData\Local\{5733ED4A-38D6-4F05-9793-BC448285318D}

2012-03-15 03:05:29 -------- d-----w- C:\Users\Owner\AppData\Local\{72F97719-AA26-4FF3-9DD6-F24EF85B6A76}

2012-03-14 15:05:15 -------- d-----w- C:\Users\Owner\AppData\Local\{C738D51E-905A-49EA-A163-1637C975547C}

2012-03-14 15:05:03 -------- d-----w- C:\Users\Owner\AppData\Local\{11844ECD-51A5-4BFD-A19E-D0F477D5F32C}

2012-03-14 07:08:35 3145728 ----a-w- C:\Windows\System32\win32k.sys

2012-03-14 07:08:34 1544192 ----a-w- C:\Windows\System32\DWrite.dll

2012-03-14 07:08:34 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll

2012-03-14 07:08:09 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe

2012-03-14 07:08:09 77312 ----a-w- C:\Windows\System32\rdpwsx.dll

2012-03-14 07:08:09 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll

2012-03-14 07:08:08 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll

2012-03-14 07:08:08 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys

2012-03-14 07:08:08 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys

2012-03-14 07:08:08 1031680 ----a-w- C:\Windows\System32\rdpcore.dll

2012-03-14 03:04:49 -------- d-----w- C:\Users\Owner\AppData\Local\{100699CD-7ED7-4AE3-BFC1-D552DFC7411F}

2012-03-14 03:04:37 -------- d-----w- C:\Users\Owner\AppData\Local\{4BD0A801-BDAB-4E7C-8C55-D1E353DACF11}

2012-03-13 15:04:22 -------- d-----w- C:\Users\Owner\AppData\Local\{9514CCBF-92BA-41B5-8C8D-785BB8AA1021}

2012-03-13 15:04:11 -------- d-----w- C:\Users\Owner\AppData\Local\{A4B3408E-2CB0-44D2-BE10-5FC2571ED487}

2012-03-13 03:03:58 -------- d-----w- C:\Users\Owner\AppData\Local\{83F3B835-D6AA-4E10-9591-A02A0FFA8840}

2012-03-13 03:03:47 -------- d-----w- C:\Users\Owner\AppData\Local\{105800ED-26C3-463A-B300-C914896B00F7}

2012-03-12 15:03:31 -------- d-----w- C:\Users\Owner\AppData\Local\{092B1E9C-2FD4-45C1-BACB-5C19C017AB21}

2012-03-12 15:03:20 -------- d-----w- C:\Users\Owner\AppData\Local\{13F82107-4DE1-4C45-956A-AB9318315ABD}

2012-03-12 01:30:28 -------- d-----w- C:\Users\Owner\AppData\Local\{80049954-41D0-4E8F-8B3B-C85BF270F1EE}

2012-03-12 01:30:16 -------- d-----w- C:\Users\Owner\AppData\Local\{3ED96A2B-D348-48ED-B17E-DF4BAD87879B}

2012-03-11 17:37:02 0 --sha-w- C:\Windows\System32\dds_trash_log.cmd

2012-03-11 13:30:01 -------- d-----w- C:\Users\Owner\AppData\Local\{F82D4DB9-B366-4AA2-8DE9-A6E57586CF3A}

2012-03-11 13:29:50 -------- d-----w- C:\Users\Owner\AppData\Local\{69184FA9-17CD-44FC-9C53-E3FFEDE81CAF}

2012-03-11 01:29:32 -------- d-----w- C:\Users\Owner\AppData\Local\{FB5E68CE-9FB1-4A66-A6FA-FFC6AEC1A1DD}

2012-03-11 01:29:19 -------- d-----w- C:\Users\Owner\AppData\Local\{F5254E98-8D29-4517-8C12-961F1C7FF255}

2012-03-10 13:29:01 -------- d-----w- C:\Users\Owner\AppData\Local\{3B15FFF4-40B2-4602-9F19-CEB10358A2EB}

2012-03-10 13:28:49 -------- d-----w- C:\Users\Owner\AppData\Local\{178D20A1-2480-4DDF-9FCE-ABCE4179A054}

2012-03-10 01:28:34 -------- d-----w- C:\Users\Owner\AppData\Local\{D5716E9D-1333-428B-9821-C11F43D7FADC}

2012-03-10 01:28:23 -------- d-----w- C:\Users\Owner\AppData\Local\{29260EB9-6D9E-45FA-B031-57694EDD7DAE}

2012-03-09 13:28:06 -------- d-----w- C:\Users\Owner\AppData\Local\{82CCA938-F7ED-4DF8-B206-ED2E0AFC42F5}

2012-03-09 13:27:54 -------- d-----w- C:\Users\Owner\AppData\Local\{20F58C05-779A-4A74-8E7C-009010D18395}

2012-03-09 01:27:38 -------- d-----w- C:\Users\Owner\AppData\Local\{CB91C147-DF37-4C11-8D12-558AF67D2E5C}

2012-03-09 01:27:26 -------- d-----w- C:\Users\Owner\AppData\Local\{1923F672-403F-4A3E-8598-9FC2BF18B5B4}

2012-03-08 13:27:09 -------- d-----w- C:\Users\Owner\AppData\Local\{B90ADD04-5D8F-40EE-8FE2-2D9B6410EC6F}

2012-03-08 13:26:57 -------- d-----w- C:\Users\Owner\AppData\Local\{050CDDE2-54A4-46D4-89FE-717A53398D6F}

2012-03-08 01:26:42 -------- d-----w- C:\Users\Owner\AppData\Local\{19D4D8A7-185C-4754-A7C4-5A3AD3E4D7F8}

2012-03-08 01:26:31 -------- d-----w- C:\Users\Owner\AppData\Local\{2DFCE2C9-5A9E-462D-900F-E844BE37913C}

2012-03-07 13:26:16 -------- d-----w- C:\Users\Owner\AppData\Local\{78AE5A97-CE8D-4C8E-9BF1-E9E25601832E}

2012-03-07 13:26:05 -------- d-----w- C:\Users\Owner\AppData\Local\{9C4DA882-F431-497F-9C6E-2970536478A3}

2012-03-07 01:25:48 -------- d-----w- C:\Users\Owner\AppData\Local\{1E093857-360C-47F8-92F9-50FCA779230E}

2012-03-07 01:25:36 -------- d-----w- C:\Users\Owner\AppData\Local\{28924A77-DD1D-4F82-98E5-F8F26D5A682F}

.

==================== Find3M ====================

.

2012-03-11 20:16:17 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-02-23 13:18:36 279656 ------w- C:\Windows\System32\MpSigStub.exe

2012-01-07 18:39:26 210921 ----a-w- C:\Windows\Photo Pos Pro Uninstaller.exe

.

============= FINISH: 10:05:22.89 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 11/19/2009 9:41:10 PM

System Uptime: 4/2/2012 8:54:23 PM (62 hours ago)

.

Motherboard: PEGATRON CORPORATION | | NARRA3

Processor: AMD Phenom 9500 Quad-Core Processor | Socket AM2 | 2200/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 583 GiB total, 290.66 GiB free.

D: is FIXED (NTFS) - 13 GiB total, 1.768 GiB free.

E: is CDROM ()

F: is FIXED (NTFS) - 932 GiB total, 904.397 GiB free.

G: is CDROM ()

H: is Removable

I: is Removable

J: is Removable

K: is Removable

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

No restore point in system.

.

==== Installed Programs ======================

.

.

Update for Microsoft Office 2007 (KB2508958)

1310

1310_Help

1310Trb

3DVIA player 5.0

Acrobat.com

ActiveCheck component for HP Active Support Library

Ad-Aware SE Personal

Adobe AIR

Adobe Reader 9.5.0

Adobe Shockwave Player 11.6

Aimersoft Video Converter Ultimate(Build 4.1.0.2)

AIO_CDB_ProductContext

AIO_CDB_Software

AIO_Scan

aioscnnr

AnswerWorks 5.0 English Runtime

Apple Application Support

Apple Software Update

ArcSoft MediaImpression for Kodak

Ask Toolbar

Audacity 1.3.7 (Unicode)

BitTorrent

BufferChm

CamToPrint

Cards_Calendar_OrderGift_DoMorePlugout

center

Chinese Simplified Fonts Support For Adobe Reader 9

Clone Wars

Compatibility Pack for the 2007 Office system

Copy

Coupon Printer for Windows

CustomerResearchQFolder

CyberLink PowerDVD 10

D3DX10

Destination Component

DeviceDiscovery

DeviceManagementQFolder

Disney Toontown Online

DocProc

DocProcQFolder

DVD Shrink 3.2

DVDFab 7.0.4.0 (15/04/2010)

Easy Chef 1,000,000 Recipes

Enhanced Multimedia Keyboard Solution

ESET Online Scanner v3

essentials

eSupportQFolder

Express Burn

Facebook Plug-In

Fax

ffdshow [rev 1723] [2007-12-24]

File Renamer - Basic

Fisher-Price - Nickelodeon Knows Your Name

Fisher-Price iXL - Handy Manny

Fisher-Price iXL - SpongeBob

Fisher-Price iXL - Toy Story

Fisher-Price iXL Computer Software

Free Realms

Golden Videos

Google Talk Plugin

Hardware Diagnostic Tools

HijackThis 1.99.1

HP Active Support Library

HP Customer Experience Enhancements

HP Customer Feedback

HP Demo

HP Photosmart Essential

HP Photosmart Essential 2.5

HP Picasso Media Center Add-In

HP Product Assistant

HP Recovery Manager RSS

HP Total Care Advisor

HP Update

HPAsset component for HP Active Support Library

HPPhotoSmartPhotobookWebPack1

HPProductAssistant

HPSSupply

HPTCSSetup

iLivid

Internet TV for Windows Media Center

IPCMonitor_en

J2SE Runtime Environment 5.0 Update 9

Japanese Fonts Support For Adobe Reader 9

Java Auto Updater

Java 6 Update 21

Java SE Runtime Environment 6 Update 1

Juniper Networks Host Checker

Juniper Networks Setup Client

Juniper Networks Setup Client Activex Control

Junk Mail filter update

KODAK AiO Software

LAME v3.98.2 for Audacity

LEGO Digital Designer

LEGO Universe

LG Tool Kit

LightScribe System Software

LightScribeTemplateLabeler

Logitech Harmony Remote Software 7

Malwarebytes Anti-Malware version 1.60.1.1000

MarketResearch

MGI PhotoSuite 8.06 (Remove Only)

Microsoft Easy Assist v2

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Home and Student 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office PowerPoint Viewer 2007 (English)

Microsoft Office Project 2007 Service Pack 3 (SP3)

Microsoft Office Project MUI (English) 2007

Microsoft Office Project Professional 2007

Microsoft Office Project Professional 2007 Trial

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Visio Professional 2003

Microsoft Office Word MUI (English) 2007

Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

MotoHelper 2.1.32 Driver 5.4.0

MotoHelper MergeModules

MOTOROLA MEDIA LINK

Mozilla Firefox 5.0.1 (x86 en-US)

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP2 Parser and SDK

NCH Toolbox

Nero 7 Ultra Edition

neroxml

Netflix in Windows Media Center

ocr

Octoshape add-in for Adobe Flash Player

OLYMPUS Master 2

PC Inspector File Recovery

Photo Pos Pro

Photodex Presenter

Photopos Toolbar (Remove Toolbar Only)

Picaboo X

Pinnacle Studio 15

Power2Go

PowerDirector

PreReq

Prism Video Converter

PSSWCORE

Punch! Home and Landscape Design Suite

Punch! Home Design - Platinum

PureVoice

Python 2.5.2

QuickTime

Realtek High Definition Audio Driver

Remote Control USB Driver

ResizeMyPhotos

Roblox

Rosetta Stone Version 3

Safari

Savings Bond Wizard

Scan

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

SequoiaView

SolutionCenter

sp41119

StarCraft

Status

Switch Sound File Converter

swMSM

Timez Attack Launcher

TomTom HOME 2.7.6.2056

TomTom HOME Visual Studio Merge Modules

Toolbox

TrayApp

TurboTax 2008

TurboTax 2008 WinPerFedFormset

TurboTax 2008 WinPerProgramHelp

TurboTax 2008 WinPerReleaseEngine

TurboTax 2008 WinPerTaxSupport

TurboTax 2008 WinPerUserEducation

TurboTax 2008 wmdiper

TurboTax 2008 wrapper

TurboTax 2009

TurboTax 2009 WinPerFedFormset

TurboTax 2009 WinPerReleaseEngine

TurboTax 2009 WinPerTaxSupport

TurboTax 2009 wmdiper

TurboTax 2009 wrapper

TurboTax 2010

TurboTax 2010 WinPerFedFormset

TurboTax 2010 WinPerReleaseEngine

TurboTax 2010 WinPerTaxSupport

TurboTax 2010 wmdiper

TurboTax 2010 wrapper

TurboTax 2011

TurboTax 2011 WinPerFedFormset

TurboTax 2011 WinPerReleaseEngine

TurboTax 2011 WinPerTaxSupport

TurboTax 2011 wmdiper

TurboTax 2011 wrapper

TVersity Codec Pack 1.2

TVersity Media Server 1.0.0.8 RC5

TVersity Media Server 1.7.2.1 Beta

Unity Web Player

UnloadSupport

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition

Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Project 2007 Help (KB963668)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

uXM 1.0RC4

VideoToolkit01

Visual C++ 8.0 Runtime Setup Package (x64)

VLC media player 1.1.11

WavePad Sound Editor

WebReg

Windows iLivid Toolbar

Windows Live Communications Platform

Windows Live Essentials

Windows Live Installer

Windows Live Mail

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live Sync

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Windows Media Center Add-in for Flash

Windows Media Player Firefox Plugin

WinRAR archiver

Wizard101

XviD MPEG-4 Video Codec

Yahoo! Install Manager

Yahoo! Widgets

.

==== Event Viewer Messages From Past Week ========

.

4/5/2012 9:58:42 AM, Error: Microsoft-Windows-DNS-Client [1012] - There was an error while attempting to read the local hosts file.

4/2/2012 9:02:24 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.

4/2/2012 8:57:30 PM, Error: Service Control Manager [7000] - The HP Health Check Service service failed to start due to the following error: A device attached to the system is not functioning.

4/2/2012 8:55:28 PM, Error: Service Control Manager [7024] - The HomeGroup Listener service terminated with service-specific error %%-2147023143.

4/2/2012 8:54:50 PM, Error: Service Control Manager [7023] - The Windows Defender service terminated with the following error: The specified module could not be found.

4/2/2012 8:54:50 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HP CUE DeviceDiscovery Service service to connect.

4/2/2012 8:54:50 PM, Error: Service Control Manager [7000] - The HP CUE DeviceDiscovery Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

4/2/2012 8:52:23 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

4/2/2012 8:51:15 PM, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

4/2/2012 8:39:14 PM, Error: Service Control Manager [7034] - The TVersityMediaServer service terminated unexpectedly. It has done this 1 time(s).

4/2/2012 8:32:32 PM, Error: Service Control Manager [7001] - The Windows Firewall service depends on the Windows Firewall Authorization Driver service which failed to start because of the following error: Cannot create a file when that file already exists.

4/2/2012 8:32:32 PM, Error: Service Control Manager [7000] - The Windows Firewall Authorization Driver service failed to start due to the following error: Cannot create a file when that file already exists.

4/2/2012 8:30:02 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running.

4/2/2012 8:28:20 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

4/2/2012 8:28:19 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

4/2/2012 8:28:19 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}

4/2/2012 8:28:19 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}

4/2/2012 8:28:18 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

4/2/2012 8:28:13 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

4/2/2012 8:28:03 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

4/2/2012 8:28:02 PM, Error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

4/2/2012 8:28:02 PM, Error: Service Control Manager [7031] - The User Profile Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

4/2/2012 8:27:44 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr tdx Wanarpv6 WfpLwf ws2ifsl

4/2/2012 8:27:44 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

4/2/2012 8:27:44 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

4/2/2012 8:27:44 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.

4/2/2012 8:27:44 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

4/2/2012 8:27:44 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

4/2/2012 8:27:44 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.

4/2/2012 8:27:44 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

4/2/2012 8:27:44 PM, Error: Service Control Manager [7001] - The Network Connections service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

4/2/2012 8:27:44 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

4/2/2012 8:27:44 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.

4/2/2012 8:27:44 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

4/2/2012 8:27:44 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

.

==== End Of File ===========================

Link to post
Share on other sites

post-32477-1261866970.gif

Logs will be closed if you haven't replied within 3 days

Please go to http://www.virustotal.com/, click on Browse, and upload the following file for analysis:

C:\Windows\System32\drivers\fxjaodze.sys

Then click Submit. Allow the file to be scanned, and then please copy and paste the results here for me to see.

If virustotal is too busy you can try these.

http://virusscan.jotti.org

http://www.kaspersky...anforvirus.html

Link to post
Share on other sites

Thanks, Larry. Prior to getting your post, my son reinstalled win 7. That file is no longer present. Although the frequency of the blocks has decreased, I still feel there may be a virus lurking. So, if you don 't mind, here are the new scan files:

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_31

Run by The Buonos at 12:27:06 on 2012-04-11

Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.6142.4815 [GMT -4:00]

.

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\WUDFHost.exe

C:\Windows\system32\WUDFHost.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\WUDFHost.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe

C:\Program Files (x86)\uTorrent\uTorrent.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\system32\DllHost.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\ehome\ehRecvr.exe

C:\Program Files (x86)\Windows Live\Mail\wlmail.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe

C:\Windows\system32\conhost.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe

C:\Windows\system32\conhost.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Windows\splwow64.exe

C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE

C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

C:\Windows\system32\taskhost.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Windows\system32\AUDIODG.EXE

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uInternet Settings,ProxyOverride = *.local

mWinlogon: Userinit=userinit.exe

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~4\Office12\GR469A~1.DLL

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

mRun: [EKIJ5000StatusMonitor] C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableLUA = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

mPolicies-system: PromptOnSecureDesktop = 0 (0x0)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000

IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{DF78F69D-8A7B-48A9-9A40-97BC4CC7B852} : DhcpNameServer = 192.168.1.1

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~4\Office12\GRA32A~1.DLL

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~4\Office12\GR469A~1.DLL

BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office12\GR469A~1.DLL

BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

mRun-x64: [EKIJ5000StatusMonitor] C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe

mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~4\Office12\GR469A~1.DLL

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\The Buonos\AppData\Roaming\Mozilla\Firefox\Profiles\kqdum4hs.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.ebay.com/

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll

FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Users\The Buonos\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll

.

============= SERVICES / DRIVERS ===============

.

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-4-7 652360]

R3 HCW85BDA;Hauppauge WinTV 885 Video Capture;C:\Windows\system32\drivers\HCW85BDA.sys --> C:\Windows\system32\drivers\HCW85BDA.sys [?]

R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-7 253600]

S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-4-1 183560]

S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]

S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== Created Last 30 ================

.

2012-04-11 13:29:10 -------- d-----w- C:\Users\The Buonos\AppData\Local\{0C03E0A1-B1A0-4A81-9325-567DE247708F}

2012-04-11 13:28:58 -------- d-----w- C:\Users\The Buonos\AppData\Local\{EB8DDFBE-B802-4A61-A05F-F998AB77CF41}

2012-04-11 01:28:43 -------- d-----w- C:\Users\The Buonos\AppData\Local\{74AE9BF6-18C0-402C-82A8-0986ACEE1D4C}

2012-04-11 01:28:32 -------- d-----w- C:\Users\The Buonos\AppData\Local\{7BB0D5F0-6C76-4B4C-AEFB-A9C10C017709}

2012-04-10 13:28:18 -------- d-----w- C:\Users\The Buonos\AppData\Local\{D57E45CD-B614-4D90-BDD5-0819238EA071}

2012-04-10 13:28:07 -------- d-----w- C:\Users\The Buonos\AppData\Local\{1BB79220-AD7B-4B99-A735-64D594639A3C}

2012-04-10 12:42:59 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CFF3D65A-2FD5-4CE4-980B-FFDF5FBC242B}\offreg.dll

2012-04-10 12:42:34 8669240 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll

2012-04-10 12:42:28 8669240 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CFF3D65A-2FD5-4CE4-980B-FFDF5FBC242B}\mpengine.dll

2012-04-10 01:27:52 -------- d-----w- C:\Users\The Buonos\AppData\Local\{B465C8AC-A0C3-42A5-AEC1-C3D92253E900}

2012-04-10 01:27:41 -------- d-----w- C:\Users\The Buonos\AppData\Local\{FCFDBA69-0DCC-4E91-924E-75B160E6FDBC}

2012-04-10 01:27:41 -------- d-----w- C:\Users\The Buonos\AppData\Local\{BFE2D125-C167-4AD5-AB69-1BE7D68A3B8A}

2012-04-09 13:27:14 -------- d-----w- C:\Users\The Buonos\AppData\Local\{16418214-5D56-4B3D-AB12-E13EF811D760}

2012-04-09 13:27:03 -------- d-----w- C:\Users\The Buonos\AppData\Local\{1F5BF5A7-0718-4B6A-9C75-7B2B493D213A}

2012-04-08 23:00:32 -------- d-----w- C:\Users\The Buonos\AppData\Local\{5EBA6888-E02C-44FF-BEFC-FABAD9CA9340}

2012-04-08 23:00:20 -------- d-----w- C:\Users\The Buonos\AppData\Local\{A31E1D9E-0685-4234-BDEF-4EAC2AAA61EF}

2012-04-08 16:46:45 -------- d-----w- C:\Users\The Buonos\AppData\Local\Unity

2012-04-08 11:00:04 -------- d-----w- C:\Users\The Buonos\AppData\Local\{14A57582-FE88-45F7-BCD8-B8B24B1DF1D1}

2012-04-08 10:59:52 -------- d-----w- C:\Users\The Buonos\AppData\Local\{4EF66240-3D4E-4D0B-827A-531218CE4D24}

2012-04-07 21:42:53 -------- d-----w- C:\Users\The Buonos\AppData\Local\Adobe

2012-04-07 21:21:03 -------- d-----w- C:\Program Files\iTunes

2012-04-07 21:21:03 -------- d-----w- C:\Program Files\iPod

2012-04-07 21:17:34 -------- d-----w- C:\Users\The Buonos\AppData\Local\Apple Computer

2012-04-07 21:17:27 34152 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys

2012-04-07 21:17:27 126312 ----a-w- C:\Windows\System32\GEARAspi64.dll

2012-04-07 21:17:27 107368 ----a-w- C:\Windows\SysWow64\GEARAspi.dll

2012-04-07 21:17:03 -------- d-----w- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}

2012-04-07 21:17:03 -------- d-----w- C:\Program Files (x86)\iTunes

2012-04-07 21:16:21 -------- d-----w- C:\Users\The Buonos\AppData\Local\Apple

2012-04-07 21:15:40 -------- d-----w- C:\Program Files\Bonjour

2012-04-07 21:15:40 -------- d-----w- C:\Program Files (x86)\Bonjour

2012-04-07 21:07:38 -------- d-----w- C:\Windows\Panther

2012-04-07 21:00:19 -------- d-----w- C:\Windows.old

2012-04-07 20:33:55 -------- d-----w- C:\Users\The Buonos\AppData\Local\Microsoft Games

2012-04-07 19:40:22 -------- d-----w- C:\symbols

2012-04-07 19:22:13 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8

2012-04-07 19:21:25 -------- d-----w- C:\Users\The Buonos\AppData\Local\Microsoft Help

2012-04-07 19:04:20 -------- d-----w- C:\Program Files (x86)\uTorrent

2012-04-07 19:03:55 -------- d-----w- C:\Users\The Buonos\AppData\Roaming\uTorrent

2012-04-07 18:07:06 -------- d-----w- C:\Users\The Buonos\AppData\Local\{80B1D724-8490-4CEB-9B81-DB8BB4A474D4}

2012-04-07 18:07:01 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2012-04-07 18:06:19 -------- d-----w- C:\Users\The Buonos\AppData\Local\{5A8586ED-4C3C-4B8E-AC4A-3B74EC2B0C18}

2012-04-07 18:06:07 -------- d-----w- C:\Users\The Buonos\AppData\Local\{684F2D62-44E5-4EE2-8A06-07D2F8808BBE}

2012-04-07 18:05:54 -------- d-----w- C:\Users\The Buonos\Tracing

2012-04-07 18:05:53 -------- d-----w- C:\Users\The Buonos\AppData\Roaming\Windows Live Writer

2012-04-07 18:05:53 -------- d-----w- C:\Users\The Buonos\AppData\Local\Windows Live Writer

2012-04-07 18:04:30 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-04-07 18:04:30 418464 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2012-04-07 18:02:23 -------- d-----w- C:\Windows\en

2012-04-07 18:00:46 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition

2012-04-07 17:59:27 737072 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll

2012-04-07 17:59:09 4283672 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll

2012-04-07 17:58:57 42776 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll

2012-04-07 17:58:48 539984 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll

2012-04-07 17:58:47 48488 ----a-w- C:\Windows\System32\drivers\fssfltr.sys

2012-04-07 17:58:19 -------- d-----w- C:\Windows\PCHEALTH

2012-04-07 17:56:37 -------- d-----w- C:\Program Files (x86)\Microsoft

2012-04-07 17:56:31 69464 ----a-w- C:\Windows\SysWow64\XAPOFX1_3.dll

2012-04-07 17:56:31 515416 ----a-w- C:\Windows\SysWow64\XAudio2_5.dll

2012-04-07 17:56:30 523088 ----a-w- C:\Windows\System32\d3dx10_42.dll

2012-04-07 17:56:30 453456 ----a-w- C:\Windows\SysWow64\d3dx10_42.dll

2012-04-07 17:56:05 4398360 ----a-w- C:\Windows\System32\d3dx9_32.dll

2012-04-07 17:56:05 3426072 ----a-w- C:\Windows\SysWow64\d3dx9_32.dll

2012-04-07 17:55:01 -------- d-sh--w- C:\Windows\Installer

2012-04-07 17:54:36 1164800 ----a-w- C:\Windows\SysWow64\UIRibbonRes.dll

2012-04-07 17:54:36 1164800 ----a-w- C:\Windows\System32\UIRibbonRes.dll

2012-04-07 17:54:35 3860992 ----a-w- C:\Windows\System32\UIRibbon.dll

2012-04-07 17:54:35 2983424 ----a-w- C:\Windows\SysWow64\UIRibbon.dll

2012-04-07 17:54:16 -------- d-----w- C:\Users\The Buonos\AppData\Roaming\Malwarebytes

2012-04-07 17:54:08 -------- d-----w- C:\ProgramData\Malwarebytes

2012-04-07 17:54:07 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-04-07 17:54:07 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-04-07 17:52:22 -------- d-----w- C:\Users\The Buonos\AppData\Local\Windows Live

2012-04-07 17:52:21 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live

2012-04-07 17:47:55 -------- d-----w- C:\Windows\System32\kodak

2012-04-07 17:47:29 -------- d-----w- C:\ProgramData\Kodak

2012-04-07 17:47:28 232960 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\EKIJ5000PPR.dll

2012-04-07 17:45:02 826368 ----a-w- C:\Windows\SysWow64\rdpcore.dll

2012-04-07 17:45:02 1031680 ----a-w- C:\Windows\System32\rdpcore.dll

2012-04-07 17:45:01 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys

2012-04-07 17:45:01 204800 ----a-w- C:\Windows\System32\drivers\rdpwd.sys

2012-04-07 17:45:00 139264 ----a-w- C:\Windows\System32\cabview.dll

2012-04-07 17:45:00 132608 ----a-w- C:\Windows\SysWow64\cabview.dll

2012-04-07 17:42:22 -------- d-----w- C:\Users\The Buonos\AppData\Local\VirtualStore

2012-04-07 17:28:49 279656 ------w- C:\Windows\System32\MpSigStub.exe

2012-03-25 21:59:05 -------- d-----w- C:\TDSSKiller_Quarantine

.

==================== Find3M ====================

.

2012-04-07 17:46:58 419840 ----a-w- C:\Windows\System32\systemcpl.dll

2012-04-07 17:46:58 14848 ----a-w- C:\Windows\System32\slwga.dll

2012-04-07 17:46:58 13824 ----a-w- C:\Windows\SysWow64\slwga.dll

2012-04-07 17:46:57 833024 ----a-w- C:\Windows\SysWow64\user32.dll

2012-04-07 17:46:57 1008640 ----a-w- C:\Windows\System32\user32.dll

2012-03-08 22:50:28 49016 ----a-w- C:\Windows\SysWow64\sirenacm.dll

2012-03-08 22:37:20 302448 ----a-w- C:\Windows\WLXPGSS.SCR

2012-02-15 15:01:50 52736 ----a-w- C:\Windows\System32\drivers\usbaapl64.sys

2012-02-15 15:01:50 4547944 ----a-w- C:\Windows\System32\usbaaplrc.dll

.

============= FINISH: 12:27:41.54 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Ultimate

Boot Device: \Device\HarddiskVolume1

Install Date: 4/7/2012 1:39:55 PM

System Uptime: 4/9/2012 7:34:46 AM (53 hours ago)

.

Motherboard: PEGATRON CORPORATION | | NARRA3

Processor: AMD Phenom 9500 Quad-Core Processor | Socket AM2 | 1100/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 583 GiB total, 264.327 GiB free.

D: is FIXED (NTFS) - 932 GiB total, 904.397 GiB free.

E: is FIXED (NTFS) - 13 GiB total, 1.768 GiB free.

F: is CDROM ()

G: is CDROM ()

I: is Removable

J: is Removable

K: is Removable

L: is Removable

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP2: 4/7/2012 1:46:29 PM - Windows Update

RP3: 4/7/2012 1:52:31 PM - Windows Live Essentials

RP4: 4/7/2012 1:53:25 PM - Windows Update

RP5: 4/7/2012 1:54:15 PM - Windows Update

RP6: 4/7/2012 1:55:46 PM - Installed DirectX

RP7: 4/7/2012 1:56:08 PM - Installed DirectX

RP8: 4/7/2012 1:57:53 PM - WLSetup

RP10: 4/7/2012 2:06:13 PM - Installed Java 6 Update 31

RP11: 4/7/2012 3:19:59 PM - Installed Microsoft Office Enterprise 2007

RP12: 4/7/2012 5:16:25 PM - Installed iTunes

RP13: 4/10/2012 8:42:02 AM - Windows Update

.

==== Installed Programs ======================

.

µTorrent

Apple Application Support

Apple Software Update

Bing Bar

D3DX10

Java Auto Updater

Java 6 Update 31

Junk Mail filter update

Malwarebytes Anti-Malware version 1.60.1.1000

Mesh Runtime

Messenger Companion

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office Groove MUI (English) 2007

Microsoft Office Groove Setup Metadata MUI (English) 2007

Microsoft Office InfoPath MUI (English) 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Mozilla Firefox 11.0 (x86 en-US)

MSVCRT

MSVCRT_amd64

Unity Web Player

Windows Live Communications Platform

Windows Live Essentials

Windows Live Installer

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live Messenger Companion Core

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

WinRAR 4.11 (32-bit)

.

==== Event Viewer Messages From Past Week ========

.

4/7/2012 7:25:51 PM, Error: Microsoft-Windows-HAL [12] - The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.

4/7/2012 1:58:39 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070652: PlayReady PC Runtime for Windows 7 (x64) (KB971012).

4/7/2012 1:20:10 PM, Error: Service Control Manager [7023] - The Windows Time service terminated with the following error: The system cannot find the file specified.

.

==== End Of File ===========================

Link to post
Share on other sites

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.