PDA

View Full Version : Malware Browser Redirect.


Tinit5190
2010-06-11, 05:08
I would appreciate it if one of you computer geniuses would help me out with my malware problem.

It would appear that my browser will randomly open a new tab and try to search something using mfeed.in

Nothing shows up because I have NoScript enabled.

Posted below is my DDS log. and attached is the Attach part of the DDS.

DDS (Ver_10-03-17.01) - NTFSx86
Run by Tini T5190 at 20:00:06.60 on 10/06/2010
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_20
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.2.1033.18.2558.1584 [GMT -6:00]

SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Razer\DeathAdder\razerhid.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Lexmark 1400 Series\lxdjamon.exe
C:\Program Files\Portrait Displays\Pivot Software\wpCtrl.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
C:\Program Files\Saitek\SD6\Software\ProfilerU.exe
C:\Program Files\Saitek\SD6\Software\SaiMfd.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Acer Display\eDisplay Management\DTHtml.exe
C:\Program Files\Razer\DeathAdder\razertra.exe
C:\Program Files\Razer\DeathAdder\razerofa.exe
C:\Windows\system32\PnkBstrA.exe
C:\Program Files\Portrait Displays\Pivot Software\floater.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDPop3.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe
C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Windows Media Player\WMPSideShowGadget.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskhost.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\notepad.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\notepad.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Users\Tini T5190\Desktop\dds.scr
C:\Windows\system32\conhost.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://callofduty.wikia.com/wiki/Callsigns/Emblems
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot - search & destroy\SDHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
mRun: [AdobeCS4ServiceManager] "c:\program files\common files\adobe\cs4servicemanager\CS4ServiceManager.exe" -launchedbylogin
mRun: [DeathAdder] c:\program files\razer\deathadder\razerhid.exe
mRun: [DT ACR] c:\program files\common files\portrait displays\shared\DT_startup.exe -ACR
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [lxdjamon] "c:\program files\lexmark 1400 series\lxdjamon.exe"
mRun: [PivotSoftware] "c:\program files\portrait displays\pivot software\wpctrl.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Launch LgDeviceAgent] "c:\program files\logitech\gamepanel software\LgDevAgt.exe"
mRun: [Launch LCDMon] "c:\program files\logitech\gamepanel software\lcd manager\LCDMon.exe"
mRun: [Launch LGDCore] "c:\program files\logitech\gamepanel software\g-series software\LGDCore.exe" /SHOWHIDE
mRun: [ProfilerU] c:\program files\saitek\sd6\software\ProfilerU.exe
mRun: [SaiMfd] c:\program files\saitek\sd6\software\SaiMfd.exe
StartupFolder: c:\users\tinit5~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenote 2007 screen clipper and launcher.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\adobe reader speed launch.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\microsoft office\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\microsoft office\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot - search & destroy\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
TCP: {B9E4104F-B094-4890-87C0-BF81C05E37B4} = 64.59.135.133,64.59.135.135
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

================= FIREFOX ===================

FF - ProfilePath - c:\users\tinit5~1\appdata\roaming\mozilla\firefox\profiles\n34bznlb.default\
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\users\tini t5190\appdata\roaming\mozilla\firefox\profiles\n34bznlb.default\extensions\battlefieldheroespatcher@ea.com\platform\winnt_x86-msvc\plugins\npBFHUpdater.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2010-6-10 809296]
R3 DAdderFltr;DeathAdder Mouse;c:\windows\system32\drivers\dadder.sys [2009-12-24 22784]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [2009-11-23 19720]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [2009-11-23 14856]
R3 SaiH0461;SaiH0461;c:\windows\system32\drivers\SaiH0461.sys [2007-5-1 132232]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-5-8 136176]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-4-6 1343400]

=============== Created Last 30 ================

2010-06-11 01:49:50 0 d-----w- c:\programdata\Spybot - Search & Destroy
2010-06-11 01:49:50 0 d-----w- c:\program files\Spybot - Search & Destroy
2010-06-11 00:25:19 0 d-----w- c:\users\tinit5~1\appdata\roaming\Malwarebytes
2010-06-11 00:25:11 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-06-11 00:25:11 0 d-----w- c:\programdata\Malwarebytes
2010-06-11 00:25:10 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-06-11 00:25:10 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-06-08 23:39:42 0 d-----w- c:\program files\StarCraft II Beta
2010-06-08 02:52:14 2427248 ----a-w- c:\windows\system32\pbsvc_heroes.exe
2010-06-08 02:41:39 0 d-----w- c:\program files\EA Games
2010-06-06 21:35:32 0 d-----w- c:\program files\Saitek
2010-06-06 20:53:45 0 d-----w- c:\programdata\Saitek
2010-06-06 20:32:24 57344 ----a-w- c:\windows\system32\SAIGON.dll
2010-06-06 20:32:24 45056 ----a-w- c:\windows\system32\SAIKICK.dll
2010-06-06 20:32:24 155648 ----a-w- c:\windows\system32\nY.exe
2010-06-06 20:31:44 2940 ----a-w- c:\windows\system32\SaiC0461-BCDC59F0-6A0D-45F6-A932-862C5D686BBC.pr0
2010-06-06 20:28:55 688 ----a-w- c:\windows\system32\SaiD0461.pr0
2010-06-06 20:28:55 306 ----a-w- c:\windows\system32\SaiC0461.pr0
2010-05-28 02:19:04 0 d-----w- c:\programdata\Blizzard Entertainment
2010-05-28 02:18:27 0 d-----w- c:\programdata\Blizzard
2010-05-25 17:03:02 2048 ----a-w- c:\windows\system32\tzres.dll
2010-05-20 01:29:22 218808 ----a-w- c:\windows\system32\PnkBstrB.xtr
2010-05-20 00:09:35 138056 ----a-w- c:\users\tinit5~1\appdata\roaming\PnkBstrK.sys
2010-05-20 00:09:35 137256 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-05-20 00:09:17 218808 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-05-20 00:09:10 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-05-20 00:09:10 2434856 ----a-w- c:\windows\system32\pbsvc_bc2.exe
2010-05-15 05:54:46 0 d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2010-05-14 21:54:50 0 d-----w- c:\program files\Sonic the Hedgehog
2010-05-14 06:22:59 199192 ----a-w- c:\windows\system32\lvci1201278.dll
2010-05-14 06:15:52 0 d-----w- c:\programdata\PC Drivers HeadQuarters
2010-05-13 00:16:08 0 d-----w- C:\Temp
2010-05-13 00:12:29 0 d-----w- c:\users\tinit5~1\appdata\roaming\Wizards of the Coast
2010-05-13 00:12:07 0 d-----w- c:\program files\Wizards of the Coast
2010-05-12 19:30:49 740864 ----a-w- c:\windows\system32\inetcomm.dll

==================== Find3M ====================

2055-09-19 06:29:11 2012 ----a-w- c:\windows\system32\NAV_75_cltDynam.dat
2010-05-12 17:21:16 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-04-29 01:21:54 72080 ----a-w- c:\users\tini t5190\g2mdlhlpx.exe
2010-04-14 04:20:26 5652144 ----a-w- c:\windows\system32\SpoonUninstall.exe
2010-04-12 23:29:19 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-03-29 23:10:15 21316 ----a-w- c:\windows\system32\emptyregdb.dat
2010-03-13 05:15:38 336 ----a-w- c:\program files\temp995.bat
2010-01-19 02:17:51 770985417 ----a-w- c:\program files\data2.cab.partial
2010-01-19 02:14:38 802304 ----a-w- c:\program files\setup.exe.partial
2010-01-19 02:14:38 576000 ----a-w- c:\program files\ISSetup.dll.partial
2010-01-19 02:14:38 473 ----a-w- c:\program files\layout.bin.partial
2010-01-19 02:14:38 357860 ----a-w- c:\program files\data1.hdr.partial
2010-01-19 02:14:38 255774 ----a-w- c:\program files\setup.inx.partial
2010-01-19 02:14:38 21494 ----a-w- c:\program files\0x0409.ini.partial
2010-01-19 02:14:38 1669931 ----a-w- c:\program files\setup.isn.partial
2010-01-19 02:14:38 1224 ----a-w- c:\program files\setup.ini.partial
2010-01-19 02:14:38 1061129 ----a-w- c:\program files\data1.cab.partial
2009-07-14 04:56:42 31548 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2009-07-14 04:56:42 31548 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2009-07-14 04:56:42 291294 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2009-07-14 04:56:42 291294 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2009-07-14 04:41:57 174 --sha-w- c:\program files\desktop.ini
2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2009-06-10 21:26:35 9633792 --sha-r- c:\windows\fonts\StaticCache.dat
2010-01-19 05:00:42 16384 --sha-w- c:\windows\serviceprofiles\localservice\appdata\local\temp\cookies\index.dat
2010-01-19 05:00:42 16384 --sha-w- c:\windows\serviceprofiles\localservice\appdata\local\temp\history\history.ie5\index.dat
2010-01-19 05:00:42 32768 --sha-w- c:\windows\serviceprofiles\localservice\appdata\local\temp\temporary internet files\content.ie5\index.dat
2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe

============= FINISH: 20:00:23.65 ===============
Shaba
2010-06-14, 20:25
Hi Tinit5190

Please copy/paste contents of attach.txt to your next reply :)
Tinit5190
2010-06-15, 00:04
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 29/03/2010 5:23:53 PM
System Uptime: 06/10/2010 7:55:01 PM (-2831 hours ago)

Motherboard: ASUSTeK Computer INC. | | M2N-SLI
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 6400+ | Socket AM2 | 3200/200mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 233 GiB total, 82.289 GiB free.
D: is FIXED (NTFS) - 224 GiB total, 57.615 GiB free.
E: is CDROM (CDFS)
F: is CDROM ()

==== Disabled Device Manager Items =============

Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: sptd
Device ID: ROOT\LEGACY_SPTD\0000
Manufacturer:
Name: sptd
PNP Device ID: ROOT\LEGACY_SPTD\0000
Service: sptd

==== System Restore Points ===================

RP41: 06/06/2010 2:31:58 PM - Installed Saitek SST Programming Software
RP42: 06/06/2010 2:32:40 PM - Device Driver Package Install: Saitek
RP44: 06/06/2010 2:51:06 PM - Removed Saitek SST Programming Software
RP45: 06/06/2010 2:51:32 PM - Device Driver Package Install: Saitek Human Interface Devices
RP46: 06/06/2010 3:35:42 PM - Device Driver Package Install: Saitek Saitek Magic Bus
RP47: 07/06/2010 2:26:26 PM - Windows Update
RP49: 07/06/2010 7:23:54 PM - Installed Battlefield 2(TM) Demo
RP51: 07/06/2010 7:26:04 PM - Installed Battlefield 2142 Demo
RP53: 07/06/2010 7:43:59 PM - Removed Battlefield 2142 Demo
RP55: 07/06/2010 7:44:38 PM - Removed Battlefield 2(TM) Demo
RP56: 08/06/2010 1:33:37 PM - Installed AVG 9.0
RP58: 08/06/2010 2:05:44 PM - Avg Update
RP59: 08/06/2010 4:38:15 PM - Removed AVG 9.0
RP60: 08/06/2010 4:39:58 PM - Installed AVG 9.0

==== Installed Programs ======================

Acer eDisplay Management
Adobe AIR
Adobe Anchor Service CS4
Adobe Bridge CS4
Adobe CMaps CS4
Adobe Color - Photoshop Specific CS4
Adobe Color EU Extra Settings CS4
Adobe Color JA Extra Settings CS4
Adobe Color NA Recommended Settings CS4
Adobe Color Video Profiles CS CS4
Adobe CSI CS4
Adobe Default Language CS4
Adobe Device Central CS4
Adobe Drive CS4
Adobe ExtendScript Toolkit CS4
Adobe Extension Manager CS4
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Fonts All
Adobe Linguistics CS4
Adobe Media Player
Adobe Output Module
Adobe PDF Library Files CS4
Adobe Photoshop CS4
Adobe Photoshop CS4 Support
Adobe Reader 7.0.5
Adobe Search for Help
Adobe Service Manager Extension
Adobe Setup
Adobe Type Support CS4
Adobe Update Manager CS4
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS4
AdobeColorCommonSetCMYK
AdobeColorCommonSetRGB
Aimersoft Audio Converter(Build 1.1.52)
Aimersoft DVD Creator(Build 1.1.52)
Aimersoft DVD Ripper(Build 1.1.52)
Aimersoft DVD Studio Pack(Build 1.1.52)
Aimersoft Video Converter(Build 1.1.52)
Apple Application Support
Apple Software Update
µTorrent
Battlefield Heroes
Battlefield: Bad Company™ 2
Call of Duty: Modern Warfare 2
Call of Duty: Modern Warfare 2 - Multiplayer
Connect
ConvertHelper 2.2
ERUNT 1.1j
FileZilla Client 3.3.2.1
Google Earth Plug-in
Google Update Helper
GoToMeeting 4.5.0.457
Java Auto Updater
Java(TM) 6 Update 20
KompoZer 0.8b3
kuler
Lexmark 1400 Series
Logitech GamePanel Software 3.04.143
Magic Online
Malwarebytes' Anti-Malware
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Mozilla Firefox (3.6.3)
NVIDIA Display Control Panel
NVIDIA Drivers
NVIDIA PhysX
Ogg Codecs 0.81.15562
PDF Settings CS4
Photoshop Camera Raw
Pivot Software
Portal
PunkBuster Services
PVSonyDll
QuickTime
Razer DeathAdder(TM) Mouse
Saitek SD6 Programming Software 6.6.6.9
SDK
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for 2007 Microsoft Office System (KB978380)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Office Excel 2007 (KB978382)
Security Update for Microsoft Office Outlook 2007 (KB972363)
Security Update for Microsoft Office PowerPoint 2007 (KB957789)
Security Update for Microsoft Office Publisher 2007 (KB980470)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Sonic the Hedgehog
Spybot - Search & Destroy
StarCraft II Beta
Steam
Suite Shared Configuration CS4
System Requirements Lab
The KMPlayer (remove only)
Update for 2007 Microsoft Office System (KB967642)
Update for 2007 Microsoft Office System (KB981715)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office InfoPath 2007 (KB976416)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 (KB974561)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (kb981726)
Ventrilo Client
Ventrilo Server
Warcraft III
WhiteCap
WinRAR archiver

==== Event Viewer Messages From Past Week ========

10/06/2010 7:56:30 PM, Error: Microsoft-Windows-WMPNSS-Service [14338] - A new media server was not initialized because CoCreateInstance(CLSID_UPnPRegistrar) encountered error '0x80070422'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
10/06/2010 7:56:15 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: sptd
10/06/2010 7:55:02 PM, Error: sptd [4] - Driver detected an internal error in its data structures for .
10/06/2010 5:48:01 PM, Error: Schannel [36888] - The following fatal alert was generated: 10. The internal error state is 10.
08/06/2010 2:00:26 PM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80070420'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
08/06/2010 1:59:32 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
07/06/2010 9:27:09 PM, Error: Service Control Manager [7000] - The WinHTTP Web Proxy Auto-Discovery Service service failed to start due to the following error: The client of a component requested an operation which is not valid given the state of the component instance.
07/06/2010 8:03:27 PM, Error: Service Control Manager [7000] - The Telephony service failed to start due to the following error: The client of a component requested an operation which is not valid given the state of the component instance.

==== End Of File ===========================
Shaba
2010-06-15, 07:18
IMPORTANT I notice there are signs of one or more P2P (Peer to Peer) File Sharing Programs on your computer.

µTorrent


I'd like you to read the this thread (http://forums.spybot.info/showthread.php?t=282).

Please go to Control Panel > Add/Remove Programs and uninstall the programs listed above (in red).

Please run a new DDS log scan when finished and post the logs back here.
Tinit5190
2010-06-16, 04:27
Help no longer needed. My computer won't even boot up anymore. All I hear is my video card spinning and spinning.

Going to have to get a new computer or get one of my buds to install a new Win7