uncle bobo
2011-02-16, 05:14
here's my dss. i don't know how to zip it.
DDS (Ver_10-12-12.02) - NTFSx86
Run by Owner at 21:55:04.08 on Tue 02/15/2011
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.510.65 [GMT -6:00]
AV: avast! antivirus 4.7.1001 [VPS 110212-1] *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\Explorer.EXE
C:\Program Files\IObit\IObit Security 360\IS360srv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Owner\My Documents\Downloads\dds.scr
C:\WINDOWS\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.bing.com/?pc=Z003&form=ZGAPHP
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
mSearchAssistant = hxxp://www.google.com/ie
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
TB: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - c:\program files\search toolbar\SearchToolbar.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [Google Update] "c:\documents and settings\owner\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [Apoint] c:\program files\apoint\Apoint.exe
mRun: c:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 10.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SmartDefrag] "c:\program files\iobit\iobit smartdefrag\IObit SmartDefrag.exe" /StartUp
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [SynTPLpr] c:\program files\synaptics\syntp\SynTPLpr.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
uPolicies-explorer: DisallowRun = 1 (0x1)
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
Trusted Zone: com\www.msi (http://www.msi)
Trusted Zone: com.tw\asia.msi
Trusted Zone: com.tw\global.msi
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\progra~1\google\google~1\GOEC62~1.DLL
IFEO: image file execution options - svchost.exe
IFEO: OLT.exe - svchost.exe
Hosts: 66.232.102.249 www.google.co.nz (http://www.google.co.nz)
Hosts: 66.232.102.249 google.pl
Hosts: 66.232.102.249 www.google.pl (http://www.google.pl)
================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\owner\applic~1\mozilla\firefox\profiles\2ed6awcc.default\
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\documents and settings\owner\local settings\application data\google\update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
---- FIREFOX POLICIES ----
FF - user.js: browser.cache.memory.capacity - 16000
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: dom.disable_window_status_change - true
FF - user.js: network.http.max-connections - 32
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 750
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
============= SERVICES / DRIVERS ===============
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2011-2-12 132736]
R2 IS360service;IS360service;c:\program files\iobit\iobit security 360\is360srv.exe [2011-1-2 312152]
R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2011-2-12 243328]
R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2011-2-12 345728]
S1 MpKsl8315566f;MpKsl8315566f;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{80b4dcff-6c20-49cf-8658-75f398517876}\mpksl8315566f.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{80b4dcff-6c20-49cf-8658-75f398517876}\MpKsl8315566f.sys [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-2-2 136176]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2011-1-5 30192]
S3 MSI_DVD_010507;MSI_DVD_010507;c:\progra~1\msi\msiwdev\DVDSYS32_100507.sys [2010-5-10 22328]
S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;c:\progra~1\msi\msiwdev\msibios32_100507.sys [2010-5-10 25912]
S3 MSI_VGASYS_010507;MSI_VGASYS_010507;c:\progra~1\msi\msiwdev\VGASYS32_100507.sys [2010-5-10 16696]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2008-8-21 14336]
=============== Created Last 30 ================
2011-02-16 02:20:38 -------- d-----w- c:\program files\Safer Networking
2011-02-14 23:34:40 -------- d-----w- C:\ubuntu
2011-02-13 08:39:41 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-02-13 08:39:41 -------- d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2011-02-13 02:04:05 -------- d-----w- c:\docume~1\owner\applic~1\Malwarebytes
2011-02-13 02:03:58 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-02-13 02:03:57 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2011-02-13 02:03:54 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-02-13 02:03:53 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-02-12 11:11:34 -------- d-----w- c:\docume~1\owner\locals~1\applic~1\WMTools Downloaded Files
2011-02-12 03:54:06 -------- d-sh--w- c:\docume~1\alluse~1\applic~1\SIVKNPJP
2011-02-12 03:53:05 -------- d-sh--w- c:\docume~1\alluse~1\applic~1\56ea2d
2011-02-01 08:32:04 -------- d-----w- c:\docume~1\owner\applic~1\Software Informer
2011-02-01 08:32:03 -------- d-----w- c:\program files\Software Informer
2011-02-01 08:31:57 -------- d-----w- c:\docume~1\owner\applic~1\Free Download Manager
2011-02-01 08:31:49 -------- d-----w- c:\docume~1\alluse~1\applic~1\FreeDownloadManager.ORG
2011-02-01 08:31:48 -------- d-----w- c:\program files\Free Download Manager
2011-02-01 02:30:07 155648 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iuser.dll
2011-02-01 02:30:06 692224 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iKernel.dll
2011-02-01 02:30:06 57344 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\ctor.dll
2011-02-01 02:30:06 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\DotNetInstaller.exe
2011-02-01 02:30:06 237568 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iscript.dll
2011-02-01 02:30:06 163972 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iGdi.dll
2011-02-01 02:30:05 282756 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\setup.dll
2011-02-01 00:38:52 -------- d-----w- c:\program files\Search Toolbar
2011-02-01 00:38:42 -------- d-----w- c:\program files\File Extension Finder
==================== Find3M ====================
2011-01-21 14:44:37 439296 ----a-w- c:\windows\system32\shimgvw.dll
2011-01-07 14:09:02 290048 ----a-w- c:\windows\system32\atmfd.dll
2011-01-02 06:57:58 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-01-02 06:57:58 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-12-31 13:10:33 1854976 ----a-w- c:\windows\system32\win32k.sys
2010-12-22 12:34:28 301568 ----a-w- c:\windows\system32\kerberos.dll
2010-12-20 23:59:20 916480 ----a-w- c:\windows\system32\wininet.dll
2010-12-20 23:59:19 43520 ------w- c:\windows\system32\licmgr10.dll
2010-12-20 23:59:19 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-12-20 17:26:00 730112 ----a-w- c:\windows\system32\lsasrv.dll
2010-12-20 12:55:26 385024 ------w- c:\windows\system32\html.iec
2010-12-09 15:15:09 718336 ----a-w- c:\windows\system32\ntdll.dll
2010-12-09 14:30:22 33280 ----a-w- c:\windows\system32\csrsrv.dll
2010-12-09 13:38:47 2192768 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-12-09 13:07:05 2069376 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-11-18 18:12:44 81920 ----a-w- c:\windows\system32\isign32.dll
============= FINISH: 21:56:22.92 ===============
here is my hijack tis report. if somebody could help me figure out how to zip, that would be awesome. thanks tashi you've been much help.
Edit[I] Removed log
CAN SOMEONE PLEASE HELP!!!!!!!!!!!!!!!!!
teach me how to zip.
DDS (Ver_10-12-12.02) - NTFSx86
Run by Owner at 21:55:04.08 on Tue 02/15/2011
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.510.65 [GMT -6:00]
AV: avast! antivirus 4.7.1001 [VPS 110212-1] *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\Explorer.EXE
C:\Program Files\IObit\IObit Security 360\IS360srv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Owner\My Documents\Downloads\dds.scr
C:\WINDOWS\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.bing.com/?pc=Z003&form=ZGAPHP
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
mSearchAssistant = hxxp://www.google.com/ie
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
TB: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - c:\program files\search toolbar\SearchToolbar.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [Google Update] "c:\documents and settings\owner\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [Apoint] c:\program files\apoint\Apoint.exe
mRun: c:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 10.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SmartDefrag] "c:\program files\iobit\iobit smartdefrag\IObit SmartDefrag.exe" /StartUp
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [SynTPLpr] c:\program files\synaptics\syntp\SynTPLpr.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
uPolicies-explorer: DisallowRun = 1 (0x1)
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
Trusted Zone: com\www.msi (http://www.msi)
Trusted Zone: com.tw\asia.msi
Trusted Zone: com.tw\global.msi
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\progra~1\google\google~1\GOEC62~1.DLL
IFEO: image file execution options - svchost.exe
IFEO: OLT.exe - svchost.exe
Hosts: 66.232.102.249 www.google.co.nz (http://www.google.co.nz)
Hosts: 66.232.102.249 google.pl
Hosts: 66.232.102.249 www.google.pl (http://www.google.pl)
================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\owner\applic~1\mozilla\firefox\profiles\2ed6awcc.default\
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\documents and settings\owner\local settings\application data\google\update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
---- FIREFOX POLICIES ----
FF - user.js: browser.cache.memory.capacity - 16000
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: dom.disable_window_status_change - true
FF - user.js: network.http.max-connections - 32
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 750
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
============= SERVICES / DRIVERS ===============
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2011-2-12 132736]
R2 IS360service;IS360service;c:\program files\iobit\iobit security 360\is360srv.exe [2011-1-2 312152]
R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2011-2-12 243328]
R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2011-2-12 345728]
S1 MpKsl8315566f;MpKsl8315566f;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{80b4dcff-6c20-49cf-8658-75f398517876}\mpksl8315566f.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{80b4dcff-6c20-49cf-8658-75f398517876}\MpKsl8315566f.sys [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-2-2 136176]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2011-1-5 30192]
S3 MSI_DVD_010507;MSI_DVD_010507;c:\progra~1\msi\msiwdev\DVDSYS32_100507.sys [2010-5-10 22328]
S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;c:\progra~1\msi\msiwdev\msibios32_100507.sys [2010-5-10 25912]
S3 MSI_VGASYS_010507;MSI_VGASYS_010507;c:\progra~1\msi\msiwdev\VGASYS32_100507.sys [2010-5-10 16696]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2008-8-21 14336]
=============== Created Last 30 ================
2011-02-16 02:20:38 -------- d-----w- c:\program files\Safer Networking
2011-02-14 23:34:40 -------- d-----w- C:\ubuntu
2011-02-13 08:39:41 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-02-13 08:39:41 -------- d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2011-02-13 02:04:05 -------- d-----w- c:\docume~1\owner\applic~1\Malwarebytes
2011-02-13 02:03:58 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-02-13 02:03:57 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2011-02-13 02:03:54 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-02-13 02:03:53 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-02-12 11:11:34 -------- d-----w- c:\docume~1\owner\locals~1\applic~1\WMTools Downloaded Files
2011-02-12 03:54:06 -------- d-sh--w- c:\docume~1\alluse~1\applic~1\SIVKNPJP
2011-02-12 03:53:05 -------- d-sh--w- c:\docume~1\alluse~1\applic~1\56ea2d
2011-02-01 08:32:04 -------- d-----w- c:\docume~1\owner\applic~1\Software Informer
2011-02-01 08:32:03 -------- d-----w- c:\program files\Software Informer
2011-02-01 08:31:57 -------- d-----w- c:\docume~1\owner\applic~1\Free Download Manager
2011-02-01 08:31:49 -------- d-----w- c:\docume~1\alluse~1\applic~1\FreeDownloadManager.ORG
2011-02-01 08:31:48 -------- d-----w- c:\program files\Free Download Manager
2011-02-01 02:30:07 155648 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iuser.dll
2011-02-01 02:30:06 692224 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iKernel.dll
2011-02-01 02:30:06 57344 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\ctor.dll
2011-02-01 02:30:06 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\DotNetInstaller.exe
2011-02-01 02:30:06 237568 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iscript.dll
2011-02-01 02:30:06 163972 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iGdi.dll
2011-02-01 02:30:05 282756 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\setup.dll
2011-02-01 00:38:52 -------- d-----w- c:\program files\Search Toolbar
2011-02-01 00:38:42 -------- d-----w- c:\program files\File Extension Finder
==================== Find3M ====================
2011-01-21 14:44:37 439296 ----a-w- c:\windows\system32\shimgvw.dll
2011-01-07 14:09:02 290048 ----a-w- c:\windows\system32\atmfd.dll
2011-01-02 06:57:58 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-01-02 06:57:58 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-12-31 13:10:33 1854976 ----a-w- c:\windows\system32\win32k.sys
2010-12-22 12:34:28 301568 ----a-w- c:\windows\system32\kerberos.dll
2010-12-20 23:59:20 916480 ----a-w- c:\windows\system32\wininet.dll
2010-12-20 23:59:19 43520 ------w- c:\windows\system32\licmgr10.dll
2010-12-20 23:59:19 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-12-20 17:26:00 730112 ----a-w- c:\windows\system32\lsasrv.dll
2010-12-20 12:55:26 385024 ------w- c:\windows\system32\html.iec
2010-12-09 15:15:09 718336 ----a-w- c:\windows\system32\ntdll.dll
2010-12-09 14:30:22 33280 ----a-w- c:\windows\system32\csrsrv.dll
2010-12-09 13:38:47 2192768 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-12-09 13:07:05 2069376 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-11-18 18:12:44 81920 ----a-w- c:\windows\system32\isign32.dll
============= FINISH: 21:56:22.92 ===============
here is my hijack tis report. if somebody could help me figure out how to zip, that would be awesome. thanks tashi you've been much help.
Edit[I] Removed log
CAN SOMEONE PLEASE HELP!!!!!!!!!!!!!!!!!
teach me how to zip.