Page 1 of 2 12 LastLast
Results 1 to 10 of 16

Thread: My computer is freezing and is incredibly slow.

  1. #1
    Junior Member
    Join Date
    Apr 2011
    Posts
    9

    Default My computer is freezing and is incredibly slow.

    About three (3) weeks ago, my computer started freezing up and I cannot access some programs. When I try to shut my computer down it does not want to shut down at times. Below are the DDS reports:

    .
    DDS (Ver_11-03-05.01) - NTFS_AMD64
    Run by Shannon at 9:22:54.59 on 04/13/11
    Internet Explorer: 9.0.8112.16421
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3836.1161 [GMT -5:00]
    .
    AV: Spyware Doctor with AntiVirus *Enabled/Updated* {2F668A56-D5E0-2DF1-A0AE-CB1284F42AB2}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Spyware Doctor with AntiVirus *Enabled/Updated* {94076BB2-F3DA-227F-9A1E-F060FF73600F}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\STacSV64.exe
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\Hpservice.exe
    C:\Windows\system32\vcsFPService.exe
    C:\Windows\system32\atieclxx.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\WLANExt.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
    C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
    C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Program Files (x86)\Novatel Wireless\Verizon\Drivers\NWHelper_001.exe
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
    C:\Program Files (x86)\Pervasive Software\PSQL\bin\w3dbsmgr.exe
    C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
    C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe
    C:\Program Files (x86)\PC Tools Security\pctsSvc.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\system32\svchost.exe -k HPService
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files (x86)\PC Tools Security\TFEngine\TFService.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
    C:\Program Files (x86)\PC Tools Security\pctsGui.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\IDT\WDM\sttray64.exe
    C:\Program Files\Microsoft IntelliPoint\ipoint.exe
    C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
    C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Verizon V CAST Media Manager\V CAST Backup Scheduler.exe
    C:\Users\Shannon\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
    C:\Windows\splwow64.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Program Files (x86)\Sage Software\Peachtree\peachw.exe
    C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
    C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
    C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
    C:\Program Files (x86)\Sage Software\Integration Services\bin\Ais2.Server.Console.exe
    C:\Windows\system32\conhost.exe
    C:\Program Files (x86)\Common Files\Peach\V1700\OUPAW17.exe
    C:\Program Files (x86)\Common Files\Peach\MessageCenter\bin\Sage.MessageCenter.exe
    C:\Windows\system32\svchost.exe -k SDRSVC
    C:\Program Files (x86)\Internet Explorer\IELowutil.exe
    C:\Windows\system32\WUDFHost.exe
    C:\Program Files (x86)\Sage Software\Peachtree\peachw.exe
    C:\Program Files (x86)\Sage Software\Peachtree\peachw.exe
    C:\Program Files (x86)\Sage Software\Peachtree\peachw.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Windows\splwow64.exe
    C:\Users\Shannon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3Q4I97BM\dds.scr
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.yahoo.com/
    uInternet Settings,ProxyOverride = *.local
    uURLSearchHooks: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll
    mWinlogon: Userinit=userinit.exe
    BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: TmIEPlugInBHO Class: {1ca1377b-dc1d-4a52-9585-6e06050fac53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
    BHO: PC Tools Browser Guard BHO: {2a0f3d1b-0909-4ff4-b272-609cce6054e7} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll
    BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
    BHO: TmBpIeBHO Class: {bbacbafd-fa5e-4079-8b33-00eb9f13d4ac} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
    BHO: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    TB: Microsoft Live Search Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll
    TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
    TB: {9D425283-D487-4337-BAB6-AB8354A81457} - No File
    EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
    uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
    uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    uRun: [HLBackupScheduler] C:\Program Files\Verizon V CAST Media Manager\V CAST Backup Scheduler.exe
    uRun: [Google Update] "C:\Users\Shannon\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    uRun: [2422FAD94B0666EA87F107B87EDDD1AB85C930C2._service_run] "C:\Users\Shannon\AppData\Local\Google\Chrome\Application\chrome.exe" --type=service
    mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun: [HPCam_Menu] "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam" UpdateWithCreateOnce "Software\Hewlett-Packard\Media\Webcam"
    mRun: [Corel File Shell Monitor] C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
    mRun: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    mRun: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    mRun: [PeachtreePrefetcher.exe] "C:\PROGRA~2\SAGESO~1\PEACHT~1\PeachtreePrefetcher.exe" /configfile:peachtreeprefetcher.winstart.config
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
    mRun: [<NO NAME>]
    mRun: [ISTray] "C:\Program Files (x86)\PC Tools Security\pctsGui.exe" /hideGUI
    mRun: [PCTools FGuard] C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe
    StartupFolder: C:\Users\Shannon\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\desktop\ERUNT\AUTOBACK.EXE
    StartupFolder: C:\Users\Shannon\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
    IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
    IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
    IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    LSP: C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll
    DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
    DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
    DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
    Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} -
    Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} -
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
    BHO-X64: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll
    BHO-X64: Trend Micro NSC BHO - No File
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg64.dll
    BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
    BHO-X64: URLRedirectionBHO - No File
    BHO-X64: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe64.dll
    BHO-X64: TmBpIeBHO - No File
    BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    TB-X64: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
    TB-X64: {9D425283-D487-4337-BAB6-AB8354A81457} - No File
    TB-X64: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
    EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
    mRun-x64: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
    mRun-x64: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
    mRun-x64: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    mRun-x64: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
    mRun-x64: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
    mRun-x64: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 PCTCore;PCTools KDS;C:\Windows\System32\drivers\PCTCore64.sys [2011-4-11 257232]
    R0 pctDS;PC Tools Data Store;C:\Windows\System32\drivers\pctDS64.sys [2011-4-11 452872]
    R0 pctEFA;PC Tools Extended File Attributes;C:\Windows\System32\drivers\pctEFA64.sys [2011-4-11 816016]
    R0 TfFsMon;TfFsMon;C:\Windows\System32\drivers\TfFsMon.sys [2011-4-11 65072]
    R0 TFSysMon;TFSysMon;C:\Windows\System32\drivers\TfSysMon.sys [2011-4-11 74824]
    R1 pctgntdi;pctgntdi;C:\Windows\System32\drivers\pctgntdi64.sys [2011-4-11 334976]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904]
    R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe [2011-1-2 89600]
    R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2009-8-4 203264]
    R2 Browser Defender Update Service;Browser Defender Update Service;C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe [2011-4-11 247760]
    R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-10-14 92216]
    R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2010-7-16 30520]
    R2 MotoHelper;MotoHelper Service;C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2010-9-7 202048]
    R2 NWVZHelper;Novatel Wireless Verizon Device Helper;C:\Program Files (x86)\Novatel Wireless\Verizon\Drivers\NWHelper_001.exe [2010-6-14 270848]
    R2 psqlWGE;Pervasive PSQL Workgroup Engine;C:\Program Files (x86)\Pervasive Software\PSQL\bin\w3dbsmgr.exe [2008-6-6 435496]
    R2 sdAuxService;PC Tools Auxiliary Service;C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe [2011-4-11 366840]
    R2 sdCoreService;PC Tools Security Service;C:\Program Files (x86)\PC Tools Security\pctsSvc.exe [2011-4-11 1156568]
    R2 tmevtmgr;tmevtmgr;C:\Windows\System32\drivers\tmevtmgr.sys [2011-2-25 67664]
    R2 vcsFPService;Validity VCS Fingerprint Service;C:\Windows\System32\vcsFPService.exe [2009-7-12 1924400]
    R3 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-10-30 227896]
    R3 enecir;ENE CIR Receiver;C:\Windows\System32\drivers\enecir.sys [2009-6-29 70656]
    R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
    R3 pctplsg;pctplsg;C:\Windows\System32\drivers\pctplsg64.sys [2011-4-11 92896]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-2-18 215040]
    R3 TfNetMon;TfNetMon;C:\Windows\System32\drivers\TfNetMon.sys [2011-4-11 41888]
    R3 ThreatFire;ThreatFire;C:\Program Files (x86)\PC Tools Security\TFEngine\TFService.exe service --> C:\Program Files (x86)\PC Tools Security\TFEngine\TFService.exe service [?]
    R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2010-2-18 36408]
    R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-13 17920]
    S2 Amsp;Trend Micro Solution Platform;"C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 --> C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [?]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-16 136176]
    S3 BTCFilterService;USB Networking Driver Filter Service;C:\Windows\System32\drivers\motfilt.sys [2009-1-29 6144]
    S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2010-11-2 48488]
    S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
    S3 motandroidusb;Mot ADB Interface Driver;C:\Windows\System32\drivers\motoandroid.sys [2009-7-10 31744]
    S3 motccgp;Motorola USB Composite Device Driver;C:\Windows\System32\drivers\motccgp.sys [2010-6-18 20992]
    S3 motccgpfl;MotCcgpFlService;C:\Windows\System32\drivers\motccgpfl.sys [2009-1-29 9216]
    S3 MotDev;Motorola Inc. USB Device;C:\Windows\System32\drivers\motodrv.sys [2009-5-8 53632]
    S3 Motousbnet;Motorola USB Networking Driver Service;C:\Windows\System32\drivers\Motousbnet.sys [2010-4-1 26624]
    S3 motusbdevice;Motorola USB Dev Driver;C:\Windows\System32\drivers\motusbdevice.sys [2010-1-25 10240]
    S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
    S3 NWUSBCDFIL64;Novatel Wireless Installation CD;C:\Windows\System32\drivers\NwUsbCdFil64.sys [2010-7-8 25600]
    S3 NWUSBModem_000;Novatel Wireless USB Modem Driver (vGEN);C:\Windows\System32\drivers\nwusbmdm_000.sys [2010-7-8 217728]
    S3 NWUSBPort_000;Novatel Wireless USB Status Port Driver (vGEN);C:\Windows\System32\drivers\nwusbser_000.sys [2010-7-8 217728]
    S3 NWUSBPort2_000;Novatel Wireless USB Status2 Port Driver (vGEN);C:\Windows\System32\drivers\nwusbser2_000.sys [2010-7-8 217728]
    S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-2-18 216576]
    S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
    S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
    S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-3-23 59392]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2011-2-18 51712]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-7-11 1255736]
    S3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\System32\drivers\WSDPrint.sys [2009-7-13 23040]
    S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
    .
    =============== Created Last 30 ================
    .
    2011-04-13 14:10:45 -------- d-----w- C:\desktop
    2011-04-11 16:54:21 74824 --s---w- C:\Windows\System32\drivers\TfSysMon.sys
    2011-04-11 16:54:20 65072 --s---w- C:\Windows\System32\drivers\TfFsMon.sys
    2011-04-11 16:54:20 41888 --s---w- C:\Windows\System32\drivers\TfNetMon.sys
    2011-04-11 15:51:23 767952 ----a-w- C:\Windows\BDTSupport.dll
    2011-04-11 15:51:23 2000848 ----a-w- C:\Windows\PCTBDCore.dll
    2011-04-11 15:51:23 1533904 ----a-w- C:\Windows\PCTBDRes.dll
    2011-04-11 15:51:23 149456 ----a-w- C:\Windows\SGDetectionTool.dll
    2011-04-11 15:43:07 816016 ----a-w- C:\Windows\System32\drivers\pctEFA64.sys
    2011-04-11 15:43:07 452872 ----a-w- C:\Windows\System32\drivers\pctDS64.sys
    2011-04-11 15:43:07 334976 ----a-w- C:\Windows\System32\drivers\pctgntdi64.sys
    2011-04-11 15:43:07 137704 ----a-w- C:\Windows\System32\drivers\pctwfpfilter64.sys
    2011-04-11 15:43:03 257232 ----a-w- C:\Windows\System32\drivers\PCTCore64.sys
    2011-04-11 15:43:00 92896 ----a-w- C:\Windows\System32\drivers\pctplsg64.sys
    2011-04-11 15:42:56 -------- d-----w- C:\Program Files (x86)\PC Tools Security
    2011-04-11 15:42:56 -------- d-----w- C:\Program Files (x86)\Common Files\PC Tools
    2011-04-11 14:03:54 7947600 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
    2011-04-11 14:03:52 8424784 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{ABD4D382-126C-4C30-B6A4-160A50868724}\mpengine.dll
    2011-04-11 01:05:23 -------- d-----w- C:\Users\Shannon\AppData\Local\{A0DEC2A7-F2D9-4B82-B4C7-C84B38A7F2A4}
    2011-04-10 18:35:38 -------- d-----w- C:\PROGRA~3\WEBREG
    2011-04-10 18:34:40 -------- d-----w- C:\Users\Shannon\AppData\Local\HP
    2011-04-10 18:33:21 253440 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\hpfpp101.dll
    2011-04-10 17:43:47 -------- d-----w- C:\Program Files (x86)\Coupons
    2011-04-10 17:43:42 -------- d-----w- C:\Program Files (x86)\HP Photo Creations
    2011-04-10 17:43:42 -------- d-----w- C:\PROGRA~3\HP Photo Creations
    2011-04-10 17:39:48 -------- d-----w- C:\Program Files (x86)\Common Files\HP
    2011-04-10 17:39:45 -------- d-----w- C:\Program Files (x86)\Common Files\Hewlett-Packard
    2011-04-10 17:38:32 138752 ----a-w- C:\Windows\System32\hpf3l101.dll
    2011-04-10 17:35:56 643200 ----a-w- C:\Windows\System32\hpzids40.dll
    2011-04-10 17:35:56 1412224 ----a-w- C:\Windows\System32\hpost_p04d.dll
    2011-04-10 17:35:56 1180288 ----a-w- C:\Windows\System32\hposwia_p04d.dll
    2011-04-10 17:35:55 525440 ----a-w- C:\Windows\System32\hposc_p04a.dll
    2011-04-10 17:13:28 -------- d-----w- C:\Program Files\HP
    2011-04-09 17:29:58 -------- d-----w- C:\Users\Shannon\AppData\Local\Apps
    2011-04-09 17:29:57 -------- d-----w- C:\Users\Shannon\AppData\Local\Deployment
    2011-04-08 15:22:39 -------- d-----w- C:\Users\Shannon\AppData\Local\{DB447099-C4A0-4F05-B09B-746A6CE11391}
    2011-04-07 22:16:52 -------- d-----w- C:\Users\Shannon\AppData\Local\{9D0E4127-3EEC-4AC8-A441-96B3D3693EDE}
    2011-04-04 22:27:59 -------- d-----w- C:\Users\Shannon\AppData\Local\Atheros
    2011-04-04 18:23:27 -------- d-----w- C:\PROGRA~3\V CAST Media Manager
    2011-04-04 16:48:38 -------- d-----w- C:\Program Files (x86)\Real Business Solutions
    2011-03-28 03:15:22 -------- d-----w- C:\Users\Shannon\AppData\Roaming\Malwarebytes
    2011-03-28 03:15:17 -------- d-----w- C:\PROGRA~3\Malwarebytes
    2011-03-28 03:15:14 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2011-03-28 03:15:13 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2011-03-26 01:53:35 34152 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
    2011-03-26 01:53:35 126312 ----a-w- C:\Windows\System32\GEARAspi64.dll
    2011-03-26 01:53:35 107368 ----a-w- C:\Windows\SysWow64\GEARAspi.dll
    2011-03-26 01:52:35 -------- d-----w- C:\Program Files\iTunes
    2011-03-26 01:52:35 -------- d-----w- C:\Program Files\iPod
    2011-03-26 01:52:35 -------- d-----w- C:\Program Files (x86)\iTunes
    2011-03-26 01:51:31 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
    2011-03-26 01:51:31 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
    2011-03-26 01:51:31 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
    2011-03-26 01:51:31 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
    2011-03-26 01:51:31 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
    2011-03-26 01:51:31 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
    2011-03-26 01:51:31 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll
    2011-03-26 01:50:05 -------- d-----w- C:\Program Files\Bonjour
    2011-03-26 01:50:05 -------- d-----w- C:\Program Files (x86)\Bonjour
    2011-03-25 14:19:26 -------- d-----w- C:\Users\Shannon\AppData\Roaming\PCTools
    2011-03-25 04:14:03 -------- d-----w- C:\Users\Shannon\AppData\Roaming\playitall
    2011-03-24 05:47:26 -------- d-----w- C:\Users\Shannon\AppData\Roaming\Windows Live Writer
    2011-03-24 05:47:26 -------- d-----w- C:\Users\Shannon\AppData\Local\Windows Live Writer
    2011-03-24 00:04:23 -------- d-----w- C:\Users\Shannon\AppData\Roaming\SupportSoft
    2011-03-24 00:04:22 -------- d-----w- C:\temp
    2011-03-24 00:04:21 -------- d-----w- C:\Users\Shannon\AppData\Roaming\OpswatLogs
    2011-03-24 00:04:20 -------- d-----w- C:\Program Files (x86)\Common Files\supportsoft
    2011-03-23 20:58:58 -------- d-----w- C:\Users\Shannon\AppData\Local\Threat Expert
    2011-03-23 15:07:15 -------- d-----w- C:\Windows\System32\SPReview
    2011-03-23 15:05:17 -------- d-----w- C:\PROGRA~3\PC Tools
    2011-03-23 15:02:59 573440 ----a-w- C:\Windows\SysWow64\odbc32.dll
    2011-03-23 15:01:59 73216 ----a-w- C:\Windows\System32\unimdmat.dll
    2011-03-23 14:59:10 529408 ----a-w- C:\Windows\System32\wbemcomn.dll
    2011-03-23 14:59:10 524288 ----a-w- C:\Windows\System32\wmicmiplugin.dll
    2011-03-23 14:59:10 1225216 ----a-w- C:\Windows\System32\wbem\wbemcore.dll
    2011-03-23 14:59:01 933376 ----a-w- C:\Windows\System32\SmiEngine.dll
    2011-03-23 14:58:57 199168 ----a-w- C:\Windows\System32\PkgMgr.exe
    2011-03-23 14:58:36 422912 ----a-w- C:\Windows\System32\drvstore.dll
    2011-03-23 14:58:36 399872 ----a-w- C:\Windows\System32\dpx.dll
    2011-03-23 14:55:31 268800 ----a-w- C:\PROGRA~3\Microsoft\Windows\Templates\VTechUninstall\QtSvg4.dll
    2011-03-23 14:55:30 7826432 ----a-w- C:\PROGRA~3\Microsoft\Windows\Templates\VTechUninstall\QtGui4.dll
    2011-03-23 14:55:30 351648 ----a-w- C:\PROGRA~3\Microsoft\Windows\Templates\VTechUninstall\UninstallWizad.exe
    2011-03-23 14:55:30 335360 ----a-w- C:\PROGRA~3\Microsoft\Windows\Templates\VTechUninstall\QtXml4.dll
    2011-03-23 14:55:30 2150400 ----a-w- C:\PROGRA~3\Microsoft\Windows\Templates\VTechUninstall\QtCore4.dll
    2011-03-23 14:55:30 128416 ----a-w- C:\PROGRA~3\Microsoft\Windows\Templates\VTechUninstall\ProductExtend.exe
    2011-03-22 16:47:09 270720 ------w- C:\Windows\System32\MpSigStub.exe
    2011-03-22 16:24:22 -------- d-----w- C:\Users\Shannon\AppData\Roaming\Nova Development
    2011-03-22 13:17:04 -------- d-----w- C:\Users\Shannon\AppData\Local\DigitalPersona
    2011-03-21 21:18:20 -------- d-----w- C:\Users\Shannon\AppData\Roaming\Macrovision
    2011-03-21 21:16:55 -------- d-----w- C:\Program Files\Motorola Inc
    2011-03-21 20:45:07 -------- d-----w- C:\Users\Shannon\AppData\Local\Programs
    2011-03-18 18:37:25 -------- d-----w- C:\Windows\System32\EventProviders
    2011-03-18 16:54:53 321024 ----a-w- C:\Windows\System32\d3d10_1core.dll
    2011-03-18 16:54:53 219136 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll
    2011-03-18 16:54:53 197120 ----a-w- C:\Windows\System32\d3d10_1.dll
    2011-03-18 16:54:53 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll
    2011-03-14 22:18:53 -------- d-----w- C:\PROGRA~3\Invoices & Estimates Pro
    .
    ==================== Find3M ====================
    .
    2011-03-23 15:14:40 175616 ----a-w- C:\Windows\System32\msclmd.dll
    2011-03-23 15:14:40 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
    2011-02-19 12:05:15 1139200 ----a-w- C:\Windows\System32\FntCache.dll
    2011-02-19 12:04:37 1544192 ----a-w- C:\Windows\System32\DWrite.dll
    2011-02-19 12:04:17 902656 ----a-w- C:\Windows\System32\d2d1.dll
    2011-02-19 06:30:51 1076736 ----a-w- C:\Windows\SysWow64\DWrite.dll
    2011-02-19 06:30:50 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
    2011-02-18 21:36:58 51712 ----a-w- C:\Windows\System32\drivers\usbaapl64.sys
    2011-02-18 21:36:58 4184352 ----a-w- C:\Windows\System32\usbaaplrc.dll
    2011-02-03 02:40:23 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
    .
    ============= FINISH: 9:26:29.07 ===============

  2. #2
    Security Expert: Emeritus Blade81's Avatar
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    25,288

    Default

    Hi,

    I cannot access some programs
    Could you elaborate this a bit, please?

    uRun: [2422FAD94B0666EA87F107B87EDDD1AB85C930C2._service_run] "C:\Users\Shannon\AppData\Local\Google\Chrome\Application\chrome.exe" --type=service
    Have you set Chrome to run at startup by yourself?

    Please post attach.txt contents too.
    Microsoft Windows Insider MVP 2016-2020
    Microsoft MVP Consumer Security 2008-2015
    UNITE member since 2006

    If you have problems create a thread in the forum, please.

    Malware removal instructions are for the correspondent user's case only.

  3. #3
    Junior Member
    Join Date
    Apr 2011
    Posts
    9

    Default

    I uninstalled Chrome since my initial post. The following is the attach.txt log:

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_11-03-05.01)
    .
    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume1
    Install Date: 06/18/10 9:56:41 PM
    System Uptime: 04/13/11 8:02:28 AM (1 hours ago)
    .
    Motherboard: Hewlett-Packard | | 3638
    Processor: AMD Turion(tm) II Ultra Dual-Core Mobile M620 | Socket S1G3 | 1600/200mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 448 GiB total, 390.782 GiB free.
    D: is FIXED (NTFS) - 17 GiB total, 2.829 GiB free.
    E: is FIXED (FAT32) - 0 GiB total, 0.094 GiB free.
    F: is CDROM ()
    H: is CDROM (CDFS)
    I: is Removable
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
    Description: Photosmart Prem C310 series
    Device ID: ROOT\MULTIFUNCTION\0000
    Manufacturer: HP
    Name: Photosmart Prem C310 series
    PNP Device ID: ROOT\MULTIFUNCTION\0000
    Service:
    .
    Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
    Description: Photosmart Prem C310 series
    Device ID: ROOT\IMAGE\0000
    Manufacturer: HP
    Name: Photosmart Prem C310 series
    PNP Device ID: ROOT\IMAGE\0000
    Service: StillCam
    .
    Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
    Description: Photosmart D110 series
    Device ID: ROOT\MULTIFUNCTION\0001
    Manufacturer: HP
    Name: Photosmart D110 series
    PNP Device ID: ROOT\MULTIFUNCTION\0001
    Service:
    .
    ==== System Restore Points ===================
    .
    RP121: 03/25/11 9:12:41 AM - Windows Backup
    RP122: 03/25/11 8:51:41 PM - Installed iTunes
    RP123: 03/30/11 1:37:31 PM - Windows Modules Installer
    RP124: 03/30/11 5:26:53 PM - Windows Update
    RP125: 04/01/11 9:13:44 AM - Windows Update
    RP126: 04/09/11 11:58:55 AM - Scheduled Checkpoint
    RP127: 04/10/11 11:42:59 AM - Windows Update
    RP128: 04/10/11 1:39:03 PM - Installed Network64
    RP129: 04/10/11 1:41:10 PM - Windows Update
    RP130: 04/10/11 1:41:41 PM - Windows Update
    .
    ==== Installed Programs ======================
    .
    AccuWage 2010
    Acrobat.com
    ActiveCheck component for HP Active Support Library
    Adobe AIR
    Adobe Flash Player 10 ActiveX
    Adobe Reader 9.4.3 MUI
    Adobe Shockwave Player
    AMD USB Filter Driver
    Apple Application Support
    Apple Software Update
    Atheros Driver Installation Program
    Browser Defender 3.0
    BufferChm
    C310
    Catalyst Control Center - Branding
    Catalyst Control Center Core Implementation
    Catalyst Control Center Graphics Full Existing
    Catalyst Control Center Graphics Full New
    Catalyst Control Center Graphics Light
    Catalyst Control Center Graphics Previews Common
    Catalyst Control Center Graphics Previews Vista
    Catalyst Control Center InstallProxy
    Catalyst Control Center Localization All
    ccc-core-static
    CCC Help Chinese Standard
    CCC Help Chinese Traditional
    CCC Help Czech
    CCC Help Danish
    CCC Help Dutch
    CCC Help English
    CCC Help Finnish
    CCC Help French
    CCC Help German
    CCC Help Greek
    CCC Help Hungarian
    CCC Help Italian
    CCC Help Japanese
    CCC Help Korean
    CCC Help Norwegian
    CCC Help Polish
    CCC Help Portuguese
    CCC Help Russian
    CCC Help Spanish
    CCC Help Swedish
    CCC Help Thai
    CCC Help Turkish
    Cisco EAP-FAST Module
    Cisco LEAP Module
    Cisco PEAP Module
    Compatibility Pack for the 2007 Office system
    Corel Paint Shop Pro Photo X2
    Corel VideoStudio 12
    Coupon Printer for Windows
    Crystal Reports 2008 Runtime SP1
    CyberLink DVD Suite
    D3DX10
    Definition update for Microsoft Office 2010 (KB982726)
    Destinations
    DeviceDiscovery
    DVD Menu Pack for HP MediaSmart Video
    ERUNT 1.1j
    ESU for Microsoft Windows 7
    ffdshow [rev 2527] [2008-12-19]
    Google Chrome
    Google Toolbar for Internet Explorer
    Google Update Helper
    GPBaseService2
    HP Advisor
    HP Customer Experience Enhancements
    HP Games
    HP MediaSmart DVD
    HP MediaSmart Internet TV
    HP MediaSmart Live TV
    HP MediaSmart SlingPlayer
    HP MediaSmart Software Notebook Demo
    HP MediaSmart Video
    HP MediaSmart Webcam
    HP MediaSmart/TouchSmart Netflix
    HP Photo Creations
    HP Product Detection
    HP Quick Launch Buttons
    HP Setup
    HP Support Assistant
    HP Update
    HP User Guides 0153
    HP Wireless Assistant
    HPAppStudio
    HPAsset component for HP Active Support Library
    HPPhotoGadget
    HPProductAssistant
    HPSSupply
    Hulu Desktop
    IDT Audio
    InstaForm Invoices & Estimates Pro
    Java Auto Updater
    Java(TM) 6 Update 24
    Junk Mail filter update
    LabelPrint
    LightScribe System Software
    MarketResearch
    Mesh Runtime
    Messenger Companion
    Microsoft Live Search Toolbar
    Microsoft Office Access MUI (English) 2010
    Microsoft Office Access Setup Metadata MUI (English) 2010
    Microsoft Office Excel MUI (English) 2010
    Microsoft Office Home and Business 2010
    Microsoft Office OneNote MUI (English) 2010
    Microsoft Office Outlook Connector
    Microsoft Office Outlook MUI (English) 2010
    Microsoft Office PowerPoint MUI (English) 2010
    Microsoft Office Proof (English) 2010
    Microsoft Office Proof (French) 2010
    Microsoft Office Proof (Spanish) 2010
    Microsoft Office Proofing (English) 2010
    Microsoft Office Publisher MUI (English) 2010
    Microsoft Office Shared MUI (English) 2010
    Microsoft Office Shared Setup Metadata MUI (English) 2010
    Microsoft Office Single Image 2010
    Microsoft Office Suite Activation Assistant
    Microsoft Office Word MUI (English) 2010
    Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Works
    MotoHelper 2.0.24 Driver 4.7.1
    MotoHelper MergeModules
    Movie Theme Pack for HP MediaSmart Video
    MSVCRT
    MSVCRT_amd64
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    Peachtree Accounting 2010
    Peachtree Complete Accounting 2010
    PeachTree Signature Ready Forms
    Pervasive PSQL v10.10 Workgroup (32-bit)
    PhotoNow!
    PlayItAll media player 1.0.5
    Power2Go
    PowerDirector
    PS_AIO_07_C310_SW_Min
    QLBCASL
    QuickTime
    QuickTransfer
    Realtek 8136 8168 8169 Ethernet Driver
    Realtek USB 2.0 Card Reader
    Recovery Manager
    Sage Integration Services
    Sage Message Center
    Scan
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
    Security Update for Microsoft Office 2010 (KB2289078)
    Security Update for Microsoft Office 2010 (KB2289161)
    Security Update for Microsoft Publisher 2010 (KB2409055)
    Security Update for Microsoft Word 2010 (KB2345000)
    SmartWebPrinting
    SolutionCenter
    Spyware Doctor
    Status
    Toolbox
    TrayApp
    Update for Microsoft Office 2010 (KB2202188)
    Update for Microsoft Office 2010 (KB2413186)
    Update for Microsoft Office 2010 (KB2494150)
    Update for Microsoft OneNote 2010 (KB2493983)
    Update for Microsoft Outlook Social Connector (KB2289116)
    Verizon Mobile Broadband Drivers
    Verizon V CAST Media Manager
    Verizon Wireless MiFi-2200 Firmware Updates
    VideoStudio
    VTech Download Agent Library
    VZAccess Manager
    W2 Mate (2010) 7.0.44
    WebReg
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Installer
    Windows Live Mail
    Windows Live Mesh
    Windows Live Mesh ActiveX Control for Remote Connections
    Windows Live Messenger
    Windows Live Messenger Companion Core
    Windows Live Movie Maker
    Windows Live Photo Common
    Windows Live Photo Gallery
    Windows Live PIMT Platform
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live Sync
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer Resources
    Windows Media Encoder 9 Series
    Yahoo! BrowserPlus 2.9.8
    .
    ==== Event Viewer Messages From Past Week ========
    .
    04/13/11 8:06:03 AM, Error: atikmdag [52236] - CPLIB :: General - Invalid Parameter
    04/13/11 8:03:56 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
    04/13/11 8:02:47 AM, Error: Service Control Manager [7000] - The Trend Micro Solution Platform service failed to start due to the following error: The system cannot find the file specified.
    04/12/11 8:30:31 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer OWNER-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{07EBCBAA-721D-426A-B96B-338614C2D410}. The master browser is stopping or an election is being forced.
    04/12/11 8:24:39 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.
    04/12/11 8:07:32 AM, Error: Service Control Manager [7022] - The HP Health Check Service service hung on starting.
    04/12/11 11:26:16 AM, Error: ACPI [13] - : The embedded controller (EC) did not respond within the specified timeout period. This may indicate that there is an error in the EC hardware or firmware or that the BIOS is accessing the EC incorrectly. You should check with your computer manufacturer for an upgraded BIOS. In some situations, this error may cause the computer to function incorrectly.
    04/12/11 1:53:38 PM, Error: Schannel [36888] - The following fatal alert was generated: 40. The internal error state is 107.
    04/12/11 1:53:38 PM, Error: Schannel [36874] - An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.
    04/11/11 9:06:23 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: TfFsMon TFSysMon
    04/11/11 11:54:21 AM, Error: Service Control Manager [7030] - The ThreatFire service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
    04/10/11 9:18:35 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {10DA4F3C-CC99-4190-BE4D-58330754E882} and APPID {7DDEFEA6-98EE-4F13-A25B-EC83D9BC5541} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
    04/10/11 12:19:14 PM, Error: Service Control Manager [7031] - The Trend Micro Solution Platform service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
    04/10/11 12:14:49 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Trend Micro Solution Platform service, but this action failed with the following error: An instance of the service is already running.
    04/10/11 12:03:08 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect.
    04/10/11 12:03:08 PM, Error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    04/10/11 12:01:29 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect.
    04/10/11 11:56:13 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706be: Microsoft - Other hardware - Microsoft Hardware USB Mouse.
    04/10/11 11:18:22 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.
    04/10/11 1:42:05 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070103: Microsoft - Other hardware - Microsoft Hardware USB Mouse.
    04/10/11 1:17:58 PM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for Start with the following error: Access is denied.
    04/10/11 1:13:40 PM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for DelayedAutostart with the following error: Access is denied.
    04/09/11 10:16:26 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the sdCoreService service.
    04/06/11 9:08:55 PM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
    04/06/11 10:53:56 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer STEVEN that believes that it is the master browser for the domain on transport NetBT_Tcpip_{07EBCBAA-721D-426A-B96B-338614C2D410}. The master browser is stopping or an election is being forced.
    .
    ==== End Of File ===========================

  4. #4
    Security Expert: Emeritus Blade81's Avatar
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    25,288

    Default

    I uninstalled Chrome since my initial post.
    Ok. I need to see fresh dds logs then. Also, please see the question in my previous post regarding access of programs.
    Microsoft Windows Insider MVP 2016-2020
    Microsoft MVP Consumer Security 2008-2015
    UNITE member since 2006

    If you have problems create a thread in the forum, please.

    Malware removal instructions are for the correspondent user's case only.

  5. #5
    Junior Member
    Join Date
    Apr 2011
    Posts
    9

    Default

    I apologize, but for some reason I am unable to access some programs when a hyperlink is included in an email. I think that is somehow related to Chrome. Sorry for the delay in answering.

    Here is my current dds log:

    .
    DDS (Ver_11-03-05.01) - NTFS_AMD64
    Run by Shannon at 14:00:41.20 on 04/19/11
    Internet Explorer: 9.0.8112.16421
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3836.1707 [GMT -5:00]
    .
    AV: Spyware Doctor with AntiVirus *Enabled/Updated* {2F668A56-D5E0-2DF1-A0AE-CB1284F42AB2}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Spyware Doctor with AntiVirus *Enabled/Updated* {94076BB2-F3DA-227F-9A1E-F060FF73600F}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\STacSV64.exe
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\atieclxx.exe
    C:\Windows\system32\Hpservice.exe
    C:\Windows\system32\vcsFPService.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\WLANExt.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
    C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
    C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Program Files (x86)\Novatel Wireless\Verizon\Drivers\NWHelper_001.exe
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
    C:\Program Files (x86)\Pervasive Software\PSQL\bin\w3dbsmgr.exe
    C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
    C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe
    C:\Program Files (x86)\PC Tools Security\pctsSvc.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
    C:\Windows\system32\svchost.exe -k HPService
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files (x86)\PC Tools Security\TFEngine\TFService.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
    C:\Program Files (x86)\PC Tools Security\pctsGui.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\IDT\WDM\sttray64.exe
    C:\Program Files\Microsoft IntelliPoint\ipoint.exe
    C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Verizon V CAST Media Manager\V CAST Backup Scheduler.exe
    C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Windows\system32\svchost.exe -k SDRSVC
    C:\Program Files (x86)\Sage Software\Peachtree\peachw.exe
    C:\Program Files (x86)\Sage Software\Integration Services\bin\Ais2.Server.Console.exe
    C:\Windows\system32\conhost.exe
    C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
    C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
    C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    C:\Windows\splwow64.exe
    C:\Program Files (x86)\Common Files\Peach\V1700\OUPAW17.exe
    C:\Program Files (x86)\Common Files\Peach\MessageCenter\bin\Sage.MessageCenter.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    C:\Windows\System32\svchost.exe -k swprv
    C:\Windows\SysWOW64\NOTEPAD.EXE
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Users\Shannon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JB7U78MG\dds.scr
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.yahoo.com/
    uInternet Settings,ProxyOverride = *.local
    uURLSearchHooks: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll
    mWinlogon: Userinit=userinit.exe
    BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: TmIEPlugInBHO Class: {1ca1377b-dc1d-4a52-9585-6e06050fac53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
    BHO: PC Tools Browser Guard BHO: {2a0f3d1b-0909-4ff4-b272-609cce6054e7} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll
    BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
    BHO: TmBpIeBHO Class: {bbacbafd-fa5e-4079-8b33-00eb9f13d4ac} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
    BHO: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
    BHO: Inbox Toolbar: {d3d233d5-9f6d-436c-b6c7-e63f77503b30} - C:\PROGRA~2\INBOXT~1\Inbox.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    TB: Microsoft Live Search Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll
    TB: &Inbox Toolbar: {d7e97865-918f-41e4-9cd0-25ab1c574ce8} - C:\PROGRA~2\INBOXT~1\Inbox.dll
    TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
    TB: {9D425283-D487-4337-BAB6-AB8354A81457} - No File
    EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
    uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
    uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    uRun: [HLBackupScheduler] C:\Program Files\Verizon V CAST Media Manager\V CAST Backup Scheduler.exe
    uRun: [2422FAD94B0666EA87F107B87EDDD1AB85C930C2._service_run] "C:\Users\Shannon\AppData\Local\Google\Chrome\Application\chrome.exe" --type=service
    uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun: [HPCam_Menu] "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam" UpdateWithCreateOnce "Software\Hewlett-Packard\Media\Webcam"
    mRun: [Corel File Shell Monitor] C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
    mRun: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    mRun: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    mRun: [PeachtreePrefetcher.exe] "C:\PROGRA~2\SAGESO~1\PEACHT~1\PeachtreePrefetcher.exe" /configfile:peachtreeprefetcher.winstart.config
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
    mRun: [<NO NAME>]
    mRun: [ISTray] "C:\Program Files (x86)\PC Tools Security\pctsGui.exe" /hideGUI
    mRun: [PCTools FGuard] C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe
    StartupFolder: C:\Users\Shannon\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\desktop\ERUNT\AUTOBACK.EXE
    StartupFolder: C:\Users\Shannon\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
    IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
    IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
    IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    LSP: C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll
    DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
    DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
    DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
    Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\PROGRA~2\INBOXT~1\Inbox.dll
    Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} -
    Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} -
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
    BHO-X64: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll
    BHO-X64: Trend Micro NSC BHO - No File
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg64.dll
    BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
    BHO-X64: URLRedirectionBHO - No File
    BHO-X64: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe64.dll
    BHO-X64: TmBpIeBHO - No File
    BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    TB-X64: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
    TB-X64: {9D425283-D487-4337-BAB6-AB8354A81457} - No File
    TB-X64: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
    TB-X64: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File
    EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
    mRun-x64: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
    mRun-x64: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
    mRun-x64: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    mRun-x64: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
    mRun-x64: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
    mRun-x64: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
    Hosts: 127.0.0.1 www.spywareinfo.com
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 PCTCore;PCTools KDS;C:\Windows\System32\drivers\PCTCore64.sys [2011-4-11 257232]
    R0 pctDS;PC Tools Data Store;C:\Windows\System32\drivers\pctDS64.sys [2011-4-11 452872]
    R0 pctEFA;PC Tools Extended File Attributes;C:\Windows\System32\drivers\pctEFA64.sys [2011-4-11 816016]
    R0 TfFsMon;TfFsMon;C:\Windows\System32\drivers\TfFsMon.sys [2011-4-11 65072]
    R0 TFSysMon;TFSysMon;C:\Windows\System32\drivers\TfSysMon.sys [2011-4-11 74824]
    R1 pctgntdi;pctgntdi;C:\Windows\System32\drivers\pctgntdi64.sys [2011-4-11 334976]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904]
    R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe [2011-1-2 89600]
    R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2009-8-4 203264]
    R2 Browser Defender Update Service;Browser Defender Update Service;C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe [2011-4-11 247760]
    R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-10-14 92216]
    R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2010-7-16 30520]
    R2 MotoHelper;MotoHelper Service;C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2010-9-7 202048]
    R2 NWVZHelper;Novatel Wireless Verizon Device Helper;C:\Program Files (x86)\Novatel Wireless\Verizon\Drivers\NWHelper_001.exe [2010-6-14 270848]
    R2 psqlWGE;Pervasive PSQL Workgroup Engine;C:\Program Files (x86)\Pervasive Software\PSQL\bin\w3dbsmgr.exe [2008-6-6 435496]
    R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-4-13 1153368]
    R2 sdAuxService;PC Tools Auxiliary Service;C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe [2011-4-11 366840]
    R2 sdCoreService;PC Tools Security Service;C:\Program Files (x86)\PC Tools Security\pctsSvc.exe [2011-4-11 1156568]
    R2 tmevtmgr;tmevtmgr;C:\Windows\System32\drivers\tmevtmgr.sys [2011-2-25 67664]
    R2 vcsFPService;Validity VCS Fingerprint Service;C:\Windows\System32\vcsFPService.exe [2009-7-12 1924400]
    R3 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-10-30 227896]
    R3 enecir;ENE CIR Receiver;C:\Windows\System32\drivers\enecir.sys [2009-6-29 70656]
    R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
    R3 pctplsg;pctplsg;C:\Windows\System32\drivers\pctplsg64.sys [2011-4-11 92896]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-2-18 215040]
    R3 TfNetMon;TfNetMon;C:\Windows\System32\drivers\TfNetMon.sys [2011-4-11 41888]
    R3 ThreatFire;ThreatFire;C:\Program Files (x86)\PC Tools Security\TFEngine\TFService.exe service --> C:\Program Files (x86)\PC Tools Security\TFEngine\TFService.exe service [?]
    R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2010-2-18 36408]
    R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-13 17920]
    S2 Amsp;Trend Micro Solution Platform;"C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 --> C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [?]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-16 136176]
    S3 BTCFilterService;USB Networking Driver Filter Service;C:\Windows\System32\drivers\motfilt.sys [2009-1-29 6144]
    S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2010-11-2 48488]
    S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
    S3 motandroidusb;Mot ADB Interface Driver;C:\Windows\System32\drivers\motoandroid.sys [2009-7-10 31744]
    S3 motccgp;Motorola USB Composite Device Driver;C:\Windows\System32\drivers\motccgp.sys [2010-6-18 20992]
    S3 motccgpfl;MotCcgpFlService;C:\Windows\System32\drivers\motccgpfl.sys [2009-1-29 9216]
    S3 MotDev;Motorola Inc. USB Device;C:\Windows\System32\drivers\motodrv.sys [2009-5-8 53632]
    S3 Motousbnet;Motorola USB Networking Driver Service;C:\Windows\System32\drivers\Motousbnet.sys [2010-4-1 26624]
    S3 motusbdevice;Motorola USB Dev Driver;C:\Windows\System32\drivers\motusbdevice.sys [2010-1-25 10240]
    S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
    S3 NWUSBCDFIL64;Novatel Wireless Installation CD;C:\Windows\System32\drivers\NwUsbCdFil64.sys [2010-7-8 25600]
    S3 NWUSBModem_000;Novatel Wireless USB Modem Driver (vGEN);C:\Windows\System32\drivers\nwusbmdm_000.sys [2010-7-8 217728]
    S3 NWUSBPort_000;Novatel Wireless USB Status Port Driver (vGEN);C:\Windows\System32\drivers\nwusbser_000.sys [2010-7-8 217728]
    S3 NWUSBPort2_000;Novatel Wireless USB Status2 Port Driver (vGEN);C:\Windows\System32\drivers\nwusbser2_000.sys [2010-7-8 217728]
    S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-2-18 216576]
    S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
    S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
    S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-3-23 59392]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2011-2-18 51712]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-7-11 1255736]
    S3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\System32\drivers\WSDPrint.sys [2009-7-13 23040]
    S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
    .
    =============== Created Last 30 ================
    .
    2011-04-15 20:06:03 -------- d-----w- C:\Program Files (x86)\Inbox Toolbar
    2011-04-14 16:13:48 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
    2011-04-14 15:38:13 -------- d-----w- C:\MGADiagToolOutput
    2011-04-14 14:50:19 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%
    2011-04-14 13:26:28 267776 ----a-w- C:\Windows\System32\FXSCOVER.exe
    2011-04-14 13:26:27 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys
    2011-04-14 13:26:27 287744 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
    2011-04-14 13:26:27 158208 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
    2011-04-14 13:26:27 128000 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
    2011-04-13 14:52:19 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
    2011-04-13 14:52:19 -------- d-----w- C:\PROGRA~3\Spybot - Search & Destroy
    2011-04-13 14:10:45 -------- d-----w- C:\desktop
    2011-04-11 16:54:21 74824 --s---w- C:\Windows\System32\drivers\TfSysMon.sys
    2011-04-11 16:54:20 65072 --s---w- C:\Windows\System32\drivers\TfFsMon.sys
    2011-04-11 16:54:20 41888 --s---w- C:\Windows\System32\drivers\TfNetMon.sys
    2011-04-11 15:51:23 767952 ----a-w- C:\Windows\BDTSupport.dll
    2011-04-11 15:51:23 2000848 ----a-w- C:\Windows\PCTBDCore.dll
    2011-04-11 15:51:23 1533904 ----a-w- C:\Windows\PCTBDRes.dll
    2011-04-11 15:51:23 149456 ----a-w- C:\Windows\SGDetectionTool.dll
    2011-04-11 15:43:07 816016 ----a-w- C:\Windows\System32\drivers\pctEFA64.sys
    2011-04-11 15:43:07 452872 ----a-w- C:\Windows\System32\drivers\pctDS64.sys
    2011-04-11 15:43:07 334976 ----a-w- C:\Windows\System32\drivers\pctgntdi64.sys
    2011-04-11 15:43:07 137704 ----a-w- C:\Windows\System32\drivers\pctwfpfilter64.sys
    2011-04-11 15:43:03 257232 ----a-w- C:\Windows\System32\drivers\PCTCore64.sys
    2011-04-11 15:43:00 92896 ----a-w- C:\Windows\System32\drivers\pctplsg64.sys
    2011-04-11 15:42:56 -------- d-----w- C:\Program Files (x86)\PC Tools Security
    2011-04-11 15:42:56 -------- d-----w- C:\Program Files (x86)\Common Files\PC Tools
    2011-04-11 14:03:54 7947600 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
    2011-04-11 14:03:52 8424784 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{ABD4D382-126C-4C30-B6A4-160A50868724}\mpengine.dll
    2011-04-11 01:05:23 -------- d-----w- C:\Users\Shannon\AppData\Local\{A0DEC2A7-F2D9-4B82-B4C7-C84B38A7F2A4}
    2011-04-10 18:35:38 -------- d-----w- C:\PROGRA~3\WEBREG
    2011-04-10 18:34:40 -------- d-----w- C:\Users\Shannon\AppData\Local\HP
    2011-04-10 18:33:21 253440 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\hpfpp101.dll
    2011-04-10 17:43:42 -------- d-----w- C:\Program Files (x86)\HP Photo Creations
    2011-04-10 17:43:42 -------- d-----w- C:\PROGRA~3\HP Photo Creations
    2011-04-10 17:39:48 -------- d-----w- C:\Program Files (x86)\Common Files\HP
    2011-04-10 17:39:45 -------- d-----w- C:\Program Files (x86)\Common Files\Hewlett-Packard
    2011-04-10 17:38:32 138752 ----a-w- C:\Windows\System32\hpf3l101.dll
    2011-04-10 17:35:56 643200 ----a-w- C:\Windows\System32\hpzids40.dll
    2011-04-10 17:35:56 1412224 ----a-w- C:\Windows\System32\hpost_p04d.dll
    2011-04-10 17:35:56 1180288 ----a-w- C:\Windows\System32\hposwia_p04d.dll
    2011-04-10 17:35:55 525440 ----a-w- C:\Windows\System32\hposc_p04a.dll
    2011-04-10 17:13:28 -------- d-----w- C:\Program Files\HP
    2011-04-09 17:29:58 -------- d-----w- C:\Users\Shannon\AppData\Local\Apps
    2011-04-09 17:29:57 -------- d-----w- C:\Users\Shannon\AppData\Local\Deployment
    2011-04-08 15:22:39 -------- d-----w- C:\Users\Shannon\AppData\Local\{DB447099-C4A0-4F05-B09B-746A6CE11391}
    2011-04-07 22:16:52 -------- d-----w- C:\Users\Shannon\AppData\Local\{9D0E4127-3EEC-4AC8-A441-96B3D3693EDE}
    2011-04-04 22:27:59 -------- d-----w- C:\Users\Shannon\AppData\Local\Atheros
    2011-04-04 18:23:27 -------- d-----w- C:\PROGRA~3\V CAST Media Manager
    2011-04-04 16:48:38 -------- d-----w- C:\Program Files (x86)\Real Business Solutions
    2011-03-28 03:15:22 -------- d-----w- C:\Users\Shannon\AppData\Roaming\Malwarebytes
    2011-03-28 03:15:17 -------- d-----w- C:\PROGRA~3\Malwarebytes
    2011-03-28 03:15:14 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2011-03-28 03:15:13 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2011-03-26 01:53:35 34152 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
    2011-03-26 01:53:35 126312 ----a-w- C:\Windows\System32\GEARAspi64.dll
    2011-03-26 01:53:35 107368 ----a-w- C:\Windows\SysWow64\GEARAspi.dll
    2011-03-26 01:52:35 -------- d-----w- C:\Program Files\iTunes
    2011-03-26 01:52:35 -------- d-----w- C:\Program Files\iPod
    2011-03-26 01:52:35 -------- d-----w- C:\Program Files (x86)\iTunes
    2011-03-26 01:51:31 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
    2011-03-26 01:51:31 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
    2011-03-26 01:51:31 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
    2011-03-26 01:51:31 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
    2011-03-26 01:51:31 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
    2011-03-26 01:51:31 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
    2011-03-26 01:51:31 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll
    2011-03-26 01:50:05 -------- d-----w- C:\Program Files\Bonjour
    2011-03-26 01:50:05 -------- d-----w- C:\Program Files (x86)\Bonjour
    2011-03-25 14:19:26 -------- d-----w- C:\Users\Shannon\AppData\Roaming\PCTools
    2011-03-25 04:14:03 -------- d-----w- C:\Users\Shannon\AppData\Roaming\playitall
    2011-03-24 05:47:26 -------- d-----w- C:\Users\Shannon\AppData\Roaming\Windows Live Writer
    2011-03-24 05:47:26 -------- d-----w- C:\Users\Shannon\AppData\Local\Windows Live Writer
    2011-03-24 00:04:23 -------- d-----w- C:\Users\Shannon\AppData\Roaming\SupportSoft
    2011-03-24 00:04:22 -------- d-----w- C:\temp
    2011-03-24 00:04:21 -------- d-----w- C:\Users\Shannon\AppData\Roaming\OpswatLogs
    2011-03-24 00:04:20 -------- d-----w- C:\Program Files (x86)\Common Files\supportsoft
    2011-03-23 20:58:58 -------- d-----w- C:\Users\Shannon\AppData\Local\Threat Expert
    2011-03-23 15:07:15 -------- d-----w- C:\Windows\System32\SPReview
    2011-03-23 15:05:17 -------- d-----w- C:\PROGRA~3\PC Tools
    2011-03-23 15:02:59 573440 ----a-w- C:\Windows\SysWow64\odbc32.dll
    2011-03-23 15:01:59 73216 ----a-w- C:\Windows\System32\unimdmat.dll
    2011-03-23 14:59:10 529408 ----a-w- C:\Windows\System32\wbemcomn.dll
    2011-03-23 14:59:10 524288 ----a-w- C:\Windows\System32\wmicmiplugin.dll
    2011-03-23 14:59:10 1225216 ----a-w- C:\Windows\System32\wbem\wbemcore.dll
    2011-03-23 14:59:01 933376 ----a-w- C:\Windows\System32\SmiEngine.dll
    2011-03-23 14:58:57 199168 ----a-w- C:\Windows\System32\PkgMgr.exe
    2011-03-23 14:58:36 422912 ----a-w- C:\Windows\System32\drvstore.dll
    2011-03-23 14:58:36 399872 ----a-w- C:\Windows\System32\dpx.dll
    2011-03-23 14:55:31 268800 ----a-w- C:\PROGRA~3\Microsoft\Windows\Templates\VTechUninstall\QtSvg4.dll
    2011-03-23 14:55:30 7826432 ----a-w- C:\PROGRA~3\Microsoft\Windows\Templates\VTechUninstall\QtGui4.dll
    2011-03-23 14:55:30 351648 ----a-w- C:\PROGRA~3\Microsoft\Windows\Templates\VTechUninstall\UninstallWizad.exe
    2011-03-23 14:55:30 335360 ----a-w- C:\PROGRA~3\Microsoft\Windows\Templates\VTechUninstall\QtXml4.dll
    2011-03-23 14:55:30 2150400 ----a-w- C:\PROGRA~3\Microsoft\Windows\Templates\VTechUninstall\QtCore4.dll
    2011-03-23 14:55:30 128416 ----a-w- C:\PROGRA~3\Microsoft\Windows\Templates\VTechUninstall\ProductExtend.exe
    2011-03-22 16:47:09 270720 ------w- C:\Windows\System32\MpSigStub.exe
    2011-03-22 16:24:22 -------- d-----w- C:\Users\Shannon\AppData\Roaming\Nova Development
    2011-03-22 13:17:04 -------- d-----w- C:\Users\Shannon\AppData\Local\DigitalPersona
    2011-03-21 21:18:20 -------- d-----w- C:\Users\Shannon\AppData\Roaming\Macrovision
    2011-03-21 21:16:55 -------- d-----w- C:\Program Files\Motorola Inc
    2011-03-21 20:45:07 -------- d-----w- C:\Users\Shannon\AppData\Local\Programs
    .
    ==================== Find3M ====================
    .
    2011-03-23 15:14:40 175616 ----a-w- C:\Windows\System32\msclmd.dll
    2011-03-23 15:14:40 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
    2011-03-11 06:34:51 1359872 ----a-w- C:\Windows\System32\mfc42u.dll
    2011-03-11 06:34:50 1395712 ----a-w- C:\Windows\System32\mfc42.dll
    2011-03-11 05:33:59 1164288 ----a-w- C:\Windows\SysWow64\mfc42u.dll
    2011-03-11 05:33:59 1137664 ----a-w- C:\Windows\SysWow64\mfc42.dll
    2011-03-08 06:29:32 976896 ----a-w- C:\Windows\System32\inetcomm.dll
    2011-03-08 05:28:29 741376 ----a-w- C:\Windows\SysWow64\inetcomm.dll
    2011-03-03 06:24:16 183296 ----a-w- C:\Windows\System32\dnsrslvr.dll
    2011-03-03 06:21:57 30208 ----a-w- C:\Windows\System32\dnscacheugc.exe
    2011-03-03 05:36:16 28672 ----a-w- C:\Windows\SysWow64\dnscacheugc.exe
    2011-03-03 03:52:08 3135488 ----a-w- C:\Windows\System32\win32k.sys
    2011-02-24 06:15:44 476160 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
    2011-02-24 05:38:54 288256 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
    2011-02-23 04:56:27 467456 ----a-w- C:\Windows\System32\drivers\srv.sys
    2011-02-23 04:56:03 411648 ----a-w- C:\Windows\System32\drivers\srv2.sys
    2011-02-23 04:55:47 167936 ----a-w- C:\Windows\System32\drivers\srvnet.sys
    2011-02-19 12:05:15 1139200 ----a-w- C:\Windows\System32\FntCache.dll
    2011-02-19 12:04:37 1544192 ----a-w- C:\Windows\System32\DWrite.dll
    2011-02-19 12:04:17 902656 ----a-w- C:\Windows\System32\d2d1.dll
    2011-02-19 12:03:46 46080 ----a-w- C:\Windows\System32\atmlib.dll
    2011-02-19 09:00:32 367616 ----a-w- C:\Windows\System32\atmfd.dll
    2011-02-19 06:30:51 1076736 ----a-w- C:\Windows\SysWow64\DWrite.dll
    2011-02-19 06:30:50 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
    2011-02-19 06:30:46 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
    2011-02-19 04:34:54 294912 ----a-w- C:\Windows\SysWow64\atmfd.dll
    2011-02-18 21:36:58 51712 ----a-w- C:\Windows\System32\drivers\usbaapl64.sys
    2011-02-18 21:36:58 4184352 ----a-w- C:\Windows\System32\usbaaplrc.dll
    2011-02-05 17:10:16 642944 ----a-w- C:\Windows\System32\winload.efi
    2011-02-05 17:10:08 20352 ----a-w- C:\Windows\System32\kdusb.dll
    2011-02-05 17:10:08 19328 ----a-w- C:\Windows\System32\kd1394.dll
    2011-02-05 17:10:08 17792 ----a-w- C:\Windows\System32\kdcom.dll
    2011-02-05 17:06:41 605552 ----a-w- C:\Windows\System32\winload.exe
    2011-02-05 17:06:41 566208 ----a-w- C:\Windows\System32\winresume.efi
    2011-02-05 17:06:41 518672 ----a-w- C:\Windows\System32\winresume.exe
    2011-02-03 02:40:23 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
    .
    ============= FINISH: 14:04:32.42 ===============

  6. #6
    Security Expert: Emeritus Blade81's Avatar
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    25,288

    Default

    Hi


    Please visit this webpage for download links, and instructions for running ComboFix tool:

    http://www.bleepingcomputer.com/comb...o-use-combofix

    Please ensure you read this guide carefully first.

    Please continue as follows:

    1. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix, link
      Remember to re-enable them afterwards.

    2. Click Yes to allow ComboFix to continue scanning for malware.


    When the tool is finished, it will produce a report for you.

    Please include the following reports for further review, and so we may continue cleansing the system:

    C:\ComboFix.txt
    New dds log.


    A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix. This tool is not a toy and not for everyday use.
    Microsoft Windows Insider MVP 2016-2020
    Microsoft MVP Consumer Security 2008-2015
    UNITE member since 2006

    If you have problems create a thread in the forum, please.

    Malware removal instructions are for the correspondent user's case only.

  7. #7
    Junior Member
    Join Date
    Apr 2011
    Posts
    9

    Default

    Here is the ComboFix log:

    ComboFix 11-04-19.01 - Shannon 04/19/11 14:49:04.1.2 - x64
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3836.2308 [GMT -5:00]
    Running from: c:\users\Shannon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3Q4I97BM\ComboFix.exe
    AV: Spyware Doctor with AntiVirus *Disabled/Updated* {2F668A56-D5E0-2DF1-A0AE-CB1284F42AB2}
    SP: Spyware Doctor with AntiVirus *Disabled/Updated* {94076BB2-F3DA-227F-9A1E-F060FF73600F}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    * Created a new restore point
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    C:\install.exe
    c:\users\Public\videos\HP MediaSmart Demo.exe
    c:\users\Shannon\AppData\Local\Microsoft\Windows\Temporary Internet Files\{3DAC710B-A874-479A-BD8D-E098804C8E81}.xps
    c:\windows\system32\service
    .
    .
    ((((((((((((((((((((((((( Files Created from 2011-03-19 to 2011-04-19 )))))))))))))))))))))))))))))))
    .
    .
    2011-04-19 19:58 . 2011-04-19 19:58 -------- d-----w- c:\users\Default\AppData\Local\temp
    2011-04-15 20:06 . 2011-04-15 20:15 -------- d-----w- c:\program files (x86)\Inbox Toolbar
    2011-04-14 16:13 . 2010-12-20 23:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
    2011-04-14 15:38 . 2011-04-14 15:38 -------- d-----w- C:\MGADiagToolOutput
    2011-04-14 15:35 . 2011-04-14 15:35 -------- d-----w- c:\programdata\Office Genuine Advantage
    2011-04-14 14:50 . 2011-04-14 14:50 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%
    2011-04-14 13:26 . 2011-02-12 11:34 267776 ----a-w- c:\windows\system32\FXSCOVER.exe
    2011-04-14 13:26 . 2011-02-23 04:56 158208 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
    2011-04-14 13:26 . 2011-02-23 04:55 287744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
    2011-04-14 13:26 . 2011-02-23 04:55 128000 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
    2011-04-14 13:26 . 2011-02-23 04:55 90624 ----a-w- c:\windows\system32\drivers\bowser.sys
    2011-04-13 14:52 . 2011-04-13 15:58 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy
    2011-04-13 14:52 . 2011-04-13 15:15 -------- d-----w- c:\programdata\Spybot - Search & Destroy
    2011-04-13 14:10 . 2011-04-13 14:12 -------- d-----w- C:\desktop
    2011-04-11 16:54 . 2010-12-31 14:36 74824 --s---w- c:\windows\system32\drivers\TfSysMon.sys
    2011-04-11 16:54 . 2010-12-31 14:36 41888 --s---w- c:\windows\system32\drivers\TfNetMon.sys
    2011-04-11 16:54 . 2010-12-31 14:36 65072 --s---w- c:\windows\system32\drivers\TfFsMon.sys
    2011-04-11 15:51 . 2011-01-07 19:54 149456 ----a-w- c:\windows\SGDetectionTool.dll
    2011-04-11 15:51 . 2011-01-07 19:54 1533904 ----a-w- c:\windows\PCTBDRes.dll
    2011-04-11 15:51 . 2011-01-07 19:54 2000848 ----a-w- c:\windows\PCTBDCore.dll
    2011-04-11 15:51 . 2011-01-07 19:54 767952 ----a-w- c:\windows\BDTSupport.dll
    2011-04-11 15:43 . 2011-01-17 14:09 334976 ----a-w- c:\windows\system32\drivers\pctgntdi64.sys
    2011-04-11 15:43 . 2010-12-16 13:43 137704 ----a-w- c:\windows\system32\drivers\pctwfpfilter64.sys
    2011-04-11 15:43 . 2010-07-16 19:53 816016 ----a-w- c:\windows\system32\drivers\pctEFA64.sys
    2011-04-11 15:43 . 2010-06-29 15:35 452872 ----a-w- c:\windows\system32\drivers\pctDS64.sys
    2011-04-11 15:43 . 2010-12-10 18:24 257232 ----a-w- c:\windows\system32\drivers\PCTCore64.sys
    2011-04-11 15:43 . 2010-12-16 13:46 92896 ----a-w- c:\windows\system32\drivers\pctplsg64.sys
    2011-04-11 15:42 . 2011-04-19 19:43 -------- d-----w- c:\program files (x86)\PC Tools Security
    2011-04-11 15:42 . 2011-04-11 15:51 -------- d-----w- c:\program files (x86)\Common Files\PC Tools
    2011-04-11 14:03 . 2011-03-15 05:17 8424784 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{ABD4D382-126C-4C30-B6A4-160A50868724}\mpengine.dll
    2011-04-11 01:05 . 2011-04-11 01:05 -------- d-----w- c:\users\Shannon\AppData\Local\{A0DEC2A7-F2D9-4B82-B4C7-C84B38A7F2A4}
    2011-04-10 18:35 . 2011-04-10 18:35 -------- d-----w- c:\programdata\WEBREG
    2011-04-10 18:34 . 2011-04-10 18:34 -------- d-----w- c:\users\Shannon\AppData\Local\HP
    2011-04-10 18:34 . 2011-04-10 18:38 -------- d-----w- c:\users\Shannon\AppData\Roaming\HP
    2011-04-10 18:33 . 2010-03-10 20:35 253440 ----a-w- c:\windows\system32\Spool\prtprocs\x64\hpfpp101.dll
    2011-04-10 17:43 . 2011-04-10 17:43 -------- d-----w- c:\programdata\HP Photo Creations
    2011-04-10 17:43 . 2011-04-10 17:43 -------- d-----w- c:\program files (x86)\HP Photo Creations
    2011-04-10 17:42 . 2011-04-10 17:42 -------- d-----w- c:\programdata\HP Product Assistant
    2011-04-10 17:39 . 2011-04-10 17:39 -------- d-----w- c:\program files (x86)\Common Files\HP
    2011-04-10 17:39 . 2011-04-10 17:39 -------- d-----w- c:\program files (x86)\Common Files\Hewlett-Packard
    2011-04-10 17:38 . 2010-03-10 20:35 138752 ----a-w- c:\windows\system32\hpf3l101.dll
    2011-04-10 17:35 . 2009-12-11 09:48 1412224 ----a-w- c:\windows\system32\hpost_p04d.dll
    2011-04-10 17:35 . 2009-12-11 09:48 1180288 ----a-w- c:\windows\system32\hposwia_p04d.dll
    2011-04-10 17:35 . 2009-10-22 14:55 643200 ----a-w- c:\windows\system32\hpzids40.dll
    2011-04-10 17:35 . 2009-12-11 09:48 525440 ----a-w- c:\windows\system32\hposc_p04a.dll
    2011-04-10 17:13 . 2011-04-10 17:13 -------- d-----w- c:\program files\HP
    2011-04-10 17:12 . 2011-04-10 18:34 -------- d-----w- c:\programdata\HP
    2011-04-09 17:29 . 2011-04-09 17:29 -------- d-----w- c:\users\Shannon\AppData\Local\Apps
    2011-04-09 17:29 . 2011-04-09 17:31 -------- d-----w- c:\users\Shannon\AppData\Local\Deployment
    2011-04-08 15:22 . 2011-04-08 15:22 -------- d-----w- c:\users\Shannon\AppData\Local\{DB447099-C4A0-4F05-B09B-746A6CE11391}
    2011-04-07 22:16 . 2011-04-07 22:17 -------- d-----w- c:\users\Shannon\AppData\Local\{9D0E4127-3EEC-4AC8-A441-96B3D3693EDE}
    2011-04-04 22:27 . 2011-04-04 22:27 -------- d-----w- c:\users\Shannon\AppData\Local\Atheros
    2011-04-04 18:23 . 2011-04-04 18:23 -------- d-----w- c:\programdata\V CAST Media Manager
    2011-04-04 16:48 . 2011-04-04 16:48 -------- d-----w- c:\program files (x86)\Real Business Solutions
    2011-03-28 03:15 . 2011-03-28 03:15 -------- d-----w- c:\users\Shannon\AppData\Roaming\Malwarebytes
    2011-03-28 03:15 . 2011-03-28 03:15 -------- d-----w- c:\programdata\Malwarebytes
    2011-03-28 03:15 . 2010-12-20 23:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
    2011-03-28 03:15 . 2011-04-14 16:14 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
    2011-03-26 01:53 . 2009-05-18 18:17 34152 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
    2011-03-26 01:53 . 2008-04-17 17:12 126312 ----a-w- c:\windows\system32\GEARAspi64.dll
    2011-03-26 01:53 . 2008-04-17 17:12 107368 ----a-w- c:\windows\SysWow64\GEARAspi.dll
    2011-03-26 01:52 . 2011-03-26 01:53 -------- d-----w- c:\program files\iTunes
    2011-03-26 01:52 . 2011-03-26 01:53 -------- d-----w- c:\program files (x86)\iTunes
    2011-03-26 01:52 . 2011-03-26 01:52 -------- d-----w- c:\program files\iPod
    2011-03-26 01:51 . 2011-03-26 01:51 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
    2011-03-26 01:51 . 2011-03-26 01:51 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
    2011-03-26 01:51 . 2011-03-26 01:51 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
    2011-03-26 01:51 . 2011-03-26 01:51 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
    2011-03-26 01:51 . 2011-03-26 01:51 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
    2011-03-26 01:51 . 2011-03-26 01:51 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
    2011-03-26 01:51 . 2011-03-26 01:51 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll
    2011-03-26 01:51 . 2011-03-26 01:51 -------- d-----w- c:\program files (x86)\QuickTime
    2011-03-26 01:50 . 2011-03-26 01:50 -------- d-----w- c:\program files (x86)\Apple Software Update
    2011-03-26 01:50 . 2011-03-26 01:50 -------- d-----w- c:\program files\Common Files\Apple
    2011-03-26 01:50 . 2011-03-26 01:50 -------- d-----w- c:\program files\Bonjour
    2011-03-26 01:50 . 2011-03-26 01:50 -------- d-----w- c:\program files (x86)\Bonjour
    2011-03-25 14:19 . 2011-03-25 14:19 -------- d-----w- c:\users\Shannon\AppData\Roaming\PCTools
    2011-03-25 04:14 . 2011-03-25 04:14 -------- d-----w- c:\users\Shannon\AppData\Roaming\playitall
    2011-03-25 01:07 . 2011-03-25 04:14 -------- d-----w- c:\users\Shannon\AppData\Roaming\dvdcss
    2011-03-24 05:47 . 2011-03-24 05:47 -------- d-----w- c:\users\Shannon\AppData\Roaming\Windows Live Writer
    2011-03-24 05:47 . 2011-03-24 05:47 -------- d-----w- c:\users\Shannon\AppData\Local\Windows Live Writer
    2011-03-24 00:04 . 2011-03-24 00:04 -------- d-----w- c:\users\Shannon\AppData\Roaming\SupportSoft
    2011-03-24 00:04 . 2011-03-24 00:04 -------- d-----w- C:\temp
    2011-03-24 00:04 . 2011-03-30 16:56 -------- d-----w- c:\users\Shannon\AppData\Roaming\OpswatLogs
    2011-03-24 00:04 . 2011-03-25 13:53 -------- d-----w- c:\program files (x86)\Common Files\supportsoft
    2011-03-23 20:58 . 2011-03-23 20:58 -------- d-----w- c:\users\Shannon\AppData\Local\Threat Expert
    2011-03-23 15:07 . 2011-03-23 15:07 -------- d-----w- c:\windows\system32\SPReview
    2011-03-23 15:05 . 2011-04-11 16:54 -------- d-----w- c:\programdata\PC Tools
    2011-03-23 15:01 . 2010-11-20 13:27 182784 ----a-w- c:\windows\system32\WUDFPlatform.dll
    2011-03-23 14:59 . 2010-11-20 13:27 524288 ----a-w- c:\windows\system32\wmicmiplugin.dll
    2011-03-23 14:59 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll
    2011-03-23 14:59 . 2010-11-20 13:27 1225216 ----a-w- c:\windows\system32\wbem\wbemcore.dll
    2011-03-23 14:59 . 2010-11-20 13:27 933376 ----a-w- c:\windows\system32\SmiEngine.dll
    2011-03-23 14:58 . 2010-11-20 13:25 199168 ----a-w- c:\windows\system32\PkgMgr.exe
    2011-03-23 14:58 . 2010-11-20 13:26 422912 ----a-w- c:\windows\system32\drvstore.dll
    2011-03-23 14:58 . 2010-11-20 13:26 399872 ----a-w- c:\windows\system32\dpx.dll
    2011-03-23 14:55 . 2010-06-02 02:58 268800 ----a-w- c:\programdata\Microsoft\Windows\Templates\VTechUninstall\QtSvg4.dll
    2011-03-23 14:55 . 2010-12-08 06:06 351648 ----a-w- c:\programdata\Microsoft\Windows\Templates\VTechUninstall\UninstallWizad.exe
    2011-03-23 14:55 . 2010-12-08 06:06 128416 ----a-w- c:\programdata\Microsoft\Windows\Templates\VTechUninstall\ProductExtend.exe
    2011-03-23 14:55 . 2010-07-13 13:07 7826432 ----a-w- c:\programdata\Microsoft\Windows\Templates\VTechUninstall\QtGui4.dll
    2011-03-23 14:55 . 2010-06-24 01:16 2150400 ----a-w- c:\programdata\Microsoft\Windows\Templates\VTechUninstall\QtCore4.dll
    2011-03-23 14:55 . 2010-06-02 02:28 335360 ----a-w- c:\programdata\Microsoft\Windows\Templates\VTechUninstall\QtXml4.dll
    2011-03-22 16:47 . 2011-02-02 23:11 270720 ------w- c:\windows\system32\MpSigStub.exe
    2011-03-22 16:24 . 2011-03-22 16:24 -------- d-----w- c:\users\Shannon\AppData\Roaming\Nova Development
    2011-03-22 13:17 . 2011-03-22 13:17 -------- d-----w- c:\users\Shannon\AppData\Local\DigitalPersona
    2011-03-21 21:18 . 2011-03-21 21:18 -------- d-----w- c:\users\Shannon\AppData\Roaming\Macrovision
    2011-03-21 21:16 . 2011-03-21 21:16 -------- d-----w- c:\program files\Motorola Inc
    2011-03-21 20:45 . 2011-03-21 20:45 -------- d-----w- c:\users\Shannon\AppData\Local\Programs
    2011-03-21 20:44 . 2011-03-21 20:44 -------- d-----w- c:\programdata\Macrovision
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-03-23 15:14 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
    2011-03-23 15:14 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
    2011-03-09 14:10 . 2010-06-24 16:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
    2011-02-19 12:05 . 2011-03-09 14:15 1139200 ----a-w- c:\windows\system32\FntCache.dll
    2011-02-19 12:04 . 2011-03-09 14:15 1544192 ----a-w- c:\windows\system32\DWrite.dll
    2011-02-19 12:04 . 2011-03-09 14:15 902656 ----a-w- c:\windows\system32\d2d1.dll
    2011-02-19 06:30 . 2011-03-09 14:15 1076736 ----a-w- c:\windows\SysWow64\DWrite.dll
    2011-02-19 06:30 . 2011-03-09 14:15 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
    2011-02-18 21:36 . 2011-02-18 21:36 51712 ----a-w- c:\windows\system32\drivers\usbaapl64.sys
    2011-02-18 21:36 . 2011-02-18 21:36 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
    2011-02-03 02:40 . 2010-08-11 03:42 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-08-20 2363392]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
    "HLBackupScheduler"="c:\program files\Verizon V CAST Media Manager\V CAST Backup Scheduler.exe" [2010-12-08 5247624]
    "SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
    "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-12-17 39408]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-08-05 98304]
    "HPCam_Menu"="c:\program files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
    "Corel File Shell Monitor"="c:\program files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe" [2009-08-26 15544]
    "QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2010-02-25 323640]
    "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
    "WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744]
    "PeachtreePrefetcher.exe"="c:\progra~2\SAGESO~1\PEACHT~1\PeachtreePrefetcher.exe" [2011-02-16 28488]
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
    "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
    "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-03-07 421160]
    "HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2009-11-18 54576]
    "PCTools FGuard"="c:\program files (x86)\PC Tools Security\BDT\FGuard.exe" [2011-01-07 108496]
    .
    c:\users\Shannon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    ERUNT AutoBackup.lnk - c:\desktop\ERUNT\AUTOBACK.EXE [2005-10-20 38912]
    OneNote 2010 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE [2010-3-29 227712]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    "PromptOnSecureDesktop"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
    "aux"=wdmaud.drv
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
    @="Driver"
    .
    R2 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-17 136176]
    R3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys [x]
    R3 dc3d;MS Hardware Device Detection Driver;c:\windows\system32\DRIVERS\dc3d.sys [x]
    R3 motandroidusb;Mot ADB Interface Driver;c:\windows\system32\Drivers\motoandroid.sys [x]
    R3 MotDev;Motorola Inc. USB Device;c:\windows\system32\DRIVERS\motodrv.sys [x]
    R3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys [x]
    R3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\DRIVERS\motusbdevice.sys [x]
    R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]
    R3 NWUSBCDFIL64;Novatel Wireless Installation CD;c:\windows\system32\DRIVERS\NwUsbCdFil64.sys [x]
    R3 NWUSBModem_000;Novatel Wireless USB Modem Driver (vGEN);c:\windows\system32\DRIVERS\nwusbmdm_000.sys [x]
    R3 NWUSBPort_000;Novatel Wireless USB Status Port Driver (vGEN);c:\windows\system32\DRIVERS\nwusbser_000.sys [x]
    R3 NWUSBPort2_000;Novatel Wireless USB Status2 Port Driver (vGEN);c:\windows\system32\DRIVERS\nwusbser2_000.sys [x]
    R3 pctplsg;pctplsg;c:\windows\System32\drivers\pctplsg64.sys [x]
    R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [x]
    R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
    R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
    R3 sdAuxService;PC Tools Auxiliary Service;c:\program files (x86)\PC Tools Security\pctsAuxs.exe [2010-03-15 366840]
    R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x]
    R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]
    R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x]
    R3 ThreatFire;ThreatFire;c:\program files (x86)\PC Tools Security\TFEngine\TFService.exe service [x]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
    R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
    R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x]
    R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
    R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
    S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore64.sys [x]
    S0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS64.sys [x]
    S0 pctEFA;PC Tools Extended File Attributes;c:\windows\system32\drivers\pctEFA64.sys [x]
    S0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [x]
    S0 TFSysMon;TFSysMon;c:\windows\system32\drivers\TfSysMon.sys [x]
    S1 pctgntdi;pctgntdi;c:\windows\System32\drivers\pctgntdi64.sys [x]
    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
    S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe [2009-03-02 89600]
    S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
    S2 Browser Defender Update Service;Browser Defender Update Service;c:\program files (x86)\PC Tools Security\BDT\BDTUpdateService.exe [2011-01-07 247760]
    S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-10-14 92216]
    S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
    S2 MotoHelper;MotoHelper Service;c:\program files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2010-09-07 202048]
    S2 NWVZHelper;Novatel Wireless Verizon Device Helper;c:\program files (x86)\Novatel Wireless\Verizon\Drivers\NWHelper_001.exe [2010-06-14 270848]
    S2 psqlWGE;Pervasive PSQL Workgroup Engine;c:\program files (x86)\Pervasive Software\PSQL\bin\w3dbsmgr.exe [2009-04-07 435496]
    S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
    S2 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys [x]
    S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe [2009-07-13 1924400]
    S3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-02-25 227896]
    S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [x]
    S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys [x]
    S3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys [x]
    S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
    S3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [x]
    S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x]
    S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
    .
    .
    --- Other Services/Drivers In Memory ---
    .
    *Deregistered* - PCTSDInjDriver64
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
    hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
    2009-08-20 21:24 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2011-04-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-17 04:43]
    .
    2011-04-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-17 04:43]
    .
    2011-04-19 c:\windows\Tasks\HPCeeScheduleForShannon.job
    - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07 11:22]
    .
    .
    --------- x86-64 -----------
    .
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2009-08-25 610872]
    "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-31 171520]
    "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-03-23 487424]
    "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2010-07-21 2327952]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "LoadAppInit_DLLs"=0x0
    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://www.yahoo.com/
    uLocal Page = c:\windows\system32\blank.htm
    mLocal Page = c:\windows\SysWOW64\blank.htm
    uInternet Settings,ProxyOverride = *.local
    IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
    IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
    IE: Se&nd to OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
    LSP: c:\program files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll
    DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
    .
    - - - - ORPHANS REMOVED - - - -
    .
    Wow6432Node-HKCU-Run-2422FAD94B0666EA87F107B87EDDD1AB85C930C2._service_run - c:\users\Shannon\AppData\Local\Google\Chrome\Application\chrome.exe
    WebBrowser-{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - (no file)
    HKLM-Run-SynTPEnh - %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
    HKLM-Run-Trend Micro Client Framework - c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe
    AddRemove-AccuWage 2010 - c:\progra~1\ACCUWA~1\UNWISE.EXE
    AddRemove-{08DB3902-2CE0-474D-BCE3-0177766CE9F1} - c:\program files (x86)\InstallShield Installation Information\{08DB3902-2CE0-474D-BCE3-0177766CE9F1}\setup.exe
    .
    .
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.10"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker4"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
    @Denied: (A) (Everyone)
    "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
    @Denied: (A) (Everyone)
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
    "Key"="ActionsPane3"
    "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Completion time: 2011-04-19 15:02:32
    ComboFix-quarantined-files.txt 2011-04-19 20:02
    .
    Pre-Run: 419,542,233,088 bytes free
    Post-Run: 419,403,223,040 bytes free
    .
    - - End Of File - - 6C6A9C29096CE944B52A661FE7EAA009


    Here is the new dds.log

    .
    DDS (Ver_11-03-05.01) - NTFS_AMD64
    Run by Shannon at 15:07:30.79 on 04/19/11
    Internet Explorer: 9.0.8112.16421
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3836.1916 [GMT -5:00]
    .
    AV: Spyware Doctor with AntiVirus *Disabled/Updated* {2F668A56-D5E0-2DF1-A0AE-CB1284F42AB2}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Spyware Doctor with AntiVirus *Disabled/Updated* {94076BB2-F3DA-227F-9A1E-F060FF73600F}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\STacSV64.exe
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\atieclxx.exe
    C:\Windows\system32\Hpservice.exe
    C:\Windows\system32\vcsFPService.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\WLANExt.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
    C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Program Files (x86)\Novatel Wireless\Verizon\Drivers\NWHelper_001.exe
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
    C:\Program Files (x86)\Pervasive Software\PSQL\bin\w3dbsmgr.exe
    C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
    C:\Windows\system32\svchost.exe -k HPService
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\IDT\WDM\sttray64.exe
    C:\Program Files\Microsoft IntelliPoint\ipoint.exe
    C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Verizon V CAST Media Manager\V CAST Backup Scheduler.exe
    C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Windows\system32\svchost.exe -k SDRSVC
    C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    C:\Program Files (x86)\Common Files\Peach\MessageCenter\bin\Sage.MessageCenter.exe
    C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
    C:\Windows\system32\WUDFHost.exe
    C:\Windows\system32\DeviceDisplayObjectProvider.exe
    C:\Windows\system32\DXPServer.exe
    C:\Windows\system32\notepad.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Users\Shannon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4DI126RM\dds.scr
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.yahoo.com/
    uInternet Settings,ProxyOverride = *.local
    uURLSearchHooks: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll
    BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: TmIEPlugInBHO Class: {1ca1377b-dc1d-4a52-9585-6e06050fac53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
    BHO: PC Tools Browser Guard BHO: {2a0f3d1b-0909-4ff4-b272-609cce6054e7} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll
    BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
    BHO: TmBpIeBHO Class: {bbacbafd-fa5e-4079-8b33-00eb9f13d4ac} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
    BHO: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
    BHO: Inbox Toolbar: {d3d233d5-9f6d-436c-b6c7-e63f77503b30} - C:\PROGRA~2\INBOXT~1\Inbox.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    TB: Microsoft Live Search Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll
    TB: &Inbox Toolbar: {d7e97865-918f-41e4-9cd0-25ab1c574ce8} - C:\PROGRA~2\INBOXT~1\Inbox.dll
    TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
    EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
    uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
    uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    uRun: [HLBackupScheduler] C:\Program Files\Verizon V CAST Media Manager\V CAST Backup Scheduler.exe
    uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun: [HPCam_Menu] "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam" UpdateWithCreateOnce "Software\Hewlett-Packard\Media\Webcam"
    mRun: [Corel File Shell Monitor] C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
    mRun: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    mRun: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    mRun: [PeachtreePrefetcher.exe] "C:\PROGRA~2\SAGESO~1\PEACHT~1\PeachtreePrefetcher.exe" /configfile:peachtreeprefetcher.winstart.config
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
    mRun: [PCTools FGuard] C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe
    StartupFolder: C:\Users\Shannon\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\desktop\ERUNT\AUTOBACK.EXE
    StartupFolder: C:\Users\Shannon\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
    IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
    IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
    IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    LSP: C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll
    DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
    DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
    DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
    Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\PROGRA~2\INBOXT~1\Inbox.dll
    Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} -
    Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} -
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
    BHO-X64: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll
    BHO-X64: Trend Micro NSC BHO - No File
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg64.dll
    BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
    BHO-X64: URLRedirectionBHO - No File
    BHO-X64: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe64.dll
    BHO-X64: TmBpIeBHO - No File
    BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    TB-X64: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
    TB-X64: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
    TB-X64: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File
    EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
    mRun-x64: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
    mRun-x64: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
    mRun-x64: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    mRun-x64: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
    mRun-x64: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
    mRun-x64: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 PCTCore;PCTools KDS;C:\Windows\System32\drivers\PCTCore64.sys [2011-4-11 257232]
    R0 pctDS;PC Tools Data Store;C:\Windows\System32\drivers\pctDS64.sys [2011-4-11 452872]
    R0 pctEFA;PC Tools Extended File Attributes;C:\Windows\System32\drivers\pctEFA64.sys [2011-4-11 816016]
    R0 TfFsMon;TfFsMon;C:\Windows\System32\drivers\TfFsMon.sys [2011-4-11 65072]
    R0 TFSysMon;TFSysMon;C:\Windows\System32\drivers\TfSysMon.sys [2011-4-11 74824]
    R1 pctgntdi;pctgntdi;C:\Windows\System32\drivers\pctgntdi64.sys [2011-4-11 334976]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904]
    R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe [2011-1-2 89600]
    R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2009-8-4 203264]
    R2 Browser Defender Update Service;Browser Defender Update Service;C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe [2011-4-11 247760]
    R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-10-14 92216]
    R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2010-7-16 30520]
    R2 MotoHelper;MotoHelper Service;C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2010-9-7 202048]
    R2 NWVZHelper;Novatel Wireless Verizon Device Helper;C:\Program Files (x86)\Novatel Wireless\Verizon\Drivers\NWHelper_001.exe [2010-6-14 270848]
    R2 psqlWGE;Pervasive PSQL Workgroup Engine;C:\Program Files (x86)\Pervasive Software\PSQL\bin\w3dbsmgr.exe [2008-6-6 435496]
    R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-4-13 1153368]
    R2 tmevtmgr;tmevtmgr;C:\Windows\System32\drivers\tmevtmgr.sys [2011-2-25 67664]
    R2 vcsFPService;Validity VCS Fingerprint Service;C:\Windows\System32\vcsFPService.exe [2009-7-12 1924400]
    R3 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-10-30 227896]
    R3 enecir;ENE CIR Receiver;C:\Windows\System32\drivers\enecir.sys [2009-6-29 70656]
    R3 motccgp;Motorola USB Composite Device Driver;C:\Windows\System32\drivers\motccgp.sys [2010-6-18 20992]
    R3 motccgpfl;MotCcgpFlService;C:\Windows\System32\drivers\motccgpfl.sys [2009-1-29 9216]
    R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-2-18 215040]
    R3 TfNetMon;TfNetMon;C:\Windows\System32\drivers\TfNetMon.sys [2011-4-11 41888]
    R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2010-2-18 36408]
    R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-13 17920]
    S2 Amsp;Trend Micro Solution Platform;"C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 --> C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [?]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-16 136176]
    S3 BTCFilterService;USB Networking Driver Filter Service;C:\Windows\System32\drivers\motfilt.sys [2009-1-29 6144]
    S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2010-11-2 48488]
    S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
    S3 motandroidusb;Mot ADB Interface Driver;C:\Windows\System32\drivers\motoandroid.sys [2009-7-10 31744]
    S3 MotDev;Motorola Inc. USB Device;C:\Windows\System32\drivers\motodrv.sys [2009-5-8 53632]
    S3 Motousbnet;Motorola USB Networking Driver Service;C:\Windows\System32\drivers\Motousbnet.sys [2010-4-1 26624]
    S3 motusbdevice;Motorola USB Dev Driver;C:\Windows\System32\drivers\motusbdevice.sys [2010-1-25 10240]
    S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
    S3 NWUSBCDFIL64;Novatel Wireless Installation CD;C:\Windows\System32\drivers\NwUsbCdFil64.sys [2010-7-8 25600]
    S3 NWUSBModem_000;Novatel Wireless USB Modem Driver (vGEN);C:\Windows\System32\drivers\nwusbmdm_000.sys [2010-7-8 217728]
    S3 NWUSBPort_000;Novatel Wireless USB Status Port Driver (vGEN);C:\Windows\System32\drivers\nwusbser_000.sys [2010-7-8 217728]
    S3 NWUSBPort2_000;Novatel Wireless USB Status2 Port Driver (vGEN);C:\Windows\System32\drivers\nwusbser2_000.sys [2010-7-8 217728]
    S3 pctplsg;pctplsg;C:\Windows\System32\drivers\pctplsg64.sys [2011-4-11 92896]
    S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-2-18 216576]
    S3 sdAuxService;PC Tools Auxiliary Service;C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe [2011-4-11 366840]
    S3 sdCoreService;PC Tools Security Service;C:\Program Files (x86)\PC Tools Security\pctsSvc.exe [2011-4-11 1156568]
    S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
    S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
    S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
    S3 ThreatFire;ThreatFire;C:\Program Files (x86)\PC Tools Security\TFEngine\TFService.exe service --> C:\Program Files (x86)\PC Tools Security\TFEngine\TFService.exe service [?]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-3-23 59392]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2011-2-18 51712]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-7-11 1255736]
    S3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\System32\drivers\WSDPrint.sys [2009-7-13 23040]
    S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
    .
    =============== Created Last 30 ================
    .
    2011-04-19 19:47:00 98816 ----a-w- C:\Windows\sed.exe
    2011-04-19 19:47:00 89088 ----a-w- C:\Windows\MBR.exe
    2011-04-19 19:47:00 256512 ----a-w- C:\Windows\PEV.exe
    2011-04-19 19:47:00 161792 ----a-w- C:\Windows\SWREG.exe
    2011-04-15 20:06:03 -------- d-----w- C:\Program Files (x86)\Inbox Toolbar
    2011-04-14 16:13:48 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
    2011-04-14 15:38:13 -------- d-----w- C:\MGADiagToolOutput
    2011-04-14 14:50:19 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%
    2011-04-14 13:26:28 267776 ----a-w- C:\Windows\System32\FXSCOVER.exe
    2011-04-14 13:26:27 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys
    2011-04-14 13:26:27 287744 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
    2011-04-14 13:26:27 158208 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
    2011-04-14 13:26:27 128000 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
    2011-04-13 14:52:19 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
    2011-04-13 14:52:19 -------- d-----w- C:\PROGRA~3\Spybot - Search & Destroy
    2011-04-13 14:10:45 -------- d-----w- C:\desktop
    2011-04-11 16:54:21 74824 --s---w- C:\Windows\System32\drivers\TfSysMon.sys
    2011-04-11 16:54:20 65072 --s---w- C:\Windows\System32\drivers\TfFsMon.sys
    2011-04-11 16:54:20 41888 --s---w- C:\Windows\System32\drivers\TfNetMon.sys
    2011-04-11 15:51:23 767952 ----a-w- C:\Windows\BDTSupport.dll
    2011-04-11 15:51:23 2000848 ----a-w- C:\Windows\PCTBDCore.dll
    2011-04-11 15:51:23 1533904 ----a-w- C:\Windows\PCTBDRes.dll
    2011-04-11 15:51:23 149456 ----a-w- C:\Windows\SGDetectionTool.dll
    2011-04-11 15:43:07 816016 ----a-w- C:\Windows\System32\drivers\pctEFA64.sys
    2011-04-11 15:43:07 452872 ----a-w- C:\Windows\System32\drivers\pctDS64.sys
    2011-04-11 15:43:07 334976 ----a-w- C:\Windows\System32\drivers\pctgntdi64.sys
    2011-04-11 15:43:07 137704 ----a-w- C:\Windows\System32\drivers\pctwfpfilter64.sys
    2011-04-11 15:43:03 257232 ----a-w- C:\Windows\System32\drivers\PCTCore64.sys
    2011-04-11 15:43:00 92896 ----a-w- C:\Windows\System32\drivers\pctplsg64.sys
    2011-04-11 15:42:56 -------- d-----w- C:\Program Files (x86)\PC Tools Security
    2011-04-11 15:42:56 -------- d-----w- C:\Program Files (x86)\Common Files\PC Tools
    2011-04-11 14:03:54 7947600 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
    2011-04-11 14:03:52 8424784 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{ABD4D382-126C-4C30-B6A4-160A50868724}\mpengine.dll
    2011-04-11 01:05:23 -------- d-----w- C:\Users\Shannon\AppData\Local\{A0DEC2A7-F2D9-4B82-B4C7-C84B38A7F2A4}
    2011-04-10 18:35:38 -------- d-----w- C:\PROGRA~3\WEBREG
    2011-04-10 18:34:40 -------- d-----w- C:\Users\Shannon\AppData\Local\HP
    2011-04-10 18:33:21 253440 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\hpfpp101.dll
    2011-04-10 17:43:42 -------- d-----w- C:\Program Files (x86)\HP Photo Creations
    2011-04-10 17:43:42 -------- d-----w- C:\PROGRA~3\HP Photo Creations
    2011-04-10 17:39:48 -------- d-----w- C:\Program Files (x86)\Common Files\HP
    2011-04-10 17:39:45 -------- d-----w- C:\Program Files (x86)\Common Files\Hewlett-Packard
    2011-04-10 17:38:32 138752 ----a-w- C:\Windows\System32\hpf3l101.dll
    2011-04-10 17:35:56 643200 ----a-w- C:\Windows\System32\hpzids40.dll
    2011-04-10 17:35:56 1412224 ----a-w- C:\Windows\System32\hpost_p04d.dll
    2011-04-10 17:35:56 1180288 ----a-w- C:\Windows\System32\hposwia_p04d.dll
    2011-04-10 17:35:55 525440 ----a-w- C:\Windows\System32\hposc_p04a.dll
    2011-04-10 17:13:28 -------- d-----w- C:\Program Files\HP
    2011-04-09 17:29:58 -------- d-----w- C:\Users\Shannon\AppData\Local\Apps
    2011-04-09 17:29:57 -------- d-----w- C:\Users\Shannon\AppData\Local\Deployment
    2011-04-08 15:22:39 -------- d-----w- C:\Users\Shannon\AppData\Local\{DB447099-C4A0-4F05-B09B-746A6CE11391}
    2011-04-07 22:16:52 -------- d-----w- C:\Users\Shannon\AppData\Local\{9D0E4127-3EEC-4AC8-A441-96B3D3693EDE}
    2011-04-04 22:27:59 -------- d-----w- C:\Users\Shannon\AppData\Local\Atheros
    2011-04-04 18:23:27 -------- d-----w- C:\PROGRA~3\V CAST Media Manager
    2011-04-04 16:48:38 -------- d-----w- C:\Program Files (x86)\Real Business Solutions
    2011-03-28 03:15:22 -------- d-----w- C:\Users\Shannon\AppData\Roaming\Malwarebytes
    2011-03-28 03:15:17 -------- d-----w- C:\PROGRA~3\Malwarebytes
    2011-03-28 03:15:14 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2011-03-28 03:15:13 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2011-03-26 01:53:35 34152 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
    2011-03-26 01:53:35 126312 ----a-w- C:\Windows\System32\GEARAspi64.dll
    2011-03-26 01:53:35 107368 ----a-w- C:\Windows\SysWow64\GEARAspi.dll
    2011-03-26 01:52:35 -------- d-----w- C:\Program Files\iTunes
    2011-03-26 01:52:35 -------- d-----w- C:\Program Files\iPod
    2011-03-26 01:52:35 -------- d-----w- C:\Program Files (x86)\iTunes
    2011-03-26 01:51:31 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
    2011-03-26 01:51:31 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
    2011-03-26 01:51:31 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
    2011-03-26 01:51:31 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
    2011-03-26 01:51:31 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
    2011-03-26 01:51:31 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
    2011-03-26 01:51:31 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll
    2011-03-26 01:50:05 -------- d-----w- C:\Program Files\Bonjour
    2011-03-26 01:50:05 -------- d-----w- C:\Program Files (x86)\Bonjour
    2011-03-25 14:19:26 -------- d-----w- C:\Users\Shannon\AppData\Roaming\PCTools
    2011-03-25 04:14:03 -------- d-----w- C:\Users\Shannon\AppData\Roaming\playitall
    2011-03-24 05:47:26 -------- d-----w- C:\Users\Shannon\AppData\Roaming\Windows Live Writer
    2011-03-24 05:47:26 -------- d-----w- C:\Users\Shannon\AppData\Local\Windows Live Writer
    2011-03-24 00:04:23 -------- d-----w- C:\Users\Shannon\AppData\Roaming\SupportSoft
    2011-03-24 00:04:22 -------- d-----w- C:\temp
    2011-03-24 00:04:21 -------- d-----w- C:\Users\Shannon\AppData\Roaming\OpswatLogs
    2011-03-24 00:04:20 -------- d-----w- C:\Program Files (x86)\Common Files\supportsoft
    2011-03-23 20:58:58 -------- d-----w- C:\Users\Shannon\AppData\Local\Threat Expert
    2011-03-23 15:07:15 -------- d-----w- C:\Windows\System32\SPReview
    2011-03-23 15:05:17 -------- d-----w- C:\PROGRA~3\PC Tools
    2011-03-23 15:02:59 573440 ----a-w- C:\Windows\SysWow64\odbc32.dll
    2011-03-23 15:01:59 73216 ----a-w- C:\Windows\System32\unimdmat.dll
    2011-03-23 14:59:10 529408 ----a-w- C:\Windows\System32\wbemcomn.dll
    2011-03-23 14:59:10 524288 ----a-w- C:\Windows\System32\wmicmiplugin.dll
    2011-03-23 14:59:10 1225216 ----a-w- C:\Windows\System32\wbem\wbemcore.dll
    2011-03-23 14:59:01 933376 ----a-w- C:\Windows\System32\SmiEngine.dll
    2011-03-23 14:58:57 199168 ----a-w- C:\Windows\System32\PkgMgr.exe
    2011-03-23 14:58:36 422912 ----a-w- C:\Windows\System32\drvstore.dll
    2011-03-23 14:58:36 399872 ----a-w- C:\Windows\System32\dpx.dll
    2011-03-23 14:55:31 268800 ----a-w- C:\PROGRA~3\Microsoft\Windows\Templates\VTechUninstall\QtSvg4.dll
    2011-03-23 14:55:30 7826432 ----a-w- C:\PROGRA~3\Microsoft\Windows\Templates\VTechUninstall\QtGui4.dll
    2011-03-23 14:55:30 351648 ----a-w- C:\PROGRA~3\Microsoft\Windows\Templates\VTechUninstall\UninstallWizad.exe
    2011-03-23 14:55:30 335360 ----a-w- C:\PROGRA~3\Microsoft\Windows\Templates\VTechUninstall\QtXml4.dll
    2011-03-23 14:55:30 2150400 ----a-w- C:\PROGRA~3\Microsoft\Windows\Templates\VTechUninstall\QtCore4.dll
    2011-03-23 14:55:30 128416 ----a-w- C:\PROGRA~3\Microsoft\Windows\Templates\VTechUninstall\ProductExtend.exe
    2011-03-22 16:47:09 270720 ------w- C:\Windows\System32\MpSigStub.exe
    2011-03-22 16:24:22 -------- d-----w- C:\Users\Shannon\AppData\Roaming\Nova Development
    2011-03-22 13:17:04 -------- d-----w- C:\Users\Shannon\AppData\Local\DigitalPersona
    2011-03-21 21:18:20 -------- d-----w- C:\Users\Shannon\AppData\Roaming\Macrovision
    2011-03-21 21:16:55 -------- d-----w- C:\Program Files\Motorola Inc
    2011-03-21 20:45:07 -------- d-----w- C:\Users\Shannon\AppData\Local\Programs
    .
    ==================== Find3M ====================
    .
    2011-03-23 15:14:40 175616 ----a-w- C:\Windows\System32\msclmd.dll
    2011-03-23 15:14:40 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
    2011-03-11 06:34:51 1359872 ----a-w- C:\Windows\System32\mfc42u.dll
    2011-03-11 06:34:50 1395712 ----a-w- C:\Windows\System32\mfc42.dll
    2011-03-11 05:33:59 1164288 ----a-w- C:\Windows\SysWow64\mfc42u.dll
    2011-03-11 05:33:59 1137664 ----a-w- C:\Windows\SysWow64\mfc42.dll
    2011-03-08 06:29:32 976896 ----a-w- C:\Windows\System32\inetcomm.dll
    2011-03-08 05:28:29 741376 ----a-w- C:\Windows\SysWow64\inetcomm.dll
    2011-03-03 06:24:16 183296 ----a-w- C:\Windows\System32\dnsrslvr.dll
    2011-03-03 06:21:57 30208 ----a-w- C:\Windows\System32\dnscacheugc.exe
    2011-03-03 05:36:16 28672 ----a-w- C:\Windows\SysWow64\dnscacheugc.exe
    2011-03-03 03:52:08 3135488 ----a-w- C:\Windows\System32\win32k.sys
    2011-02-24 06:15:44 476160 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
    2011-02-24 05:38:54 288256 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
    2011-02-23 04:56:27 467456 ----a-w- C:\Windows\System32\drivers\srv.sys
    2011-02-23 04:56:03 411648 ----a-w- C:\Windows\System32\drivers\srv2.sys
    2011-02-23 04:55:47 167936 ----a-w- C:\Windows\System32\drivers\srvnet.sys
    2011-02-19 12:05:15 1139200 ----a-w- C:\Windows\System32\FntCache.dll
    2011-02-19 12:04:37 1544192 ----a-w- C:\Windows\System32\DWrite.dll
    2011-02-19 12:04:17 902656 ----a-w- C:\Windows\System32\d2d1.dll
    2011-02-19 12:03:46 46080 ----a-w- C:\Windows\System32\atmlib.dll
    2011-02-19 09:00:32 367616 ----a-w- C:\Windows\System32\atmfd.dll
    2011-02-19 06:30:51 1076736 ----a-w- C:\Windows\SysWow64\DWrite.dll
    2011-02-19 06:30:50 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
    2011-02-19 06:30:46 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
    2011-02-19 04:34:54 294912 ----a-w- C:\Windows\SysWow64\atmfd.dll
    2011-02-18 21:36:58 51712 ----a-w- C:\Windows\System32\drivers\usbaapl64.sys
    2011-02-18 21:36:58 4184352 ----a-w- C:\Windows\System32\usbaaplrc.dll
    2011-02-05 17:10:16 642944 ----a-w- C:\Windows\System32\winload.efi
    2011-02-05 17:10:08 20352 ----a-w- C:\Windows\System32\kdusb.dll
    2011-02-05 17:10:08 19328 ----a-w- C:\Windows\System32\kd1394.dll
    2011-02-05 17:10:08 17792 ----a-w- C:\Windows\System32\kdcom.dll
    2011-02-05 17:06:41 605552 ----a-w- C:\Windows\System32\winload.exe
    2011-02-05 17:06:41 566208 ----a-w- C:\Windows\System32\winresume.efi
    2011-02-05 17:06:41 518672 ----a-w- C:\Windows\System32\winresume.exe
    2011-02-03 02:40:23 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
    .
    ============= FINISH: 15:08:51.57 ===============

  8. #8
    Security Expert: Emeritus Blade81's Avatar
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    25,288

    Default

    Please post attach.txt contents (of that latest DDS run) too.

    I am unable to access some programs when a hyperlink is included in an email
    Do you mean that if you click a web link in an email message none of installed browsers opens?
    Microsoft Windows Insider MVP 2016-2020
    Microsoft MVP Consumer Security 2008-2015
    UNITE member since 2006

    If you have problems create a thread in the forum, please.

    Malware removal instructions are for the correspondent user's case only.

  9. #9
    Junior Member
    Join Date
    Apr 2011
    Posts
    9

    Default

    Whenever I try to use a hyperlink from an email I received, it gives me an error and I cannot access.

    Also here is the Attach.txt log:


    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_11-03-05.01)
    .
    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume1
    Install Date: 06/18/10 9:56:41 PM
    System Uptime: 04/20/11 7:57:28 AM (2 hours ago)
    .
    Motherboard: Hewlett-Packard | | 3638
    Processor: AMD Turion(tm) II Ultra Dual-Core Mobile M620 | Socket S1G3 | 2500/200mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 448 GiB total, 390.341 GiB free.
    D: is FIXED (NTFS) - 17 GiB total, 2.829 GiB free.
    E: is FIXED (FAT32) - 0 GiB total, 0.094 GiB free.
    F: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
    Description: Photosmart Prem C310 series
    Device ID: ROOT\MULTIFUNCTION\0000
    Manufacturer: HP
    Name: Photosmart Prem C310 series
    PNP Device ID: ROOT\MULTIFUNCTION\0000
    Service:
    .
    Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
    Description: Photosmart D110 series
    Device ID: ROOT\MULTIFUNCTION\0001
    Manufacturer: HP
    Name: Photosmart D110 series
    PNP Device ID: ROOT\MULTIFUNCTION\0001
    Service:
    .
    Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
    Description: Photosmart Prem C310 series
    Device ID: ROOT\IMAGE\0000
    Manufacturer: HP
    Name: Photosmart Prem C310 series
    PNP Device ID: ROOT\IMAGE\0000
    Service: StillCam
    .
    ==== System Restore Points ===================
    .
    RP126: 04/09/11 11:58:55 AM - Scheduled Checkpoint
    RP127: 04/10/11 11:42:59 AM - Windows Update
    RP128: 04/10/11 1:39:03 PM - Installed Network64
    RP129: 04/10/11 1:41:10 PM - Windows Update
    RP130: 04/10/11 1:41:41 PM - Windows Update
    RP131: 04/14/11 9:49:48 AM - Windows Update
    RP132: 04/19/11 2:47:08 PM - ComboFix created restore point
    .
    ==== Installed Programs ======================
    .
    AccuWage 2010
    Acrobat.com
    ActiveCheck component for HP Active Support Library
    Adobe AIR
    Adobe Flash Player 10 ActiveX
    Adobe Reader 9.4.3 MUI
    Adobe Shockwave Player
    AMD USB Filter Driver
    Apple Application Support
    Apple Software Update
    Atheros Driver Installation Program
    Browser Defender 3.0
    BufferChm
    C310
    Catalyst Control Center - Branding
    Catalyst Control Center Core Implementation
    Catalyst Control Center Graphics Full Existing
    Catalyst Control Center Graphics Full New
    Catalyst Control Center Graphics Light
    Catalyst Control Center Graphics Previews Common
    Catalyst Control Center Graphics Previews Vista
    Catalyst Control Center InstallProxy
    Catalyst Control Center Localization All
    ccc-core-static
    CCC Help Chinese Standard
    CCC Help Chinese Traditional
    CCC Help Czech
    CCC Help Danish
    CCC Help Dutch
    CCC Help English
    CCC Help Finnish
    CCC Help French
    CCC Help German
    CCC Help Greek
    CCC Help Hungarian
    CCC Help Italian
    CCC Help Japanese
    CCC Help Korean
    CCC Help Norwegian
    CCC Help Polish
    CCC Help Portuguese
    CCC Help Russian
    CCC Help Spanish
    CCC Help Swedish
    CCC Help Thai
    CCC Help Turkish
    Cisco EAP-FAST Module
    Cisco LEAP Module
    Cisco PEAP Module
    Compatibility Pack for the 2007 Office system
    Corel Paint Shop Pro Photo X2
    Corel VideoStudio 12
    Crystal Reports 2008 Runtime SP1
    CyberLink DVD Suite
    D3DX10
    Definition update for Microsoft Office 2010 (KB982726)
    Destinations
    DeviceDiscovery
    DVD Menu Pack for HP MediaSmart Video
    ERUNT 1.1j
    ESU for Microsoft Windows 7
    ffdshow [rev 2527] [2008-12-19]
    Google Toolbar for Internet Explorer
    Google Update Helper
    GPBaseService2
    HP Advisor
    HP Customer Experience Enhancements
    HP Games
    HP MediaSmart DVD
    HP MediaSmart Internet TV
    HP MediaSmart Live TV
    HP MediaSmart SlingPlayer
    HP MediaSmart Software Notebook Demo
    HP MediaSmart Video
    HP MediaSmart Webcam
    HP MediaSmart/TouchSmart Netflix
    HP Photo Creations
    HP Product Detection
    HP Quick Launch Buttons
    HP Setup
    HP Support Assistant
    HP Update
    HP User Guides 0153
    HP Wireless Assistant
    HPAppStudio
    HPAsset component for HP Active Support Library
    HPPhotoGadget
    HPProductAssistant
    Hulu Desktop
    IDT Audio
    InstaForm Invoices & Estimates Pro
    Java Auto Updater
    Java(TM) 6 Update 24
    Junk Mail filter update
    LabelPrint
    LightScribe System Software
    Malwarebytes' Anti-Malware
    MarketResearch
    Mesh Runtime
    Messenger Companion
    Microsoft Live Search Toolbar
    Microsoft Office Access MUI (English) 2010
    Microsoft Office Access Setup Metadata MUI (English) 2010
    Microsoft Office Excel MUI (English) 2010
    Microsoft Office Home and Business 2010
    Microsoft Office OneNote MUI (English) 2010
    Microsoft Office Outlook Connector
    Microsoft Office Outlook MUI (English) 2010
    Microsoft Office PowerPoint MUI (English) 2010
    Microsoft Office Proof (English) 2010
    Microsoft Office Proof (French) 2010
    Microsoft Office Proof (Spanish) 2010
    Microsoft Office Proofing (English) 2010
    Microsoft Office Publisher MUI (English) 2010
    Microsoft Office Shared MUI (English) 2010
    Microsoft Office Shared Setup Metadata MUI (English) 2010
    Microsoft Office Single Image 2010
    Microsoft Office Suite Activation Assistant
    Microsoft Office Word MUI (English) 2010
    Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Works
    MotoHelper 2.0.24 Driver 4.7.1
    MotoHelper MergeModules
    Movie Theme Pack for HP MediaSmart Video
    MSVCRT
    MSVCRT_amd64
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    Peachtree Accounting 2010
    Peachtree Complete Accounting 2010
    PeachTree Signature Ready Forms
    Pervasive PSQL v10.10 Workgroup (32-bit)
    PhotoNow!
    PlayItAll media player 1.0.5
    Power2Go
    PowerDirector
    PS_AIO_07_C310_SW_Min
    QLBCASL
    QuickTime
    QuickTransfer
    Realtek 8136 8168 8169 Ethernet Driver
    Realtek USB 2.0 Card Reader
    Recovery Manager
    Sage Integration Services
    Sage Message Center
    Scan
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
    Security Update for Microsoft Excel 2010 (KB2466146)
    Security Update for Microsoft Office 2010 (KB2289078)
    Security Update for Microsoft Office 2010 (KB2289161)
    Security Update for Microsoft PowerPoint 2010 (KB2519975)
    Security Update for Microsoft Publisher 2010 (KB2409055)
    Security Update for Microsoft Word 2010 (KB2345000)
    SmartWebPrinting
    SolutionCenter
    Spybot - Search & Destroy
    Spyware Doctor
    Status
    Toolbox
    TrayApp
    Update for Microsoft Office 2010 (KB2202188)
    Update for Microsoft Office 2010 (KB2413186)
    Update for Microsoft Office 2010 (KB2494150)
    Update for Microsoft OneNote 2010 (KB2493983)
    Update for Microsoft Outlook Social Connector (KB2441641)
    Verizon Mobile Broadband Drivers
    Verizon V CAST Media Manager
    Verizon Wireless MiFi-2200 Firmware Updates
    VideoStudio
    VTech Download Agent Library
    VZAccess Manager
    W2 Mate (2010) 7.0.44
    WebReg
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Installer
    Windows Live Mail
    Windows Live Mesh
    Windows Live Mesh ActiveX Control for Remote Connections
    Windows Live Messenger
    Windows Live Messenger Companion Core
    Windows Live Movie Maker
    Windows Live Photo Common
    Windows Live Photo Gallery
    Windows Live PIMT Platform
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live Sync
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer Resources
    Windows Media Encoder 9 Series
    Yahoo! BrowserPlus 2.9.8
    .
    ==== Event Viewer Messages From Past Week ========
    .
    04/20/11 7:58:56 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
    04/20/11 7:58:08 AM, Error: atikmdag [52236] - CPLIB :: General - Invalid Parameter
    04/20/11 7:57:48 AM, Error: Service Control Manager [7000] - The Trend Micro Solution Platform service failed to start due to the following error: The system cannot find the file specified.
    04/19/11 2:58:56 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
    04/19/11 2:57:57 PM, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
    04/19/11 2:46:20 PM, Error: Service Control Manager [7034] - The hpqcxs08 service terminated unexpectedly. It has done this 1 time(s).
    04/19/11 2:46:20 PM, Error: Service Control Manager [7034] - The HP CUE DeviceDiscovery Service service terminated unexpectedly. It has done this 1 time(s).
    04/18/11 8:12:48 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the PC Tools Security Service service to connect.
    04/18/11 8:12:48 AM, Error: Service Control Manager [7000] - The PC Tools Security Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    04/18/11 11:13:14 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer OWNER-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{07EBCBAA-721D-426A-B96B-338614C2D410}. The master browser is stopping or an election is being forced.
    04/14/11 8:10:55 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the SBSD Security Center Service service to connect.
    04/14/11 8:10:55 AM, Error: Service Control Manager [7000] - The SBSD Security Center Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    04/14/11 11:35:00 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
    04/14/11 10:48:18 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer STEVEN that believes that it is the master browser for the domain on transport NetBT_Tcpip_{07EBCBAA-721D-426A-B96B-338614C2D410}. The master browser is stopping or an election is being forced.
    04/14/11 10:17:47 AM, Error: ACPI [13] - : The embedded controller (EC) did not respond within the specified timeout period. This may indicate that there is an error in the EC hardware or firmware or that the BIOS is accessing the EC incorrectly. You should check with your computer manufacturer for an upgraded BIOS. In some situations, this error may cause the computer to function incorrectly.
    .
    ==== End Of File ===========================

  10. #10
    Security Expert: Emeritus Blade81's Avatar
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    25,288

    Default

    Whenever I try to use a hyperlink from an email I received, it gives me an error and I cannot access.
    May I have the exact error message? Thanks.
    Microsoft Windows Insider MVP 2016-2020
    Microsoft MVP Consumer Security 2008-2015
    UNITE member since 2006

    If you have problems create a thread in the forum, please.

    Malware removal instructions are for the correspondent user's case only.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •