Reoccuring Trojan virus

[Dewey5718]

I have had this trojan bug on my PC since Aug. of last year . I have done clean install after another , the BUG keeps coming back . I have a Dell Insiron 518/519 .Came with Windows Vista Ultimate SP1 ,upgraded to SP2 .Through working with MSN tech support , They sent me Win-Vista Ultimate 32 bit , and another disk with same OS but 64 bit . At no cost .SOOOO goood .Every thing I would do to try and stay ahead of the bug , it would take someting away from me . It denied me access to program after program unt il I did my first clean install. Shorten the stoty a little .After each forrmat and install the bug came back . It went to school and learned from each format .on the third format it denied me the ability to format

I dud the pull the battery and kept turned off for a day and started all over again . The bug has taken over my DSL WIFI router account ,asigned it to my Name-PC with different passwords . Two lap tops are wireless and they are ok.My Android phone was infected by the bug vie USB connection . This before I knew re; the bug.I have tried Comodo system ,All scans showed clean as well as four others that showwed clean . Spybot S@D has been the only one to pick up on maleware on my PC .

I may have not entered enough info , if so please feel free to email me with you questions and i will answer them

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Dewey at 12:15:00 on 2011-12-14
Microsoft® Windows Vista™ Ultimate 6.0.6002.2.1252.1.1033.18.4093.2199 [GMT -7:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Spybot - Search & Destroy *Enabled/Outdated* {1EAF1D03-5480-F3B2-EB14-11F0F5EE2699}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\desktop\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\desktop\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\System32\mobsync.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = https://www.google.com/
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Malwarebytes' Anti-Malware] "C:\desktop\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
StartupFolder: C:\Users\Dewey\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\desktop(x86)\ERUNT\AUTOBACK.EXE
StartupFolder: C:\Users\Dewey\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
TCP: DhcpNameServer = 192.168.0.1 205.171.3.65
TCP: Interfaces\{4A313AA1-6FD6-4D10-B325-4B8829654E73} : DhcpNameServer = 192.168.0.1 205.171.3.65
Notify: SDWinLogon - SDWinLogon.dll
BHO-X64: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO-X64: 0x1 - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
BHO-X64: HP Smart BHO Class - No File
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
mRun-x64: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [Malwarebytes' Anti-Malware] "C:\desktop\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
Hosts: 127.0.0.1 www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 FontCache;Windows Font Cache Service;C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 MBAMService;MBAMService;C:\desktop\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-11 366152]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-12-11 1153368]
R2 SDHookService;Spybot S&D 2 Live Protection Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookSvc.exe [2011-12-13 130976]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2011-12-13 892336]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2011-12-13 955816]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2011-12-13 169624]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys --> C:\Windows\system32\DRIVERS\MpNWMon.sys [?]
R3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272]
R3 VST64_DPV;VST64_DPV;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
R3 VST64HWBS2;VST64HWBS2;C:\Windows\system32\DRIVERS\VSTBS26.SYS --> C:\Windows\system32\DRIVERS\VSTBS26.SYS [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-11 136176]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-11 136176]
S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-4-11 89920]
.
=============== File Associations ===============
.
JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*
.
=============== Created Last 30 ================
.
2011-12-14 18:10:02 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C767B598-D646-48CD-A7AD-309F87235EFE}\offreg.dll
2011-12-14 18:09:58 8822856 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C767B598-D646-48CD-A7AD-309F87235EFE}\mpengine.dll
2011-12-14 13:04:56 -------- d-----w- C:\ProgramData\UAB
2011-12-14 13:04:50 -------- d-----w- C:\Users\Dewey\AppData\Local\PC_Drivers_Headquarters
2011-12-14 13:04:30 -------- d-----w- C:\ProgramData\PC Drivers HeadQuarters
2011-12-14 02:52:50 17272 ----a-w- C:\Windows\System32\sdnclean64.exe
2011-12-14 02:52:47 -------- dc----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
2011-12-14 01:53:55 85504 ----a-w- C:\Windows\System32\csrsrv.dll
2011-12-14 01:53:53 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2011-12-14 01:53:53 2048 ----a-w- C:\Windows\System32\tzres.dll
2011-12-14 01:53:45 559616 ----a-w- C:\Windows\System32\EncDec.dll
2011-12-14 01:53:45 429056 ----a-w- C:\Windows\SysWow64\EncDec.dll
2011-12-14 01:53:44 2764800 ----a-w- C:\Windows\System32\win32k.sys
2011-12-14 01:53:40 2409784 ----a-w- C:\Program Files\Windows Mail\OESpamFilter.dat
2011-12-14 01:53:40 2409784 ----a-w- C:\Program Files (x86)\Windows Mail\OESpamFilter.dat
2011-12-13 05:59:06 -------- d-----w- C:\Users\Dewey\AppData\Roaming\Safer Networking
2011-12-13 05:58:16 -------- dc----w- C:\desktop(x86)
2011-12-12 19:56:15 -------- d-----w- C:\Users\Dewey\AppData\Local\Deployment
2011-12-12 19:56:15 -------- d-----w- C:\Users\Dewey\AppData\Local\Apps
2011-12-12 14:04:51 -------- dc----w- C:\Program Files (x86)\Advanced Port Scanner
2011-12-12 13:40:10 125952 ----a-w- C:\Windows\RTKAUDIOSERVICE.EXE
2011-12-12 13:39:27 525792 ----a-w- C:\Windows\DIFxAPI.dll
2011-12-12 13:39:25 1245696 ----a-w- C:\Windows\System32\RtkAPO64.dll
2011-12-12 13:39:15 315392 ----a-w- C:\Windows\HideWin.exe
2011-12-12 05:40:40 -------- d-----w- C:\Users\Dewey\AppData\Roaming\OpenOffice.org
2011-12-12 05:19:28 -------- dc----w- C:\Program Files (x86)\OpenOffice.org 3
2011-12-12 04:28:31 -------- d-----w- C:\Windows\SysWow64\Adobe
2011-12-12 04:27:28 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-12-12 02:11:47 -------- d-----w- C:\Users\Dewey\AppData\Local\Adobe
2011-12-12 02:11:10 -------- d-----w- C:\Users\Dewey\AppData\Local\Google
2011-12-12 01:19:14 275360 ----a-w- C:\Windows\System32\DreamScene.dll
2011-12-11 21:57:19 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2011-12-11 21:57:19 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2011-12-11 20:22:37 8822856 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-12-11 20:02:52 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2011-12-11 13:46:27 -------- d-----w- C:\Program Files (x86)\MagicISO
2011-12-11 13:18:18 -------- d-----w- C:\Users\Dewey\AppData\Roaming\Malwarebytes
2011-12-11 13:18:08 -------- d-----w- C:\ProgramData\Malwarebytes
2011-12-11 13:18:05 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-12-11 10:04:32 -------- d-----w- C:\Users\Dewey\AppData\Local\Apple Computer
2011-12-11 10:03:45 -------- dc----w- C:\Program Files\Bonjour
2011-12-11 10:03:45 -------- dc----w- C:\Program Files (x86)\Bonjour
2011-12-11 10:03:17 -------- d-----w- C:\Users\Dewey\AppData\Local\Apple
2011-12-11 05:15:26 -------- d-----w- C:\Windows\pss
2011-12-11 02:44:31 3851784 ----a-w- C:\Windows\SysWow64\D3DX9_39.dll
2011-12-11 02:44:25 -------- d-----w- C:\Program Files (x86)\Microsoft Games
2011-12-11 02:44:13 2048 ----a-w- C:\Program Files (x86)\Microsoft Games\Tinker\SparkResource.dll
2011-12-11 02:44:12 333312 ----a-w- C:\Program Files (x86)\Microsoft Games\Tinker\SparkGDF.dll
2011-12-11 02:44:11 1307136 ----a-w- C:\Program Files (x86)\Microsoft Games\Tinker\Tinker.exe
2011-12-11 02:43:54 877912 ----a-w- C:\Windows\System32\gpprefcl.dll
2011-12-11 02:43:54 675152 ----a-w- C:\Windows\SysWow64\gpprefcl.dll
2011-12-11 02:43:40 -------- dc----w- C:\Program Files\BitLocker
2011-12-11 02:43:12 1343880 ----a-w- C:\Windows\System32\SecureKeyBackupCPL.dll
2011-12-11 02:42:18 1585488 -c--a-w- C:\Program Files\Microsoft Games\HoldEm\HoldEm.exe
2011-12-11 00:49:18 -------- d-----w- C:\Users\Dewey\AppData\Roaming\GenuineRegistryDoctor
2011-12-11 00:49:18 -------- d-----w- C:\ProgramData\GenuineRegistryDoctor
2011-12-11 00:13:22 -------- d-----w- C:\Users\Dewey\AppData\Local\HP
2011-12-11 00:09:37 -------- d-----w- C:\ProgramData\WEBREG
2011-12-11 00:09:00 -------- d-----w- C:\Program Files (x86)\Yahoo!
2011-12-11 00:05:29 254464 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\hpfpp083.dll
2011-12-11 00:04:33 362328 ----a-w- C:\Windows\System32\hpzids40.dll
2011-12-11 00:04:31 134144 ----a-w- C:\Windows\System32\hpf3l083.dll
2011-12-11 00:04:27 966656 ----a-w- C:\Windows\System32\hposwia_d02a.dll
2011-12-11 00:04:27 761856 ----a-w- C:\Windows\System32\hpost_d02a.dll
2011-12-11 00:04:27 551424 ----a-w- C:\Windows\System32\hppldcoi.dll
2011-12-11 00:04:27 512512 ----a-w- C:\Windows\System32\hposc_d02a.dll
2011-12-11 00:03:58 -------- dc----w- C:\Program Files (x86)\Common Files\HP
2011-12-11 00:03:56 -------- dc----w- C:\Program Files (x86)\Common Files\Hewlett-Packard
2011-12-11 00:03:36 -------- dc----w- C:\Program Files (x86)\HP
2011-12-10 23:33:19 98304 ----a-w- C:\Windows\SysWow64\redmonnt.dll
2011-12-10 21:57:36 -------- d-----w- C:\Windows\System32\appmgmt
2011-12-10 21:27:45 -------- d-----w- C:\Program Files (x86)\RegWork
2011-12-10 18:45:43 442368 ----a-w- C:\Windows\System32\winhttp.dll
2011-12-10 18:45:43 377344 ----a-w- C:\Windows\SysWow64\winhttp.dll
2011-12-10 18:45:39 28160 ----a-w- C:\Windows\System32\drivers\en-US\http.sys.mui
2011-12-10 18:45:30 9728 ----a-w- C:\Windows\SysWow64\sscore.dll
2011-12-10 18:45:30 179712 ----a-w- C:\Windows\System32\srvsvc.dll
2011-12-10 18:45:30 17920 ----a-w- C:\Windows\SysWow64\netevent.dll
2011-12-10 18:45:30 17920 ----a-w- C:\Windows\System32\netevent.dll
2011-12-10 18:45:30 12288 ----a-w- C:\Windows\System32\sscore.dll
2011-12-10 18:41:31 876032 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
2011-12-10 18:41:31 1653760 ----a-w- C:\Windows\System32\XpsPrint.dll
2011-12-10 18:28:52 917840 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{95453A7E-EBAA-4A95-AD79-859C0447514D}\gapaengine.dll
2011-12-10 18:15:53 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2011-12-10 18:15:21 -------- dc----w- C:\Program Files\Microsoft Security Client
2011-12-10 18:15:09 345984 ----a-w- C:\Windows\System32\drivers\netio.sys
2011-12-10 18:07:07 -------- d-----w- C:\Users\Dewey\AppData\Local\ElevatedDiagnostics
2011-12-10 15:55:27 -------- dc----w- C:\desktop
2011-12-10 15:39:33 -------- dc----w- C:\Program Files (x86)\Free Offers from Freeze.com
2011-12-10 15:39:30 -------- d-sh--w- C:\Windows\SysWow64\AI_RecycleBin
2011-12-10 15:39:28 -------- d-----w- C:\ProgramData\W3i
2011-12-10 15:39:28 -------- d-----w- C:\Program Files (x86)\W3i
2011-12-10 13:54:33 4240384 ----a-w- C:\Windows\SysWow64\GameUXLegacyGDFs.dll
2011-12-10 13:54:33 32256 ----a-w- C:\Windows\System32\Apphlpdm.dll
2011-12-10 13:54:33 28672 ----a-w- C:\Windows\SysWow64\Apphlpdm.dll
2011-12-10 13:54:32 4240384 ----a-w- C:\Windows\System32\GameUXLegacyGDFs.dll
2011-12-10 13:26:12 -------- d-----w- C:\Users\Dewey\AppData\Local\Microsoft Games
2011-12-10 13:00:39 372736 ----a-w- C:\Windows\System32\unregmp2.exe
2011-12-10 12:58:55 3765288 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2011-12-10 12:58:51 8822856 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6098507B-CF97-4E86-8518-7F9849F5736C}\mpengine.dll
2011-12-10 12:58:50 270720 ------w- C:\Windows\System32\MpSigStub.exe
2011-12-10 12:58:33 1927680 ----a-w- C:\Windows\System32\gameux.dll
2011-12-10 12:58:33 1696256 ----a-w- C:\Windows\SysWow64\gameux.dll
2011-12-10 12:48:15 -------- d-----w- C:\Windows\SysWow64\spool
2011-12-10 12:48:15 -------- d-----w- C:\Program Files (x86)\Windows Portable Devices
2011-12-10 12:48:14 -------- dc----w- C:\Program Files\Windows Portable Devices
2011-12-10 12:44:09 92672 ----a-w- C:\Windows\SysWow64\UIAnimation.dll
2011-12-10 12:44:09 3815424 ----a-w- C:\Windows\System32\UIRibbon.dll
2011-12-10 12:44:09 3023360 ----a-w- C:\Windows\SysWow64\UIRibbon.dll
2011-12-10 12:44:09 1164800 ----a-w- C:\Windows\SysWow64\UIRibbonRes.dll
2011-12-10 12:44:09 1164800 ----a-w- C:\Windows\System32\UIRibbonRes.dll
2011-12-10 12:44:09 103424 ----a-w- C:\Windows\System32\UIAnimation.dll
2011-12-10 12:42:11 37888 ----a-w- C:\Windows\System32\BthMtpContextHandler.dll
2011-12-10 12:21:49 99176 ----a-w- C:\Windows\SysWow64\PresentationHostProxy.dll
2011-12-10 12:21:49 49472 ----a-w- C:\Windows\SysWow64\netfxperf.dll
2011-12-10 12:21:49 48960 ----a-w- C:\Windows\System32\netfxperf.dll
2011-12-10 12:21:49 444752 ----a-w- C:\Windows\System32\mscoree.dll
2011-12-10 12:21:49 320352 ----a-w- C:\Windows\System32\PresentationHost.exe
2011-12-10 12:21:49 297808 ----a-w- C:\Windows\SysWow64\mscoree.dll
2011-12-10 12:21:49 295264 ----a-w- C:\Windows\SysWow64\PresentationHost.exe
2011-12-10 12:21:49 1942856 ----a-w- C:\Windows\System32\dfshim.dll
2011-12-10 12:21:49 1130824 ----a-w- C:\Windows\SysWow64\dfshim.dll
2011-12-10 12:21:49 109912 ----a-w- C:\Windows\System32\PresentationHostProxy.dll
2011-12-10 12:19:31 32768 ----a-w- C:\Windows\System32\nshhttp.dll
2011-12-10 12:19:31 24064 ----a-w- C:\Windows\SysWow64\nshhttp.dll
2011-12-10 12:19:30 620032 ----a-w- C:\Windows\System32\drivers\http.sys
2011-12-10 12:19:30 33792 ----a-w- C:\Windows\System32\httpapi.dll
2011-12-10 12:19:30 30720 ----a-w- C:\Windows\SysWow64\httpapi.dll
2011-12-10 12:08:58 975360 ----a-w- C:\Windows\System32\inetcomm.dll
2011-12-10 12:07:54 991104 ----a-w- C:\Windows\System32\winresume.efi
2011-12-10 12:06:34 441856 ----a-w- C:\Windows\System32\WSDApi.dll
2011-12-10 12:06:34 355328 ----a-w- C:\Windows\SysWow64\WSDApi.dll
2011-12-10 12:06:33 731136 ----a-w- C:\Windows\System32\mstsc.exe
2011-12-10 12:06:33 677888 ----a-w- C:\Windows\SysWow64\mstsc.exe
2011-12-10 12:06:33 2425344 ----a-w- C:\Windows\System32\mstscax.dll
2011-12-10 12:06:33 2067968 ----a-w- C:\Windows\SysWow64\mstscax.dll
2011-12-10 12:06:32 176128 ----a-w- C:\Windows\System32\drivers\srv2.sys
2011-12-10 12:06:32 145920 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2011-12-10 12:06:31 893440 ----a-w- C:\Program Files\Common Files\System\wab32.dll
2011-12-10 12:06:31 707584 ----a-w- C:\Program Files (x86)\Common Files\System\wab32.dll
2011-12-10 12:06:31 50688 ----a-w- C:\Program Files\Windows Mail\wabimp.dll
2011-12-10 12:02:59 1398784 ----a-w- C:\Windows\System32\mfc42.dll
2011-12-10 12:02:59 1360384 ----a-w- C:\Windows\System32\mfc42u.dll
2011-12-10 12:02:59 1162240 ----a-w- C:\Windows\SysWow64\mfc42u.dll
2011-12-10 12:02:59 1136640 ----a-w- C:\Windows\SysWow64\mfc42.dll
2011-12-10 12:01:02 677376 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2011-12-10 12:01:02 1305600 ----a-w- C:\Windows\System32\rpcrt4.dll
2011-12-10 11:59:29 73216 ----a-w- C:\Windows\System32\MSDvbNP.ax
2011-12-10 11:59:29 69632 ----a-w- C:\Windows\SysWow64\Mpeg2Data.ax
2011-12-10 11:59:29 57856 ----a-w- C:\Windows\SysWow64\MSDvbNP.ax
2011-12-10 11:59:29 375808 ----a-w- C:\Windows\System32\psisdecd.dll
2011-12-10 11:59:29 293376 ----a-w- C:\Windows\SysWow64\psisdecd.dll
2011-12-10 11:59:29 289792 ----a-w- C:\Windows\System32\psisrndr.ax
2011-12-10 11:59:29 217088 ----a-w- C:\Windows\SysWow64\psisrndr.ax
2011-12-10 11:59:29 100352 ----a-w- C:\Windows\System32\Mpeg2Data.ax
2011-12-10 11:59:10 28672 ----a-w- C:\Windows\System32\dnscacheugc.exe
2011-12-10 11:59:10 25088 ----a-w- C:\Windows\SysWow64\dnscacheugc.exe
2011-12-10 11:59:10 117760 ----a-w- C:\Windows\System32\dnsrslvr.dll
2011-12-10 11:58:44 867328 ----a-w- C:\Windows\SysWow64\wmpmde.dll
2011-12-10 11:58:44 1090048 ----a-w- C:\Windows\System32\wmpmde.dll
2011-12-10 11:26:32 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2011-12-10 11:15:12 150016 ----a-w- C:\Windows\System32\drivers\Rtlh64.sys
2011-12-10 11:15:11 -------- d-----w- C:\Program Files (x86)\Realtek
2011-12-10 11:14:51 -------- dc----w- C:\dell
2011-12-10 11:13:59 45056 ----a-r- C:\Users\Dewey\AppData\Roaming\Microsoft\Installer\{42929F0F-CE14-47AF-9FC7-FF297A603021}\NewShortcut1_42929F0FCE1447AF9FC7FF297A603021_1.exe
2011-12-10 11:13:54 -------- dc----w- C:\Program Files (x86)\Dell
2011-12-10 11:13:54 -------- d-----w- C:\Windows\SysWow64\vmm32
2011-12-10 11:13:41 -------- d-sh--w- C:\Windows\Installer
2011-12-10 11:10:53 0 ----a-w- C:\Windows\ativpsrm.bin
2011-12-10 11:07:17 98304 ----a-w- C:\Windows\SysWow64\cabview.dll
2011-12-10 11:07:17 104960 ----a-w- C:\Windows\System32\cabview.dll
2011-12-10 11:07:16 218624 ----a-w- C:\Windows\System32\wintrust.dll
2011-12-10 11:07:16 172032 ----a-w- C:\Windows\SysWow64\wintrust.dll
2011-12-07 00:26:40 4448256 ----a-w- C:\Windows\SysWow64\GPhotos.scr
.
==================== Find3M ====================
.
2011-12-10 13:25:59 979456 ----a-w- C:\Windows\SysWow64\MFH264Dec.dll
2011-11-04 01:53:39 2309120 ----a-w- C:\Windows\System32\jscript9.dll
2011-11-04 01:44:47 1390080 ----a-w- C:\Windows\System32\wininet.dll
2011-11-04 01:44:21 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
2011-11-04 01:34:43 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2011-11-03 22:47:42 1798144 ----a-w- C:\Windows\SysWow64\jscript9.dll
2011-11-03 22:40:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2011-11-03 22:39:47 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-11-03 22:31:57 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-09-20 21:06:18 1423744 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2011-09-20 14:04:40 40448 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys
.
============= FINISH: 12:15:46.19 ===============

[Jack&Jill]

Hello and welcome to Safer Networking.

I am currently assessing your situation and will be back with a fix for your problem as soon as possible.

Please subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this, click Thread Tools, then click Subscribe to this Thread. Under the Notification Type: title, make sure it is set to Instant notification by email, then click Add Subscription.

Please be patient with me during this time.

Meanwhile, please make a reply to this topic to acknowledge that you have read this and is still with me to tackle the problem until the end. If I do not get any response within 3 days, this topic will be closed.

[Jack&Jill]

Due to lack of response, this topic is now closed.

If it has been three days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh DDS log and a link to your previous thread. How to post a DDS log.

If it has been less than three days since your last response and you need the thread re-opened, please send a private message (pm) to me or a MOD. A valid, working link to the closed topic is required. Please do not add any logs that might have been requested in the closed topic, you would be starting fresh.

Everyone else please begin a New Topic.