Not able to run any antivirus program

Alright well now there's a problem every time I turn on my computer it loads up then like a minute later it crashes saying DRIVER_IRQL_NOT_LESS_OR_EQUAL
and something like class.sys or something similar I didn't get time to read it cause it shut down. I will try safe mode in a little bit to see if it works and post up the log
 
Hi,

Is this same issue you got when trying to run DDS earlier? Were you able to boot in safe mode?
 
no last time it would open cmd but close right away but i just let my computer sit awhile while shut off and now it worked fine for some reason here the logs

DDS (Ver_09-11-24.02) - NTFSx86
Run by Illmaculate at 12:43:24.42 on Sun 11/29/2009
Internet Explorer: 8.0.6001.18828
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.2942.2173 [GMT -7:00]

AV: Trend Micro AntiVirus *On-access scanning enabled* (Updated) {7D2296BC-32CC-4519-917E-52E652474AF5}
SP: Trend Micro AntiVirus *enabled* (Updated) {003DD9A8-02A6-43CF-81BA-5D403CAD001E}
SP: Webroot AntiVirus with AntiSpyware *enabled* (Updated) {00000000-0000-0000-0000-000000000000}
SP: Webroot AntiVirus with AntiSpyware *disabled* (Outdated) {00000000-E9D0-004F-D859-4D0000000000}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
SP: Webroot AntiVirus with AntiSpyware *disabled* (Updated) {00000000-E9D0-004F-D859-4D0001000000}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\hp\support\hpsysdrv.exe
C:\hp\KBD\KbdStub.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\DllHost.exe
C:\Users\Illmaculate\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=desktop
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=desktop
uInternet Settings,ProxyOverride = *.local
BHO: Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [HPADVISOR] c:\program files\hewlett-packard\hp advisor\HPAdvisor.exe autoRun
mRun: [Windows Defender] "%ProgramFiles%\Windows Defender\MSASCui.exe" -hide
mRun: [hpsysdrv] "c:\hp\support\hpsysdrv.exe"
mRun: [KBD] "c:\hp\kbd\KbdStub.EXE"
mRun: [OsdMaestro] "c:\program files\hewlett-packard\on-screen osd indicator\OSD.exe"
mRun: [NvSvc] "RUNDLL32.EXE" c:\windows\system32\nvsvc.dll,nvsvcStart
mRun: [NvCplDaemon] "RUNDLL32.EXE" c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] "RUNDLL32.EXE" c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [RtHDVCpl] "RtHDVCpl.exe"
mRun: [SnapfishMediaDetector] "c:\program files\snapfish media detector\SnapfishMediaDetector.exe"
mRun: [HP Software Update] "c:\program files\hp\hp software update\HPWuSchd2.exe"
mRun: [SSDMonitor] "c:\program files\common files\pc tools\smonitor\SSDMonitor.exe"
mRun: [UfSeAgnt.exe] "c:\program files\trend micro\internet security\UfSeAgnt.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\snapfi~1.lnk - c:\program files\snapfish media detector\SnapfishMediaDetector.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\users\illmac~1\appdata\roaming\mozilla\firefox\profiles\jpr7tha6.default\
FF - component: c:\users\illmaculate\appdata\roaming\mozilla\firefox\profiles\jpr7tha6.default\extensions\firedownload@mozilla.org\components\firedownload.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

============= SERVICES / DRIVERS ===============

R2 tmpreflt;tmpreflt;c:\windows\system32\drivers\tmpreflt.sys [2009-11-1 36368]
S3 PCD5SRVC{BD6912E3-AC9D80E8-05010004};PCD5SRVC{BD6912E3-AC9D80E8-05010004} - PCDR Kernel Mode Service Helper Driver;c:\progra~1\pc-doc~1\PCD5SRVC.pkms [2007-3-2 28144]
S3 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [2009-11-1 50704]

=============== Created Last 30 ================

2009-11-27 21:28:33 98816 ----a-w- c:\windows\sed.exe
2009-11-27 21:28:33 77312 ----a-w- c:\windows\MBR.exe
2009-11-27 21:28:33 260608 ----a-w- c:\windows\PEV.exe
2009-11-27 21:28:33 161792 ----a-w- c:\windows\SWREG.exe
2009-11-27 21:28:26 0 d-----w- C:\ComboFix
2009-11-21 05:48:04 0 d-----w- c:\users\illmaculate\New Folder
2009-11-21 02:25:22 0 d-----w- c:\users\illmaculate\Marisa music
2009-11-20 03:46:32 0 d-----w- c:\users\illmac~1\appdata\roaming\AccurateRip
2009-11-20 03:46:08 0 d-----w- c:\program files\Illustrate
2009-11-20 02:48:24 0 d-----w- c:\programdata\Malwarebytes
2009-11-20 02:48:23 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-11-20 01:37:42 0 d-----w- c:\programdata\Spybot - Search & Destroy
2009-11-20 01:37:42 0 d-----w- c:\program files\Spybot - Search & Destroy
2009-11-19 04:24:33 0 d-----w- c:\users\illmaculate\Dillion music
2009-11-14 21:55:25 0 d-----w- c:\users\illmaculate\Music2
2009-11-12 13:35:56 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2009-11-11 16:44:06 0 d-----w- c:\programdata\NVIDIA
2009-11-11 02:31:05 321536 ----a-w- c:\windows\system32\WSDApi.dll
2009-11-11 02:30:29 2031104 ----a-w- c:\windows\system32\win32k.sys
2009-11-11 02:19:11 4984 ----a-w- c:\windows\system32\drivers\nvphy.bin
2009-11-11 02:15:25 0 d-----w- c:\windows\nvtmpinst
2009-11-10 02:31:48 0 d-----w- c:\program files\GSi
2009-11-10 01:33:23 0 d-----w- c:\users\illmac~1\appdata\roaming\OpenCandy
2009-11-10 01:25:29 0 d-----w- c:\program files\ASIO4ALL v2
2009-11-10 01:24:39 225280 ----a-w- c:\windows\system32\rewire.dll
2009-11-10 01:23:55 1554944 ----a-w- c:\windows\system32\vorbis.acm
2009-11-10 01:22:27 0 d-----w- c:\program files\VstPlugins
2009-11-10 01:22:01 0 d-----w- c:\program files\Outsim
2009-11-10 01:09:47 0 d-----w- c:\program files\Image-Line
2009-11-09 04:22:27 97800 ----a-w- c:\windows\system32\infocardapi.dll
2009-11-09 04:22:27 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-11-09 04:22:26 622080 ----a-w- c:\windows\system32\icardagt.exe
2009-11-09 04:22:26 43544 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2009-11-09 04:22:26 37384 ----a-w- c:\windows\system32\infocardcpl.cpl
2009-11-09 04:22:26 11264 ----a-w- c:\windows\system32\icardres.dll
2009-11-09 04:22:25 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll
2009-11-09 04:22:21 326160 ----a-w- c:\windows\system32\PresentationHost.exe
2009-11-09 04:20:27 65536 ----a-w- c:\windows\ocsetup_cbs_install_NetFx3.dpx
2009-11-09 04:20:27 196608 ----a-w- c:\windows\ocsetup_cbs_install_NetFx3.perf
2009-11-09 04:20:26 43909120 ----a-w- c:\windows\ocsetup_install_NetFx3.etl
2009-11-09 04:07:47 96760 ----a-w- c:\windows\system32\dfshim.dll
2009-11-09 04:07:42 282112 ----a-w- c:\windows\system32\mscoree.dll
2009-11-09 04:07:38 41984 ----a-w- c:\windows\system32\netfxperf.dll
2009-11-09 04:07:03 158720 ----a-w- c:\windows\system32\mscorier.dll
2009-11-09 04:06:55 83968 ----a-w- c:\windows\system32\mscories.dll
2009-11-09 02:48:21 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-11-09 02:48:21 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2009-11-05 04:32:16 0 d-----w- c:\users\illmac~1\appdata\roaming\SharePod
2009-11-05 03:20:12 77824 ----a-w- c:\windows\system32\HPZIDS01.dll
2009-11-05 03:19:49 38400 ----a-w- c:\windows\system32\hpz3l054.dll
2009-11-05 03:18:02 282624 ----a-w- c:\windows\system32\HPZc3212.dll
2009-11-05 03:18:02 21568 ----a-w- c:\windows\system32\drivers\HPZius12.sys
2009-11-04 04:27:06 2086695 ----a-w- C:\ituneslib.itl
2009-11-04 03:50:55 0 d-----w- c:\program files\iPod
2009-11-04 03:50:41 0 d-----w- c:\programdata\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-11-04 03:50:40 0 d-----w- c:\program files\iTunes
2009-11-04 03:49:06 0 d-----w- c:\program files\Bonjour
2009-11-04 03:47:16 0 d-----w- c:\programdata\Apple Computer
2009-11-04 03:41:40 0 d-----w- c:\programdata\Apple
2009-11-04 03:13:54 332209650 ----a-w- c:\windows\MEMORY.DMP
2009-11-03 03:23:51 0 d-----w- c:\users\illmaculate\Tracing
2009-11-03 03:15:24 0 d-----w- c:\program files\common files\Windows Live
2009-11-02 14:46:25 494592 ----a-w- c:\windows\system32\kerberos.dll
2009-11-02 14:46:24 272384 ----a-w- c:\windows\system32\schannel.dll
2009-11-02 14:37:15 0 d-----w- c:\windows\system32\Service
2009-11-02 04:32:30 0 d-----w- c:\programdata\Trend Micro
2009-11-02 04:31:55 0 d-----w- c:\program files\Trend Micro
2009-11-02 04:29:31 89872 ----a-w- c:\windows\system32\drivers\tmtdi.sys
2009-11-02 04:29:31 59920 ----a-w- c:\windows\system32\drivers\tmactmon.sys
2009-11-02 04:29:31 50704 ----a-w- c:\windows\system32\drivers\tmevtmgr.sys
2009-11-02 04:29:31 36368 ----a-w- c:\windows\system32\drivers\tmpreflt.sys
2009-11-02 04:29:31 225808 ----a-w- c:\windows\system32\drivers\tmxpflt.sys
2009-11-02 04:29:31 158224 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2009-11-02 04:29:31 1223832 ----a-w- c:\windows\system32\drivers\vsapint.sys
2009-11-01 21:32:21 775168 ----a-w- c:\windows\isRS-000.tmp
2009-11-01 21:31:49 1563008 ----a-w- c:\windows\WRSetup.dll
2009-11-01 20:37:12 2048 ----a-w- c:\windows\system32\tzres.dll
2009-11-01 20:32:29 61440 ----a-w- c:\windows\system32\winipsec.dll
2009-11-01 20:32:29 361984 ----a-w- c:\windows\system32\IPSECSVC.DLL
2009-11-01 20:32:29 28672 ----a-w- c:\windows\system32\FwRemoteSvr.dll
2009-11-01 20:32:28 272896 ----a-w- c:\windows\system32\polstore.dll
2009-11-01 20:30:49 241152 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2009-11-01 20:30:48 95232 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2009-11-01 20:30:48 160768 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2009-11-01 20:30:09 87040 ----a-w- c:\windows\system32\msoert2.dll
2009-11-01 20:30:09 39424 ----a-w- c:\windows\system32\ACCTRES.dll
2009-11-01 20:30:09 205824 ----a-w- c:\windows\system32\msoeacct.dll
2009-11-01 20:28:16 704000 ----a-w- c:\windows\system32\PhotoScreensaver.scr
2009-11-01 20:28:15 356352 ----a-w- c:\windows\system32\wbem\wbemcomn.dll
2009-11-01 20:28:14 24064 ----a-w- c:\windows\system32\wtsapi32.dll
2009-11-01 20:28:13 258232 ----a-w- c:\windows\system32\drivers\acpi.sys
2009-11-01 20:28:09 714240 ----a-w- c:\windows\system32\timedate.cpl
2009-11-01 20:28:09 542720 ----a-w- c:\windows\system32\sysmain.dll
2009-11-01 20:27:48 194560 ----a-w- c:\windows\system32\WebClnt.dll
2009-11-01 20:27:48 110080 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2009-11-01 20:27:30 123904 ----a-w- c:\windows\system32\L2SecHC.dll
2009-11-01 20:27:29 1657350 ----a-w- c:\windows\system32\wlan.tmf
2009-11-01 20:27:29 12876 ----a-w- c:\windows\system32\wbem\wlan.mof
2009-11-01 20:27:28 67584 ----a-w- c:\windows\system32\wlanhlp.dll
2009-11-01 20:27:28 502272 ----a-w- c:\windows\system32\wlansvc.dll
2009-11-01 20:27:28 47104 ----a-w- c:\windows\system32\wlanapi.dll
2009-11-01 20:27:28 290816 ----a-w- c:\windows\system32\wlanmsm.dll
2009-11-01 20:27:27 297984 ----a-w- c:\windows\system32\wlansec.dll
2009-11-01 20:26:21 72704 ----a-w- c:\windows\system32\fontsub.dll
2009-11-01 20:26:21 34304 ----a-w- c:\windows\system32\atmlib.dll
2009-11-01 20:26:21 289792 ----a-w- c:\windows\system32\atmfd.dll
2009-11-01 20:26:21 24064 ----a-w- c:\windows\system32\lpk.dll
2009-11-01 20:26:21 156160 ----a-w- c:\windows\system32\t2embed.dll
2009-11-01 20:26:21 10240 ----a-w- c:\windows\system32\dciman32.dll
2009-11-01 20:23:45 376832 ----a-w- c:\windows\system32\winhttp.dll
2009-11-01 20:23:24 71680 ----a-w- c:\windows\system32\atl.dll
2009-11-01 20:22:51 297472 ----a-w- c:\windows\system32\gdi32.dll
2009-11-01 20:22:34 1060920 ----a-w- c:\windows\system32\drivers\ntfs.sys
2009-11-01 20:22:33 41984 ----a-w- c:\windows\system32\drivers\monitor.sys
2009-11-01 20:21:45 268800 ----a-w- c:\windows\system32\es.dll
2009-11-01 20:21:05 65024 ----a-w- c:\windows\system32\avicap32.dll
2009-11-01 20:21:05 123904 ----a-w- c:\windows\system32\msvfw32.dll
2009-11-01 20:21:04 88576 ----a-w- c:\windows\system32\avifil32.dll
2009-11-01 20:21:04 82944 ----a-w- c:\windows\system32\mciavi32.dll
2009-11-01 20:21:04 31232 ----a-w- c:\windows\system32\msvidc32.dll
2009-11-01 20:21:04 12800 ----a-w- c:\windows\system32\msrle32.dll
2009-11-01 20:20:06 45112 ----a-w- c:\windows\system32\drivers\pciidex.sys
2009-11-01 20:20:06 21560 ----a-w- c:\windows\system32\drivers\atapi.sys
2009-11-01 20:20:06 15928 ----a-w- c:\windows\system32\drivers\pciide.sys
2009-11-01 20:20:06 109624 ----a-w- c:\windows\system32\drivers\ataport.sys
2009-11-01 20:20:04 211000 ----a-w- c:\windows\system32\drivers\volsnap.sys
2009-11-01 20:20:04 154624 ----a-w- c:\windows\system32\drivers\nwifi.sys
2009-11-01 20:19:49 2923520 ----a-w- c:\windows\explorer.exe
2009-11-01 20:11:23 61440 ----a-w- c:\windows\system32\ntprint.exe
2009-11-01 20:11:23 220160 ----a-w- c:\windows\system32\ntprint.dll
2009-11-01 20:11:21 10240 ----a-w- c:\windows\system32\dhcpcmonitor.dll
2009-11-01 20:11:20 1984512 ----a-w- c:\windows\system32\authui.dll
2009-11-01 20:11:20 120320 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2009-11-01 20:11:17 69632 ----a-w- c:\windows\system32\sendmail.dll
2009-11-01 20:11:16 8138240 ----a-w- c:\windows\system32\ssBranded.scr
2009-11-01 19:16:43 3502152 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-11-01 19:16:42 3467864 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-11-01 19:14:40 211456 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2009-11-01 19:13:38 500736 ----a-w- c:\windows\system32\msdtcprx.dll
2009-11-01 19:13:38 30208 ----a-w- c:\windows\system32\xolehlp.dll
2009-11-01 19:10:02 156160 ----a-w- c:\windows\system32\wkssvc.dll
2009-11-01 19:07:38 36352 ----a-w- c:\windows\system32\tsgqec.dll
2009-11-01 19:07:38 1871872 ----a-w- c:\windows\system32\mstscax.dll
2009-11-01 19:07:38 116736 ----a-w- c:\windows\system32\aaclient.dll
2009-11-01 19:03:55 303616 ----a-w- c:\windows\system32\wmpeffects.dll
2009-11-01 19:02:46 2048 ----a-w- c:\windows\system32\msxml3r.dll
2009-11-01 19:02:46 1194496 ----a-w- c:\windows\system32\msxml3.dll
2009-11-01 19:01:02 356864 ----a-w- c:\windows\system32\MediaMetadataHandler.dll
2009-11-01 18:59:53 392192 ----a-w- c:\windows\system32\FirewallAPI.dll
2009-11-01 18:59:52 86016 ----a-w- c:\windows\system32\icfupgd.dll
2009-11-01 18:59:52 63488 ----a-w- c:\windows\system32\drivers\mpsdrv.sys
2009-11-01 18:59:52 396800 ----a-w- c:\windows\system32\MPSSVC.dll
2009-11-01 18:59:52 16896 ----a-w- c:\windows\system32\wfapigp.dll
2009-11-01 18:59:51 61952 ----a-w- c:\windows\system32\cmifw.dll
2009-11-01 18:59:51 23040 ----a-w- c:\windows\system32\drivers\tunnel.sys
2009-11-01 18:59:51 178688 ----a-w- c:\windows\system32\iphlpsvc.dll
2009-11-01 18:59:50 15360 ----a-w- c:\windows\system32\drivers\TUNMP.SYS
2009-11-01 18:55:47 428032 ----a-w- c:\windows\system32\EncDec.dll
2009-11-01 18:55:47 177152 ----a-w- c:\windows\system32\mpg2splt.ax
2009-11-01 18:55:47 1244672 ----a-w- c:\windows\system32\mcmde.dll
2009-11-01 18:55:46 80896 ----a-w- c:\windows\system32\MSNP.ax
2009-11-01 18:55:46 68608 ----a-w- c:\windows\system32\Mpeg2Data.ax
2009-11-01 18:55:46 292352 ----a-w- c:\windows\system32\psisdecd.dll
2009-11-01 18:55:46 217088 ----a-w- c:\windows\system32\psisrndr.ax
2009-11-01 18:55:45 57856 ----a-w- c:\windows\system32\MSDvbNP.ax
2009-11-01 18:50:30 696832 ----a-w- c:\windows\system32\localspl.dll
2009-11-01 18:44:37 24064 ----a-w- c:\windows\system32\netcfg.exe
2009-11-01 18:41:00 1585664 ----a-w- c:\windows\system32\setupapi.dll
2009-11-01 05:56:55 549888 ----a-w- c:\windows\system32\rpcss.dll
2009-11-01 05:56:54 654336 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2009-11-01 05:56:54 614912 ----a-w- c:\windows\system32\wbem\fastprox.dll
2009-11-01 05:56:54 501760 ----a-w- c:\windows\system32\wbem\WmiPrvSD.dll
2009-11-01 05:56:54 247296 ----a-w- c:\windows\system32\wbem\WmiPrvSE.exe
2009-11-01 05:56:54 24576 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
2009-11-01 05:56:54 130560 ----a-w- c:\windows\system32\wbem\WmiDcPrv.dll
2009-11-01 05:56:53 97280 ----a-w- c:\windows\system32\iasrecst.dll
2009-11-01 05:56:53 53248 ----a-w- c:\windows\system32\iasads.dll
2009-11-01 05:56:53 37888 ----a-w- c:\windows\system32\iasdatastore.dll
2009-11-01 05:56:53 158720 ----a-w- c:\windows\system32\sdohlp.dll
2009-11-01 05:55:07 9728 ----a-w- c:\windows\system32\LAPRXY.DLL
2009-11-01 05:55:07 223232 ----a-w- c:\windows\system32\WMASF.DLL
2009-11-01 05:55:07 2048 ----a-w- c:\windows\system32\asferror.dll
2009-11-01 05:54:23 25600 ----a-w- c:\windows\system32\amxread.dll
2009-11-01 05:54:23 14848 ----a-w- c:\windows\system32\apilogen.dll
2009-11-01 05:51:54 712192 ----a-w- c:\windows\system32\WindowsCodecs.dll
2009-11-01 05:51:54 425472 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2009-11-01 05:51:53 347136 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2009-11-01 05:50:10 37376 ----a-w- c:\windows\system32\printcom.dll
2009-11-01 05:50:09 441856 ----a-w- c:\windows\system32\win32spl.dll
2009-11-01 05:48:28 788992 ----a-w- c:\windows\system32\rpcrt4.dll
2009-10-31 21:33:57 14848 ----a-w- c:\windows\system32\wshrm.dll
2009-10-31 21:33:57 113664 ----a-w- c:\windows\system32\drivers\rmcast.sys
2009-10-31 21:33:12 43520 ----a-w- c:\windows\system32\msdxm.tlb
2009-10-31 21:33:12 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2009-10-31 21:33:12 18432 ----a-w- c:\windows\system32\amcompat.tlb
2009-10-31 21:32:22 11776 ----a-w- c:\windows\system32\sbunattend.exe
2009-10-31 21:31:15 290304 ----a-w- c:\windows\system32\drivers\srv.sys
2009-10-31 21:30:45 84480 ----a-w- c:\windows\system32\dnsrslvr.dll
2009-10-31 21:30:45 24576 ----a-w- c:\windows\system32\dnscacheugc.exe
2009-10-31 21:30:14 53760 ----a-w- c:\windows\system32\drivers\hdaudbus.sys
2009-10-31 21:28:59 4247552 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-10-31 21:28:59 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-10-31 21:28:58 1686528 ----a-w- c:\windows\system32\gameux.dll
2009-10-31 21:27:02 996352 ----a-w- c:\windows\system32\WMNetMgr.dll
2009-10-31 21:27:02 94720 ----a-w- c:\windows\system32\logagent.exe
2009-10-31 21:26:07 84992 ----a-w- c:\windows\system32\drivers\srvnet.sys
2009-10-31 21:26:07 58368 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2009-10-31 21:26:07 101888 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-10-31 21:25:05 84480 ----a-w- c:\windows\system32\INETRES.dll
2009-10-31 21:25:05 737792 ----a-w- c:\windows\system32\inetcomm.dll
2009-10-31 21:24:29 60928 ----a-w- c:\windows\system32\msasn1.dll
2009-10-31 21:23:48 1645568 ----a-w- c:\windows\system32\connect.dll
2009-10-31 21:23:21 5120 ----a-w- c:\windows\system32\wmi.dll
2009-10-31 21:23:21 152576 ----a-w- c:\windows\system32\imagehlp.dll
2009-10-31 21:23:21 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2009-10-31 21:22:55 1327104 ----a-w- c:\windows\system32\quartz.dll
2009-10-31 21:16:38 130048 ----a-w- c:\windows\system32\drivers\srv2.sys
2009-10-31 21:15:19 633856 ----a-w- c:\windows\system32\user32.dll
2009-10-31 21:14:45 1341440 ----a-w- c:\windows\system32\msxml6.dll
2009-10-31 21:14:44 2048 ----a-w- c:\windows\system32\msxml6r.dll
2009-10-31 21:14:17 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2009-10-31 21:13:28 8147968 ----a-w- c:\windows\system32\wmploc.DLL
2009-10-31 21:13:27 7680 ----a-w- c:\windows\system32\spwmp.dll
2009-10-31 21:13:26 4096 ----a-w- c:\windows\system32\msdxm.ocx
2009-10-31 21:13:26 4096 ----a-w- c:\windows\system32\dxmasf.dll
2009-10-31 21:13:23 311296 ----a-w- c:\windows\system32\unregmp2.exe
2009-10-31 20:50:27 0 d-----w- c:\program files\Webroot
2009-10-31 20:24:21 0 d---a-w- c:\programdata\TEMP
2009-10-31 20:24:17 880640 ----a-w- c:\windows\system32\UniBox10.ocx
2009-10-31 20:24:17 506368 ----a-w- c:\windows\system32\msxml.dll
2009-10-31 20:24:17 212992 ----a-w- c:\windows\system32\UniBoxVB12.ocx
2009-10-31 20:24:17 1101824 ----a-w- c:\windows\system32\UniBox210.ocx
2009-10-31 20:24:16 0 d-----w- c:\program files\common files\PC Tools
2009-10-31 17:49:23 195440 ------w- c:\windows\system32\MpSigStub.exe
2009-10-31 02:07:08 0 d-----w- c:\program files\MSXML 4.0
2009-10-31 02:02:56 0 ---ha-w- C:\ProgramData.LOG2
2009-10-31 02:02:56 0 ---ha-w- C:\ProgramData.LOG1

==================== Find3M ====================

2009-11-11 02:19:03 86016 ----a-w- c:\windows\inf\infstrng.dat
2009-11-11 02:19:03 51200 ----a-w- c:\windows\inf\infpub.dat
2009-11-11 02:18:57 86016 ----a-w- c:\windows\inf\infstor.dat
2009-11-01 21:53:23 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-11-01 20:29:11 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2009-11-01 20:29:11 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2009-11-01 20:29:11 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2009-11-01 20:29:11 15360 ----a-w- c:\windows\system32\netevent.dll
2009-11-01 20:29:11 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2009-11-01 20:29:11 103936 ----a-w- c:\windows\system32\netiohlp.dll
2009-11-01 20:29:11 10240 ----a-w- c:\windows\system32\finger.exe
2009-11-01 20:29:10 19968 ----a-w- c:\windows\system32\ARP.EXE
2009-11-01 20:29:10 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2009-11-01 20:29:08 22016 ----a-w- c:\windows\system32\netiougc.exe
2009-11-01 20:29:08 213592 ----a-w- c:\windows\system32\drivers\netio.sys
2009-11-01 20:29:08 167424 ----a-w- c:\windows\system32\tcpipcfg.dll
2009-11-01 20:29:07 813568 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-11-01 20:18:54 1808896 ----a-w- c:\windows\system32\NlsLexicons0046.dll
2009-11-01 20:00:58 174 --sha-w- c:\program files\desktop.ini
2009-10-30 03:20:32 1864 --sha-r- c:\windows\system32\drivers\103C_HP_CPC_GC671AA-ABA a6130n_YC_0Pavi_QCNX724_E73NAv3PrA1_49_INettle2_SECS_V1.0_B5.11_T070605_WUH0_L409_M2942_J400_7AMD_8Athlon 64 X2 Dual Core_92.6_#091030_N10DE03EF_Z14F12F20_G10DE03D0.MRK
2009-10-30 02:02:20 2421760 ----a-w- c:\windows\system32\wucltux.dll
2009-10-30 02:01:30 87552 ----a-w- c:\windows\system32\wudriver.dll
2009-10-30 02:01:07 33792 ----a-w- c:\windows\system32\wuapp.exe
2009-10-30 02:01:07 171608 ----a-w- c:\windows\system32\wuwebv.dll
2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat

============= FINISH: 12:45:06.91 ===============


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-11-24.02)

Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 10/29/2009 7:14:11 PM
System Uptime: 11/29/2009 12:41:20 PM (0 hours ago)

Motherboard: ECS | | Nettle2
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 5000+ | Socket M2 | 2000/201mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 288 GiB total, 199.385 GiB free.
D: is FIXED (NTFS) - 9 GiB total, 1.01 GiB free.
E: is CDROM ()
G: is Removable
H: is Removable
I: is Removable
J: is Removable

==== Disabled Device Manager Items =============

==== System Restore Points ===================


==== Installed Programs ======================

Activation Assistant for the 2007 Microsoft Office suites
Adobe Flash Player 10 Plugin
Adobe Flash Player 9 ActiveX
Adobe Reader 8
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ASIO4ALL
Bonjour
Deckadance
Enhanced Multimedia Keyboard Solution
FL Studio 9
Hardcore
Hardware Diagnostic Tools
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Customer Experience Enhancements
HP Customer Feedback
HP Easy Setup - Frontend
HP On-Screen Cap/Num/Scroll Lock Indicator
HP Photosmart Essential 2.0
HP Photosmart Essential2.5
HP Picasso Media Center Add-In
HP Total Care Advisor
HP Update
IL Download Manager
iTunes
LightScribe 1.4.142.1
Maximus
Microsoft .NET Framework 3.5 SP1
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
Mozilla Firefox (3.5.5)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 and SOAP Toolkit 3.0
muvee autoProducer 6.0
My HP Games
PoiZone
PSSWCORE
Python 2.4.3
QuickTime
Realtek High Definition Audio Driver
Registry Mechanic 9.0
Rhapsody
Rhapsody Player Engine
Roxio Activation Module
Roxio Creator Audio
Roxio Creator Basic v9
Roxio Creator Copy
Roxio Creator Data
Roxio Creator EasyArchive
Roxio Creator Tools
Roxio Express Labeler 3
Roxio MyDVD Basic v9
Sawer
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB973704)
Security Update for Microsoft Office Excel 2007 (KB973593)
Security Update for Microsoft Office PowerPoint 2007 (KB957789)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Snapfish Media Detector
Soft Data Fax Modem with SmartCP
Toxic Biohazard
Trend Micro AntiVirus
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 (KB974561)
Update for Microsoft Office Word 2007 Help (KB963665)
WinRAR archiver
Yahoo! Toolbar
Yahoo! Toolbar for Internet Explorer

==== End Of File ===========================
 
Hi again,


Open notepad and copy/paste the text in the quotebox below into it:

Code: 
SecCenter::
{00000000-0000-0000-0000-000000000000}
{00000000-E9D0-004F-D859-4D0001000000}


Save this as
CFScript

A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine. This tool is not a toy and not for everyday use.

CFScriptB-4.gif


Close all browser windows and refering to the picture above, drag CFScript into ComboFix.exe
Then post the resultant log.


Uninstall old Adobe Reader versions and get the latest one (9.2) here or get Foxit Reader here. Make sure you don't install toolbar if choose Foxit Reader! You may also check free readers introduced here.


Uninstall vulnerable Flash versions by following instructions here. Fresh version can be obtained here.



Download ATF (Atribune Temp File) Cleaner© by Atribune to your desktop.

Double-click ATF Cleaner.exe to open it

Under Main choose:
Windows Temp
Current User Temp
All Users Temp
Cookies
Temporary Internet Files
Prefetch
Java Cache
*The other boxes are optional*
Then click the Empty Selected button.

If you use Firefox:
Click Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click NO at the prompt.

If you use Opera:
Click Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click NO at the prompt.

Click Exit on the Main menu to close the program.



* Go here to run an online scanner from ESET.
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • Make sure that the option Remove found threats is not checked.
  • Click Scan
  • Wait for the scan to finish
  • Post back report, a fresh dds.txt log and above mentioned ComboFix resultant log.
 
alright well now i have to run my computer in safe mode otherwise it will not load past the hp logo screen when it turns on so i want to make sure its ok to run combofix and all the other stuff in safe mode so i dont mess up my computer anymore than it is
 
well i have no idea whats goin on but i was able to boot off a cd
heres the combo fix log and ill post the report once it finishes as it appears it might take awhile
ComboFix 09-11-27.02 - Illmaculate 11/29/2009 21:09.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.2942.2004 [GMT -7:00]
Running from: c:\users\Illmaculate\Desktop\ComboFix.exe
Command switches used :: c:\users\Illmaculate\Desktop\CFScript.txt
AV: Trend Micro AntiVirus *On-access scanning disabled* (Updated) {7D2296BC-32CC-4519-917E-52E652474AF5}
SP: Trend Micro AntiVirus *disabled* (Updated) {003DD9A8-02A6-43CF-81BA-5D403CAD001E}
SP: Webroot AntiVirus with AntiSpyware *disabled* (Outdated) {00000000-E9D0-004F-D859-4D0000000000}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((( Files Created from 2009-10-28 to 2009-11-30 )))))))))))))))))))))))))))))))
.

2009-11-30 04:17 . 2009-11-30 04:17 -------- d-----w- c:\users\Public\AppData\Local\temp
2009-11-30 04:17 . 2009-11-30 04:17 -------- d-----w- c:\users\Owner\AppData\Local\temp
2009-11-30 04:17 . 2009-11-30 04:17 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-11-30 04:17 . 2009-11-30 04:17 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2009-11-30 04:06 . 2009-11-30 04:07 45056 d-----w- C:\32788R22FWJFW
2009-11-27 21:56 . 2009-11-30 04:17 4096 d-----w- c:\users\Illmaculate\AppData\Local\temp
2009-11-25 02:10 . 2009-11-25 02:10 -------- d-----w- c:\users\Owner\AppData\Local\Apple
2009-11-21 05:48 . 2009-11-21 05:48 4096 d-----w- c:\users\Illmaculate\New Folder
2009-11-21 02:25 . 2009-11-21 05:37 4096 d-----w- c:\users\Illmaculate\Marisa music
2009-11-20 03:46 . 2009-11-20 03:46 -------- d-----w- c:\users\Illmaculate\AppData\Roaming\AccurateRip
2009-11-20 03:46 . 2009-11-20 03:46 -------- d-----w- c:\program files\Illustrate
2009-11-20 02:48 . 2009-11-20 02:48 -------- d-----w- c:\users\Administrator\AppData\Roaming\Malwarebytes
2009-11-20 02:48 . 2009-11-20 02:48 -------- d-----w- c:\programdata\Malwarebytes
2009-11-20 02:48 . 2009-11-20 02:48 4096 d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-11-20 02:25 . 2009-11-20 02:25 -------- d-----w- c:\users\Administrator\AppData\Roaming\Hewlett-Packard
2009-11-20 02:24 . 2009-11-20 02:24 -------- d-----w- c:\users\Administrator\AppData\Local\Mozilla
2009-11-20 02:23 . 2009-11-20 02:23 -------- d-----w- c:\users\Administrator\AppData\Roaming\Snapfish
2009-11-20 02:23 . 2009-11-20 02:23 92472 ----a-w- c:\users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2009-11-20 02:21 . 2009-11-20 04:33 8192 d-----w- c:\users\Administrator
2009-11-20 02:21 . 2009-11-20 02:23 4096 d-----w- c:\users\Administrator\AppData\Local\Microsoft
2009-11-20 02:21 . 2009-11-04 03:32 -------- d-----w- c:\users\Administrator\AppData\Local\Microsoft Help
2009-11-20 02:21 . 2006-11-02 12:37 -------- d-----w- c:\users\Administrator\AppData\Roaming\Media Center Programs
2009-11-20 01:37 . 2009-11-20 02:46 4096 d-----w- c:\programdata\Spybot - Search & Destroy
2009-11-20 01:37 . 2009-11-20 02:46 8192 d-----w- c:\program files\Spybot - Search & Destroy
2009-11-19 04:24 . 2009-11-19 04:30 45056 d-----w- c:\users\Illmaculate\Dillion music
2009-11-19 04:08 . 2009-11-19 04:08 -------- d-----w- c:\users\Owner\AppData\Roaming\SharePod
2009-11-19 04:03 . 2009-11-19 12:39 4096 d-----w- c:\users\Owner\AppData\Roaming\Apple Computer
2009-11-19 04:03 . 2009-11-19 04:04 -------- d-----w- c:\users\Owner\AppData\Local\Apple Computer
2009-11-14 21:55 . 2009-11-15 01:02 57344 d-----w- c:\users\Illmaculate\Music2
2009-11-11 16:44 . 2009-11-11 16:45 -------- d-----w- c:\programdata\NVIDIA
2009-11-11 02:31 . 2009-08-10 13:08 321536 ----a-w- c:\windows\system32\WSDApi.dll
2009-11-11 02:30 . 2009-08-14 14:01 2031104 ----a-w- c:\windows\system32\win32k.sys
2009-11-11 02:19 . 2008-07-08 15:45 4984 ----a-w- c:\windows\system32\drivers\nvphy.bin
2009-11-11 02:15 . 2009-11-11 02:15 8192 d-----w- c:\windows\nvtmpinst
2009-11-10 02:31 . 2009-11-10 02:31 -------- d-----w- c:\program files\GSi
2009-11-10 01:33 . 2009-11-20 04:30 4096 d-----w- c:\users\Illmaculate\AppData\Roaming\OpenCandy
2009-11-10 01:33 . 2009-11-10 01:33 3828846 ----a-w- c:\users\Illmaculate\AppData\Roaming\OpenCandy\maximus_install.exe
2009-11-10 01:25 . 2009-11-10 01:32 4096 d-----w- c:\program files\ASIO4ALL v2
2009-11-10 01:24 . 2006-06-20 08:56 225280 ----a-w- c:\windows\system32\rewire.dll
2009-11-10 01:22 . 2009-11-10 01:38 4096 d-----w- c:\program files\VstPlugins
2009-11-10 01:22 . 2009-11-10 01:22 -------- d-----w- c:\program files\Outsim
2009-11-10 01:09 . 2009-11-10 01:38 4096 d-----w- c:\program files\Image-Line
2009-11-09 04:22 . 2008-06-20 01:18 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-11-09 04:22 . 2008-06-20 01:17 97800 ----a-w- c:\windows\system32\infocardapi.dll
2009-11-09 04:22 . 2008-06-20 01:18 43544 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2009-11-09 04:22 . 2008-06-20 01:17 622080 ----a-w- c:\windows\system32\icardagt.exe
2009-11-09 04:22 . 2008-06-20 01:17 11264 ----a-w- c:\windows\system32\icardres.dll
2009-11-09 04:22 . 2008-06-20 01:18 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll
2009-11-09 04:22 . 2008-06-20 01:18 326160 ----a-w- c:\windows\system32\PresentationHost.exe
2009-11-09 04:07 . 2008-07-27 18:00 96760 ----a-w- c:\windows\system32\dfshim.dll
2009-11-09 04:07 . 2008-07-27 18:00 282112 ----a-w- c:\windows\system32\mscoree.dll
2009-11-09 04:07 . 2008-07-27 18:00 41984 ----a-w- c:\windows\system32\netfxperf.dll
2009-11-09 04:07 . 2008-07-27 18:00 158720 ----a-w- c:\windows\system32\mscorier.dll
2009-11-09 04:06 . 2008-07-27 18:00 83968 ----a-w- c:\windows\system32\mscories.dll
2009-11-09 02:48 . 2009-05-18 22:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-11-09 02:48 . 2008-04-17 21:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2009-11-09 02:48 . 2009-11-09 02:48 -------- dc----w- c:\windows\system32\DRVSTORE
2009-11-09 02:13 . 2009-11-09 02:13 -------- d-----w- c:\users\Illmaculate\AppData\Local\Adobe
2009-11-05 16:06 . 2009-11-05 16:06 -------- d-----w- c:\users\Owner\AppData\Roaming\MSNInstaller
2009-11-05 04:32 . 2009-11-05 04:32 -------- d-----w- c:\users\Illmaculate\AppData\Roaming\SharePod
2009-11-05 03:23 . 2009-11-05 03:23 -------- d-----w- c:\windows\system32\config\systemprofile\{b87ef2d5-f374-4b40-b97f-e3f604a0ce74}
2009-11-05 03:20 . 2006-01-04 09:12 77824 ----a-w- c:\windows\system32\HPZIDS01.dll
2009-11-05 03:19 . 2006-04-10 22:03 38400 ----a-w- c:\windows\system32\hpz3l054.dll
2009-11-05 03:18 . 2009-11-05 03:20 32768 d-----w- c:\windows\system32\config\systemprofile\{b051f0c9-594b-4a33-bc0b-99844b97d526}
2009-11-05 03:18 . 2006-04-13 01:04 282624 ----a-w- c:\windows\system32\HPZc3212.dll
2009-11-05 03:18 . 2006-04-13 01:04 21568 ----a-w- c:\windows\system32\drivers\HPZius12.sys
2009-11-04 03:53 . 2009-11-14 21:14 -------- d-----w- c:\users\Illmaculate\AppData\Local\Apple Computer
2009-11-04 03:53 . 2009-11-04 04:00 4096 d-----w- c:\users\Illmaculate\AppData\Roaming\Apple Computer
2009-11-04 03:50 . 2009-11-09 02:47 -------- d-----w- c:\program files\iPod
2009-11-04 03:50 . 2009-11-04 03:52 -------- d-----w- c:\programdata\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-11-04 03:50 . 2009-11-09 02:48 4096 d-----w- c:\program files\iTunes
2009-11-04 03:49 . 2009-11-04 03:49 -------- d-----w- c:\program files\Bonjour
2009-11-04 03:47 . 2009-11-04 03:48 4096 d-----w- c:\program files\QuickTime
2009-11-04 03:47 . 2009-11-04 03:50 -------- d-----w- c:\programdata\Apple Computer
2009-11-04 03:46 . 2009-11-04 03:46 -------- d-----w- c:\users\Illmaculate\AppData\Local\Apple
2009-11-04 03:46 . 2009-11-04 03:46 4096 d-----w- c:\program files\Apple Software Update
2009-11-04 03:41 . 2009-11-04 03:56 -------- d-----w- c:\programdata\Apple
2009-11-04 03:41 . 2009-11-04 03:50 -------- d-----w- c:\program files\Common Files\Apple
2009-11-04 03:32 . 2009-11-04 03:32 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2009-11-04 03:25 . 2009-06-17 17:51 781435 ----a-w- c:\users\Illmaculate\AppData\Roaming\Mozilla\Firefox\Profiles\jpr7tha6.default\extensions\firedownload@mozilla.org\Download.dll
2009-11-04 03:25 . 2009-05-07 20:49 22528 ----a-w- c:\users\Illmaculate\AppData\Roaming\Mozilla\Firefox\Profiles\jpr7tha6.default\extensions\firedownload@mozilla.org\components\firedownload.dll
2009-11-04 03:18 . 2009-11-04 03:18 -------- d-----w- c:\users\Illmaculate\AppData\Local\Hewlett-Packard
2009-11-03 03:23 . 2009-11-04 02:54 -------- d-----w- c:\users\Illmaculate\Tracing
2009-11-03 03:23 . 2009-11-11 16:39 4096 d-----w- c:\program files\Microsoft Silverlight
2009-11-03 03:21 . 2009-11-03 03:22 4096 d-----w- c:\program files\Windows Live
2009-11-03 03:15 . 2009-11-03 03:15 -------- d-----w- c:\program files\Common Files\Windows Live
2009-11-03 02:52 . 2009-11-03 02:52 -------- d-----w- c:\users\Illmaculate\AppData\Local\Mozilla
2009-11-03 02:52 . 2009-11-03 02:52 -------- d-----w- c:\users\Illmaculate\AppData\Roaming\Hewlett-Packard
2009-11-02 14:46 . 2009-11-02 14:46 494592 ----a-w- c:\windows\system32\kerberos.dll
2009-11-02 14:46 . 2009-11-02 14:46 272384 ----a-w- c:\windows\system32\schannel.dll
2009-11-02 14:37 . 2009-11-20 02:53 -------- d-----w- c:\windows\system32\Service
2009-11-02 04:32 . 2009-11-02 04:32 -------- d-----w- c:\programdata\Trend Micro
2009-11-02 04:31 . 2009-11-20 03:02 4096 d-----w- c:\program files\Trend Micro
2009-11-02 04:29 . 2009-11-02 04:29 89872 ----a-w- c:\windows\system32\drivers\tmtdi.sys
2009-11-02 04:29 . 2009-11-02 04:29 59920 ----a-w- c:\windows\system32\drivers\tmactmon.sys
2009-11-02 04:29 . 2009-11-02 04:29 50704 ----a-w- c:\windows\system32\drivers\tmevtmgr.sys
2009-11-02 04:29 . 2009-11-02 04:29 36368 ----a-w- c:\windows\system32\drivers\tmpreflt.sys
2009-11-02 04:29 . 2009-11-02 04:29 225808 ----a-w- c:\windows\system32\drivers\tmxpflt.sys
2009-11-02 04:29 . 2009-11-02 04:29 158224 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2009-11-02 04:29 . 2009-11-02 04:29 1223832 ----a-w- c:\windows\system32\drivers\vsapint.sys
2009-11-01 21:31 . 2009-05-13 23:39 1563008 ----a-w- c:\windows\WRSetup.dll
2009-11-01 20:37 . 2009-11-01 20:37 2048 ----a-w- c:\windows\system32\tzres.dll
2009-11-01 20:32 . 2009-11-01 20:32 61440 ----a-w- c:\windows\system32\winipsec.dll
2009-11-01 20:32 . 2009-11-01 20:32 361984 ----a-w- c:\windows\system32\IPSECSVC.DLL
2009-11-01 20:32 . 2009-11-01 20:32 28672 ----a-w- c:\windows\system32\FwRemoteSvr.dll
2009-11-01 20:32 . 2009-11-01 20:32 272896 ----a-w- c:\windows\system32\polstore.dll
2009-11-01 20:30 . 2009-11-01 20:30 241152 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2009-11-01 20:30 . 2009-11-01 20:30 95232 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2009-11-01 20:30 . 2009-11-01 20:30 160768 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2009-11-01 20:30 . 2009-11-01 20:30 87040 ----a-w- c:\windows\system32\msoert2.dll
2009-11-01 20:30 . 2009-11-01 20:30 39424 ----a-w- c:\windows\system32\ACCTRES.dll
2009-11-01 20:30 . 2009-11-01 20:30 205824 ----a-w- c:\windows\system32\msoeacct.dll
2009-11-01 20:28 . 2009-11-01 20:28 704000 ----a-w- c:\windows\system32\PhotoScreensaver.scr
2009-11-01 20:28 . 2009-11-01 20:28 356352 ----a-w- c:\windows\system32\wbem\wbemcomn.dll
2009-11-01 20:28 . 2009-11-01 20:28 24064 ----a-w- c:\windows\system32\wtsapi32.dll
2009-11-01 20:28 . 2009-11-01 20:28 258232 ----a-w- c:\windows\system32\drivers\acpi.sys
2009-11-01 20:28 . 2009-11-01 20:28 542720 ----a-w- c:\windows\system32\sysmain.dll
2009-11-01 20:27 . 2009-11-01 20:27 194560 ----a-w- c:\windows\system32\WebClnt.dll
2009-11-01 20:27 . 2009-11-01 20:27 110080 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2009-11-01 20:27 . 2009-11-01 20:27 123904 ----a-w- c:\windows\system32\L2SecHC.dll
2009-11-01 20:27 . 2009-11-01 20:27 67584 ----a-w- c:\windows\system32\wlanhlp.dll
2009-11-01 20:27 . 2009-11-01 20:27 502272 ----a-w- c:\windows\system32\wlansvc.dll
2009-11-01 20:27 . 2009-11-01 20:27 47104 ----a-w- c:\windows\system32\wlanapi.dll
2009-11-01 20:27 . 2009-11-01 20:27 290816 ----a-w- c:\windows\system32\wlanmsm.dll
2009-11-01 20:27 . 2009-11-01 20:27 297984 ----a-w- c:\windows\system32\wlansec.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-27 01:19 . 2009-10-30 03:11 0 ----a-w- c:\windows\win32k.sys
2009-11-12 04:14 . 2009-10-30 02:13 92472 ----a-w- c:\users\Owner\AppData\Local\GDIPFONTCACHEV1.DAT
2009-11-11 16:39 . 2006-11-02 11:18 4096 d-----w- c:\program files\Windows Mail
2009-11-11 05:57 . 2007-04-25 19:15 8192 d-----w- c:\programdata\Microsoft Help
2009-11-10 04:14 . 2007-04-25 19:15 28672 d-----w- c:\program files\Microsoft Works
2009-11-01 21:54 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2009-11-01 21:53 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Defender
2009-11-01 21:53 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-11-01 21:32 . 2009-11-01 21:32 775168 ----a-w- c:\windows\isRS-000.tmp
2009-11-01 21:24 . 2009-10-30 02:33 164 ----a-w- c:\windows\install.dat
2009-11-01 20:29 . 2009-11-01 20:29 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2009-11-01 20:29 . 2009-11-01 20:29 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2009-11-01 20:29 . 2009-11-01 20:29 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2009-11-01 20:29 . 2009-11-01 20:29 15360 ----a-w- c:\windows\system32\netevent.dll
2009-11-01 20:29 . 2009-11-01 20:29 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2009-11-01 20:29 . 2009-11-01 20:29 103936 ----a-w- c:\windows\system32\netiohlp.dll
2009-11-01 20:29 . 2009-11-01 20:29 10240 ----a-w- c:\windows\system32\finger.exe
2009-11-01 20:29 . 2009-11-01 20:29 19968 ----a-w- c:\windows\system32\ARP.EXE
2009-11-01 20:29 . 2009-11-01 20:29 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2009-11-01 20:29 . 2009-11-01 20:29 22016 ----a-w- c:\windows\system32\netiougc.exe
2009-11-01 20:29 . 2009-11-01 20:29 213592 ----a-w- c:\windows\system32\drivers\netio.sys
2009-11-01 20:29 . 2009-11-01 20:29 167424 ----a-w- c:\windows\system32\tcpipcfg.dll
2009-11-01 20:29 . 2009-11-01 20:29 813568 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-11-01 20:18 . 2009-11-01 20:18 1808896 ----a-w- c:\windows\system32\NlsLexicons0046.dll
2009-11-01 18:39 . 2009-11-01 18:39 40960 ----a-w- c:\windows\system32\srclient.dll
2009-11-01 04:35 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Sidebar
2009-11-01 04:35 . 2007-04-25 19:25 4096 d-----w- c:\programdata\Symantec
2009-10-31 21:09 . 2007-04-25 19:25 12288 d-----w- c:\program files\Common Files\Symantec Shared
2009-10-31 02:07 . 2009-10-31 02:07 -------- d-----w- c:\program files\MSXML 4.0
2009-10-30 03:23 . 2009-10-30 03:23 -------- d-----w- c:\programdata\Yahoo! Companion
2009-10-30 03:20 . 2009-10-30 03:20 1864 --sha-r- c:\windows\system32\drivers\103C_HP_CPC_GC671AA-ABA a6130n_YC_0Pavi_QCNX724_E73NAv3PrA1_49_INettle2_SECS_V1.0_B5.11_T070605_WUH0_L409_M2942_J400_7AMD_8Athlon 64 X2 Dual Core_92.6_#091030_N10DE03EF_Z14F12F20_G10DE03D0.MRK
2009-10-30 02:41 . 2009-10-30 02:41 -------- d-----w- c:\program files\MSSOAP
2009-10-30 02:14 . 2007-04-25 19:42 -------- d-----w- c:\programdata\Hewlett-Packard
2009-10-30 02:14 . 2009-10-30 02:07 -------- d-----w- c:\users\Owner\AppData\Roaming\Hewlett-Packard
2009-10-30 02:13 . 2009-10-30 02:13 -------- d-----w- c:\users\Owner\AppData\Roaming\Snapfish
2009-10-30 02:02 . 2009-10-30 02:02 2421760 ----a-w- c:\windows\system32\wucltux.dll
2009-10-30 02:02 . 2009-10-30 02:02 53472 ----a-w- c:\windows\system32\wuauclt.exe
2009-10-30 02:02 . 2009-10-30 02:02 44768 ----a-w- c:\windows\system32\wups2.dll
2009-10-30 02:02 . 2009-10-30 02:02 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2009-10-30 02:01 . 2009-10-30 02:01 87552 ----a-w- c:\windows\system32\wudriver.dll
2009-10-30 02:01 . 2009-10-30 02:01 575704 ----a-w- c:\windows\system32\wuapi.dll
2009-10-30 02:01 . 2009-10-30 02:01 35552 ----a-w- c:\windows\system32\wups.dll
2009-10-30 02:01 . 2009-10-30 02:01 33792 ----a-w- c:\windows\system32\wuapp.exe
2009-10-30 02:01 . 2009-10-30 02:01 171608 ----a-w- c:\windows\system32\wuwebv.dll
2009-10-30 02:00 . 2009-10-30 02:00 -------- d-sh--we c:\programdata\Templates
2009-10-30 02:00 . 2009-10-30 02:00 -------- d-sh--we c:\programdata\Start Menu
2009-10-30 02:00 . 2009-10-30 02:00 -------- d-sh--we c:\programdata\Favorites
2009-10-30 02:00 . 2009-10-30 02:00 -------- d-sh--we c:\programdata\Documents
2009-10-30 02:00 . 2009-10-30 02:00 -------- d-sh--we c:\programdata\Desktop
2009-10-29 04:58 . 2009-10-29 04:58 79144 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPADVISOR"="c:\program files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun" [X]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-10-31 1232896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2009-11-01 1006264]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2006-09-28 65536]
"KBD"="c:\hp\KBD\KbdStub.EXE" [2006-12-08 65536]
"OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 118784]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2008-05-23 526880]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-23 13539872]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-23 92704]
"SnapfishMediaDetector"="c:\program files\Snapfish Media Detector\SnapfishMediaDetector.exe" [2007-03-02 1441792]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2005-02-17 49152]
"SSDMonitor"="c:\program files\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2009-10-14 104408]
"UfSeAgnt.exe"="c:\program files\Trend Micro\Internet Security\UfSeAgnt.exe" [2009-11-02 1020248]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-05 417792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-10-29 141600]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2007-03-01 4390912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="c:\windows\SMINST\launcher.exe" [2007-03-07 44168]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Snapfish Media Detector.lnk - c:\program files\Snapfish Media Detector\SnapfishMediaDetector.exe [2007-3-2 1441792]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [10/31/2009 1:24 PM 583640]
R2 tmpreflt;tmpreflt;c:\windows\System32\drivers\tmpreflt.sys [11/1/2009 9:29 PM 36368]
S3 PCD5SRVC{BD6912E3-AC9D80E8-05010004};PCD5SRVC{BD6912E3-AC9D80E8-05010004} - PCDR Kernel Mode Service Helper Driver;c:\progra~1\PC-DOC~1\PCD5SRVC.pkms [3/2/2007 3:06 PM 28144]
S3 tmevtmgr;tmevtmgr;c:\windows\System32\drivers\tmevtmgr.sys [11/1/2009 9:29 PM 50704]
S3 TmProxy;Trend Micro Proxy Service;c:\program files\Trend Micro\Internet Security\TmProxy.exe [11/1/2009 9:34 PM 689416]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=desktop
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=desktop
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Illmaculate\AppData\Roaming\Mozilla\Firefox\Profiles\jpr7tha6.default\
FF - component: c:\users\Illmaculate\AppData\Roaming\Mozilla\Firefox\Profiles\jpr7tha6.default\extensions\firedownload@mozilla.org\components\firedownload.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-29 21:17
Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PCD5SRVC{BD6912E3-AC9D80E8-05010004}]
"ImagePath"="\??\c:\progra~1\PC-DOC~1\PCD5SRVC.pkms"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2009-11-29 21:19
ComboFix-quarantined-files.txt 2009-11-30 04:19
ComboFix2.txt 2009-11-27 21:56

Pre-Run: 213,223,694,336 bytes free
Post-Run: 213,206,851,584 bytes free

- - End Of File - - 7D531E7B0AC82527C41402329A3B4515
 
the scanner found no threats
heres the dds.txt
DDS (Ver_09-11-24.02) - NTFSx86
Run by Illmaculate at 5:11:15.21 on Mon 11/30/2009
Internet Explorer: 8.0.6001.18828
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.2942.2134 [GMT -7:00]

AV: Trend Micro AntiVirus *On-access scanning enabled* (Updated) {7D2296BC-32CC-4519-917E-52E652474AF5}
SP: Trend Micro AntiVirus *enabled* (Updated) {003DD9A8-02A6-43CF-81BA-5D403CAD001E}
SP: Webroot AntiVirus with AntiSpyware *disabled* (Outdated) {00000000-E9D0-004F-D859-4D0000000000}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\RtHDVCpl.exe
C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\hp\kbd\kbd.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Trend Micro\BM\TMBMSRV.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Illmaculate\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=desktop
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=desktop
uInternet Settings,ProxyOverride = *.local
BHO: Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [HPADVISOR] c:\program files\hewlett-packard\hp advisor\HPAdvisor.exe autoRun
mRun: [Windows Defender] "%ProgramFiles%\Windows Defender\MSASCui.exe" -hide
mRun: [hpsysdrv] "c:\hp\support\hpsysdrv.exe"
mRun: [KBD] "c:\hp\kbd\KbdStub.EXE"
mRun: [OsdMaestro] "c:\program files\hewlett-packard\on-screen osd indicator\OSD.exe"
mRun: [NvSvc] "RUNDLL32.EXE" c:\windows\system32\nvsvc.dll,nvsvcStart
mRun: [NvCplDaemon] "RUNDLL32.EXE" c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] "RUNDLL32.EXE" c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [RtHDVCpl] "RtHDVCpl.exe"
mRun: [SnapfishMediaDetector] "c:\program files\snapfish media detector\SnapfishMediaDetector.exe"
mRun: [HP Software Update] "c:\program files\hp\hp software update\HPWuSchd2.exe"
mRun: [SSDMonitor] "c:\program files\common files\pc tools\smonitor\SSDMonitor.exe"
mRun: [UfSeAgnt.exe] "c:\program files\trend micro\internet security\UfSeAgnt.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\snapfi~1.lnk - c:\program files\snapfish media detector\SnapfishMediaDetector.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\users\illmac~1\appdata\roaming\mozilla\firefox\profiles\jpr7tha6.default\
FF - component: c:\users\illmaculate\appdata\roaming\mozilla\firefox\profiles\jpr7tha6.default\extensions\firedownload@mozilla.org\components\firedownload.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

============= SERVICES / DRIVERS ===============

R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\common files\pc tools\smonitor\StartManSvc.exe [2009-10-31 583640]
R2 tmpreflt;tmpreflt;c:\windows\system32\drivers\tmpreflt.sys [2009-11-1 36368]
R3 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [2009-11-1 50704]
R3 TmProxy;Trend Micro Proxy Service;c:\program files\trend micro\internet security\TmProxy.exe [2009-11-1 689416]
S3 PCD5SRVC{BD6912E3-AC9D80E8-05010004};PCD5SRVC{BD6912E3-AC9D80E8-05010004} - PCDR Kernel Mode Service Helper Driver;c:\progra~1\pc-doc~1\PCD5SRVC.pkms [2007-3-2 28144]

=============== Created Last 30 ================

2009-11-30 04:51:47 0 d-----w- c:\program files\ESET
2009-11-27 21:28:33 98816 ----a-w- c:\windows\sed.exe
2009-11-27 21:28:33 77312 ----a-w- c:\windows\MBR.exe
2009-11-27 21:28:33 260608 ----a-w- c:\windows\PEV.exe
2009-11-27 21:28:33 161792 ----a-w- c:\windows\SWREG.exe
2009-11-21 05:48:04 0 d-----w- c:\users\illmaculate\New Folder
2009-11-21 02:25:22 0 d-----w- c:\users\illmaculate\Marisa music
2009-11-20 03:46:32 0 d-----w- c:\users\illmac~1\appdata\roaming\AccurateRip
2009-11-20 03:46:08 0 d-----w- c:\program files\Illustrate
2009-11-20 02:48:24 0 d-----w- c:\programdata\Malwarebytes
2009-11-20 02:48:23 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-11-20 01:37:42 0 d-----w- c:\programdata\Spybot - Search & Destroy
2009-11-20 01:37:42 0 d-----w- c:\program files\Spybot - Search & Destroy
2009-11-19 04:24:33 0 d-----w- c:\users\illmaculate\Dillion music
2009-11-14 21:55:25 0 d-----w- c:\users\illmaculate\Music2
2009-11-12 13:35:56 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2009-11-11 16:44:06 0 d-----w- c:\programdata\NVIDIA
2009-11-11 02:31:05 321536 ----a-w- c:\windows\system32\WSDApi.dll
2009-11-11 02:30:29 2031104 ----a-w- c:\windows\system32\win32k.sys
2009-11-11 02:19:11 4984 ----a-w- c:\windows\system32\drivers\nvphy.bin
2009-11-11 02:15:25 0 d-----w- c:\windows\nvtmpinst
2009-11-10 02:31:48 0 d-----w- c:\program files\GSi
2009-11-10 01:33:23 0 d-----w- c:\users\illmac~1\appdata\roaming\OpenCandy
2009-11-10 01:25:29 0 d-----w- c:\program files\ASIO4ALL v2
2009-11-10 01:24:39 225280 ----a-w- c:\windows\system32\rewire.dll
2009-11-10 01:23:55 1554944 ----a-w- c:\windows\system32\vorbis.acm
2009-11-10 01:22:27 0 d-----w- c:\program files\VstPlugins
2009-11-10 01:22:01 0 d-----w- c:\program files\Outsim
2009-11-10 01:09:47 0 d-----w- c:\program files\Image-Line
2009-11-09 04:22:27 97800 ----a-w- c:\windows\system32\infocardapi.dll
2009-11-09 04:22:27 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-11-09 04:22:26 622080 ----a-w- c:\windows\system32\icardagt.exe
2009-11-09 04:22:26 43544 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2009-11-09 04:22:26 37384 ----a-w- c:\windows\system32\infocardcpl.cpl
2009-11-09 04:22:26 11264 ----a-w- c:\windows\system32\icardres.dll
2009-11-09 04:22:25 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll
2009-11-09 04:22:21 326160 ----a-w- c:\windows\system32\PresentationHost.exe
2009-11-09 04:20:27 65536 ----a-w- c:\windows\ocsetup_cbs_install_NetFx3.dpx
2009-11-09 04:20:27 196608 ----a-w- c:\windows\ocsetup_cbs_install_NetFx3.perf
2009-11-09 04:20:26 43909120 ----a-w- c:\windows\ocsetup_install_NetFx3.etl
2009-11-09 04:07:47 96760 ----a-w- c:\windows\system32\dfshim.dll
2009-11-09 04:07:42 282112 ----a-w- c:\windows\system32\mscoree.dll
2009-11-09 04:07:38 41984 ----a-w- c:\windows\system32\netfxperf.dll
2009-11-09 04:07:03 158720 ----a-w- c:\windows\system32\mscorier.dll
2009-11-09 04:06:55 83968 ----a-w- c:\windows\system32\mscories.dll
2009-11-09 02:48:21 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-11-09 02:48:21 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2009-11-05 04:32:16 0 d-----w- c:\users\illmac~1\appdata\roaming\SharePod
2009-11-05 03:20:12 77824 ----a-w- c:\windows\system32\HPZIDS01.dll
2009-11-05 03:19:49 38400 ----a-w- c:\windows\system32\hpz3l054.dll
2009-11-05 03:18:02 282624 ----a-w- c:\windows\system32\HPZc3212.dll
2009-11-05 03:18:02 21568 ----a-w- c:\windows\system32\drivers\HPZius12.sys
2009-11-04 04:27:06 2086695 ----a-w- C:\ituneslib.itl
2009-11-04 03:50:55 0 d-----w- c:\program files\iPod
2009-11-04 03:50:41 0 d-----w- c:\programdata\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-11-04 03:50:40 0 d-----w- c:\program files\iTunes
2009-11-04 03:49:06 0 d-----w- c:\program files\Bonjour
2009-11-04 03:47:16 0 d-----w- c:\programdata\Apple Computer
2009-11-04 03:41:40 0 d-----w- c:\programdata\Apple
2009-11-04 03:13:54 332209650 ----a-w- c:\windows\MEMORY.DMP
2009-11-03 03:23:51 0 d-----w- c:\users\illmaculate\Tracing
2009-11-03 03:15:24 0 d-----w- c:\program files\common files\Windows Live
2009-11-02 14:46:25 494592 ----a-w- c:\windows\system32\kerberos.dll
2009-11-02 14:46:24 272384 ----a-w- c:\windows\system32\schannel.dll
2009-11-02 14:37:15 0 d-----w- c:\windows\system32\Service
2009-11-02 04:32:30 0 d-----w- c:\programdata\Trend Micro
2009-11-02 04:31:55 0 d-----w- c:\program files\Trend Micro
2009-11-02 04:29:31 89872 ----a-w- c:\windows\system32\drivers\tmtdi.sys
2009-11-02 04:29:31 59920 ----a-w- c:\windows\system32\drivers\tmactmon.sys
2009-11-02 04:29:31 50704 ----a-w- c:\windows\system32\drivers\tmevtmgr.sys
2009-11-02 04:29:31 36368 ----a-w- c:\windows\system32\drivers\tmpreflt.sys
2009-11-02 04:29:31 225808 ----a-w- c:\windows\system32\drivers\tmxpflt.sys
2009-11-02 04:29:31 158224 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2009-11-02 04:29:31 1223832 ----a-w- c:\windows\system32\drivers\vsapint.sys
2009-11-01 21:32:21 775168 ----a-w- c:\windows\isRS-000.tmp
2009-11-01 21:31:49 1563008 ----a-w- c:\windows\WRSetup.dll
2009-11-01 20:37:12 2048 ----a-w- c:\windows\system32\tzres.dll
2009-11-01 20:32:29 61440 ----a-w- c:\windows\system32\winipsec.dll
2009-11-01 20:32:29 361984 ----a-w- c:\windows\system32\IPSECSVC.DLL
2009-11-01 20:32:29 28672 ----a-w- c:\windows\system32\FwRemoteSvr.dll
2009-11-01 20:32:28 272896 ----a-w- c:\windows\system32\polstore.dll
2009-11-01 20:30:49 241152 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2009-11-01 20:30:48 95232 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2009-11-01 20:30:48 160768 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2009-11-01 20:30:09 87040 ----a-w- c:\windows\system32\msoert2.dll
2009-11-01 20:30:09 39424 ----a-w- c:\windows\system32\ACCTRES.dll
2009-11-01 20:30:09 205824 ----a-w- c:\windows\system32\msoeacct.dll
2009-11-01 20:28:16 704000 ----a-w- c:\windows\system32\PhotoScreensaver.scr
2009-11-01 20:28:15 356352 ----a-w- c:\windows\system32\wbem\wbemcomn.dll
2009-11-01 20:28:14 24064 ----a-w- c:\windows\system32\wtsapi32.dll
2009-11-01 20:28:13 258232 ----a-w- c:\windows\system32\drivers\acpi.sys
2009-11-01 20:28:09 714240 ----a-w- c:\windows\system32\timedate.cpl
2009-11-01 20:28:09 542720 ----a-w- c:\windows\system32\sysmain.dll
2009-11-01 20:27:48 194560 ----a-w- c:\windows\system32\WebClnt.dll
2009-11-01 20:27:48 110080 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2009-11-01 20:27:30 123904 ----a-w- c:\windows\system32\L2SecHC.dll
2009-11-01 20:27:29 1657350 ----a-w- c:\windows\system32\wlan.tmf
2009-11-01 20:27:29 12876 ----a-w- c:\windows\system32\wbem\wlan.mof
2009-11-01 20:27:28 67584 ----a-w- c:\windows\system32\wlanhlp.dll
2009-11-01 20:27:28 502272 ----a-w- c:\windows\system32\wlansvc.dll
2009-11-01 20:27:28 47104 ----a-w- c:\windows\system32\wlanapi.dll
2009-11-01 20:27:28 290816 ----a-w- c:\windows\system32\wlanmsm.dll
2009-11-01 20:27:27 297984 ----a-w- c:\windows\system32\wlansec.dll
2009-11-01 20:26:21 72704 ----a-w- c:\windows\system32\fontsub.dll
2009-11-01 20:26:21 34304 ----a-w- c:\windows\system32\atmlib.dll
2009-11-01 20:26:21 289792 ----a-w- c:\windows\system32\atmfd.dll
2009-11-01 20:26:21 24064 ----a-w- c:\windows\system32\lpk.dll
2009-11-01 20:26:21 156160 ----a-w- c:\windows\system32\t2embed.dll
2009-11-01 20:26:21 10240 ----a-w- c:\windows\system32\dciman32.dll
2009-11-01 20:23:45 376832 ----a-w- c:\windows\system32\winhttp.dll
2009-11-01 20:23:24 71680 ----a-w- c:\windows\system32\atl.dll
2009-11-01 20:22:51 297472 ----a-w- c:\windows\system32\gdi32.dll
2009-11-01 20:22:34 1060920 ----a-w- c:\windows\system32\drivers\ntfs.sys
2009-11-01 20:22:33 41984 ----a-w- c:\windows\system32\drivers\monitor.sys
2009-11-01 20:21:45 268800 ----a-w- c:\windows\system32\es.dll
2009-11-01 20:21:05 65024 ----a-w- c:\windows\system32\avicap32.dll
2009-11-01 20:21:05 123904 ----a-w- c:\windows\system32\msvfw32.dll
2009-11-01 20:21:04 88576 ----a-w- c:\windows\system32\avifil32.dll
2009-11-01 20:21:04 82944 ----a-w- c:\windows\system32\mciavi32.dll
2009-11-01 20:21:04 31232 ----a-w- c:\windows\system32\msvidc32.dll
2009-11-01 20:21:04 12800 ----a-w- c:\windows\system32\msrle32.dll
2009-11-01 20:20:06 45112 ----a-w- c:\windows\system32\drivers\pciidex.sys
2009-11-01 20:20:06 21560 ----a-w- c:\windows\system32\drivers\atapi.sys
2009-11-01 20:20:06 15928 ----a-w- c:\windows\system32\drivers\pciide.sys
2009-11-01 20:20:06 109624 ----a-w- c:\windows\system32\drivers\ataport.sys
2009-11-01 20:20:04 211000 ----a-w- c:\windows\system32\drivers\volsnap.sys
2009-11-01 20:20:04 154624 ----a-w- c:\windows\system32\drivers\nwifi.sys
2009-11-01 20:19:49 2923520 ----a-w- c:\windows\explorer.exe
2009-11-01 20:11:23 61440 ----a-w- c:\windows\system32\ntprint.exe
2009-11-01 20:11:23 220160 ----a-w- c:\windows\system32\ntprint.dll
2009-11-01 20:11:21 10240 ----a-w- c:\windows\system32\dhcpcmonitor.dll
2009-11-01 20:11:20 1984512 ----a-w- c:\windows\system32\authui.dll
2009-11-01 20:11:20 120320 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2009-11-01 20:11:17 69632 ----a-w- c:\windows\system32\sendmail.dll
2009-11-01 20:11:16 8138240 ----a-w- c:\windows\system32\ssBranded.scr
2009-11-01 19:16:43 3502152 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-11-01 19:16:42 3467864 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-11-01 19:14:40 211456 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2009-11-01 19:13:38 500736 ----a-w- c:\windows\system32\msdtcprx.dll
2009-11-01 19:13:38 30208 ----a-w- c:\windows\system32\xolehlp.dll
2009-11-01 19:10:02 156160 ----a-w- c:\windows\system32\wkssvc.dll
2009-11-01 19:07:38 36352 ----a-w- c:\windows\system32\tsgqec.dll
2009-11-01 19:07:38 1871872 ----a-w- c:\windows\system32\mstscax.dll
2009-11-01 19:07:38 116736 ----a-w- c:\windows\system32\aaclient.dll
2009-11-01 19:03:55 303616 ----a-w- c:\windows\system32\wmpeffects.dll
2009-11-01 19:02:46 2048 ----a-w- c:\windows\system32\msxml3r.dll
2009-11-01 19:02:46 1194496 ----a-w- c:\windows\system32\msxml3.dll
2009-11-01 19:01:02 356864 ----a-w- c:\windows\system32\MediaMetadataHandler.dll
2009-11-01 18:59:53 392192 ----a-w- c:\windows\system32\FirewallAPI.dll
2009-11-01 18:59:52 86016 ----a-w- c:\windows\system32\icfupgd.dll
2009-11-01 18:59:52 63488 ----a-w- c:\windows\system32\drivers\mpsdrv.sys
2009-11-01 18:59:52 396800 ----a-w- c:\windows\system32\MPSSVC.dll
2009-11-01 18:59:52 16896 ----a-w- c:\windows\system32\wfapigp.dll
2009-11-01 18:59:51 61952 ----a-w- c:\windows\system32\cmifw.dll
2009-11-01 18:59:51 23040 ----a-w- c:\windows\system32\drivers\tunnel.sys
2009-11-01 18:59:51 178688 ----a-w- c:\windows\system32\iphlpsvc.dll
2009-11-01 18:59:50 15360 ----a-w- c:\windows\system32\drivers\TUNMP.SYS
2009-11-01 18:55:47 428032 ----a-w- c:\windows\system32\EncDec.dll
2009-11-01 18:55:47 177152 ----a-w- c:\windows\system32\mpg2splt.ax
2009-11-01 18:55:47 1244672 ----a-w- c:\windows\system32\mcmde.dll
2009-11-01 18:55:46 80896 ----a-w- c:\windows\system32\MSNP.ax
2009-11-01 18:55:46 68608 ----a-w- c:\windows\system32\Mpeg2Data.ax
2009-11-01 18:55:46 292352 ----a-w- c:\windows\system32\psisdecd.dll
2009-11-01 18:55:46 217088 ----a-w- c:\windows\system32\psisrndr.ax
2009-11-01 18:55:45 57856 ----a-w- c:\windows\system32\MSDvbNP.ax
2009-11-01 18:50:30 696832 ----a-w- c:\windows\system32\localspl.dll
2009-11-01 18:44:37 24064 ----a-w- c:\windows\system32\netcfg.exe
2009-11-01 18:41:00 1585664 ----a-w- c:\windows\system32\setupapi.dll
2009-11-01 05:56:55 549888 ----a-w- c:\windows\system32\rpcss.dll
2009-11-01 05:56:54 654336 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2009-11-01 05:56:54 614912 ----a-w- c:\windows\system32\wbem\fastprox.dll
2009-11-01 05:56:54 501760 ----a-w- c:\windows\system32\wbem\WmiPrvSD.dll
2009-11-01 05:56:54 247296 ----a-w- c:\windows\system32\wbem\WmiPrvSE.exe
2009-11-01 05:56:54 24576 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
2009-11-01 05:56:54 130560 ----a-w- c:\windows\system32\wbem\WmiDcPrv.dll
2009-11-01 05:56:53 97280 ----a-w- c:\windows\system32\iasrecst.dll
2009-11-01 05:56:53 53248 ----a-w- c:\windows\system32\iasads.dll
2009-11-01 05:56:53 37888 ----a-w- c:\windows\system32\iasdatastore.dll
2009-11-01 05:56:53 158720 ----a-w- c:\windows\system32\sdohlp.dll
2009-11-01 05:55:07 9728 ----a-w- c:\windows\system32\LAPRXY.DLL
2009-11-01 05:55:07 223232 ----a-w- c:\windows\system32\WMASF.DLL
2009-11-01 05:55:07 2048 ----a-w- c:\windows\system32\asferror.dll
2009-11-01 05:54:23 25600 ----a-w- c:\windows\system32\amxread.dll
2009-11-01 05:54:23 14848 ----a-w- c:\windows\system32\apilogen.dll
2009-11-01 05:51:54 712192 ----a-w- c:\windows\system32\WindowsCodecs.dll
2009-11-01 05:51:54 425472 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2009-11-01 05:51:53 347136 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2009-11-01 05:50:10 37376 ----a-w- c:\windows\system32\printcom.dll
2009-11-01 05:50:09 441856 ----a-w- c:\windows\system32\win32spl.dll
2009-11-01 05:48:28 788992 ----a-w- c:\windows\system32\rpcrt4.dll
2009-10-31 21:33:57 14848 ----a-w- c:\windows\system32\wshrm.dll
2009-10-31 21:33:57 113664 ----a-w- c:\windows\system32\drivers\rmcast.sys
2009-10-31 21:33:12 43520 ----a-w- c:\windows\system32\msdxm.tlb
2009-10-31 21:33:12 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2009-10-31 21:33:12 18432 ----a-w- c:\windows\system32\amcompat.tlb
2009-10-31 21:32:22 11776 ----a-w- c:\windows\system32\sbunattend.exe
2009-10-31 21:31:15 290304 ----a-w- c:\windows\system32\drivers\srv.sys
2009-10-31 21:30:45 84480 ----a-w- c:\windows\system32\dnsrslvr.dll
2009-10-31 21:30:45 24576 ----a-w- c:\windows\system32\dnscacheugc.exe
2009-10-31 21:30:14 53760 ----a-w- c:\windows\system32\drivers\hdaudbus.sys
2009-10-31 21:28:59 4247552 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-10-31 21:28:59 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-10-31 21:28:58 1686528 ----a-w- c:\windows\system32\gameux.dll
2009-10-31 21:27:02 996352 ----a-w- c:\windows\system32\WMNetMgr.dll
2009-10-31 21:27:02 94720 ----a-w- c:\windows\system32\logagent.exe
2009-10-31 21:26:07 84992 ----a-w- c:\windows\system32\drivers\srvnet.sys
2009-10-31 21:26:07 58368 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2009-10-31 21:26:07 101888 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-10-31 21:25:05 84480 ----a-w- c:\windows\system32\INETRES.dll
2009-10-31 21:25:05 737792 ----a-w- c:\windows\system32\inetcomm.dll
2009-10-31 21:24:29 60928 ----a-w- c:\windows\system32\msasn1.dll
2009-10-31 21:23:48 1645568 ----a-w- c:\windows\system32\connect.dll
2009-10-31 21:23:21 5120 ----a-w- c:\windows\system32\wmi.dll
2009-10-31 21:23:21 152576 ----a-w- c:\windows\system32\imagehlp.dll
2009-10-31 21:23:21 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2009-10-31 21:22:55 1327104 ----a-w- c:\windows\system32\quartz.dll
2009-10-31 21:16:38 130048 ----a-w- c:\windows\system32\drivers\srv2.sys
2009-10-31 21:15:19 633856 ----a-w- c:\windows\system32\user32.dll
2009-10-31 21:14:45 1341440 ----a-w- c:\windows\system32\msxml6.dll
2009-10-31 21:14:44 2048 ----a-w- c:\windows\system32\msxml6r.dll
2009-10-31 21:14:17 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2009-10-31 21:13:28 8147968 ----a-w- c:\windows\system32\wmploc.DLL
2009-10-31 21:13:27 7680 ----a-w- c:\windows\system32\spwmp.dll
2009-10-31 21:13:26 4096 ----a-w- c:\windows\system32\msdxm.ocx
2009-10-31 21:13:26 4096 ----a-w- c:\windows\system32\dxmasf.dll
2009-10-31 21:13:23 311296 ----a-w- c:\windows\system32\unregmp2.exe
2009-10-31 20:50:27 0 d-----w- c:\program files\Webroot
2009-10-31 20:24:21 0 d---a-w- c:\programdata\TEMP
2009-10-31 20:24:17 880640 ----a-w- c:\windows\system32\UniBox10.ocx
2009-10-31 20:24:17 506368 ----a-w- c:\windows\system32\msxml.dll
2009-10-31 20:24:17 212992 ----a-w- c:\windows\system32\UniBoxVB12.ocx
2009-10-31 20:24:17 1101824 ----a-w- c:\windows\system32\UniBox210.ocx
2009-10-31 20:24:16 0 d-----w- c:\program files\common files\PC Tools
2009-10-31 17:49:23 195440 ------w- c:\windows\system32\MpSigStub.exe

==================== Find3M ====================

2009-11-11 02:19:03 86016 ----a-w- c:\windows\inf\infstrng.dat
2009-11-11 02:19:03 51200 ----a-w- c:\windows\inf\infpub.dat
2009-11-11 02:18:57 86016 ----a-w- c:\windows\inf\infstor.dat
2009-11-01 21:53:23 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-11-01 20:29:11 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2009-11-01 20:29:11 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2009-11-01 20:29:11 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2009-11-01 20:29:11 15360 ----a-w- c:\windows\system32\netevent.dll
2009-11-01 20:29:11 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2009-11-01 20:29:11 103936 ----a-w- c:\windows\system32\netiohlp.dll
2009-11-01 20:29:11 10240 ----a-w- c:\windows\system32\finger.exe
2009-11-01 20:29:10 19968 ----a-w- c:\windows\system32\ARP.EXE
2009-11-01 20:29:10 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2009-11-01 20:29:08 22016 ----a-w- c:\windows\system32\netiougc.exe
2009-11-01 20:29:08 213592 ----a-w- c:\windows\system32\drivers\netio.sys
2009-11-01 20:29:08 167424 ----a-w- c:\windows\system32\tcpipcfg.dll
2009-11-01 20:29:07 813568 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-11-01 20:18:54 1808896 ----a-w- c:\windows\system32\NlsLexicons0046.dll
2009-11-01 20:00:58 174 --sha-w- c:\program files\desktop.ini
2009-10-30 03:20:32 1864 --sha-r- c:\windows\system32\drivers\103C_HP_CPC_GC671AA-ABA a6130n_YC_0Pavi_QCNX724_E73NAv3PrA1_49_INettle2_SECS_V1.0_B5.11_T070605_WUH0_L409_M2942_J400_7AMD_8Athlon 64 X2 Dual Core_92.6_#091030_N10DE03EF_Z14F12F20_G10DE03D0.MRK
2009-10-30 02:02:20 2421760 ----a-w- c:\windows\system32\wucltux.dll
2009-10-30 02:01:30 87552 ----a-w- c:\windows\system32\wudriver.dll
2009-10-30 02:01:07 33792 ----a-w- c:\windows\system32\wuapp.exe
2009-10-30 02:01:07 171608 ----a-w- c:\windows\system32\wuwebv.dll
2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat

============= FINISH: 5:12:04.17 ===============
 
It seems to be running good now i was able to run spybot and i will try to install spysweeper to see if this resolves my problem and i am very grateful for you taking the time to help me, but i have one more question. Does combo fix actually remove the malicious software or does it just scan?
 
Does combo fix actually remove the malicious software or does it just scan?
Click to expand...
It does different kind of things. It's not a tool for general use.


THESE STEPS ARE VERY IMPORTANT

Let's reset system restore
Reset and Re-enable your System Restore to remove infected files that have been backed up by Windows. The files in System Restore are protected to prevent any programs changing those files. This is the only way to clean these files: You will lose all previous restore points which are likely to be infected. Please note you need Administrator Access to do clean the restore points.

A To disable the System Restore feature:

1. Click on the Start button.
2. Hover over the Computer option, right click on it and then click Properties.
3. On the left hand side, click Advanced Settings.
4. If asked to permit the action, click on Allow.
5. Click on the System Protection tab.
6. Uncheck any checkboxes listed for your hard drives.
7. Press OK.


B. Reboot.

C Turn ON System Restore.
Follow the steps like you did when disabling system restore but on step 6. check any checkboxes listed for your hard drives.



Now lets uninstall ComboFix:
  • Click START then RUN
  • Now copy-paste Combofix /uninstall in the runbox and click OK



UPDATING WINDOWS AND INTERNET EXPLORER

IMPORTANT: You Need to Update Windows and Internet Explorer to protect your computer from the malware that is around on the Internet. Please go to the windows update site to get the critical updates.

If you are running Microsoft Office, or any portion thereof, go to the Microsoft's Office Update site and make sure you have at least all the critical updates installed (Free) Microsoft Office Update.

Make your Internet Explorer more secure

This can be done by following these simple instructions:
From within Internet Explorer click on the Tools menu and then click on Options.
Click once on the Security tab
Click once on the Internet icon so it becomes highlighted.
Click once on the Custom Level button.
Change the Download signed ActiveX controls to Prompt
Change the Download unsigned ActiveX controls to Disable
Change the Initialize and script ActiveX controls not marked as safe to Disable
Change the Installation of desktop items to Prompt
Change the Launching programs and files in an IFRAME to Prompt
Change the Navigate sub-frames across different domains to Prompt
When all these settings have been made, click on the OK button.
If it prompts you as to whether or not you want to save the settings, press the Yes button.
Next press the Apply button and then the OK to exit the Internet Properties page.



The following are recommended third party programs that are designed to keep your computer clean. A link as well as a brief description is included with each item.

  • hosts file:
    • Every version of windows has a hosts file as part of them.
    • In a very basic sense, they are used to locate webpages.
    • We can customize a hosts file so that it blocks certain webpages.
    • However, it can slow down certain computers.
    • This is why using a hosts file is optional!!
    Download it here. Make sure you read the instructions on how to install the hosts file. There is a good tutorial here
    If you decide to download the hosts file, the slowdown problems can usually be avoided by following these steps:
    1. [*]Click the start button (at the lower left hand corner of your screen) [*]Click run [*]In the dialog box, type services.msc [*]hit enter, then locate dns client [*]Highlight it, then double-click it. [*]On the dropdown box, change the setting from automatic to manual. [*]Click ok


Just a final reminder for you. I am trying to stress these two points.
UPDATE UPDATE UPDATE!!! Make sure you do this about every 1-2 weeks.
Make sure all of your security programs are up to date.
Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.


Once again, please post and tell me how things are going with your system... problems etc.

Have a great day,
Blade :cool:
 
everything seems to be working fine now webroot is working so far no crashes or freezes thank you very much for helping me fix my computer
 
Since this issue appears to be resolved ... this Topic has been closed. Glad I could help. :)

Note:If it has been four days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh HijackThis log and a link to your previous thread.

If it has been less than four days since your last response and you need the thread re-opened, please send me or MOD a private message (pm). A valid, working link to the closed topic is required.
 
You must log in or register to reply here.
Back
Top