Trojan infection - please help!

Posted 8/4/2012 3:49 AM
#94231
User avatar

sez Member

Date Joined Nov 2016
Total Posts: 3
AVG is detecting a trojan generic droppoer in my system and the icons on my desktop are moving around. Additionally my computer seems to be running slower. Here is my log. I hope someone can help me as I have been trying to fix this on my own for the last 5 days. <br/> <br/>Logfile of Trend Micro HijackThis v2.0.4 <br/>Scan saved at 8:43:26 PM, on 03/08/2012 <br/>Platform: Windows 7 SP1 (WinNT 6.00.3505) <br/>MSIE: Internet Explorer v9.00 (9.00.8112.16446) <br/>Boot mode: Normal <br/> <br/>Running processes: <br/>C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe <br/>C:\Program Files (x86)\Lexmark X1100 Series\LXBKbmgr.exe <br/>C:\Program Files (x86)\Lexmark X1100 Series\lxbkbmon.exe <br/>C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe <br/>C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe <br/>C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe <br/>C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe <br/>C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe <br/>C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe <br/>C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe <br/>C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe <br/>C:\Program Files (x86)\DivX\DivX Plus Web Player\DDMService.exe <br/>C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe <br/>C:\Program Files (x86)\AVG\AVG2012\avgtray.exe <br/>C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe <br/>C:\Program Files (x86)\AVG Secure Search\vprot.exe <br/>C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe <br/>C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe <br/>C:\Program Files (x86)\Mozilla Firefox\firefox.exe <br/>C:\Program Files (x86)\Internet Explorer\IELowutil.exe <br/>C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe <br/>C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe <br/>C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe <br/>C:\Windows\SysWOW64\DllHost.exe <br/> <br/>R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON/4 <br/>R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 <br/>R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/ <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON/4 <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 <br/>R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPCON/4 <br/>R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = <br/>R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = <br/>R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm <br/>R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = <br/>R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file) <br/>R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll <br/>F2 - REG:system.ini: UserInit=userinit.exe, <br/>O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll <br/>O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll <br/>O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll <br/>O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll <br/>O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll <br/>O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll <br/>O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll <br/>O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll <br/>O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll <br/>O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll <br/>O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll <br/>O2 - BHO: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll <br/>O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll <br/>O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll <br/>O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) <br/>O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll <br/>O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe <br/>O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume <br/>O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" <br/>O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" <br/>O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" <br/>O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" <br/>O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW <br/>O4 - HKLM\..\Run: [DivX Download Manager] "C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe" start <br/>O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime <br/>O4 - HKLM\..\Run: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot <br/>O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" <br/>O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" <br/>O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe <br/>O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" <br/>O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe <br/>O4 - HKLM\..\Run: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12 <br/>O4 - HKCU\..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe <br/>O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden <br/>O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" <br/>O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background <br/>O4 - HKCU\..\Run: [ISUSPM] "C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler <br/>O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe <br/>O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount <br/>O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun <br/>O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe <br/>O8 - Extra context menu item: Search the Web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html <br/>O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll <br/>O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll <br/>O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll <br/>O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll <br/>O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll <br/>O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll <br/>O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll <br/>O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll <br/>O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll <br/>O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics <br/>O15 - Trusted Zone: *.clonewarsadventures.com <br/>O15 - Trusted Zone: *.freerealms.com <br/>O15 - Trusted Zone: *.soe.com <br/>O15 - Trusted Zone: *.sony.com <br/>O16 - DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} (20-20 3D Viewer) - http://kitchenplanner.ikea.com/CA/Core/Player/2020PlayerAX_Win32.cab <br/>O18 - Protocol: intu-tt2010 - {97A0575E-2309-4E75-8509-B1F9390C4DE7} - C:\Program Files (x86)\TurboTax 2010\ic2010pp.dll <br/>O18 - Protocol: intu-tt2011 - {B3B5DAD9-E96D-45B4-B636-B6CF2F773DE1} - C:\Program Files (x86)\TurboTax 2011\ic2011pp.dll <br/>O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll <br/>O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll <br/>O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL <br/>O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll <br/>O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll <br/>O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE <br/>O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe <br/>O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe <br/>O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe <br/>O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) <br/>O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe <br/>O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe <br/>O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe <br/>O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe <br/>O23 - Service: CalendarSynchService - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe <br/>O23 - Service: @C:\Program Files\DigitalPersona\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe <br/>O23 - Service: DeviceVM Meta Data Export Service (DvmMDES) - DeviceVM, Inc. - C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe <br/>O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) <br/>O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) <br/>O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe <br/>O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe <br/>O23 - Service: HP Wireless Assistant Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe <br/>O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe <br/>O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe <br/>O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing) <br/>O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe <br/>O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe <br/>O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) <br/>O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe <br/>O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe <br/>O23 - Service: lxbk_device - - C:\Windows\system32\lxbkcoms.exe <br/>O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe <br/>O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) <br/>O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) <br/>O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) <br/>O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe <br/>O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) <br/>O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) <br/>O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe <br/>O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe <br/>O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) <br/>O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) <br/>O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) <br/>O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe <br/>O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe <br/>O23 - Service: TabletServicePen - Unknown owner - C:\Windows\system32\Pen_Tablet.exe (file missing) <br/>O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe <br/>O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) <br/>O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe <br/>O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) <br/>O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe <br/>O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) <br/>O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) <br/>O23 - Service: vToolbarUpdater11.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe <br/>O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) <br/>O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) <br/>O23 - Service: WINZIPSSDiskOptimizer - WinZip Computing, S.L. (WinZip Computing) - C:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSDefragSrv64.exe <br/>O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) <br/>O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) <br/> <br/>-- <br/>End of file - 18464 bytes
Posted 8/4/2012 3:50 AM
#94232
User avatar

sez Member

Date Joined Nov 2016
Total Posts: 3
Malwarebytes Anti-Malware 1.62.0.1300 <br/>www.malwarebytes.org <br/> <br/>Database version: v2012.08.03.02 <br/> <br/>Windows 7 Service Pack 1 x64 NTFS <br/>Internet Explorer 9.0.8112.16421 <br/>Sez :: SEZ-PC [administrator] <br/> <br/>02/08/2012 9:07:10 PM <br/>mbam-log-2012-08-02 (21-07-10).txt <br/> <br/>Scan type: Full scan (C:\|D:\|Q:\|) <br/>Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM <br/>Scan options disabled: P2P <br/>Objects scanned: 452985 <br/>Time elapsed: 1 hour(s), 35 minute(s), 59 second(s) <br/> <br/>Memory Processes Detected: 0 <br/>(No malicious items detected) <br/> <br/>Memory Modules Detected: 0 <br/>(No malicious items detected) <br/> <br/>Registry Keys Detected: 0 <br/>(No malicious items detected) <br/> <br/>Registry Values Detected: 0 <br/>(No malicious items detected) <br/> <br/>Registry Data Items Detected: 0 <br/>(No malicious items detected) <br/> <br/>Folders Detected: 0 <br/>(No malicious items detected) <br/> <br/>Files Detected: 0 <br/>(No malicious items detected) <br/> <br/>(end)
Posted 8/4/2012 3:51 AM
#94233
User avatar

sez Member

Date Joined Nov 2016
Total Posts: 3
. <br/>DDS (Ver_2011-08-26.01) - NTFSAMD64 <br/>Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_20 <br/>Run by Sez at 20:20:47 on 2012-08-03 <br/>Microsoft Windows 7 Home Premium 6.1.7601.1.1252.2.1033.18.3894.2017 [GMT -7:00] <br/>. <br/>AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} <br/>AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} <br/>SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} <br/>SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} <br/>SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B} <br/>. <br/>============== Running Processes =============== <br/>. <br/>C:\PROGRA~2\AVG\AVG2012\avgrsa.exe <br/>C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe <br/>C:\Windows\system32\wininit.exe <br/>C:\Windows\system32\lsm.exe <br/>C:\Windows\system32\svchost.exe -k DcomLaunch <br/>C:\Windows\system32\svchost.exe -k RPCSS <br/>C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted <br/>C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted <br/>C:\Windows\system32\svchost.exe -k netsvcs <br/>C:\Program Files\IDT\WDM\STacSV64.exe <br/>C:\Windows\system32\svchost.exe -k LocalService <br/>C:\Windows\system32\Hpservice.exe <br/>C:\Windows\SYSTEM32\WISPTIS.EXE <br/>C:\Windows\system32\vcsFPService.exe <br/>C:\Windows\system32\svchost.exe -k NetworkService <br/>C:\Windows\system32\WLANExt.exe <br/>C:\Windows\system32\conhost.exe <br/>C:\Windows\System32\spoolsv.exe <br/>C:\Program Files\DigitalPersona\Bin\DpHostW.exe <br/>C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork <br/>C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation <br/>C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE <br/>C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe <br/>C:\Program Files\IDT\WDM\AESTSr64.exe <br/>C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe <br/>C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe <br/>C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe <br/>C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe <br/>C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe <br/>C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe <br/>C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe <br/>C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe <br/>C:\Windows\system32\lxbkcoms.exe <br/>c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe <br/>C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe <br/>C:\Windows\system32\svchost.exe -k imgsvc <br/>C:\Windows\system32\Pen_Tablet.exe <br/>C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe <br/>C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe <br/>C:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSDefragSrv64.exe <br/>C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE <br/>C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe <br/>C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe <br/>C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe <br/>C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe <br/>C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe <br/>C:\Program Files (x86)\AVG\AVG2012\avgemca.exe <br/>C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE <br/>C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted <br/>C:\Windows\system32\taskhost.exe <br/>C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe <br/>C:\Windows\SYSTEM32\WISPTIS.EXE <br/>C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe <br/>C:\Windows\system32\Dwm.exe <br/>C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe <br/>C:\Windows\Explorer.EXE <br/>C:\Program Files\Synaptics\SynTP\SynTPEnh.exe <br/>C:\Program Files\IDT\WDM\sttray64.exe <br/>C:\Windows\System32\igfxtray.exe <br/>C:\Windows\System32\hkcmd.exe <br/>C:\Windows\System32\igfxpers.exe <br/>C:\Program Files (x86)\Lexmark X1100 Series\LXBKbmgr.exe <br/>C:\Windows\system32\WTablet\Pen_TabletUser.exe <br/>C:\Program Files\Zune\ZuneLauncher.exe <br/>C:\Program Files\Microsoft Security Client\msseces.exe <br/>C:\Program Files (x86)\Lexmark X1100 Series\lxbkbmon.exe <br/>C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe <br/>C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe <br/>C:\Windows\system32\Pen_Tablet.exe <br/>C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe <br/>C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe <br/>C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe <br/>C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe <br/>C:\Program Files\Synaptics\SynTP\SynTPHelper.exe <br/>C:\Program Files (x86)\Skype\Phone\Skype.exe <br/>C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe <br/>C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe <br/>C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe <br/>C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe <br/>C:\Program Files (x86)\DivX\DivX Plus Web Player\DDMService.exe <br/>C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe <br/>C:\Program Files (x86)\AVG\AVG2012\avgtray.exe <br/>C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe <br/>C:\Program Files (x86)\AVG Secure Search\vprot.exe <br/>C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe <br/>C:\Windows\system32\wbem\wmiprvse.exe <br/>C:\Windows\system32\SearchIndexer.exe <br/>C:\Program Files\DigitalPersona\Bin\DPAgent.exe <br/>C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe <br/>C:\Program Files\Windows Media Player\wmpnetwk.exe <br/>C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe <br/>C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe <br/>C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe <br/>C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe <br/>C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe <br/>C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe <br/>C:\Windows\system32\wbem\wmiprvse.exe <br/>C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe <br/>C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe <br/>C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe <br/>C:\Windows\system32\svchost.exe -k SDRSVC <br/>C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe <br/>C:\Windows\SysWOW64\NOTEPAD.EXE <br/>C:\Program Files (x86)\Mozilla Firefox\firefox.exe <br/>C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe <br/>C:\Windows\system32\SearchProtocolHost.exe <br/>C:\Windows\system32\SearchFilterHost.exe <br/>C:\Windows\system32\DllHost.exe <br/>C:\Windows\system32\DllHost.exe <br/>C:\Windows\SysWOW64\cmd.exe <br/>C:\Windows\system32\conhost.exe <br/>C:\Windows\SysWOW64\cscript.exe <br/>C:\Windows\system32\DllHost.exe <br/>. <br/>============== Pseudo HJT Report =============== <br/>. <br/>uStart Page = hxxp://www.google.ca/ <br/>uURLSearchHooks: H - No File <br/>uURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll <br/>mURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll <br/>mURLSearchHooks: H - No File <br/>mWinlogon: Userinit=userinit.exe, <br/>BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll <br/>BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll <br/>BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll <br/>BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll <br/>BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll <br/>BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll <br/>BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll <br/>BHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll <br/>BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll <br/>BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll <br/>BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll <br/>BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll <br/>BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll <br/>TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll <br/>TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll <br/>TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File <br/>TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll <br/>{e7df6bff-55a5-4eb7-a673-4ed3e9456d39} <br/>uRun: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe <br/>uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden <br/>uRun: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" <br/>uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background <br/>uRun: [ISUSPM] "C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler <br/>uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe <br/>uRun: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount <br/>uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun <br/>uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe <br/>mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe <br/>mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume <br/>mRun: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" <br/>mRun: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" <br/>mRun: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" <br/>mRun: [UpdatePSTShortCut] "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" <br/>mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW <br/>mRun: [DivX Download Manager] "C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe" start <br/>mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime <br/>mRun: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot <br/>mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" <br/>mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" <br/>mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe <br/>mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" <br/>mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe <br/>mRun: [<NO NAME>] <br/>mRun: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12 <br/>mPolicies-explorer: NoActiveDesktop = 1 (0x1) <br/>mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) <br/>mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) <br/>mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) <br/>mPolicies-system: EnableUIADesktopToggle = 0 (0x0) <br/>IE: Search the Web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html <br/>IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll <br/>IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll <br/>IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll <br/>IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll <br/>Trusted Zone: clonewarsadventures.com <br/>Trusted Zone: freerealms.com <br/>Trusted Zone: soe.com <br/>Trusted Zone: sony.com <br/>DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} - hxxp://kitchenplanner.ikea.com/CA/Core/Player/2020PlayerAX_Win32.cab <br/>DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab <br/>DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab <br/>DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab <br/>TCP: DhcpNameServer = 64.59.168.13 64.59.168.15 64.59.174.84 <br/>TCP: Interfaces\{2A590758-3250-47E0-B058-5FAE93C7DC46} : DhcpNameServer = 64.59.168.13 64.59.168.15 64.59.174.84 <br/>TCP: Interfaces\{2A590758-3250-47E0-B058-5FAE93C7DC46}\5544956414D4 : DhcpNameServer = 192.168.1.254 <br/>Handler: intu-tt2010 - {97A0575E-2309-4e75-8509-B1F9390C4DE7} - C:\Program Files (x86)\TurboTax 2010\ic2010pp.dll <br/>Handler: intu-tt2011 - {B3B5DAD9-E96D-45b4-B636-B6CF2F773DE1} - C:\Program Files (x86)\TurboTax 2011\ic2011pp.dll <br/>Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll <br/>Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll <br/>Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL <br/>Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll <br/>Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll <br/>LSA: Notification Packages = DPPassFilter scecli <br/>mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe" <br/>BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll <br/>BHO-X64: AcroIEHelperStub - No File <br/>BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll <br/>BHO-X64: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll <br/>BHO-X64: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll <br/>BHO-X64: AVG Do Not Track - No File <br/>BHO-X64: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll <br/>BHO-X64: Increase performance and video formats for your HTML5 <video> - No File <br/>BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll <br/>BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File <br/>BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll <br/>BHO-X64: DivX HiQ: {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll <br/>BHO-X64: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - No File <br/>BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll <br/>BHO-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll <br/>BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll <br/>BHO-X64: SkypeIEPluginBHO - No File <br/>BHO-X64: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll <br/>BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll <br/>TB-X64: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll <br/>TB-X64: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll <br/>TB-X64: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File <br/>TB-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll <br/>mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe <br/>mRun-x64: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume <br/>mRun-x64: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" <br/>mRun-x64: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" <br/>mRun-x64: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" <br/>mRun-x64: [UpdatePSTShortCut] "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" <br/>mRun-x64: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW <br/>mRun-x64: [DivX Download Manager] "C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe" start <br/>mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime <br/>mRun-x64: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot <br/>mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" <br/>mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" <br/>mRun-x64: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe <br/>mRun-x64: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" <br/>mRun-x64: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe <br/>mRun-x64: [(Default)] <br/>mRun-x64: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12 <br/>. <br/>================= FIREFOX =================== <br/>. <br/>FF - ProfilePath - C:\Users\Sez\AppData\Roaming\Mozilla\Firefox\Profiles\9c1pfna2.default\ <br/>FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2260173&SearchSource=3&q={searchTerms} <br/>FF - prefs.js: browser.search.selectedEngine - AVG Secure Search <br/>FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ <br/>FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2260173&SearchSource=2&q= <br/>FF - prefs.js: network.proxy.type - 0 <br/>FF - component: C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\components\dpffcli.dll <br/>FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll <br/>FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordlegacyext.dll <br/>FF - component: C:\Users\Sez\AppData\Roaming\Mozilla\Firefox\Profiles\9c1pfna2.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCoreGecko19.dll <br/>FF - component: C:\Users\Sez\AppData\Roaming\Mozilla\Firefox\Profiles\9c1pfna2.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll <br/>FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL <br/>FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll <br/>FF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\npsitesafety.dll <br/>FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll <br/>FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll <br/>FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll <br/>FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll <br/>FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll <br/>FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll <br/>FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll <br/>FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll <br/>FF - plugin: C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll <br/>FF - plugin: C:\Users\Sez\AppData\Roaming\Mozilla\Firefox\Profiles\9c1pfna2.default\extensions\{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}\plugins\np-mswmp.dll <br/>FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll <br/>FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll <br/>. <br/>============= SERVICES / DRIVERS =============== <br/>. <br/>R0 AVGIDSHA;AVGIDSHA;C:\Windows\system32\DRIVERS\avgidsha.sys --> C:\Windows\system32\DRIVERS\avgidsha.sys [?] <br/>R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?] <br/>R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?] <br/>R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?] <br/>R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?] <br/>R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?] <br/>R1 DVMIO;DeviceVM IO Service;C:\Windows\system32\DRIVERS\dvmio.sys --> C:\Windows\system32\DRIVERS\dvmio.sys [?] <br/>R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928] <br/>R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368] <br/>R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] <br/>R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-8-11 140672] <br/>R2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2010/08/01 19:39:58];C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [2010-8-1 146928] <br/>R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928] <br/>R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-1-23 89600] <br/>R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [2012-7-4 5160568] <br/>R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-2-14 193288] <br/>R2 CalendarSynchService;CalendarSynchService;C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [2009-10-15 22072] <br/>R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624] <br/>R2 DvmMDES;DeviceVM Meta Data Export Service;C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe [2010-4-12 338168] <br/>R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072] <br/>R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-4-5 103992] <br/>R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-5-21 103992] <br/>R2 hpsrv;HP Service;C:\Windows\system32\Hpservice.exe --> C:\Windows\system32\Hpservice.exe [?] <br/>R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2011-6-14 26680] <br/>R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-8-1 13336] <br/>R2 lxbk_device;lxbk_device;C:\Windows\system32\lxbkcoms.exe -service --> C:\Windows\system32\lxbkcoms.exe -service [?] <br/>R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-4-3 1153368] <br/>R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776] <br/>R2 TabletServicePen;TabletServicePen;C:\Windows\system32\Pen_Tablet.exe --> C:\Windows\system32\Pen_Tablet.exe [?] <br/>R2 TomTomHOMEService;TomTomHOMEService;C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2010-12-10 92008] <br/>R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-8-1 2320920] <br/>R2 vcsFPService;Validity VCS Fingerprint Service;C:\Windows\System32\vcsFPService.exe [2010-1-7 1656112] <br/>R2 vToolbarUpdater11.2.0;vToolbarUpdater11.2.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe [2012-7-9 935008] <br/>R2 WINZIPSSDiskOptimizer;WINZIPSSDiskOptimizer;C:\Program Files (x86)\WinZip System Utilities Suite\WINZIPSSDefragSrv64.exe [2012-5-18 628040] <br/>R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\avgidsdrivera.sys --> C:\Windows\system32\DRIVERS\avgidsdrivera.sys [?] <br/>R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\avgidsfiltera.sys --> C:\Windows\system32\DRIVERS\avgidsfiltera.sys [?] <br/>R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?] <br/>R3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?] <br/>R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?] <br/>R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?] <br/>R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?] <br/>R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?] <br/>R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?] <br/>R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496] <br/>S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] <br/>S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] <br/>S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944] <br/>S2 StarWindServiceAE;StarWind AE Service;C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688] <br/>S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-14 250056] <br/>S3 AVG Security Toolbar Service;AVG Security Toolbar Service;C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [2011-5-29 984392] <br/>S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] <br/>S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-4 113120] <br/>S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?] <br/>S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?] <br/>S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696] <br/>S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] <br/>S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] <br/>S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?] <br/>S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?] <br/>S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?] <br/>S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] <br/>S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] <br/>S3 WMZuneComm;Zune Windows Mobile Connectivity Service;C:\Program Files\Zune\WMZuneComm.exe [2011-8-5 306400] <br/>S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?] <br/>. <br/>=============== Created Last 30 ================ <br/>. <br/>2012-08-04 03:11:10 -------- d-----w- C:\Program Files\CCleaner <br/>2012-08-04 02:52:40 -------- d-----w- C:\Users\Sez\AppData\Local\{A6404F82-617F-479E-A131-65D59F744245} <br/>2012-08-04 02:52:25 -------- d-----w- C:\Users\Sez\AppData\Local\{95217FB2-E43B-4A40-8734-CFF2BA8200A0} <br/>2012-08-03 04:39:10 -------- d-----w- C:\Users\Sez\AppData\Local\Bump Technologies, Inc <br/>2012-08-03 04:05:01 -------- d-----w- C:\Users\Sez\AppData\Local\{27B8AD4E-0523-404E-97F6-C0EFF2AFD119} <br/>2012-08-03 04:04:40 -------- d-----w- C:\Users\Sez\AppData\Local\{FFF1AF19-4AA9-4E98-9D8B-F100314098B0} <br/>2012-08-03 03:49:40 -------- d-----w- C:\Users\Sez\AppData\Local\{1EB4CD83-80C5-4C75-8093-F5C73EB42E36} <br/>2012-08-03 03:49:19 -------- d-----w- C:\Users\Sez\AppData\Local\{60066C34-6611-4B09-A698-3CB371B449E7} <br/>2012-08-03 03:42:03 -------- d-----w- C:\Users\Sez\AppData\Roaming\SUPERAntiSpyware.com <br/>2012-08-03 03:41:52 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com <br/>2012-08-03 03:41:52 -------- d-----w- C:\Program Files\SUPERAntiSpyware <br/>2012-07-31 07:17:13 -------- d-----w- C:\Users\Sez\AppData\Local\{75B3078B-A683-40CA-82DF-3C0749E8FA6F} <br/>2012-07-31 07:16:51 -------- d-----w- C:\Users\Sez\AppData\Local\{4F0DA8A0-A982-4472-A361-FAB8A2901C60} <br/>2012-07-31 05:01:44 388096 ----a-r- C:\Users\Sez\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe <br/>2012-07-31 05:01:44 -------- d-----w- C:\Program Files (x86)\Trend Micro <br/>2012-07-23 13:21:23 -------- d-----w- C:\Users\Sez\AppData\Local\{0A7969DE-9DC2-4C80-8DBA-1225A011ED61} <br/>2012-07-23 13:21:04 -------- d-----w- C:\Users\Sez\AppData\Local\{A78ED6AF-91D6-4B5C-854E-B402AB9E2C84} <br/>2012-07-23 05:54:11 -------- d-----w- C:\Users\Sez\AppData\Roaming\Malwarebytes <br/>2012-07-23 05:53:49 -------- d-----w- C:\ProgramData\Malwarebytes <br/>2012-07-23 05:53:48 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys <br/>2012-07-23 05:53:48 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware <br/>2012-07-23 05:49:48 -------- d-----w- C:\Users\Sez\AppData\Local\{40415388-1C29-4823-B3ED-2FF264FB3F99} <br/>2012-07-23 05:49:26 -------- d-----w- C:\Users\Sez\AppData\Local\{F9D5BE19-1797-4482-A4EE-F5BB7F455580} <br/>2012-07-23 04:56:36 -------- d-----w- C:\Users\Sez\AppData\Local\{4069DFE6-645F-4557-A3EE-2A6E1E7CEDBA} <br/>2012-07-23 04:56:14 -------- d-----w- C:\Users\Sez\AppData\Local\{69D63BCB-E35C-4F15-A9B0-438680305F50} <br/>2012-07-23 01:37:41 -------- d-----w- C:\Users\Sez\AppData\Local\{4AFD1071-303B-4C24-A903-7390A439474E} <br/>2012-07-23 01:37:18 -------- d-----w- C:\Users\Sez\AppData\Local\{8FAAC20D-ED17-428B-9788-1ED49AD171F3} <br/>2012-07-23 01:27:48 -------- d-----w- C:\Users\Sez\AppData\Local\{9738B455-A0DF-4AA0-B9F8-CEA5DCE3E98B} <br/>2012-07-23 01:27:37 -------- d-----w- C:\Users\Sez\AppData\Local\{2836694B-DC88-466F-8E10-6F29E1F8D5E9} <br/>2012-07-06 15:28:02 -------- d-----w- C:\Users\Sez\AppData\Local\{521E0865-63B1-425A-A08B-71B0F101D95B} <br/>2012-07-06 15:27:45 -------- d-----w- C:\Users\Sez\AppData\Local\{1A61E8EA-14F3-4684-8FDC-F3390D05E314} <br/>. <br/>==================== Find3M ==================== <br/>. <br/>2012-08-03 04:13:40 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl <br/>2012-08-03 04:13:40 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe <br/>2012-06-02 22:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll <br/>2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll <br/>2012-06-02 22:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe <br/>2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll <br/>2012-05-18 02:06:48 2311680 ----a-w- C:\Windows\System32\jscript9.dll <br/>2012-05-18 01:59:14 1392128 ----a-w- C:\Windows\System32\wininet.dll <br/>2012-05-18 01:58:39 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl <br/>2012-05-18 01:55:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe <br/>2012-05-18 01:51:30 2382848 ----a-w- C:\Windows\System32\mshtml.tlb <br/>2012-05-17 22:45:37 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll <br/>2012-05-17 22:35:47 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll <br/>2012-05-17 22:35:39 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl <br/>2012-05-17 22:29:45 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe <br/>2012-05-17 22:24:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb <br/>2012-05-15 01:32:33 3146752 ----a-w- C:\Windows\System32\win32k.sys <br/>. <br/>============= FINISH: 20:22:30.50 ===============
Posted 8/12/2012 4:34 AM
#94255
User avatar

Advanced member

Post the Avg log as well. the one that shows what it finds.
Andreea-Luciana Ostache
Support Team Leader
[url]support@bullguard.com[/url]
www.bullguard.com

Download the Free Trial version of BullGuard Internet Security 16

You have a BullGuard related problem? Post your question on these forums, contact Support or contact me on Twitter!
Posted 9/24/2012 1:59 AM
#94402
User avatar

kurteb Member

Date Joined Nov 2016
Total Posts: 1
C:\Program Files (x86)\AVG Secure Search\vprot.exe is the entry that shows in msconfig after removing avg, just uncheck it. they also plant a reminder in scheduled tasks, get rid of it as well. (Did notice that torrent toolbar, those downloads are asking for trouble.) noticed your alg.exe is missing:O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) here is how to fix it: http://clearupcomputer.blogspot.com/2012/03/alg-exe-file-missing-fix.html <br/> <br/> <br/> http://www.processlibrary.com/directory/files/lsass/24751/ describes lsass.exe, an important program that seems to be missing, probably due to an uninstall or conflicting programming, could be your trojan at work, "The process lsass.exe is the Local Security Authority Subsystem Service by Microsoft, Inc. It is responsible for the enforcement of security policies within Microsoft's Operating Systems. This process checks whether a user’s supplied identification is valid or not whenever he or she tries to access the computer system." ...if it's missing, you need to fix it. <br/> <br/> <br/> <br/>O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) <br/>O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
Posted 9/24/2012 5:00 AM
#94403
User avatar

Advanced member

AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} is the entry that shows AVG as still being installed and the Antivirus solution that he chose. <br/> <br/>The missing entry keys are in fact the service names for them and those are normal to be missing. In Windows 7 most users have a lot of O23 - Service: @%SystemRoot% entries that indicate missing files without the files actually missing. <br/> <br/>What is really wrong here is O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll <br/>But I want to see the AVG scan log before starting to give out any instructions.
Andreea-Luciana Ostache
Support Team Leader
[url]support@bullguard.com[/url]
www.bullguard.com

Download the Free Trial version of BullGuard Internet Security 16

You have a BullGuard related problem? Post your question on these forums, contact Support or contact me on Twitter!
  • Unread posts or replies
  • No unread posts or replies
  • Unread Posts (Read Only Forum)
  • No Unread Posts (Read Only Forum)

Forum Information

Currently it is Saturday, December 10, 2016, 9:40 PM (GMT +1)
There are a total of 61,164 posts in 13,450 threads.
In the last 3 days there were 1 new threads and 4 reply posts.

Who's online

This forum has 37,970 registered members. Please welcome our newest member, MJD.
There are currently no users on-line.