Google Hijacker, now Trojan?

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Galilmalas

Thread Starter
Joined
Feb 14, 2009
Messages
6
Im hoping someone here can help me. I have a laptop that I share with my roommates and its become infected with a virus or something. It started out as a Google Hijacker. It would redirect any links that I clicked on in Google, to some random (obviously fake) website. Then as time moved on, it became more invasive. It erased my computers background, hid all of my icons, deleted some programs such as Malwarebytes, and other things. It even started the horrible "Virus Alerts" that are also obviously fake. I tried using Spybot Search and Destory, as well as Malwarebytes. Below I will post the Information requested in that help forum.

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, 64 bit
Processor: AMD Athlon(tm) X2 Dual-Core QL-65, AMD64 Family 17 Model 3 Stepping 1
Processor Count: 2
RAM: 2814 Mb
Graphics Card: ATI Radeon HD 3200 Graphics, 256 Mb
Hard Drives: C: Total - 226084 MB, Free - 120817 MB;
Motherboard: Gateway,
Antivirus: None

Malwarebytes Log (Ran Yesterday):
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8229

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

11/24/2011 8:21:20 AM
mbam-log-2011-11-24 (08-21-20).txt

Scan type: Full scan (C:\|)
Objects scanned: 502381
Time elapsed: 1 hour(s), 17 minute(s), 52 second(s)

Memory Processes Infected: 1
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 1
Registry Data Items Infected: 1
Folders Infected: 1
Files Infected: 26

Memory Processes Infected:
c:\Windows\Temp\thpm1487196315782779145.tmp (Trojan.Exploit.Drop.THPM) -> 4676 -> Unloaded process successfully.

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{97A3145E-FE19-4CBC-9140-6694DE881929} (Adware.AdRotator) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\chkabonphst.chkabonphst.1.0 (Adware.AdRotator) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\chkabonphst.chkabonphst (Adware.AdRotator) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\volmgr (Trojan.Agent) -> Value: volmgr -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (PUM.Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
c:\Windows\$BLSTUN$ (Adware.AdRotator) -> Quarantined and deleted successfully.

Files Infected:
c:\Windows\Temp\thpm1487196315782779145.tmp (Trojan.Exploit.Drop.THPM) -> Quarantined and deleted successfully.
c:\programdata\6dss92c31apgjk.exe (Rogue.FakeAlert) -> Quarantined and deleted successfully.
c:\programdata\WSTB\verupd.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
c:\Users\Aquaman\AppData\Local\Temp\p1kalmig2kb7fz.exe.tmp (Rogue.FakeAlert) -> Quarantined and deleted successfully.
c:\Windows\$BLSTUN$\lmatn.dll (Adware.BHO) -> Quarantined and deleted successfully.
c:\Windows\serviceprofiles\localservice\AppData\Local\Temp\dxa583.tmp.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\serviceprofiles\localservice\AppData\Local\Temp\jar_cache4432786302470622001.tmp (Spyware.Spyeyes) -> Quarantined and deleted successfully.
c:\Windows\serviceprofiles\localservice\AppData\Roaming\Kynys\opekdia.exe (Spyware.Spyeyes) -> Quarantined and deleted successfully.
c:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\0.2658656025443399.exe (Malware.Gen) -> Quarantined and deleted successfully.
c:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\gdfstr.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\javaw.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
c:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\p5tm1qbi6dss92.exe.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\Windows\System32\config\systemprofile\AppData\Local\microsoft\Windows\temporary internet files\Content.IE5\UXJ8NUY2\ex[1].htm (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\deployment\cache\6.0\11\655bf6cb-64e0da32 (Trojan.Downloader.lb) -> Quarantined and deleted successfully.
c:\Windows\SysWOW64\config\systemprofile\AppData\Local\microsoft\Windows\temporary internet files\Content.IE5\UXJ8NUY2\ex[1].htm (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Sun\Java\deployment\cache\6.0\11\655bf6cb-64e0da32 (Trojan.Downloader.lb) -> Quarantined and deleted successfully.
c:\Windows\Temp\0.3213321123988797.exe (Trojan.Downloader.lb) -> Quarantined and deleted successfully.
c:\Windows\Temp\0.4736550822779033exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\Windows\Temp\jar_cache2871226344174161734.tmp (Worm.Gamarue) -> Quarantined and deleted successfully.
c:\Windows\Temp\kghjdfg.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Windows\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Aquaman\AppData\Local\Temp\thpm1321011217268084445.tmp (Exploit.Drop.3) -> Quarantined and deleted successfully.
c:\Users\Aquaman\AppData\Local\Temp\thpm1835243459084098118.tmp (Exploit.Drop.3) -> Quarantined and deleted successfully.
c:\Windows\Temp\thpm7988237639527381820.tmp (Exploit.Drop.3) -> Quarantined and deleted successfully.
c:\Windows\$BLSTUN$\apuninstall.exe (Adware.AdRotator) -> Quarantined and deleted successfully.
c:\Windows\$BLSTUN$\qgnnv.dll (Adware.AdRotator) -> Quarantined and deleted successfully.

HiJackThis Log:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:48:19 PM, on 11/25/2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16839)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Users\Aquaman\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=md2419u&r=273608108406l0333z1j6a4833428o
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=md2419u&r=273608108406l0333z1j6a4833428o
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=md2419u&r=273608108406l0333z1j6a4833428o
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=md2419u&r=273608108406l0333z1j6a4833428o
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O1 - Hosts: 74.55.76.230 www.google-analytics.com.
O1 - Hosts: 74.55.76.230 ad-emea.doubleclick.net.
O1 - Hosts: 74.55.76.230 www.statcounter.com.
O2 - BHO: PriceGong - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.5.0\PriceGongIE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: IE BHO Utility - {5AB7104A-B71F-49AD-9154-F7F8806AE848} - C:\Program Files (x86)\Surf Canyon\surfcanyon.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: MrFroggy - {856E12B5-22D7-4E22-9ACA-EA9A008DD65B} - C:\Program Files (x86)\Minibar\Froggy.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Minibar BHO - {AA74D58F-ACD0-450D-A85E-6C04B171C044} - C:\Program Files (x86)\Minibar\Kango.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [qkjUlyDxtx.exe] C:\ProgramData\qkjUlyDxtx.exe
O4 - HKLM\..\Run: [WKocfFMPaI.exe] C:\ProgramData\WKocfFMPaI.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Users\Aquaman\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [mmc62.exe] C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Adobe\plugs\mmc62.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [SenderClient.exe] C:\Documents and Settings\All Users\SenderClient.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [5-DayUpdate] C:\Users\Aquaman\AppData\Local\5-Day Forecast\5-DayUpdate\5-Dayupdt32.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AbEVEEVRbhjjV.exe] C:\ProgramData\AbEVEEVRbhjjV.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [K7f9XkrzOtAuS8234A] C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\pJ6dWK8fR9TCkBz\Qy0uvS2ib3n5Q6.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [{C5F283F2-E743-5E96-B77C-B64E62178C94}] C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Kynys\opekdia.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [5-DayUpdate] C:\Users\Aquaman\AppData\Local\5-Day Forecast\5-DayUpdate\5-Dayupdt32.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [5-DayUpdate] C:\Users\Aquaman\AppData\Local\5-Day Forecast\5-DayUpdate\5-Dayupdt32.exe (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Share Your Mood - {AAA38851-3CFF-475F-B5E0-720D3645E4A5} - C:\Program Files (x86)\Minibar\MinibarButton.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\Ham\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: TCP/IP NetBIOS Helper (lmhosts32) - Axes Array - C:\Windows\system32\ntshrui32.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: O2FLASH - Unknown owner - C:\Windows\system32\DRIVERS\o2flash.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer - C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Zune Wireless Configuration Service (ZuneWlanCfgSvc) - Unknown owner - C:\Windows\system32\ZuneWlanCfgSvc.exe (file missing)

--
End of file - 12620 bytes

DDS File:

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_22
Run by Aquaman at 20:49:23 on 2011-11-25
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.2814.481 [GMT -8:00]
.
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe
C:\Program Files (x86)\Ham\hamachi-2.exe
C:\Windows\system32\svchost.exe -k HsfXAudioService
C:\Windows\SysWOW64\ntshrui32.exe
C:\Windows\system32\DRIVERS\o2flash.exe
C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
C:\ProgramData\api-ms-win-core-memory-l1-1-032.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\svchost.exe -k netsvcs
C:\Windows\SysWOW64\ping.exe
C:\Windows\system32\conhost.exe
C:\PROGRA~2\Java\jre6\bin\jp2launcher.exe
C:\Program Files (x86)\Java\jre6\bin\java.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Eula.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Users\Aquaman\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=md2419u&r=273608108406l0333z1j6a4833428o
uDefault_Page_URL = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=md2419u&r=273608108406l0333z1j6a4833428o
mDefault_Page_URL = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=md2419u&r=273608108406l0333z1j6a4833428o
mStart Page = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=md2419u&r=273608108406l0333z1j6a4833428o
uInternet Settings,ProxyOverride = *.local
mURLSearchHooks: FroggyBoss Class: {539f76fd-084e-4858-86d5-62f02f54ae86} - C:\Program Files (x86)\Minibar\Froggy.dll
mWinlogon: Userinit=userinit.exe,
BHO: Shopping Assistant Plugin: {1631550f-191d-4826-b069-d9439253d926} - C:\Program Files (x86)\PriceGong\2.5.0\PriceGongIE.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: Fast Search: {5ab7104a-b71f-49ad-9154-f7f8806ae848} - C:\Program Files (x86)\Surf Canyon\surfcanyon.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: MrFroggy Class: {856e12b5-22d7-4e22-9aca-ea9a008dd65b} - C:\Program Files (x86)\Minibar\Froggy.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: MinibarBHO: {aa74d58f-acd0-450d-a85e-6c04b171c044} - C:\Program Files (x86)\Minibar\Kango.dll
BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [Google Update] "C:\Users\Aquaman\AppData\Local\Google\Update\GoogleUpdate.exe" /c
mRun: [qkjUlyDxtx.exe] C:\ProgramData\qkjUlyDxtx.exe
mRun: [WKocfFMPaI.exe] C:\ProgramData\WKocfFMPaI.exe
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
dRun: [5-DayUpdate] C:\Users\Aquaman\AppData\Local\5-Day Forecast\5-DayUpdate\5-Dayupdt32.exe
dRun: [volmgr] C:\Windows\system32\config\systemprofile\AppData\Local\volmgr.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
dPolicies-system: DisableTaskMgr = 1 (0x1)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
IE: {AAA38851-3CFF-475F-B5E0-720D3645E4A5} - {AAA38851-3CFF-475F-B5E0-720D3645E4A5} - C:\Program Files (x86)\Minibar\MinibarButton.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
LSP: mswsock.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
TCP: DhcpNameServer = 192.168.254.254 192.168.254.254
TCP: Interfaces\{30395B12-2930-4A2E-BB5A-574299DA34BC} : DhcpNameServer = 192.168.254.254 192.168.254.254
TCP: Interfaces\{30395B12-2930-4A2E-BB5A-574299DA34BC}\143786C65697D29437D2741697 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{30395B12-2930-4A2E-BB5A-574299DA34BC}\2456C6B696E6F5366303037303 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{30395B12-2930-4A2E-BB5A-574299DA34BC}\2656C6B696E6534376 : DhcpNameServer = 192.168.2.1 192.168.1.254
TCP: Interfaces\{30395B12-2930-4A2E-BB5A-574299DA34BC}\35471627265736B63702F477E6370295F657270235F657C6 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{30395B12-2930-4A2E-BB5A-574299DA34BC}\35471627265736B637D2F477E637D295F65727D235F657C6 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{30395B12-2930-4A2E-BB5A-574299DA34BC}\35471627265736B637F5F477E637F597F65727F537F657C6 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{30395B12-2930-4A2E-BB5A-574299DA34BC}\4586963702963702350514254514 : DhcpNameServer = 192.168.2.1 192.168.2.1
TCP: Interfaces\{30395B12-2930-4A2E-BB5A-574299DA34BC}\D416E64756058616C656E6 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{5102C351-FEA1-4753-92F4-E7D67C12B24E} : DhcpNameServer = 10.255.0.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
SubSystems: Windows = basesrv,1 winsrv:UserServerDllInitialization,3 consrv:ConServerDllInitialization,2 sxssrv,4
BHO-X64: Shopping Assistant Plugin: {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.5.0\PriceGongIE.dll
BHO-X64: PriceGong - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO-X64: Fast Search: {5AB7104A-B71F-49AD-9154-F7F8806AE848} - C:\Program Files (x86)\Surf Canyon\surfcanyon.dll
BHO-X64: IE BHO Utility - No File
BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-X64: MrFroggy Class: {856E12B5-22D7-4E22-9ACA-EA9A008DD65B} - C:\Program Files (x86)\Minibar\Froggy.dll
BHO-X64: MrFroggy - No File
BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: MinibarBHO: {AA74D58F-ACD0-450D-A85E-6C04B171C044} - C:\Program Files (x86)\Minibar\Kango.dll
BHO-X64: Minibar BHO - No File
BHO-X64: Skype Plug-In: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
mRun-x64: [qkjUlyDxtx.exe] C:\ProgramData\qkjUlyDxtx.exe
mRun-x64: [WKocfFMPaI.exe] C:\ProgramData\WKocfFMPaI.exe
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
Hosts: 74.55.76.230 www.google-analytics.com.
Hosts: 74.55.76.230 ad-emea.doubleclick.net.
Hosts: 74.55.76.230 www.statcounter.com.
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Aquaman\AppData\Roaming\Mozilla\Firefox\Profiles\eo31ghbx.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/firefox?client=firefox-a&rls=org.mozilla:en-US:eek:fficial
FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll
FF - plugin: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Users\Aquaman\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Users\Aquaman\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: C:\Users\Aquaman\AppData\Roaming\Mozilla\Firefox\Profiles\eo31ghbx.default\extensions\[email protected]\platform\WINNT_x86-msvc\plugins\npperformeroptimum.dll
FF - plugin: C:\Users\Aquaman\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Aquaman\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Skype extension: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Performer Optimum: [email protected] - %profile%\extensions\[email protected]
FF - Ext: XUL Cache: {8ddcb71e-f731-41dd-8603-72ff3bb69418} - %profile%\extensions\{8ddcb71e-f731-41dd-8603-72ff3bb69418}
FF - Ext: XUL Cache: {7d22b3f6-9ec5-40f2-9a0a-fd3e67e33f95} - %profile%\extensions\{7d22b3f6-9ec5-40f2-9a0a-fd3e67e33f95}
FF - Ext: XUL Cache: {cd5a5f0f-bdc9-4022-b3a8-a259a6f16234} - %profile%\extensions\{cd5a5f0f-bdc9-4022-b3a8-a259a6f16234}
.
============= SERVICES / DRIVERS ===============
.
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-6-15 249648]
R2 ePowerSvc;Acer ePower Service;C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe [2009-9-7 844320]
R2 Greg_Service;GRegService;C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe [2009-6-4 1150496]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\Ham\hamachi-2.exe [2011-8-4 2329480]
R2 HsfXAudioService;HsfXAudioService;C:\Windows\system32\svchost.exe -k HsfXAudioService [2009-7-13 20992]
R2 lmhosts32;TCP/IP NetBIOS Helper ;C:\Windows\System32\ntshrui32.exe [2011-7-26 793600]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-11-23 366152]
R2 Updater Service;Updater Service;C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe [2009-9-7 240160]
R3 CAXHWAZL;CAXHWAZL;C:\Windows\system32\DRIVERS\CAXHWAZL.sys --> C:\Windows\system32\DRIVERS\CAXHWAZL.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 O2MDRDR;O2MDRDR;C:\Windows\system32\DRIVERS\o2mdx64.sys --> C:\Windows\system32\DRIVERS\o2mdx64.sys [?]
R3 O2SDRDR;O2SDRDR;C:\Windows\system32\DRIVERS\o2sdx64.sys --> C:\Windows\system32\DRIVERS\o2sdx64.sys [?]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-7-7 195336]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\system32\DRIVERS\netr28x.sys --> C:\Windows\system32\DRIVERS\netr28x.sys [?]
S3 npggsvc;nProtect GameGuard Service;C:\Windows\system32\GameMon.des -service --> C:\Windows\system32\GameMon.des -service [?]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]
S3 UsbFltr;WayTech USB Filter Driver;C:\Windows\system32\Drivers\UsbFltr.sys --> C:\Windows\system32\Drivers\UsbFltr.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 WMZuneComm;Zune Windows Mobile Connectivity Service;C:\Program Files\Zune\WMZuneComm.exe [2010-9-24 306416]
.
=============== Created Last 30 ================
.
2011-11-25 14:51:46 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4E0E9557-2AC6-460B-937B-1313E45D17CC}\offreg.dll
2011-11-25 14:51:41 8570192 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4E0E9557-2AC6-460B-937B-1313E45D17CC}\mpengine.dll
2011-11-24 17:07:42 886784 ----a-w- C:\Program Files\Common Files\System\wab32.dll
2011-11-24 17:07:42 708608 ----a-w- C:\Program Files (x86)\Common Files\System\wab32.dll
2011-11-24 17:07:39 1897328 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2011-11-24 16:26:22 388096 ----a-r- C:\Users\Aquaman\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-11-24 16:26:18 -------- d-----w- C:\Program Files (x86)\Trend Micro
2011-11-24 04:23:05 709968 ----a-w- C:\Windows\isRS-000.tmp
.
==================== Find3M ====================
.
2011-10-04 01:32:51 2423808 ----a-w- C:\Windows\SysWow64\zToUstdNE1LSX3C.exe
2011-10-04 01:32:50 2423808 ----a-w- C:\Windows\SysWow64\FLbYnVQNKuLiqiZ.exe
2011-10-04 01:32:47 2423808 ----a-w- C:\Windows\SysWow64\GGVJSYnU4e.exe
2011-09-30 01:48:59 0 ----a-w- C:\Windows\SysWow64\wQd8RXeBzy12FGQ.exe
2011-09-30 01:48:59 0 ----a-w- C:\Windows\SysWow64\uc2bp5Qd8.exe
2011-09-30 01:48:59 0 ----a-w- C:\Windows\SysWow64\RQdKRwVlPc2bp5Q.exe
2011-09-30 01:48:59 0 ----a-w- C:\Windows\SysWow64\Dubp5Qd8Rwe.exe
2011-09-30 01:48:58 2423808 ----a-w- C:\Windows\SysWow64\RonF4amH5W7E8Rq.exe
2011-09-30 01:48:58 2423808 ----a-w- C:\Windows\SysWow64\Hv2nF4p5sJdKgZY.exe
2011-09-30 01:48:58 0 ----a-w- C:\Windows\SysWow64\Q2FpmHQdKRwVlNc.exe
2011-09-30 01:48:58 0 ----a-w- C:\Windows\SysWow64\cFpmHQdKRwVlNc2.exe
2011-09-30 01:48:57 2423808 ----a-w- C:\Windows\SysWow64\ogRZqhYXwUeBz0c.exe
2011-09-29 04:09:30 3141120 ----a-w- C:\Windows\System32\win32k.sys
2011-09-03 19:01:57 1181696 ----a-w- C:\ProgramData\SenderClient.exe
2011-09-01 00:00:50 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys
.
============= FINISH: 20:50:23.51 ===============



Thanks!

 

Galilmalas

Thread Starter
Joined
Feb 14, 2009
Messages
6
If I missed something required to merit a reply, will someone please let me know? I see everyone else with similar problems getting fast answers, yet my request for help seems to not be achieving much attention. Thanks!
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Members online

Top