1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Syshost.exe Tracker Trojan/Virus on Windows 7 - Please Help

Discussion in 'Virus & Other Malware Removal' started by ASaiyan, Sep 2, 2012.

Thread Status:
Not open for further replies.
  1. ASaiyan

    ASaiyan Thread Starter

    Joined:
    Aug 6, 2012
    Messages:
    9
    When it comes to technology, I have no luck. On my week-old computer, I opened an extremely innocuous page with an article about a game I found through Google, and cmd.exe started asking permission to make changes to my computer. I had Ad-Aware enabled with the latest definitions, so I don't know how it happened, but my system restarted without my asking (or granting cmd.exe permission), and when it turned on again I found a tracking trojan named syshost.exe nestled in the list of files that run at startup. The executable itself was located at C:\Windows\Installer\{32D06066-6876-F712-567E-2B5635A2DE2A}\syshost.exe. Ad-Aware couldn't remove it, but MalwareBytes got rid of that file.

    It's not all gone, however. Spybot Search & Destroy found tons of residual files in my registry, Internet Explorer (which I don't use) Direct 3D, etc. - 'fixing' or removing them does no good, as they come right back. I have lost the ability to turn on Windows Firewall (Error code 0x800070424), and taskmanager has been bricked (Error: pcwum.dll is missing; it won't open at all). I am terrified (malware not being covered under warranty) and don't wish to pay $180 to some hack tech to come fix the problem, but I have no idea what to do and little time to get this fixed. Computer specs, MalwareBytes log, HijackThis log, DDS.txt, Attach.txt, and screenshots of Spybot Scans and Windows Errors are below. You people are awesome, and I really appreciate anyone who tries to help save me from my plight. Please help!


    Tech Support Guy System Info Utility version 1.0.0.2
    OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
    Processor: Intel(R) Core(TM) i5-2320 CPU @ 3.00GHz, Intel64 Family 6 Model 42 Stepping 7
    Processor Count: 4
    RAM: 8098 Mb
    Graphics Card: Intel(R) HD Graphics Family, -238 Mb
    Hard Drives: C: Total - 1890523 MB, Free - 1850738 MB; D: Total - 17102 MB, Free - 2136 MB;
    Motherboard: PEGATRON CORPORATION, 2AC2
    Antivirus: Lavasoft Ad-Aware, Updated and Enabled

    ==Malwarebytes Log==
    Malwarebytes Anti-Malware (Trial) 1.62.0.1300
    www.malwarebytes.org

    Database version: v2012.09.02.01

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 9.0.8112.16421
    Saya :: SAYA-PC [administrator]

    Protection: Disabled

    9/1/2012 9:48:41 PM
    mbam-log-2012-09-01 (21-48-41).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 215754
    Time elapsed: 2 minute(s), 7 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 1
    C:\Windows\Installer\{32D06066-6876-F712-567E-2B5635A2DE2A}\syshost.exe (Trojan.Phex.THAGen9) -> Quarantined and deleted successfully.

    (end)


    ==HijackThis Log==
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 5:48:52 PM, on 9/2/2012
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Unable to get Internet Explorer version!
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
    C:\PROGRA~2\AD-AWA~1\AdAware.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe
    C:\Program Files (x86)\Internet Explorer\IELowutil.exe
    C:\Users\Saya\Downloads\SysInfo.exe
    C:\Windows\SysWOW64\NOTEPAD.EXE
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Users\Saya\Downloads\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: AOL Toolbar Search Class - {f0e98552-8e47-4c6c-9b3a-11ab0549f94d} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll (file missing)
    F2 - REG:system.ini: UserInit=userinit.exe,
    O1 - Hosts: ::1 localhost
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
    O2 - BHO: AOL Toolbar Loader - {3ef64538-8b54-4573-b48f-4d34b0238ab2} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll (file missing)
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    O3 - Toolbar: AOL Toolbar - {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll (file missing)
    O4 - HKLM\..\Run: [Ad-Aware Antivirus] "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
    O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
    O4 - HKCU\..\Run: [HP Photosmart 5510 series (NET)] "C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN1BQ21B5T05NR:NW" -scfn "HP Photosmart 5510 series (NET)" -AutoStart 1
    O4 - HKCU\..\Run: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
    O4 - Startup: Monitor Ink Alerts - HP Photosmart 5510 series (Network).lnk = ?
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
    O23 - Service: Ad-Aware Service - Lavasoft Limited - C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
    O23 - Service: HP Auto (HPAuto) - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
    O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
    O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
    O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Ad-Aware (SBAMSvc) - GFI Software - C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
    O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
    O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
    O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 9893 bytes

    ==DDS.txt==
    .
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.6.2
    Run by Saya at 17:49:59 on 2012-09-02
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8099.6137 [GMT -4:00]
    .
    AV: Lavasoft Ad-Aware *Enabled/Updated* {445B48C3-0FA4-6B16-8F07-6506F305D800}
    SP: Lavasoft Ad-Aware *Enabled/Updated* {FF3AA927-299E-6498-B5B7-5E74888292BD}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: Lavasoft Ad-Aware *Disabled* {7C60C9E6-45CB-6A4E-A458-CC330DD69F7B}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\WUDFHost.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
    C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe
    C:\Windows\system32\RunDll32.exe
    C:\Program Files\HP\HP Photosmart 5510 series\bin\HPNetworkCommunicator.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
    C:\PROGRA~2\AD-AWA~1\AdAware.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
    C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicator.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
    C:\Program Files (x86)\Internet Explorer\IELowutil.exe
    C:\Windows\system32\conhost.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe
    C:\Windows\system32\mspaint.exe
    C:\Windows\system32\mspaint.exe
    C:\Users\Saya\Downloads\SysInfo.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\SysWOW64\NOTEPAD.EXE
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Users\Saya\Downloads\HijackThis.exe
    C:\Windows\system32\notepad.exe
    C:\Windows\SysWOW64\NOTEPAD.EXE
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\SysWOW64\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.aol.com/?mtmhp=hyplogusaolp00000023
    uURLSearchHooks: AOL Toolbar Search Class: {f0e98552-8e47-4c6c-9b3a-11ab0549f94d} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll
    mURLSearchHooks: AOL Toolbar Search Class: {f0e98552-8e47-4c6c-9b3a-11ab0549f94d} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll
    mWinlogon: Userinit=userinit.exe,
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
    BHO: AOL Toolbar Loader: {3ef64538-8b54-4573-b48f-4d34b0238ab2} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
    BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    TB: AOL Toolbar: {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll
    uRun: [HP Photosmart 5510 series (NET)] "C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN1BQ21B5T05NR:NW" -scfn "HP Photosmart 5510 series (NET)" -AutoStart 1
    uRun: [AdobeBridge]
    uRun: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
    mRun: [<NO NAME>]
    mRun: [Ad-Aware Antivirus] "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
    mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
    mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
    mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
    StartupFolder: C:\Users\Saya\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MONITO~1.LNK - C:\Windows\system32\RunDll32.exe
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
    TCP: DhcpNameServer = 167.206.254.2 167.206.254.1 192.168.1.1
    TCP: Interfaces\{63BB734E-EF9A-4586-B185-6018A9B33F0F} : DhcpNameServer = 167.206.254.2 167.206.254.1 192.168.1.1
    TCP: Interfaces\{A02E635E-BAFC-40BB-A5E1-C54369041186} : DhcpNameServer = 167.206.254.2 167.206.254.1 192.168.1.1
    Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    Notify: SDWinLogon - SDWinLogon.dll
    SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO-X64: AcroIEHelperStub - No File
    BHO-X64: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
    BHO-X64: Increase performance and video formats for your HTML5 <video> - No File
    BHO-X64: AOL Toolbar Loader: {3ef64538-8b54-4573-b48f-4d34b0238ab2} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll
    BHO-X64: AOL Toolbar Loader - No File
    BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
    BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    TB-X64: AOL Toolbar: {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll
    mRun-x64: [(Default)]
    mRun-x64: [Ad-Aware Antivirus] "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
    mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
    mRun-x64: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
    mRun-x64: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
    SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Saya\AppData\Roaming\Mozilla\Firefox\Profiles\bh2ihekq.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://search.aol.com/search/search?query={searchTerms}&invocationType=tb50-ff-adknowledgeaol-chromesbox-en-us&tb_uuid=20120902213909475&tb_oid=02-09-2012&tb_mrud=02-09-2012
    FF - prefs.js: browser.startup.homepage - about:home
    FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=843&invocationType=tb50-ff-adknowledgeaol-ab-en-us&tb_uuid=20120902213909475&tb_oid=02-09-2012&tb_mrud=02-09-2012&query=
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
    FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll
    FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
    FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
    .
    ---- FIREFOX POLICIES ----
    FF - user.js: network.protocol-handler.warn-external.dnupdate - false
    FF - user.js: browser.sessionstore.resume_from_crash - false
    .
    ============= SERVICES / DRIVERS ===============
    .
    R1 SBRE;SBRE;C:\Windows\System32\drivers\SBREDrv.sys [2011-10-26 101112]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
    R2 Ad-Aware Service;Ad-Aware Service;C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe [2012-7-12 1239952]
    R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-7-27 63960]
    R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072]
    R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
    R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-3-28 94264]
    R2 SBAMSvc;Ad-Aware;C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe [2011-12-19 3289032]
    R2 sbapifs;sbapifs;C:\Windows\system32\DRIVERS\sbapifs.sys --> C:\Windows\system32\DRIVERS\sbapifs.sys [?]
    R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-9-1 1188896]
    R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-9-1 1395736]
    R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\system32\DRIVERS\netr28x.sys --> C:\Windows\system32\DRIVERS\netr28x.sys [?]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-9-1 655944]
    S2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-9-1 166528]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
    S3 HPAuto;HP Auto;C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-2-17 682040]
    S3 Impcd;Impcd;C:\Windows\system32\drivers\Impcd.sys --> C:\Windows\system32\drivers\Impcd.sys [?]
    S3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
    S3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\system32\drivers\HECIx64.sys --> C:\Windows\system32\drivers\HECIx64.sys [?]
    S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-8-19 114144]
    S3 pmxdrv;pmxdrv;\??\C:\Windows\system32\drivers\pmxdrv.sys --> C:\Windows\system32\drivers\pmxdrv.sys [?]
    S3 sbhips;sbhips;C:\Windows\system32\drivers\sbhips.sys --> C:\Windows\system32\drivers\sbhips.sys [?]
    S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
    .
    =============== Created Last 30 ================
    .
    2012-09-02 21:39:17 -------- d-----w- C:\ProgramData\AOL Toolbar
    2012-09-02 21:38:51 6600192 ----a-w- C:\Windows\SysWow64\LicProtector310.exe
    2012-09-02 21:38:51 2323520 ----a-w- C:\Windows\SysWow64\gdpicturepro5.ocx
    2012-09-02 21:38:51 -------- dc-h--w- C:\ProgramData\~0
    2012-09-02 21:38:51 -------- d-----w- C:\Users\Saya\AppData\Local\PackageAware
    2012-09-02 05:34:55 -------- d-----w- C:\Users\Saya\AppData\Local\CrashDumps
    2012-09-02 02:58:50 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
    2012-09-02 02:58:46 17272 ----a-w- C:\Windows\System32\sdnclean64.exe
    2012-09-02 02:58:43 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
    2012-09-02 02:15:40 -------- d-----w- C:\Users\Saya\AppData\Local\ElevatedDiagnostics
    2012-09-02 01:48:00 -------- d-----w- C:\Users\Saya\AppData\Roaming\Malwarebytes
    2012-09-02 01:47:53 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2012-09-02 01:47:53 -------- d-----w- C:\ProgramData\Malwarebytes
    2012-09-02 01:47:53 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2012-09-02 01:33:36 -------- d-----w- C:\Windows\pss
    2012-09-02 01:02:41 916456 ----a-w- C:\Windows\System32\deployJava1.dll
    2012-09-02 01:02:41 1034216 ----a-w- C:\Windows\System32\npDeployJava1.dll
    2012-09-02 01:02:35 108008 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
    2012-09-01 01:17:32 73696 ----a-w- C:\Program Files (x86)\Mozilla Firefox\breakpadinjector.dll
    2012-08-28 21:29:24 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
    2012-08-28 21:29:24 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll
    2012-08-28 21:29:16 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
    2012-08-24 02:11:56 -------- d-----w- C:\Users\Saya\AppData\Local\DDMSettings
    2012-08-24 02:05:45 -------- d-----w- C:\Program Files (x86)\Common Files\PX Storage Engine
    2012-08-24 02:05:33 -------- d-----w- C:\Program Files\DivX
    2012-08-24 02:05:26 -------- d-----w- C:\Program Files (x86)\Common Files\DivX Shared
    2012-08-24 02:04:57 -------- d-----w- C:\Program Files (x86)\DivX
    2012-08-24 02:04:30 -------- d-----w- C:\ProgramData\DivX
    2012-08-21 00:18:07 -------- d-----w- C:\Windows\SysWow64\Wat
    2012-08-21 00:18:07 -------- d-----w- C:\Windows\System32\Wat
    2012-08-20 16:56:07 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
    2012-08-20 16:41:23 81408 ----a-w- C:\Windows\System32\imagehlp.dll
    2012-08-20 16:41:23 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
    2012-08-20 16:41:23 5120 ----a-w- C:\Windows\System32\wmi.dll
    2012-08-20 16:41:23 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
    2012-08-20 16:41:23 220672 ----a-w- C:\Windows\System32\wintrust.dll
    2012-08-20 16:41:23 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
    2012-08-20 16:41:23 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
    2012-08-20 15:50:44 -------- d-----w- C:\Users\Saya\AppData\Roaming\HP Support Assistant
    2012-08-20 15:50:43 -------- d-----w- C:\Users\Saya\AppData\Roaming\HpUpdate
    2012-08-20 14:37:59 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
    2012-08-20 03:54:05 126944 ----a-w- C:\Windows\System32\drivers\scdemu.sys
    2012-08-20 03:54:05 -------- d-----w- C:\Program Files (x86)\PowerISO
    2012-08-20 03:46:14 -------- d-----w- C:\Program Files (x86)\Common Files\Macrovision Shared
    2012-08-20 03:46:05 -------- d-----w- C:\ProgramData\Rosetta Stone
    2012-08-20 03:46:05 -------- d-----w- C:\Program Files (x86)\Rosetta Stone
    2012-08-20 03:24:42 -------- d-----w- C:\Users\Saya\AppData\Local\Apple Computer
    2012-08-20 03:24:37 34152 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
    2012-08-20 03:24:37 126312 ----a-w- C:\Windows\System32\GEARAspi64.dll
    2012-08-20 03:24:37 107368 ----a-w- C:\Windows\SysWow64\GEARAspi.dll
    2012-08-20 03:24:19 -------- d-----w- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
    2012-08-20 03:24:19 -------- d-----w- C:\Program Files\iTunes
    2012-08-20 03:24:19 -------- d-----w- C:\Program Files\iPod
    2012-08-20 03:24:19 -------- d-----w- C:\Program Files (x86)\iTunes
    2012-08-20 03:23:55 -------- d-----w- C:\Users\Saya\AppData\Local\Apple
    2012-08-20 02:51:31 -------- d-----w- C:\Users\Saya\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
    2012-08-20 02:43:05 778088 ------w- C:\Windows\System32\HPDiscoPMa111.dll
    2012-08-20 02:41:59 -------- d-----w- C:\Program Files\HP
    2012-08-20 02:41:30 -------- d-----w- C:\Users\Saya\AppData\Local\HP
    2012-08-20 02:38:42 -------- d-----w- C:\Windows\PCHEALTH
    2012-08-20 02:37:23 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8
    2012-08-20 02:04:01 -------- d-----w- C:\Program Files (x86)\Steam
    2012-08-20 02:04:01 -------- d-----w- C:\Program Files (x86)\Common Files\Steam
    2012-08-20 02:01:41 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe
    2012-08-20 01:58:11 -------- d-----w- C:\Program Files (x86)\Movie Maker 2.6
    2012-08-20 00:51:10 -------- d-----w- C:\Users\Saya\.thumbnails
    2012-08-20 00:49:49 -------- d-----w- C:\Users\Saya\.gimp-2.6
    2012-08-20 00:49:43 -------- d-----w- C:\Users\Saya\AppData\Local\Microsoft Help
    2012-08-20 00:47:06 -------- d-----w- C:\Program Files (x86)\GIMP-2.0
    2012-08-20 00:33:22 -------- d-----w- C:\Users\Saya\AppData\Local\adaware
    2012-08-20 00:33:19 -------- d-----w- C:\ProgramData\Ad-Aware Browsing Protection
    2012-08-20 00:33:16 60536 ----a-w- C:\Windows\System32\drivers\sbhips.sys
    2012-08-20 00:33:16 57976 ----a-w- C:\Windows\System32\drivers\sbredrv.sys
    2012-08-20 00:33:16 45936 ----a-w- C:\Windows\System32\sbbd.exe
    2012-08-20 00:33:15 -------- d-----w- C:\Program Files (x86)\Ad-Aware Antivirus
    2012-08-20 00:33:01 -------- d-----w- C:\Users\Saya\AppData\Local\Downloaded Installations
    2012-08-20 00:32:37 -------- d-----w- C:\Users\Saya\AppData\Roaming\Ad-Aware Antivirus
    2012-08-19 21:03:48 -------- d-----w- C:\Users\Saya\AppData\Local\Macromedia
    2012-08-19 21:03:39 696520 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2012-08-19 21:01:16 -------- d-----w- C:\Users\Saya\AppData\Local\Mozilla
    2012-08-19 18:05:16 -------- d-----r- C:\Program Files (x86)\Skype
    2012-08-19 17:59:13 -------- d-----w- C:\Users\Saya\AppData\Roaming\Intel
    2012-08-19 17:50:18 -------- d-----w- C:\ProgramData\PDFC
    2012-08-19 17:45:23 -------- d-----w- C:\Users\Saya\hpremote
    2012-08-19 17:43:17 -------- d-----w- C:\Users\Saya\AppData\Roaming\Roxio Log Files
    2012-08-19 17:40:34 -------- d-----w- C:\Users\Saya\AppData\Roaming\NewspaperDirect
    2012-08-19 17:35:14 -------- d-----w- C:\Users\Saya\AppData\Local\Adobe
    2012-08-19 17:24:28 -------- d-----w- C:\Users\Saya\AppData\Local\VeriSign
    2012-08-19 17:19:19 -------- d-----w- C:\Users\Saya\AppData\Local\PDFC
    2012-08-19 17:18:54 -------- d-----w- C:\Users\Saya\AppData\Local\VirtualStore
    2012-08-19 17:17:25 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
    2012-08-19 17:17:25 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
    2012-08-19 17:17:25 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
    2012-08-19 17:16:16 -------- d-----w- C:\Users\Saya\AppData\Local\RemEngine
    2012-08-19 17:16:14 -------- d-----w- C:\Users\Saya\AppData\Local\Hewlett-Packard_Company
    .
    ==================== Find3M ====================
    .
    2012-09-02 01:00:55 73416 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-07-18 18:15:06 3148800 ----a-w- C:\Windows\System32\win32k.sys
    2012-07-04 22:13:27 59392 ----a-w- C:\Windows\System32\browcli.dll
    2012-07-04 22:13:27 136704 ----a-w- C:\Windows\System32\browser.dll
    2012-07-04 21:14:34 41984 ----a-w- C:\Windows\SysWow64\browcli.dll
    2012-06-29 03:56:34 2312704 ----a-w- C:\Windows\System32\jscript9.dll
    2012-06-29 03:49:11 1392128 ----a-w- C:\Windows\System32\wininet.dll
    2012-06-29 03:48:07 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
    2012-06-29 03:43:49 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
    2012-06-29 03:39:48 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
    2012-06-29 00:16:58 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2012-06-29 00:09:01 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
    2012-06-29 00:08:59 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2012-06-29 00:04:43 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
    2012-06-29 00:00:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2012-06-07 00:59:42 1070152 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX
    2012-06-06 06:06:16 2004480 ----a-w- C:\Windows\System32\msxml6.dll
    2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll
    2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll
    2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll
    2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
    2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll
    .
    ============= FINISH: 17:50:31.01 ===============

    ==Attach.txt has been attached to this post==

    ==Screenshot 1: Spybot Detected Files==
    direct link: http://www.abload.de/img/virus10dsch.png

    ==Screenshot 2: Windows Firewall & Taskmanager Errors==
    direct link: http://www.abload.de/img/virus2jyakc.png
     

    Attached Files:

  2. ASaiyan

    ASaiyan Thread Starter

    Joined:
    Aug 6, 2012
    Messages:
    9
    Informational bump: my local service center is only open today this week (don't ask me why), and I need the issue fixed long before next Monday, so I will be taking it in one hour.

    I know there are a lot of other people in this forum with various issues, and I'd never expect any special treatment just because I'm in a rush, but anyone able to respond within an hour or so to try to help me deal with this issue myself without breaking the bank would have my eternal esteem and gratitude :). Otherwise, this thread will probably be closed later.
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1067489

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice