Hijack this log

solsunftm · January 15, 2011

Logfile of IObit HijackScan v1.0.2.0

Scan saved at 16:56:26, on 2011-1-15

Running processes:

C:\Windows\System32\smss.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\winlogon.exe

C:\Windows\system32\svchost.exe

C:\Program Files\Fingerprint Sensor\AtService.exe

C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

C:\Windows\system32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Program Files\Acer Bio Protection\CompPtcVUI.exe

C:\Windows\system32\svchost.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\COMODO\COMODO System-Cleaner\Cleaner_Validator.exe

C:\Windows\system32\svchost.exe

C:\Program Files\Acer Bio Protection\BASVC.exe

C:\Program Files\IObit\IObit Security 360\IS360srv.exe

C:\Program Files\Soluto\SolutoService.exe

C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

C:\Windows\system32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Program Files\Spybot

C:\Windows\system32\svchost.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Soluto\soluto.exe

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskhost.exe

C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe

C:\Windows\Explorer.EXE

C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

C:\Program Files\Acer Bio Protection\PdtWzd.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Users\owner\AppData\Local\Temp\RtkBtMnt.exe

C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe

C:\Program Files\IObit\IObit Security 360\is360tray.exe

C:\Program Files\Unlocker\UnlockerAssistant.exe

C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Windows\System32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Program Files\IObit\IObit Security 360\is360.exe

C:\Program Files\IObit\IObit Security 360\a_hijackscan.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtblfs.exe

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\SPYBOT~1\SDHelper.dll

O2 - BHO: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\MICROS~2\Office14\GROOVEEX.DLL

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll

O2 - BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\MICROS~2\Office14\URLREDIR.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll

O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll

O4 - HKCU|\Software\Microsoft\Windows\CurrentVersion\Run\: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [VitaKeyPdtWzd] "C:\Program Files\Acer Bio Protection\PdtWzd.exe"

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe"

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [iObit Security 360] "C:\Program Files\IObit\IObit Security 360\IS360tray.exe" /autostart

O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [unlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"

O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000

O8 - Extra context menu item: Free YouTube Download - C:\Users\owner\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\owner\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

O8 - Extra context menu item: Save Image To humyo.com -

O8 - Extra context menu item: Save Target To humyo.com -

O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105

O9 - Extra button: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer Bio Protection\PwdBank.exe

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Acer Bio Protection\PwdBank.exe

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Acer Bio Protection\PwdBank.exe

O9 - Extra button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Acer Bio Protection\PwdBank.exe

O9 - Extra button: OneNote Linked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Acer Bio Protection\PwdBank.exe

O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Acer Bio Protection\PwdBank.exe

O9 - Extra button: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Acer Bio Protection\PwdBank.exe

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5}ONLINESCANNER.OnlineScannerCtrl.1 - http://download.eset.com/special/eos/OnlineScanner.cab

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}Java Plug-in 1.6.0_21 - http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}Java Plug-in 1.6.0_20 - http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}Java Plug-in 1.6.0_21 - http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}Java Plug-in 1.6.0_21 - http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

O23 - Service: AMD External Events Utility (AMD External Events Utility) - AMD - C:\Windows\system32\atiesrxx.exe

O23 - Service: Apple Mobile Device (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: AuthenTec Fingerprint Service (ATService) - AuthenTec, Inc. - C:\Program Files\Fingerprint Sensor\AtService.exe

O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe

O23 - Service: Bonjour Service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: COMODO System - Cleaner Service (Cleaner_Validator) - Unknown - C:\Program Files\COMODO\COMODO System-Cleaner\Cleaner_Validator.exe

O23 - Service: DCOM Server Process Launcher (DcomLaunch) - Unknown -

O23 - Service: Diagnostic Policy Service (DPS) - Unknown -

O23 - Service: Group Policy Client (gpsvc) - Unknown -

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: humyo.com (humyo.com) - humyo.com Ltd. - C:\Program Files\humyo SmartDrive\hrfscore.exe

O23 - Service: Windows CardSpace (idsvc) - Unknown - %systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

O23 - Service: EgisTec Service (IGBASVC) - Egis Technology Inc. - C:\Program Files\Acer Bio Protection\BASVC.exe

O23 - Service: iPod Service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: IS360service (IS360service) - IObit - C:\Program Files\IObit\IObit Security 360\IS360srv.exe

O23 - Service: Nero Update (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe

O23 - Service: Net.Tcp Port Sharing Service (NetTcpPortSharing) - Unknown - %systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

O23 - Service: NitroPDFReaderDriverCreatorReadSpool (NitroReaderDriverReadSpool) - Nitro PDF Software - C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService.exe

O23 - Service: O&O Defrag Agent (OODefragAgent) - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe

O23 - Service: Quality Windows Audio Video Experience (QWAVE) - Unknown - %windir%\system32\svchost.exe

O23 - Service: Remote Procedure Call (RPC) (RpcSs) - Unknown -

O23 - Service: Security Accounts Manager (SamSs) - Unknown -

O23 - Service: SBSD Security Center Service (SBSDWSCService) - Unknown - C:\Program Files\Spybot.dll

O23 - Service: Secondary Logon (seclogon) - Unknown - %windir%\system32\svchost.exe

O23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto - C:\Program Files\Soluto\SolutoService.exe

O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe

O23 - Service: TomTomHOMEService (TomTomHOMEService) - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

O23 - Service: Distributed Link Tracking Client (TrkWks) - Unknown -

O23 - Service: Windows Modules Installer (TrustedInstaller) - Unknown -

O23 - Service: Block Level Backup Engine Service (wbengine) - Unknown - %systemroot%\system32\wbengine.exe

O23 - Service: Diagnostic Service Host (WdiServiceHost) - Unknown -

O23 - Service: Diagnostic System Host (WdiSystemHost) - Unknown -

O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown - %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe

Internet access very jumpy. Speedtest shows connection from 1MB to 32MB on an 8MB connection

solsunftm · January 15, 2011

DDS (Ver_10-12-12.02) - NTFSx86

Run by owner at 17:03:32.29 on 15/01/2011

Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_21

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.44.1033.18.2270.970 [GMT 0:00]

AV: Kaspersky Internet Security *Enabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: IObit Security 360 *Enabled/Updated* {FAE2835A-B90A-9E7A-85DA-82DBDA7C1E3A}

SP: Kaspersky Internet Security *Enabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}

FW: Kaspersky Internet Security *Enabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D}

============== Running Processes ===============

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Program Files\Acer Bio Protection\CompPtcVUI.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\COMODO\COMODO System-Cleaner\Cleaner_Validator.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k HsfXAudioService

C:\Program Files\Acer Bio Protection\BASVC.exe

C:\Program Files\IObit\IObit Security 360\IS360srv.exe

C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\system32\svchost.exe -k SDRSVC

C:\Windows\System32\svchost.exe -k Akamai

C:\Windows\explorer.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtblfs.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\owner\Downloads\dds.scr

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uInternet Settings,ProxyOverride = *.local

mWinlogon: Userinit=c:\windows\system32\userinit.exe,c:\program files\soluto\soluto.exe /userinit

BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll

BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files\kaspersky lab\kaspersky internet security 2011\ievkbd.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office14\GROOVEEX.DLL

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Easy Photo Print: {9421dd08-935f-4701-a9ca-22df90ac4ea6} - c:\program files\epson software\easy photo print\EPTBL.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - c:\program files\kaspersky lab\kaspersky internet security 2011\klwtbbho.dll

TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

TB: Easy Photo Print: {9421dd08-935f-4701-a9ca-22df90ac4ea6} - c:\program files\epson software\easy photo print\EPTBL.dll

uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe

mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe

mRun: [VitaKeyPdtWzd] "c:\program files\acer bio protection\PdtWzd.exe"

mRun: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

mRun: [AVP] "c:\program files\kaspersky lab\kaspersky internet security 2011\avp.exe"

mRun: [iObit Security 360] "c:\program files\iobit\iobit security 360\IS360tray.exe" /autostart

mRun: [unlockerAssistant] "c:\program files\unlocker\UnlockerAssistant.exe"

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

mPolicies-system: EnableLinkedConnections = 1 (0x1)

IE: Add to Anti-Banner - c:\program files\kaspersky lab\kaspersky internet security 2011\ie_banner_deny.htm

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000

IE: Free YouTube Download - c:\users\owner\appdata\roaming\dvdvideosoftiehelpers\freeyoutubedownload.htm

IE: Free YouTube to MP3 Converter - c:\users\owner\appdata\roaming\dvdvideosoftiehelpers\freeyoutubetomp3converter.htm

IE: Save Image To humyo.com

IE: Save Target To humyo.com

IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105

IE: {10954C80-4F0F-11d3-B17C-00C0DFE39736} - c:\program files\acer bio protection\PwdBank.exe

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll

IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - c:\program files\kaspersky lab\kaspersky internet security 2011\klwtbbho.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll

IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - c:\program files\kaspersky lab\kaspersky internet security 2011\klwtbbho.dll

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll

Notify: klogon - c:\windows\system32\klogon.dll

AppInit_DLLs: c:\progra~1\kasper~1\kasper~1\mzvkbd3.dll,c:\progra~1\kasper~1\kasper~1\kloehk.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office14\GROOVEEX.DLL

Hosts: 127.0.0.1 http://www.spywareinfo.com

================= FIREFOX ===================

FF - ProfilePath - c:\users\owner\appdata\roaming\mozilla\firefox\profiles\39fui9ve.default\

FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=IEFM1&q=

FF - prefs.js: browser.startup.homepage - http://www.google.com

FF - prefs.js: keyword.URL - hxxp://uk.search.yahoo.com/search?ourmark=1&ei=utf-8&fr=chr-nectar&slv8-&type=61465&p=

FF - component: c:\program files\mozilla firefox\extensions\kavantibanner@kaspersky.ru\components\abhelperxpcom.dll

FF - component: c:\program files\mozilla firefox\extensions\linkfilter@kaspersky.ru\components\kavlinkfilter.dll

FF - component: c:\users\owner\appdata\roaming\mozilla\firefox\profiles\39fui9ve.default\extensions\{340c2bbc-ce74-4362-90b5-7c26312808ef}\platform\winnt_x86-msvc\components\WeaveCrypto.dll

FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL

FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL

FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\veetle\player\npvlc.dll

FF - plugin: c:\program files\veetle\plugins\npVeetle.dll

FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll

FF - plugin: c:\users\owner\appdata\local\google\update\1.2.183.39\npGoogleOneClick8.dll

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

FF - Ext: Anti-Banner: KavAntiBanner@Kaspersky.ru - c:\program files\mozilla firefox\extensions\KavAntiBanner@Kaspersky.ru

FF - Ext: Kaspersky URL Advisor: linkfilter@kaspersky.ru - c:\program files\mozilla firefox\extensions\linkfilter@kaspersky.ru

FF - Ext: Firefox Sync: {340c2bbc-ce74-4362-90b5-7c26312808ef} - %profile%\extensions\{340c2bbc-ce74-4362-90b5-7c26312808ef}

FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}

FF - Ext: Nectar Search Toolbar: {841468a1-d7f4-4bd3-84e6-bb0f13a06c64} - %profile%\extensions\{841468a1-d7f4-4bd3-84e6-bb0f13a06c64}

FF - Ext: Split Browser: {29c4afe1-db19-4298-8785-fcc94d1d6c1d} - %profile%\extensions\{29c4afe1-db19-4298-8785-fcc94d1d6c1d}

FF - Ext: Screengrab: {02450954-cdd9-410f-b1da-db804e18c671} - %profile%\extensions\{02450954-cdd9-410f-b1da-db804e18c671}

FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

---- FIREFOX POLICIES ----

FF - user.js: browser.cache.memory.capacity - 65536

FF - user.js: browser.chrome.favicons - false

FF - user.js: browser.display.show_image_placeholders - true

FF - user.js: browser.turbo.enabled - true

FF - user.js: browser.urlbar.autocomplete.enabled - true

FF - user.js: browser.urlbar.autofill - true

FF - user.js: content.interrupt.parsing - true

FF - user.js: content.max.tokenizing.time - 2250000

FF - user.js: content.notify.backoffcount - 5

FF - user.js: content.notify.interval - 750000

FF - user.js: content.notify.ontimer - true

FF - user.js: content.switch.threshold - 750000

FF - user.js: network.http.max-connections - 48

FF - user.js: network.http.max-connections-per-server - 16

FF - user.js: network.http.max-persistent-connections-per-proxy - 16

FF - user.js: network.http.max-persistent-connections-per-server - 8

FF - user.js: network.http.pipelining - true

FF - user.js: network.http.pipelining.firstrequest - true

FF - user.js: network.http.pipelining.maxrequests - 8

FF - user.js: network.http.proxy.pipelining - true

FF - user.js: network.http.request.max-start-delay - 0

FF - user.js: nglayout.initialpaint.delay - 0

FF - user.js: plugin.expose_full_path - true

FF - user.js: ui.submenuDelay - 0

============= SERVICES / DRIVERS ===============

R1 CFRMD;CFRMD;c:\windows\system32\drivers\CFRMD.sys [2010-12-9 64608]

R1 CFRPD;CFRPD;c:\windows\system32\drivers\CFRPD.sys [2010-12-9 33744]

R1 kl2;kl2;c:\windows\system32\drivers\kl2.sys [2010-6-9 11352]

R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\drivers\klim6.sys [2010-4-22 22104]

R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2010-10-25 101904]

R3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver;c:\windows\system32\drivers\ATSwpWDF.sys [2010-10-22 671488]

R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]

R3 JMCR;JMCR;c:\windows\system32\drivers\jmcr.sys [2010-9-3 119256]

R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2009-11-2 19984]

S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2010-4-14 45736]

S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2010-12-8 13192]

S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2010-12-8 8456]

S3 hrfsmrx;hrfsmrx;c:\windows\system32\drivers\hrfsmrx.sys [2010-9-4 144368]

=============== File Associations ===============

JSEFile=NOTEPAD.EXE %1

VBEFile=NOTEPAD.EXE %1

VBSFile=NOTEPAD.EXE %1

=============== Created Last 30 ================

2011-01-15 14:24:33 -------- d-----w- c:\users\owner\Backups

2011-01-15 14:23:20 -------- d-----w- c:\users\owner\appdata\roaming\Comodo

2011-01-15 14:16:02 24383 ----a-w- c:\windows\cscmondump.bin

2011-01-15 14:09:57 -------- d-----w- c:\program files\COMODO

2011-01-15 14:09:28 1060864 ----a-w- c:\windows\system32\mfc71.dll

2011-01-15 13:38:22 -------- d-----w- c:\program files\Veetle

2011-01-15 13:01:08 6273872 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{20ca2b37-9673-4dc0-8a16-e43cbba45d3e}\mpengine.dll

2011-01-10 16:54:57 181704 ----a-w- c:\windows\system32\drivers\PCGenFAM.sys

2011-01-10 16:54:56 -------- d-----w- c:\program files\Soluto

2011-01-10 16:53:18 -------- d-----w- c:\progra~2\Soluto

2011-01-08 16:13:16 -------- d-----w- c:\users\owner\appdata\roaming\Zoner

2011-01-08 16:13:15 -------- d-----w- c:\users\owner\appdata\local\Zoner

2011-01-08 16:11:44 -------- d-----w- c:\program files\Zoner

2011-01-08 16:00:49 -------- d-----w- c:\program files\1-abc

2011-01-08 11:22:30 116736 ----a-w- c:\windows\system32\drivers\mcdbus.sys

2011-01-08 11:22:30 -------- d-----w- c:\program files\MagicDisc

2011-01-03 16:44:54 -------- d-----w- c:\program files\iSkysoft

2011-01-02 16:26:11 -------- d-----w- c:\windows\system32\oodag

2011-01-02 16:22:07 -------- d-----w- c:\users\owner\appdata\local\O&O

2011-01-02 16:21:41 -------- d-----w- c:\program files\OO Software

2011-01-02 16:20:48 -------- d-----w- c:\users\owner\appdata\local\Downloaded Installations

2010-12-31 14:08:08 -------- d-----w- c:\users\owner\appdata\roaming\DVDVideoSoftIEHelpers

2010-12-31 14:06:19 -------- d-----w- c:\users\owner\appdata\roaming\DVDVideoSoft

2010-12-31 14:06:09 -------- d-----w- c:\program files\common files\DVDVideoSoft

2010-12-31 14:06:04 -------- d-----w- c:\program files\DVDVideoSoft

2010-12-25 00:56:04 -------- d-----w- c:\program files\iPod

2010-12-25 00:56:03 -------- d-----w- c:\program files\iTunes

2010-12-25 00:56:03 -------- d-----w- c:\progra~2\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

2010-12-19 12:07:58 -------- d-----w- c:\users\owner\appdata\roaming\Sports Interactive

2010-12-19 12:07:58 -------- d-----w- c:\users\owner\appdata\local\Sports Interactive

2010-12-19 11:11:42 453456 ----a-w- c:\windows\d3dx10_41.dll

2010-12-19 11:11:38 4178264 ----a-w- c:\windows\D3DX9_41.dll

2010-12-19 08:28:59 -------- d-----w- c:\users\owner\appdata\roaming\SUPERAntiSpyware.com

2010-12-19 08:28:19 -------- d-----w- c:\program files\SUPERAntiSpyware

==================== Find3M ====================

2011-01-08 20:11:21 87608 ----a-w- c:\users\owner\appdata\roaming\inst.exe

2011-01-08 20:11:21 47360 ----a-w- c:\users\owner\appdata\roaming\pcouffin.sys

2010-12-09 19:23:46 157777 ----a-w- c:\progra~2\bdinstall.bin

2010-11-29 17:38:30 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx

2010-11-29 17:38:30 69632 ----a-w- c:\windows\system32\QuickTime.qts

2010-11-25 20:31:27 691 ----a-w- c:\users\owner\appdata\roaming\GetValue.vbs

2010-11-25 20:31:27 35 ----a-w- c:\users\owner\appdata\roaming\SetValue.bat

2010-11-25 20:31:26 1958 ----a-w- c:\windows\system32\tmp.reg

2010-11-04 05:52:17 978944 ----a-w- c:\windows\system32\wininet.dll

2010-11-04 05:48:36 44544 ----a-w- c:\windows\system32\licmgr10.dll

2010-11-04 04:41:26 386048 ----a-w- c:\windows\system32\html.iec

2010-11-04 04:08:54 1638912 ----a-w- c:\windows\system32\mshtml.tlb

2010-11-02 04:41:36 442880 ----a-w- c:\windows\system32\XpsPrint.dll

2010-11-02 04:41:36 283648 ----a-w- c:\windows\system32\XpsGdiConverter.dll

2010-11-02 04:41:36 135168 ----a-w- c:\windows\system32\XpsRasterService.dll

2010-11-02 04:41:12 351232 ----a-w- c:\windows\system32\wmicmiplugin.dll

2010-11-02 04:40:36 496128 ----a-w- c:\windows\system32\taskschd.dll

2010-11-02 04:40:36 305152 ----a-w- c:\windows\system32\taskcomp.dll

2010-11-02 04:39:32 749056 ----a-w- c:\windows\system32\schedsvc.dll

2010-11-02 04:36:16 801792 ----a-w- c:\windows\system32\FntCache.dll

2010-11-02 04:35:51 1074176 ----a-w- c:\windows\system32\DWrite.dll

2010-11-02 04:35:35 1170944 ----a-w- c:\windows\system32\d3d10warp.dll

2010-11-02 04:35:34 739840 ----a-w- c:\windows\system32\d2d1.dll

2010-11-02 04:35:34 218624 ----a-w- c:\windows\system32\d3d10_1core.dll

2010-11-02 04:35:34 161792 ----a-w- c:\windows\system32\d3d10_1.dll

2010-11-02 04:34:44 192000 ----a-w- c:\windows\system32\taskeng.exe

2010-11-02 04:34:33 179712 ----a-w- c:\windows\system32\schtasks.exe

2010-11-02 04:23:44 107520 ----a-w- c:\windows\system32\cdd.dll

2010-10-28 12:23:06 2217088 ----a-w- c:\windows\system32\BootMan.exe

2010-10-27 04:32:36 2048 ----a-w- c:\windows\system32\tzres.dll

2010-10-20 04:54:18 34304 ----a-w- c:\windows\system32\atmlib.dll

2010-10-20 03:00:24 2327552 ----a-w- c:\windows\system32\win32k.sys

2010-10-20 02:58:41 294400 ----a-w- c:\windows\system32\atmfd.dll

2010-10-19 10:41:44 222080 ------w- c:\windows\system32\MpSigStub.exe

============= FINISH: 17:11:34.79 ===============

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-12-12.02)

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 03/09/2010 13:33:10

System Uptime: 15/01/2011 16:27:26 (1 hours ago)

Motherboard: Acer, Inc. | | Capitan

Processor: AMD Athlon X2 Dual-Core QL-64 | Socket M2/S1G1 | 2100/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 298 GiB total, 148.831 GiB free.

D: is CDROM ()

E: is CDROM ()

F: is CDROM (CDFS)

==== Disabled Device Manager Items =============

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: Microsoft ISATAP Adapter

Device ID: ROOT\*ISATAP\0001

Manufacturer: Microsoft

Name: Microsoft ISATAP Adapter #2

PNP Device ID: ROOT\*ISATAP\0001

Service: tunnel

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: Microsoft Teredo Tunneling Adapter

Device ID: ROOT\*TEREDO\0000

Manufacturer: Microsoft

Name: Teredo Tunneling Pseudo-Interface

PNP Device ID: ROOT\*TEREDO\0000

Service: tunnel

Class GUID:

Description:

Device ID: ROOT\SYSTEM\0001

Manufacturer:

Name:

PNP Device ID: ROOT\SYSTEM\0001

Service:

Class GUID:

Description:

Device ID: ROOT\LEGACY_LAVASOFT_KERNEXPLORER\0000

Manufacturer:

Name:

PNP Device ID: ROOT\LEGACY_LAVASOFT_KERNEXPLORER\0000

Service:

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: Microsoft ISATAP Adapter

Device ID: ROOT\*ISATAP\0000

Manufacturer: Microsoft

Name: Microsoft ISATAP Adapter

PNP Device ID: ROOT\*ISATAP\0000

Service: tunnel

==== System Restore Points ===================

==== Installed Programs ======================

Acer Bio Protection

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Shockwave Player 11.5

Advanced SystemCare 3

Akamai NetSession Interface

AMD USB Filter Driver

Apple Application Support

Apple Mobile Device Support

Apple Software Update

ATI Catalyst Install Manager

µTorrent

AuthenTec Fingerprint Software

Bonjour

Catalyst Control Center Graphics Full Existing

Catalyst Control Center Graphics Full New

Catalyst Control Center Graphics Light

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

ccc-core-static

ccc-utility

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

CCleaner

COMODO System-Cleaner

ConvertXtoDVD 4.1.2.336

D3DX10

Definition update for Microsoft Office 2010 (KB982726)

doPDF 7.1 printer

Dropbox

DVD Identifier

DVD Shrink 3.2

EASEUS Partition Master 6.5.1 Professional

Epson Easy Photo Print 2

Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)

Epson Print CD

EPSON PX650 Series Printer Uninstall

EPSON Scan

ESET Online Scanner v3

File Shredder 2.0

Fingerprint Solution

Free Studio version 5.0.3

Google Chrome

Google Earth

Google Update Helper

HDAUDIO Soft Data Fax Modem with SmartCP

High-Definition Video Playback 10

humyo SmartDrive

iDump (Freeware) Build:31

ImgBurn

IObit Security 360

iSkysoft Video Converter(Build 2.2.0.0)

iTunes

Java Auto Updater

Java 6 Update 20

Java 6 Update 21

JMicron Flash Media Controller Driver

K-Lite Codec Pack 4.0.0 (Full)

Kaspersky Internet Security 2011

Launch Manager

MagicDisc 2.7.106

Microsoft .NET Framework 4 Client Profile

Microsoft Application Error Reporting

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Groove MUI (English) 2010

Microsoft Office InfoPath MUI (English) 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Professional Plus 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Word MUI (English) 2010

Microsoft Primary Interoperability Assemblies 2005

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Mozilla Firefox (3.6.12)

Mozilla Thunderbird (3.1.6)

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Nero 10 Menu TemplatePack Basic

Nero 10 Movie ThemePack Basic

Nero BackItUp 10

Nero BackItUp 10 Help (CHM)

Nero Burning ROM 10

Nero BurningROM 10 Help (CHM)

Nero BurnRights 10

Nero BurnRights 10 Help (CHM)

Nero Control Center 10

Nero ControlCenter 10 Help (CHM)

Nero Core Components 10

Nero CoverDesigner 10

Nero CoverDesigner 10 Help (CHM)

Nero DiscCopy Gadget 10

Nero DiscCopyGadget 10 Help (CHM)

Nero DiscSpeed 10

Nero DiscSpeed 10 Help (CHM)

Nero Dolby Files 10

Nero Express 10

Nero Express 10 Help (CHM)

Nero InfoTool 10

Nero InfoTool 10 Help (CHM)

Nero MediaHub 10

Nero MediaHub 10 Help (CHM)

Nero Multimedia Suite 10

Nero Recode 10

Nero Recode 10 Help (CHM)

Nero RescueAgent 10

Nero RescueAgent 10 Help (CHM)

Nero SoundTrax 10

Nero SoundTrax 10 Help (CHM)

Nero StartSmart 10

Nero StartSmart 10 Help (CHM)

Nero Update

Nero Vision 10

Nero Vision 10 Help (CHM)

Nero WaveEditor 10

Nero WaveEditor 10 Help (CHM)

Nitro PDF Reader

novaPDF Lite Desktop 7.1 printer

O&O Defrag Professional

PeerBlock 1.1 (r518)

QuickTime

Realtek High Definition Audio Driver

Recuva

Revo Uninstaller 1.91

Smart Defrag

Software Informer 1.0 BETA

Soluto

Spybot - Search & Destroy

SUPERAntiSpyware

Synaptics Pointing Device Driver

System TuneUp

TeamViewer 5

TomTom HOME 2.7.6.2056

TomTom HOME Visual Studio Merge Modules

Uniblue SpeedUpMyPC

Uninstall 1.0.0.1

Unlocker 1.9.0

Upgrade Kit

Veetle TV 0.9.18

Visual C++ 2008 x86 Runtime - (v9.0.30729)

Visual C++ 2008 x86 Runtime - v9.0.30729.01

VLC media player 1.1.5

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Messenger

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live Sync

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Windows Media Encoder 9 Series

WinFF 1.3.1

WinRAR

Wise Disk Cleaner 5.71

Xvid 1.2.2 final uninstall

Youtube Downloader HD v. 2.2

Zoner Photo Studio 12

==== End Of File ===========================

Superdave · January 19, 2011

Hello and welcome to IOBit Forums. My name is Dave. I will be helping you out with your particular problem on your computer.

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.

2. The fixes are specific to your problem and should only be used for this issue on this machine.

3. If you don't know or understand something, please don't hesitate to ask.

4. Please DO NOT run any other tools or scans while I am helping you.

5. It is important that you reply to this thread. Do not start a new topic.

6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.

7. Absence of symptoms does not mean that everything is clear.

8. Please do not run any other tools unless requested by myself.

If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.

****************************************

SUPERAntiSpyware

If you already have SUPERAntiSpyware be sure to check for updates before scanning!

Download SuperAntispyware Free Edition (SAS)

* Double-click the icon on your desktop to run the installer.

* When asked to Update the program definitions, click Yes

* If you encounter any problems while downloading the updates, manually download and unzip them from here

* Next click the Preferences button.

•Under Start-Up Options uncheck Start SUPERAntiSpyware when Windows starts

* Click the Scanning Control tab.

* Under Scanner Options make sure only the following are checked:

•Close browsers before scanning

•Scan for tracking cookies

•Terminate memory threats before quarantining

•Please leave the others unchecked

•Click the Close button to leave the control center screen.

* On the main screen click Scan your computer

* On the left check the box for the drive you are scanning.

* On the right choose Perform Complete Scan

* Click Next to start the scan. Please be patient while it scans your computer.

* After the scan is complete a summary box will appear. Click OK

* Make sure everything in the white box has a check next to it, then click Next

* It will quarantine what it found and if it asks if you want to reboot, click Yes

•To retrieve the removal information please do the following:

•After reboot, double-click the SUPERAntiSpyware icon on your desktop.

•Click Preferences. Click the Statistics/Logs tab.

•Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.

•It will open in your default text editor (preferably Notepad).

•Save the notepad file to your desktop by clicking (in notepad) File > Save As...

* Save the log somewhere you can easily find it. (normally the desktop)

* Click close and close again to exit the program.

*Copy and Paste the log in your post.

******************************************

Please download Malwarebytes Anti-Malware from here.

Double Click mbam-setup.exe to install the application.

Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Full Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
Please save the log to a location you will remember.
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy and paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

**********************************************

P2P - I see you have P2P software installed on your machine (µTorrent). We are not here to pass judgment on file-sharing as a concept. However, we will warn you that engaging in this activity and having this kind of software installed on your machine will always make you more susceptible to re-infections. It is certainly contributing to your current situation.

Please note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares.

I would strongly recommend that you uninstall them, however that choice is up to you. If you choose to remove these programs, you can do so via Control Panel >> Add or Remove Programs.

*************************************************

Download Security Check by screen317 from one of the following links and save it to your desktop.

Link 1

Link 2

* Unzip SecurityCheck.zip and a folder named Security Check should appear.

* Open the Security Check folder and double-click Security Check.bat

* Follow the on-screen instructions inside of the black box.

* A Notepad document should open automatically called checkup.txt

* Post the contents of that document in your next reply.

Note: If a security program requests permission from dig.exe to access the Internet, allow it to do so.

solsunftm · January 22, 2011

SUPERAntiSpyware Scan Log

http://www.superantispyware.com

Generated 01/22/2011 at 04:32 PM

Application Version : 4.47.1000

Core Rules Database Version : 6214

Trace Rules Database Version: 4026

Scan type : Complete Scan

Total Scan Time : 02:46:07

Memory items scanned : 471

Memory threats detected : 0

Registry items scanned : 9017

Registry threats detected : 0

File items scanned : 114290

File threats detected : 3

Adware.Tracking Cookie

media1.break.com [ C:\Users\owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\47L5SUZK ]

secure-us.imrworldwide.com [ C:\Users\owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\47L5SUZK ]

http://www.naiadsystems.com [ C:\Users\owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\47L5SUZK ]

solsunftm · January 22, 2011

doing others taking 2 to 3 hrs each

solsunftm · January 22, 2011

Results of screen317's Security Check version 0.99.8

Windows 7 (UAC is enabled)

Internet Explorer 8

``````````````````````````````

Antivirus/Firewall Check:

Windows Firewall Disabled!

WMI entry may not exist for antivirus; attempting automatic update.

```````````````````````````````

Anti-malware/Other Utilities Check:

MVPS Hosts File

````````````````````````````````

Process Check:

objlist.exe by Laurent

``````````End of Log````````````

Kaspersky crashed the other day after I posted first logs. Could not recover it or reinstal it so installed avast free and pctools firewall

Superdave · January 22, 2011

I still need the MBAM log.

solsunftm · January 22, 2011

I still need the MBAM log.

Just finished

Malwarebytes' Anti-Malware 1.50.1.1100

http://www.malwarebytes.org

Database version: 5571

Windows 6.1.7600

Internet Explorer 8.0.7600.16385

22/01/2011 18:55:17

mbam-log-2011-01-22 (18-55-17).txt

Scan type: Full scan (C:\|)

Objects scanned: 269180

Time elapsed: 2 hour(s), 13 minute(s), 46 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Superdave · January 22, 2011

Download OTL to your desktop.

* Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.

* When the window appears, underneath Output at the top change it to Minimal Output.

* Check the boxes beside LOP Check and Purity Check.

* Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan won't take long.

When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.

Please copy and pate the contents of these files, one at a time, into your next reply.

Note: You may need two or more posts to fit them all in.

solsunftm · January 22, 2011

OTL Extras logfile created on: 22/01/2011 19:21:42 - Run 1

OTL by OldTimer - Version 3.2.20.4 Folder = C:\Users\owner\Desktop

Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 37.00% Memory free

5.00 Gb Paging File | 3.00 Gb Available in Paging File | 58.00% Paging File free

Paging file location(s): C:\pagefile.sys 3070 3070 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 297.99 Gb Total Space | 141.06 Gb Free Space | 47.34% Space Free | Partition Type: NTFS

Drive F: | 2.32 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: OWNER-PC | User Name: owner | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)

htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"AntiVirusDisableNotify" = 0x00000000

"FirewallDisableNotify" = 0x00000000

"UpdatesDisableNotify" = 0x00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.1 (r518)

"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0DCF3CFB-0FB6-01DF-AA2B-3DBC40A5839F}" = Catalyst Control Center Graphics Full Existing

"{10035C61-374F-4E19-3DE6-FFAD64F20152}" = CCC Help Portuguese

"{1107B37C-A748-A839-7B95-C22668E84446}" = CCC Help Chinese Standard

"{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM)

"{172BE173-7514-13D8-26A0-21BE6D02849A}" = CCC Help Finnish

"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker

"{1BB4C660-E5E0-8C76-52CA-861A3F1C122C}" = CCC Help Dutch

"{1D0FDD6D-3C5E-4588-8ED0-02DC88014BF2}" = Upgrade Kit

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}" = Nero MediaHub 10

"{1FA94A28-5D32-CDC3-4FC7-F8AB6842AB55}" = CCC Help Japanese

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback 10

"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10

"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver

"{26A24AE4-039D-4CA4-87B4-2F83216020F0}" = Java 6 Update 20

"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java 6 Update 23

"{26E5F8B6-CB96-D266-6631-C2E998138A48}" = CCC Help Thai

"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10

"{2C997A7A-B527-6250-B6FE-696E72290CCF}" = CCC Help German

"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support

"{3143EA78-CF29-631E-DD1D-E567A0939D73}" = Catalyst Control Center Graphics Light

"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)

"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10

"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery

"{36A98148-A6B5-EBA5-6353-9833C7F5C06E}" = Catalyst Control Center Graphics Full New

"{39F58DDB-B2B8-4B86-AF20-4706A80EB30D}" = Epson Easy Photo Print 2

"{3B9D1BC9-B8FE-4CD8-945F-A72897E904B6}" = Soluto

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{3DBA8005-4659-C0C2-32FC-CCAEBA155AC6}" = CCC Help Russian

"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth

"{453DC0A2-6F09-FCEC-57A0-2B3540B363B4}" = CCC Help Korean

"{46E6CCE4-99DA-F751-555A-A83D08727108}" = CCC Help Polish

"{48FD7162-300B-FBD6-BBF1-E787DCA61C02}" = CCC Help Swedish

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform

"{5239B19E-21EE-327A-7F8A-47ABC68BA306}" = CCC Help English

"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)

"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)

"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime

"{5F548A02-80BC-404D-BAE6-F05F9BF6B449}" = Nero DiscCopyGadget 10 Help (CHM)

"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant

"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic

"{6560081A-2245-41B9-CF3C-7EA6C9BEAE51}" = Catalyst Control Center Localization All

"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update

"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)

"{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin

"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack

"{6C810E30-FC8A-7059-5752-8800FCA6203C}" = CCC Help Chinese Traditional

"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10

"{6E699A98-4FDF-AC94-8F2B-8ECCAC09794A}" = ccc-utility

"{6E810309-4B18-4DC4-A383-F0FB830B02B1}" = AuthenTec Fingerprint Software

"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10

"{75EF9F92-76D4-F910-6A98-AE8F2EBF99BB}" = ccc-core-static

"{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM)

"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10

"{7BC46298-4325-EDF3-D3EA-C39390B315AF}" = CCC Help Turkish

"{7BC6B815-D9F1-4C43-82B4-7CB25458DD31}" = O&O Defrag Professional

"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger

"{82809116-D1EE-443C-AE31-F19E709DDF7A}" = AMD USB Filter Driver

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{881F5DE8-9367-4B81-A325-E91BBC6472F9}" = iTunes

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10

"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules

"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010

"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010

"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010

"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010

"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010

"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010

"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010

"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010

"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010

"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010

"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010

"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010

"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010

"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010

"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010

"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010

"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010

"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{92EC1A84-7FFC-42DF-A8F6-79C21C4765A5}" = Nero DiscCopy Gadget 10

"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10

"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)

"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer

"{AB39BF09-4A6D-4D5A-C18C-5FA93ACA7AEF}" = Catalyst Control Center InstallProxy

"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync

"{B2717DE0-E633-F8A5-727A-30EE10F85932}" = CCC Help Norwegian

"{B2D55EB8-32C5-4B43-9006-9E97DECBA178}" = Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)

"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy

"{C0AF9DFE-8B2A-4AC4-22B8-F0EF518C8443}" = CCC Help Greek

"{C12F5BC8-AA4A-6046-2C5C-5822317733CD}" = CCC Help French

"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)

"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)

"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10

"{C4039DC0-905D-4372-8B20-120F0B6CF283}" = COMODO System-Cleaner

"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update

"{C6A037B6-C14B-D618-01F2-75F7C6DFF69E}" = CCC Help Danish

"{C7C7ABDD-3787-A13B-1F47-27CA9C39DB96}" = CCC Help Spanish

"{C9FD8F40-C7BB-A23E-4C87-57485D7501EF}" = CCC Help Czech

"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{D16A31F9-276D-4968-A753-FFEAC56995D0}" = Epson Print CD

"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005

"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{DB44C345-3CD6-0076-D710-47936E6B4BA6}" = CCC Help Hungarian

"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.1.2.336

"{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM)

"{DDB21979-9370-4D64-A54C-BE43F2282F18}" = Nitro PDF Reader

"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources

"{E09664BB-BB08-45FA-87D1-33EAB0E017F5}" = Fingerprint Solution

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}" = Nero SoundTrax 10

"{E2DFCB25-A7CE-AEF9-99C2-2421F076C840}" = CCC Help Italian

"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10

"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series

"{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1" = Uniblue SpeedUpMyPC

"{E8A602BF-C276-4DB2-A9FF-B4C30EA1CB7C}_is1" = iDump (Freeware) Build:31

"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger

"{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10

"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support

"{EFBB78E7-56FF-9793-E36D-E2F4FEEFB6C7}" = ATI Catalyst Install Manager

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)

"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01

"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10

"{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM)

"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic

"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)

"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10

"{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10

"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials

"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Adobe Shockwave Player" = Adobe Shockwave Player 11.5

"Advanced SystemCare 3_is1" = Advanced SystemCare 3

"Akamai" = Akamai NetSession Interface

"avast5" = avast! Free Antivirus

"CCleaner" = CCleaner

"CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP

"doPDF 7 printer_is1" = doPDF 7.1 printer

"DVD Identifier_is1" = DVD Identifier

"DVD Shrink_is1" = DVD Shrink 3.2

"EASEUS Partition Master Professional Edition_is1" = EASEUS Partition Master 6.5.1 Professional

"EPSON PX650 Series" = EPSON PX650 Series Printer Uninstall

"EPSON Scanner" = EPSON Scan

"ESET Online Scanner" = ESET Online Scanner v3

"File Shredder_is1" = File Shredder 2.0

"Football Manager 2010" = Football Manager 2010

"Free Studio_is1" = Free Studio version 5.0.3

"HFRS_is1" = humyo SmartDrive

"ImgBurn" = ImgBurn

"InstallShield_{E09664BB-BB08-45FA-87D1-33EAB0E017F5}" = Acer Bio Protection

"InstallWIX_{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011

"IObit Security 360_is1" = IObit Security 360

"iSkysoft Video Converter_is1" = iSkysoft Video Converter(Build 2.2.0.0)

"KLiteCodecPack_is1" = K-Lite Codec Pack 4.0.0 (Full)

"LManager" = Launch Manager

"MagicDisc 2.7.106" = MagicDisc 2.7.106

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)

"Mozilla Thunderbird (3.1.6)" = Mozilla Thunderbird (3.1.6)

"novaPDF Lite Desktop 7 printer_is1" = novaPDF Lite Desktop 7.1 printer

"Office14.PROPLUS" = Microsoft Office Professional Plus 2010

"PC Tools Firewall Plus" = PC Tools Firewall Plus 7.0

"Recuva" = Recuva

"Revo Uninstaller" = Revo Uninstaller 1.91

"Smart Defrag_is1" = Smart Defrag

"Software Informer_is1" = Software Informer 1.0 BETA

"SynTPDeinstKey" = Synaptics Pointing Device Driver

"System TuneUp_is1" = System TuneUp

"TeamViewer 5" = TeamViewer 5

"TomTom HOME" = TomTom HOME 2.7.6.2056

"Uninstall_is1" = Uninstall 1.0.0.1

"Unlocker" = Unlocker 1.9.0

"uTorrent" = µTorrent

"Veetle TV" = Veetle TV 0.9.18

"VLC media player" = VLC media player 1.1.5

"Windows Media Encoder 9" = Windows Media Encoder 9 Series

"WinFF_is1" = WinFF 1.3.1

"WinLiveSuite" = Windows Live Essentials

"WinRAR" = WinRAR

"Wise Disk Cleaner_is1" = Wise Disk Cleaner 5.71

"Xvid_is1" = Xvid 1.2.2 final uninstall

"Youtube Downloader HD_is1" = Youtube Downloader HD v. 2.2

"ZonerPhotoStudio12_EN_is1" = Zoner Photo Studio 12

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Dropbox" = Dropbox

"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]

Error - 17/01/2011 09:01:37 | Computer Name = owner-PC | Source = Windows Search Service | ID = 3058

Description =

Error - 17/01/2011 09:01:37 | Computer Name = owner-PC | Source = Windows Search Service | ID = 7010

Description =

Error - 17/01/2011 11:26:41 | Computer Name = owner-PC | Source = VSS | ID = 8194

Description =

Error - 19/01/2011 02:49:58 | Computer Name = owner-PC | Source = Application Error | ID = 1000

Description = Faulting application name: AtService.exe, version: 8.5.2.3, time stamp:

0x4a794298 Faulting module name: AtService.exe, version: 8.5.2.3, time stamp: 0x4a794298

Exception

code: 0x40000015 Fault offset: 0x000d64a4 Faulting process id: 0x394 Faulting application

start time: 0x01cbb7a508bd9610 Faulting application path: C:\Program Files\Fingerprint

Sensor\AtService.exe Faulting module path: C:\Program Files\Fingerprint Sensor\AtService.exe

Report

Id: 54262af2-2398-11e0-8ee5-00238bee7c86

Error - 19/01/2011 02:53:43 | Computer Name = owner-PC | Source = Application Hang | ID = 1002

Description = The program firefox.exe version 1.9.2.3989 stopped interacting with

Windows and was closed. To see if more information about the problem is available,

check the problem history in the Action Center control panel. Process ID: 16c0 Start

Time: 01cbb7a57ec82c6f Termination Time: 177 Application Path: C:\Program Files\Mozilla

Firefox\firefox.exe Report Id: d46b187e-2398-11e0-8ee5-00238bee7c86

Error - 19/01/2011 08:48:02 | Computer Name = owner-PC | Source = Application Error | ID = 1000

Description = Faulting application name: AtService.exe, version: 8.5.2.3, time stamp:

0x4a794298 Faulting module name: AtService.exe, version: 8.5.2.3, time stamp: 0x4a794298

Exception

code: 0x40000015 Fault offset: 0x000d64a4 Faulting process id: 0x3a0 Faulting application

start time: 0x01cbb7d70dec2c59 Faulting application path: C:\Program Files\Fingerprint

Sensor\AtService.exe Faulting module path: C:\Program Files\Fingerprint Sensor\AtService.exe

Report

Id: 59619331-23ca-11e0-bdaf-00238bee7c86

Error - 20/01/2011 04:29:46 | Computer Name = owner-PC | Source = Application Error | ID = 1000

Description = Faulting application name: AtService.exe, version: 8.5.2.3, time stamp:

0x4a794298 Faulting module name: AtService.exe, version: 8.5.2.3, time stamp: 0x4a794298

Exception

code: 0x40000015 Fault offset: 0x000d64a4 Faulting process id: 0x3a4 Faulting application

start time: 0x01cbb87c21810dd6 Faulting application path: C:\Program Files\Fingerprint

Sensor\AtService.exe Faulting module path: C:\Program Files\Fingerprint Sensor\AtService.exe

Report

Id: 6fbb593e-246f-11e0-b1e4-00238bee7c86

Error - 20/01/2011 04:46:10 | Computer Name = owner-PC | Source = Application Error | ID = 1000

Description = Faulting application name: vlc.exe, version: 1.1.5.0, time stamp:

0x4cdec0ee Faulting module name: vlc.exe, version: 1.1.5.0, time stamp: 0x4cdec0ee

Exception

code: 0xc0000005 Fault offset: 0x000016e8 Faulting process id: 0x9ac Faulting application

start time: 0x01cbb87e769ae066 Faulting application path: C:\Program Files\VideoLAN\VLC\vlc.exe

Faulting

module path: C:\Program Files\VideoLAN\VLC\vlc.exe Report Id: ba0d12c2-2471-11e0-b1e4-00238bee7c86

Error - 20/01/2011 04:46:44 | Computer Name = owner-PC | Source = Application Error | ID = 1000

Description = Faulting application name: vlc.exe, version: 1.1.5.0, time stamp:

0x4cdec0ee Faulting module name: vlc.exe, version: 1.1.5.0, time stamp: 0x4cdec0ee

Exception

code: 0xc0000005 Fault offset: 0x000016e8 Faulting process id: 0x15d4 Faulting application

start time: 0x01cbb87e8b94e777 Faulting application path: C:\Program Files\VideoLAN\VLC\vlc.exe

Faulting

module path: C:\Program Files\VideoLAN\VLC\vlc.exe Report Id: ce3ac625-2471-11e0-b1e4-00238bee7c86

Error - 20/01/2011 04:47:00 | Computer Name = owner-PC | Source = Application Error | ID = 1000

Description = Faulting application name: vlc.exe, version: 1.1.5.0, time stamp:

0x4cdec0ee Faulting module name: vlc.exe, version: 1.1.5.0, time stamp: 0x4cdec0ee

Exception

code: 0xc0000005 Fault offset: 0x000016e8 Faulting process id: 0x13c0 Faulting application

start time: 0x01cbb87e96615832 Faulting application path: C:\Program Files\VideoLAN\VLC\vlc.exe

Faulting

module path: C:\Program Files\VideoLAN\VLC\vlc.exe Report Id: d7ff11d1-2471-11e0-b1e4-00238bee7c86

[ Media Center Events ]

Error - 08/11/2010 21:34:45 | Computer Name = owner-PC | Source = MCUpdate | ID = 0

Description = 01:34:45 - Error connecting to the internet. 01:34:45 - Unable

to contact server..

Error - 08/11/2010 21:34:58 | Computer Name = owner-PC | Source = MCUpdate | ID = 0

Description = 01:34:50 - Error connecting to the internet. 01:34:50 - Unable

to contact server..

Error - 19/11/2010 19:04:26 | Computer Name = owner-PC | Source = MCUpdate | ID = 0

Description = 23:04:22 - Error connecting to the internet. 23:04:22 - Unable

to contact server..

Error - 19/11/2010 19:15:46 | Computer Name = owner-PC | Source = MCUpdate | ID = 0

Description = 23:04:39 - Error connecting to the internet. 23:04:39 - Unable

to contact server..

Error - 19/11/2010 20:15:47 | Computer Name = owner-PC | Source = MCUpdate | ID = 0

Description = 00:15:47 - Error connecting to the internet. 00:15:47 - Unable

to contact server..

Error - 19/11/2010 20:15:58 | Computer Name = owner-PC | Source = MCUpdate | ID = 0

Description = 00:15:53 - Error connecting to the internet. 00:15:53 - Unable

to contact server..

Error - 19/11/2010 21:16:05 | Computer Name = owner-PC | Source = MCUpdate | ID = 0

Description = 01:16:05 - Error connecting to the internet. 01:16:05 - Unable

to contact server..

Error - 19/11/2010 21:16:16 | Computer Name = owner-PC | Source = MCUpdate | ID = 0

Description = 01:16:10 - Error connecting to the internet. 01:16:10 - Unable

to contact server..

Error - 19/11/2010 22:16:22 | Computer Name = owner-PC | Source = MCUpdate | ID = 0

Description = 02:16:22 - Error connecting to the internet. 02:16:22 - Unable

to contact server..

Error - 19/11/2010 22:16:30 | Computer Name = owner-PC | Source = MCUpdate | ID = 0

Description = 02:16:27 - Error connecting to the internet. 02:16:27 - Unable

to contact server..

[ System Events ]

Error - 20/01/2011 04:29:02 | Computer Name = owner-PC | Source = volmgr | ID = 262190

Description = Crash dump initialization failed!

Error - 20/01/2011 04:29:12 | Computer Name = owner-PC | Source = volmgr | ID = 262190

Description = Crash dump initialization failed!

Error - 20/01/2011 04:29:27 | Computer Name = owner-PC | Source = Service Control Manager | ID = 7000

Description = The Kaspersky Anti-Virus Service service failed to start due to the

following error: %%2

Error - 20/01/2011 04:30:13 | Computer Name = owner-PC | Source = Service Control Manager | ID = 7034

Description = The AuthenTec Fingerprint Service service terminated unexpectedly.

It has done this 1 time(s).

Error - 20/01/2011 10:16:14 | Computer Name = owner-PC | Source = Service Control Manager | ID = 7011

Description = A timeout (30000 milliseconds) was reached while waiting for a transaction

response from the SolutoService service.

Error - 20/01/2011 10:16:15 | Computer Name = owner-PC | Source = DCOM | ID = 10010

Description =

Error - 22/01/2011 04:52:50 | Computer Name = owner-PC | Source = volmgr | ID = 262190

Description = Crash dump initialization failed!

Error - 22/01/2011 04:53:00 | Computer Name = owner-PC | Source = volmgr | ID = 262190

Description = Crash dump initialization failed!

Error - 22/01/2011 04:53:15 | Computer Name = owner-PC | Source = Service Control Manager | ID = 7000

Description = The Kaspersky Anti-Virus Service service failed to start due to the

following error: %%2

Error - 22/01/2011 09:25:22 | Computer Name = owner-PC | Source = Service Control Manager | ID = 7011

Description = A timeout (30000 milliseconds) was reached while waiting for a transaction

response from the eventlog service.

< End of report >

solsunftm · January 22, 2011

OTL logfile created on: 22/01/2011 19:21:42 - Run 1