DDS (Ver_2011-06-23.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by dobytj at 18:11:07 on 2011-07-02
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.2039.1293 [GMT -4:00]
.
AV: BullGuard Antivirus *Enabled/Updated* {504FFF66-3028-EB7E-2E60-62B19ADD791C}
SP: BullGuard Antispyware *Enabled/Updated* {EB2E1E82-1612-E4F0-14D0-59C3E15A33A1}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: BullGuard Firewall *Enabled* {68747E43-7A47-EA26-053F-CB84640E3E67}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe
C:\Windows\System32\SvcHost.exe -k BullGuard_LowPriv
C:\Windows\System32\SvcHost.exe -k BullGuard
C:\Windows\System32\SvcHost.exe -k BullGuard_Main
C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k HsfXAudioService
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\BullGuard Ltd\BullGuard\files32\spamfilter\LittleHook.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\sppsvc.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 4\Suc11_PrivacySweeper.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 4\Suo10_SmartRAM.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
mWinlogon: Userinit=userinit.exe
BHO: BullGuard Safe Browsing: {fc872b94-35e3-4b94-b028-184a2a1c7cce} - C:\Program Files\BullGuard Ltd\BullGuard\Files32\Antiphishing\IE\BGAntiphishingIEBHO.dll
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
uRun: [Advanced SystemCare 4] "C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe"
mRun: [Spy Watcher] "C:\PROGRA~2\SPYCLE~1\SpyWatcher.exe" -S
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Program Files\BullGuard Ltd\BullGuard\Files32\Antiphishing\IE\BGAntiphishingIE.dll
LSP: C:\Windows\system32\BGLsp.dll
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{2D9E4748-CE29-413F-928D-CAE05C7D9BCE} : DhcpNameServer = 192.168.1.254
Handler: bglink - {FC872B94-35E3-4B94-B028-184A2A1C7CCE} - C:\Program Files\BullGuard Ltd\BullGuard\Files32\Antiphishing\IE\BGAntiphishingIEBHO.dll
AppInit_DLLs: BgGamingMonitor.dll
BHO-X64: BullGuard Safe Browsing: {FC872B94-35E3-4B94-B028-184A2A1C7CCE} - C:\Program Files\BullGuard Ltd\BullGuard\Files32\Antiphishing\IE\BGAntiphishingIEBHO.dll
BHO-X64: BullGuard Safe Browsing - No File
mRun-x64: [Spy Watcher] "C:\PROGRA~2\SPYCLE~1\SpyWatcher.exe" -S
AppInit_DLLs-X64: BgGamingMonitor.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\dobytj\AppData\Roaming\Mozilla\Firefox\Profiles\m8cb1g77.default\
FF - plugin: C:\Program Files (x86)\WorldWinner.com, Inc\WorldWinner Games\npwwload.dll
.
============= SERVICES / DRIVERS ===============
.
R1 AFW;Agnitum Firewall Driver;C:\Windows\system32\DRIVERS\afw.sys --> C:\Windows\system32\DRIVERS\afw.sys [?]
R1 BdSpy;BdSpy;C:\Windows\system32\DRIVERS\BdSpy.sys --> C:\Windows\system32\DRIVERS\BdSpy.sys [?]
R1 NovaShieldFilterDriver;NovaShieldFilterDriver;C:\Windows\system32\DRIVERS\NSKernel.sys --> C:\Windows\system32\DRIVERS\NSKernel.sys [?]
R1 NovaShieldTDIDriver;NovaShieldTDIDriver;C:\Windows\system32\DRIVERS\NSNetmon.sys --> C:\Windows\system32\DRIVERS\NSNetmon.sys [?]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2010-2-17 14920]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2010-2-17 12360]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-5-4 128384]
R2 AdvancedSystemCareService;Advanced SystemCare Service;C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe [2011-7-2 353168]
R2 BsBhvScan;BullGuard Behavioural Detection;C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe [2011-6-15 381784]
R2 BsBrowser;BullGuard antiphishing service;C:\Windows\System32\SvcHost.exe -k BullGuard_LowPriv [2009-7-13 20992]
R2 BsFileScan;BullGuard on-access service;C:\Windows\System32\SvcHost.exe -k BullGuard [2009-7-13 20992]
R2 BsFire;BullGuard firewall service;C:\Windows\System32\SvcHost.exe -k BullGuard [2009-7-13 20992]
R2 BsMailProxy;BullGuard e-mail monitoring service;C:\Windows\System32\SvcHost.exe -k BullGuard [2009-7-13 20992]
R2 BsMain;BullGuard main service;C:\Windows\System32\SvcHost.exe -k BullGuard_Main [2009-7-13 20992]
R2 BsUpdate;BullGuard update service;C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe [2011-5-18 392536]
R2 HsfXAudioService;HsfXAudioService;C:\Windows\system32\svchost.exe -k HsfXAudioService [2009-7-13 20992]
R3 afwcore;afwcore;C:\Windows\system32\DRIVERS\afwcore.sys --> C:\Windows\system32\DRIVERS\afwcore.sys [?]
R3 BsScanner;BullGuard scanning service;C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe [2011-6-2 340312]
R3 CAXHWBS2;CAXHWBS2;C:\Windows\system32\DRIVERS\CAXHWBS2.sys --> C:\Windows\system32\DRIVERS\CAXHWBS2.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 BgRaSvc;BgRaSvc;C:\Program Files\BullGuard Ltd\BullGuard\Support\BgRaSvc.exe [2011-5-18 161112]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 VST64_DPV;VST64_DPV;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
S3 VST64HWBS2;VST64HWBS2;C:\Windows\system32\DRIVERS\VSTBS26.SYS --> C:\Windows\system32\DRIVERS\VSTBS26.SYS [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2011-07-02 21:53:49 388096 ----a-r- C:\Users\dobytj\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-07-02 21:53:49 -------- d-----w- C:\Program Files (x86)\Trend Micro
2011-07-02 21:51:52 -------- d-----w- C:\Windows\System32\appmgmt
2011-07-02 20:02:19 -------- d-----w- C:\Users\dobytj\AppData\Roaming\IObit
2011-07-02 20:02:17 -------- d-----w- C:\Program Files (x86)\IObit
2011-07-01 14:42:49 118784 ----a-w- C:\Windows\SysWow64\MSSTDFMT.DLL
2011-07-01 14:42:45 -------- d-----w- C:\Program Files (x86)\SpywareBlaster
2011-07-01 14:31:53 -------- d-----w- C:\Windows\System32\SPReview
2011-07-01 14:28:56 -------- d-----w- C:\Windows\System32\EventProviders
2011-07-01 14:27:53 -------- d-----w- C:\Users\dobytj\AppData\Roaming\SUPERAntiSpyware.com
2011-07-01 14:27:53 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2011-07-01 14:27:44 -------- d-----w- C:\ProgramData\!SASCORE
2011-07-01 14:27:36 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2011-07-01 14:25:51 -------- d-----w- C:\Program Files\CCleaner
2011-07-01 03:09:59 488448 ----a-w- C:\Windows\System32\secproc.dll
2011-07-01 03:08:59 584192 ----a-w- C:\Windows\SysWow64\gpprefcl.dll
2011-07-01 03:06:59 93696 ----a-w- C:\Windows\SysWow64\fms.dll
2011-07-01 03:05:59 13312 ----a-w- C:\Windows\System32\C_ISCII.DLL
2011-07-01 03:04:21 606208 ----a-w- C:\Windows\SysWow64\wbem\fastprox.dll
2011-07-01 03:04:21 363008 ----a-w- C:\Windows\SysWow64\wbemcomn.dll
2011-07-01 02:57:33 529408 ----a-w- C:\Windows\System32\wbemcomn.dll
2011-07-01 01:06:36 -------- d-----w- C:\Program Files\CONEXANT
2011-07-01 01:05:20 -------- d-----w- C:\Program Files\Realtek
2011-07-01 01:05:19 -------- d-----w- C:\Windows\SysWow64\RTCOM
2011-07-01 00:59:07 1139200 ----a-w- C:\Windows\System32\FntCache.dll
2011-07-01 00:59:06 1544192 ----a-w- C:\Windows\System32\DWrite.dll
2011-07-01 00:59:06 1076736 ----a-w- C:\Windows\SysWow64\DWrite.dll
2011-07-01 00:59:05 902656 ----a-w- C:\Windows\System32\d2d1.dll
2011-07-01 00:59:05 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
2011-06-30 23:50:39 -------- d-----w- C:\Windows\SysWow64\Wat
2011-06-30 23:50:39 -------- d-----w- C:\Windows\System32\Wat
2011-06-30 23:15:00 -------- d-----w- C:\ProgramData\WorldWinner.com
2011-06-30 23:13:19 -------- d-----w- C:\ProgramData\WorldWinner
2011-06-30 23:13:14 -------- d-----w- C:\Users\dobytj\AppData\Roaming\Worldwinner
2011-06-30 23:13:14 -------- d-----w- C:\Program Files (x86)\WorldWinner.com, Inc
2011-06-30 23:09:23 -------- d-----w- C:\Users\dobytj\AppData\Local\Mozilla
2011-06-30 23:06:41 142336 ----a-w- C:\Windows\System32\poqexec.exe
2011-06-30 23:06:41 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe
2011-06-30 20:08:21 -------- d-----w- C:\Windows\Panther
2011-06-30 19:12:27 84992 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\CNBPP4.DLL
2011-06-30 17:27:04 80 --sh--r- C:\Windows\SysWow64\B2B94A1E40.dll
2011-06-30 17:25:39 -------- d-----w- C:\ProgramData\Protexis
2011-06-30 17:25:04 389120 ----a-w- C:\Windows\SysWow64\actskn43.ocx
2011-06-30 17:25:03 143360 ----a-w- C:\Windows\SysWow64\vbuzip10.dll
2011-06-30 17:25:01 147456 ----a-w- C:\Windows\SysWow64\Vbzip11.dll
2011-06-30 17:24:58 10752 ----a-w- C:\Windows\SysWow64\aamd532.dll
2011-06-30 17:24:54 368912 ----a-w- C:\Windows\SysWow64\vbar332.dll
2011-06-30 17:24:54 152848 ----a-w- C:\Windows\SysWow64\COMDLG32.OCX
2011-06-30 17:24:54 -------- d-----w- C:\Program Files (x86)\Spy Cleaner Gold
2011-06-30 17:24:53 1071088 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX
2011-06-30 17:21:20 -------- d-----w- C:\Users\dobytj\AppData\Roaming\Software Inspection Library
2011-06-30 17:10:43 -------- d-----w- C:\Users\dobytj\AppData\Roaming\BullGuard
2011-06-30 17:04:09 289280 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2011-06-30 17:04:09 158208 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2011-06-30 17:04:09 128000 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2011-06-30 17:04:05 476160 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
2011-06-30 17:04:05 3135488 ----a-w- C:\Windows\System32\win32k.sys
2011-06-30 17:04:05 288256 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
2011-06-30 17:04:01 5562240 ----a-w- C:\Windows\System32\ntoskrnl.exe
2011-06-30 17:03:59 3967872 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2011-06-30 17:03:58 3912576 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2011-06-30 17:01:43 321024 ----a-w- C:\Windows\System32\d3d10_1core.dll
2011-06-30 17:00:37 31232 ----a-w- C:\Windows\SysWow64\prevhost.exe
2011-06-30 17:00:37 31232 ----a-w- C:\Windows\System32\prevhost.exe
2011-06-30 17:00:36 974336 ----a-w- C:\Windows\System32\WFS.exe
2011-06-30 17:00:36 267776 ----a-w- C:\Windows\System32\FXSCOVER.exe
2011-06-30 17:00:35 976896 ----a-w- C:\Windows\System32\inetcomm.dll
2011-06-30 17:00:35 741376 ----a-w- C:\Windows\SysWow64\inetcomm.dll
2011-06-30 17:00:34 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys
2011-06-30 16:58:32 -------- d-----w- C:\ProgramData\BullGuard
2011-06-30 16:55:58 -------- d-sh--w- C:\Windows\Installer
2011-06-30 16:55:54 -------- d-----w- C:\Program Files\BullGuard Ltd
2011-06-30 16:49:10 8873296 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D6328A3D-ED77-442D-A7E3-5214FC5845E7}\mpengine.dll
2011-06-30 16:49:06 270720 ------w- C:\Windows\System32\MpSigStub.exe
2011-06-30 04:40:51 1002008 ----a-w- C:\Windows\SysWow64\igxpun.exe
2011-06-30 04:40:51 -------- d-----w- C:\Windows\SysWow64\x64
2011-06-15 10:32:36 255560 ----a-w- C:\Windows\System32\drivers\NSKernel.sys
2011-06-15 10:32:36 25160 ----a-w- C:\Windows\System32\drivers\NSNetmon.sys
2011-06-15 10:32:32 66272 ----a-w- C:\Windows\System32\drivers\BdSpy.sys
2011-06-15 10:32:32 424040 ----a-w- C:\Windows\System32\drivers\afwcore.sys
2011-06-15 10:32:32 39528 ----a-w- C:\Windows\System32\drivers\afw.sys
2011-06-15 10:32:32 284232 ----a-w- C:\Windows\System32\drivers\Trufos.sys
.
==================== Find3M ====================
.
2011-07-01 14:45:37 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2011-07-01 14:45:36 175616 ----a-w- C:\Windows\System32\msclmd.dll
2011-05-24 11:42:55 404480 ----a-w- C:\Windows\System32\umpnpmgr.dll
2011-05-24 10:40:05 64512 ----a-w- C:\Windows\SysWow64\devobj.dll
2011-05-24 10:40:05 44544 ----a-w- C:\Windows\SysWow64\devrtl.dll
2011-05-24 10:39:38 145920 ----a-w- C:\Windows\SysWow64\cfgmgr32.dll
2011-05-24 10:37:54 252928 ----a-w- C:\Windows\SysWow64\drvinst.exe
2011-05-23 14:55:38 109912 ----a-w- C:\Windows\System32\BgGamingMonitor.dll
2011-05-23 14:55:36 100184 ----a-w- C:\Windows\SysWow64\BgGamingMonitor.dll
2011-05-04 05:25:03 2315776 ----a-w- C:\Windows\System32\tquery.dll
2011-05-04 05:22:25 778752 ----a-w- C:\Windows\System32\mssvp.dll
2011-05-04 05:22:25 2223616 ----a-w- C:\Windows\System32\mssrch.dll
2011-05-04 05:22:24 75264 ----a-w- C:\Windows\System32\msscntrs.dll
2011-05-04 05:22:24 491520 ----a-w- C:\Windows\System32\mssph.dll
2011-05-04 05:22:24 288256 ----a-w- C:\Windows\System32\mssphtb.dll
2011-05-04 05:19:28 591872 ----a-w- C:\Windows\System32\SearchIndexer.exe
2011-05-04 05:19:28 249856 ----a-w- C:\Windows\System32\SearchProtocolHost.exe
2011-05-04 05:19:28 113664 ----a-w- C:\Windows\System32\SearchFilterHost.exe
2011-05-04 04:34:43 1549312 ----a-w- C:\Windows\SysWow64\tquery.dll
2011-05-04 04:32:02 666624 ----a-w- C:\Windows\SysWow64\mssvp.dll
2011-05-04 04:32:01 337408 ----a-w- C:\Windows\SysWow64\mssph.dll
2011-05-04 04:32:01 197120 ----a-w- C:\Windows\SysWow64\mssphtb.dll
2011-05-04 04:32:01 1401344 ----a-w- C:\Windows\SysWow64\mssrch.dll
2011-05-04 04:32:00 59392 ----a-w- C:\Windows\SysWow64\msscntrs.dll
2011-05-04 04:28:31 86528 ----a-w- C:\Windows\SysWow64\SearchFilterHost.exe
2011-05-04 04:28:31 427520 ----a-w- C:\Windows\SysWow64\SearchIndexer.exe
2011-05-04 04:28:31 164352 ----a-w- C:\Windows\SysWow64\SearchProtocolHost.exe
2011-04-29 03:06:10 467456 ----a-w- C:\Windows\System32\drivers\srv.sys
2011-04-29 03:05:49 410112 ----a-w- C:\Windows\System32\drivers\srv2.sys
2011-04-29 03:05:37 168448 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2011-04-25 05:33:51 1923968 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2011-04-25 02:34:03 499200 ----a-w- C:\Windows\System32\drivers\afd.sys
2011-04-22 22:15:29 27520 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
2011-04-19 13:43:16 152920 ----a-w- C:\Windows\SysWow64\BGLsp.dll
2011-04-14 12:09:00 176472 ----a-w- C:\Windows\System32\BGLsp.dll
.
============= FINISH: 18:12:54.05 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-06-23.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 6/30/2011 12:37:55 AM
System Uptime: 7/2/2011 1:45:08 AM (17 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | Lancaster8
Processor: Intel(R) Pentium(R) 4 CPU 3.00GHz | CPU 1 | 3000/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 140 GiB total, 115.066 GiB free.
D: is FIXED (NTFS) - 9 GiB total, 1.025 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP10: 7/1/2011 10:30:59 AM - Windows 7 Service Pack 1
RP11: 7/1/2011 11:16:32 AM - Windows Update
RP12: 7/1/2011 11:27:33 AM - Windows Update
RP13: 7/1/2011 3:55:40 PM - Windows Update
RP14: 7/1/2011 6:05:24 PM - Windows Update
RP15: 7/2/2011 5:31:26 PM - Installed HiJackThis
RP16: 7/2/2011 5:51:18 PM - Removed HiJackThis
RP17: 7/2/2011 5:53:09 PM - Installed HiJackThis
.
==== Installed Programs ======================
.
Advanced SystemCare 4
HiJackThis
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Mozilla Firefox 5.0 (x86 en-US)
Realtek High Definition Audio Driver
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Spy Cleaner Gold 9.5
SpywareBlaster 4.4
WorldWinner Games
.
==== Event Viewer Messages From Past Week ========
.
7/1/2011 4:39:49 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
7/1/2011 11:19:16 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070308: Update for Windows 7 for x64-based Systems (KB2547666).
6/30/2011 9:11:46 PM, Error: Service Control Manager [7023] -
6/30/2011 8:49:03 PM, Error: Service Control Manager [7023] - The Windows Modules Installer service terminated with the following error: The process cannot access the file because it is being used by another process.
6/30/2011 8:48:55 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706be: Windows Internet Explorer 9 for Windows 7 for x64-based Systems.
6/30/2011 8:48:55 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Update for Windows 7 for x64-based Systems (KB2533552).
6/30/2011 6:56:14 PM, Error: Service Control Manager [7043] - The Windows Modules Installer service did not shut down properly after receiving a preshutdown control.
6/30/2011 12:14:03 PM, Error: Service Control Manager [7023] - The Windows Time service terminated with the following error: The system cannot find the file specified.
.
==== End Of File ===========================
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:05:04 PM, on 7/2/2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files\BullGuard Ltd\BullGuard\files32\spamfilter\LittleHook.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: BullGuard Safe Browsing - {FC872B94-35E3-4B94-B028-184A2A1C7CCE} - C:\Program Files\BullGuard Ltd\BullGuard\Files32\Antiphishing\IE\BGAntiphishingIEBHO.dll
O4 - HKLM\..\Run: [Spy Watcher] "C:\PROGRA~2\SPYCLE~1\SpyWatcher.exe" -S
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Advanced SystemCare 4] "C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe"
O9 - Extra button: Report to BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Program Files\BullGuard Ltd\BullGuard\Files32\Antiphishing\IE\BGAntiphishingIE.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: bglink - {FC872B94-35E3-4B94-B028-184A2A1C7CCE} - C:\Program Files\BullGuard Ltd\BullGuard\Files32\Antiphishing\IE\BGAntiphishingIEBHO.dll
O20 - AppInit_DLLs: BgGamingMonitor.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Advanced SystemCare Service (AdvancedSystemCareService) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: BgRaSvc - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\Support\BgRaSvc.exe
O23 - Service: BullGuard Behavioural Detection (BsBhvScan) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe
O23 - Service: BullGuard scanning service (BsScanner) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe
O23 - Service: BullGuard update service (BsUpdate) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 5863 bytes
appreciate any help you can give with removal of possible infections,thanks Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:05:04 PM, on 7/2/2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files\BullGuard Ltd\BullGuard\files32\spamfilter\LittleHook.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: BullGuard Safe Browsing - {FC872B94-35E3-4B94-B028-184A2A1C7CCE} - C:\Program Files\BullGuard Ltd\BullGuard\Files32\Antiphishing\IE\BGAntiphishingIEBHO.dll
O4 - HKLM\..\Run: [Spy Watcher] "C:\PROGRA~2\SPYCLE~1\SpyWatcher.exe" -S
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Advanced SystemCare 4] "C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe"
O9 - Extra button: Report to BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Program Files\BullGuard Ltd\BullGuard\Files32\Antiphishing\IE\BGAntiphishingIE.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: bglink - {FC872B94-35E3-4B94-B028-184A2A1C7CCE} - C:\Program Files\BullGuard Ltd\BullGuard\Files32\Antiphishing\IE\BGAntiphishingIEBHO.dll
O20 - AppInit_DLLs: BgGamingMonitor.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Advanced SystemCare Service (AdvancedSystemCareService) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: BgRaSvc - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\Support\BgRaSvc.exe
O23 - Service: BullGuard Behavioural Detection (BsBhvScan) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe
O23 - Service: BullGuard scanning service (BsScanner) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe
O23 - Service: BullGuard update service (BsUpdate) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 5863 bytes
appreciate any help with removal of possible infections.Thanks