Chuck,
Here are the three logs:
Malwarebytes' Anti-Malware 1.34
Database version: 1749
Windows 5.1.2600 Service Pack 2
3/9/2009 1:27:53 PM
mbam-log-2009-03-09 (13-27-53).txt
Scan type: Full Scan (C:\|)
Objects scanned: 136571
Time elapsed: 27 minute(s), 47 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 1
Registry Data Items Infected: 6
Folders Infected: 0
Files Infected: 8
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{87255c51-cd7d-4506-b9ad-97606daf53f3} (Adware.Coupons) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9522b3fb-7a2b-4646-8af6-36e7f593073c} (Adware.Coupons) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Antispyware (Rogue.Antispyware) -> Quarantined and deleted successfully.
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.231,85.255.112.98 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{efa03ae8-9316-4dd2-b84d-b953987e310d}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.231,85.255.112.98 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.231,85.255.112.98 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{efa03ae8-9316-4dd2-b84d-b953987e310d}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.231,85.255.112.98 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.231,85.255.112.98 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\Interfaces\{efa03ae8-9316-4dd2-b84d-b953987e310d}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.231,85.255.112.98 -> Quarantined and deleted successfully.
Folders Infected:
(No malicious items detected)
Files Infected:
C:\Config.Msi\b0c08.rbf (Rogue.SpyCleaner) -> Quarantined and deleted successfully.
C:\WINDOWS\Tasks\Antispyware Scheduled Scan.job (Rogue.Antispyware) -> Quarantined and deleted successfully.
C:\autorun.inf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\RECYCLER\S-4-6-18-100024330-100025379-100030156-3110.com (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\tempo-323093.tmp (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gaopdxqsgsfipx.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\gaopdxpardnbmt.sys (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\gaopdxserv.sys (Trojan.Agent) -> Quarantined and deleted successfully.
HERE ARE THE DDS LOGS :
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_09-02-01.01)
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 11/10/2006 11:03:16 AM
System Uptime: 3/9/2009 11:30:31 AM (2 hours ago)
Motherboard: MICRO-STAR INTERNATIONAL CO., LTD | | MS-6533
Processor: Intel(R) Pentium(R) 4 CPU 2.40GHz | Socket 478 | 2390/133mhz
==== Disk Partitions =========================
A: is Removable
C: is FIXED (NTFS) - 149 GiB total, 123.136 GiB free.
D: is CDROM ()
E: is CDROM ()
==== Disabled Device Manager Items =============
==== System Restore Points ===================
RP195: 9/24/2008 2:28:31 PM - System Checkpoint
RP196: 10/5/2008 7:58:55 AM - System Checkpoint
RP197: 10/5/2008 9:50:58 AM - Installed BlackBerry Desktop Software 4.3.
RP198: 10/5/2008 10:02:24 AM - Installed Roxio Media Manager
RP199: 10/5/2008 10:25:44 AM - Installed BlackBerry Desktop Software 4.6.
RP200: 10/5/2008 10:27:33 AM - Removed BlackBerry Desktop Software 4.3.
RP201: 10/5/2008 10:39:30 AM - Installed Roxio Media Manager
RP202: 10/6/2008 6:12:52 PM - System Checkpoint
RP203: 10/9/2008 11:00:04 AM - System Checkpoint
RP204: 10/13/2008 1:16:54 PM - System Checkpoint
RP205: 10/15/2008 4:36:53 PM - Removed Japanese Fonts Support For Adobe Reader 8
RP206: 10/27/2008 2:31:41 PM - System Checkpoint
RP207: 10/31/2008 8:09:35 AM - System Checkpoint
RP208: 11/1/2008 12:02:09 PM - System Checkpoint
RP209: 11/4/2008 7:35:27 AM - System Checkpoint
RP210: 11/6/2008 4:54:10 PM - Shockwave Player
RP211: 11/11/2008 7:07:27 PM - Removed E-Center
RP212: 11/11/2008 7:07:53 PM - Configured Your Application Name
RP213: 11/11/2008 7:08:24 PM - Removed Your Application Name
RP214: 11/11/2008 7:09:13 PM - Removed Digital Photo Navigator 1.5
RP215: 11/11/2008 7:10:56 PM - Removed LUMIX Simple Viewer
RP216: 11/11/2008 7:26:02 PM - Removed Desktop Doctor
RP217: 11/13/2008 2:28:07 PM - System Checkpoint
RP218: 11/15/2008 11:47:24 AM - System Checkpoint
RP219: 11/17/2008 2:36:22 PM - System Checkpoint
RP220: 12/11/2008 4:17:22 PM - Installed AVG Free 8.0
RP221: 12/12/2008 4:26:03 PM - Avg8 Update
RP222: 12/19/2008 12:06:28 PM - Installed Digital Photo Navigator 1.5
RP223: 12/24/2008 2:14:42 PM - Software Distribution Service 3.0
RP224: 1/4/2009 7:35:25 PM - Installed Java(TM) 6 Update 11
RP225: 1/28/2009 3:22:28 PM - Removed Adobe Reader 8.1.2
RP226: 2/5/2009 5:14:05 PM - Installed BlackBerry Device Software v4.5.0 for the BlackBerry 8330 smartphone.
RP227: 2/14/2009 6:18:41 PM - Software Distribution Service 3.0
RP228: 2/25/2009 7:18:14 PM - Software Distribution Service 3.0
==== Installed Programs ======================
32 Bit HP CIO Components Installer
ABC Amber BlackBerry Editor
ACDSee
Adobe Flash Player 9 ActiveX
Adobe Flash Player ActiveX
Adobe Photoshop Elements 2.0
Adobe Reader 8.1.3
Adobe Shockwave Player
AIO_Scan
Apple Mobile Device Support
Apple Software Update
AVG 8.5
BlackBerry Desktop Software 4.6
BlackBerry Device Software v4.5.0 for the BlackBerry 8330 smartphone
BufferChm
C4200
c4200_Help
Comcast High-Speed Internet Install Wizard
Copy
Destinations
DeviceManagementQFolder
Digital Photo Navigator 1.5
DocProc
DocProcQFolder
Documents To Go
Drivers Install For Linksys Easylink Advisor
DVD-CLONER V4.10 Build 914
DVD Solution
DVDFab Decrypter 3.0.2.5
eSupportQFolder
Finale NotePad 2003a
Highlight Viewer (Windows Live Toolbar)
HijackThis 2.0.2
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB926239)
Hotfix for Windows XP (KB952287)
HP Imaging Device Functions 8.0
HP OCR Software 8.0
HP Photosmart All-In-One Software 8.0
HP Photosmart Essential
hp photosmart printer series (Remove only)
HP Solution Center 8.0
HP Update
HPProductAssistant
HPSSupply
InCD
iTunes
Japanese Fonts Support For Adobe Reader 8
Java(TM) 6 Update 11
Java(TM) 6 Update 7
LG ODD Auto Firmware Update
LightScribe 1.4.74.1
Linksys EasyLink Advisor 1.6 (0032)
Malwarebytes' Anti-Malware
Map Button (Windows Live Toolbar)
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft LifeCam
Microsoft National Language Support Downlevel APIs
Microsoft Office 2000 SR-1 Disc 2
Microsoft Office 2000 SR-1 Professional
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
MSXML 4.0 SP2 (KB954430)
MSXML 6 Service Pack 2 (KB954459)
Multimedia Launcher
Nero
Nero OEM
palmOne
PowerCinema NE for Everio
PowerDirector Express
PowerDVD
PowerProducer
Professor Answers
Professor Teaches Excel 2002
PS_AIO_ProductContext
PS_AIO_Software
PS_AIO_Software_min
QuickTime
RealPlayer
Realtek AC'97 Audio
Registry Mechanic 8.0
Roxio Media Manager
Scan
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913433)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922760)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB941693)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB946026)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB948590)
Security Update for Windows XP (KB948881)
Security Update for Windows XP (KB950749)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB960715)
Smart Menus (Windows Live Toolbar)
SolutionCenter
Status
Toolbox
TrayApp
UnloadSupport
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB932823-v3)
Update for Windows XP (KB933360)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
WD Diagnostics
WebFldrs XP
WebReg
Windows Genuine Advantage Validation Tool (KB892130)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Live Favorites for Windows Live Toolbar
Windows Live installer
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Toolbar
Windows Live Toolbar Extension (Windows Live Toolbar)
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
==== Event Viewer Messages From Past Week ========
3/9/2009 11:34:29 AM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 25 time(s).
3/9/2009 11:34:29 AM, error: Service Control Manager [7034] - The COM+ Event System service terminated unexpectedly. It has done this 5 time(s).
3/9/2009 11:31:59 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Roxio Hard Drive Watcher 9 service to connect.
3/6/2009 5:55:46 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 55 time(s).
3/6/2009 5:55:46 PM, error: Service Control Manager [7034] - The COM+ Event System service terminated unexpectedly. It has done this 11 time(s).
3/6/2009 5:51:09 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 32 time(s).
3/6/2009 5:51:09 PM, error: Service Control Manager [7034] - The Network Connections service terminated unexpectedly. It has done this 4 time(s).
3/6/2009 5:51:09 PM, error: Service Control Manager [7034] - The COM+ Event System service terminated unexpectedly. It has done this 7 time(s).
3/6/2009 5:46:23 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 6 time(s).
3/6/2009 5:46:23 PM, error: Service Control Manager [7034] - The COM+ Event System service terminated unexpectedly. It has done this 2 time(s).
3/6/2009 4:18:32 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 7 time(s).
3/6/2009 4:18:32 PM, error: Service Control Manager [7034] - The Network Connections service terminated unexpectedly. It has done this 3 time(s).
3/6/2009 4:18:32 PM, error: Service Control Manager [7034] - The COM+ Event System service terminated unexpectedly. It has done this 3 time(s).
3/6/2009 2:10:00 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 15 time(s).
3/6/2009 2:10:00 PM, error: Service Control Manager [7034] - The Network Connections service terminated unexpectedly. It has done this 5 time(s).
3/6/2009 2:05:59 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 4 time(s).
3/6/2009 2:05:59 PM, error: Service Control Manager [7034] - The Network Location Awareness (NLA) service terminated unexpectedly. It has done this 2 time(s).
3/6/2009 2:05:57 PM, error: DCOM [10005] - DCOM got error "%230" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
3/6/2009 2:05:54 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
3/6/2009 7:20:48 AM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 45 time(s).
3/6/2009 7:15:48 AM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 39 time(s).
3/5/2009 5:42:49 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 826 time(s).
3/5/2009 5:42:49 PM, error: Service Control Manager [7034] - The COM+ Event System service terminated unexpectedly. It has done this 60 time(s).
3/5/2009 5:22:30 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 627 time(s).
3/5/2009 5:22:30 PM, error: Service Control Manager [7034] - The COM+ Event System service terminated unexpectedly. It has done this 50 time(s).
3/5/2009 5:20:02 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 561 time(s).
3/5/2009 5:20:02 PM, error: Service Control Manager [7034] - The COM+ Event System service terminated unexpectedly. It has done this 45 time(s).
3/5/2009 5:12:24 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 545 time(s).
3/5/2009 5:12:24 PM, error: Service Control Manager [7034] - The COM+ Event System service terminated unexpectedly. It has done this 43 time(s).
3/5/2009 5:08:39 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 527 time(s).
3/5/2009 5:08:39 PM, error: Service Control Manager [7034] - The COM+ Event System service terminated unexpectedly. It has done this 42 time(s).
3/5/2009 4:31:58 PM, error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running.
3/5/2009 4:31:37 PM, error: Service Control Manager [7034] - The Network Connections service terminated unexpectedly. It has done this 9 time(s).
3/5/2009 4:15:44 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 9 time(s).
3/5/2009 4:15:44 PM, error: Service Control Manager [7034] - The Network Connections service terminated unexpectedly. It has done this 7 time(s).
3/9/2009 11:42:36 AM, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.
==== End Of File ===========================
LAST DDS FILE:
DDS (Ver_09-02-01.01) - NTFSx86
Run by Eric at 13:29:42.92 on Mon 03/09/2009
Internet Explorer: 7.0.5730.11
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1279.670 [GMT -7:00]
AV: AVG Anti-Virus Free *On-access scanning enabled* (Outdated)
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\vVX3000.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\CyberLink\PCM4Everio\EverioService.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe
C:\Documents and Settings\Eric\Local Settings\Application Data\Lexar Media\LxrAutorun.exe
C:\Program Files\Registry Mechanic\RegMech.exe
C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\LxrSII1s.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\Eric\Desktop\dds.scr
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uStart Page =
hxxp://www.comcast.net/a/uWindow Title = Windows Internet Explorer provided by Comcast
mStart Page =
hxxp://www.comcast.net/mWindow Title = Windows Internet Explorer provided by Comcast
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Windows Live Toolbar Helper: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
BHO: NoExplorer - No File
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Windows Live Toolbar: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
uRun: [PowerBar]
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [NBJ] "c:\program files\ahead\nero backitup\NBJ.exe"
uRun: [EasyLinkAdvisor] "c:\program files\linksys easylink advisor\LinksysAgent.exe" /startup
uRun: [LxrAutorun] c:\documents and settings\eric\local settings\application data\lexar media\LxrAutorun.exe
uRun: [RegistryMechanic] c:\program files\registry mechanic\RegMech.exe /H
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [LifeCam] "c:\program files\microsoft lifecam\LifeExp.exe"
mRun: [VX3000] c:\windows\vVX3000.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [Cleanup] c:\docume~1\eric\locals~1\temp\2008121115717_mcappins.exe /v=3 /cleanup
mRun: [msci] c:\docume~1\eric\locals~1\temp\2008121115715_mcinfo.exe /insfin
mRun: [EverioService] "c:\program files\cyberlink\pcm4everio\EverioService.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [RoxWatchTray] "c:\program files\common files\roxio shared\9.0\sharedcom\RoxWatchTray9.exe"
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\datavi~1.lnk - c:\program files\common files\dataviz\DvzIncMsgr.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hotsyn~1.lnk - c:\program files\palmone\Hotsync.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office\OSA9.EXE
uPolicies-explorer: NoWindowsUpdate = 0 (0x0)
IE: &Windows Live Search - c:\program files\windows live toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites -
http://favorites.live.com/quickadd.aspxIE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Notify: avgrsstarter - avgrsstx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
============= SERVICES / DRIVERS ===============
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-3-4 325640]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-3-4 27656]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-3-4 107912]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-3-4 298264]
R2 LxrSII1d;Secure II Driver;c:\windows\system32\drivers\LxrSII1d.sys [2008-3-22 72672]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2009-3-9 38496]
=============== Created Last 30 ================
2009-03-09 12:44 <DIR> --d----- c:\docume~1\eric\applic~1\Malwarebytes
2009-03-09 12:44 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-03-09 12:44 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-03-09 12:44 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-03-09 12:44 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-03-05 17:31 <DIR> --d----- c:\program files\Trend Micro
2009-03-05 17:13 54,156 a---h--- c:\windows\QTFont.qfn
2009-03-05 17:13 1,409 a------- c:\windows\QTFont.for
2009-03-04 19:17 <DIR> --d----- c:\docume~1\eric\applic~1\Antispyware
2009-03-04 10:03 10,520 a------- c:\windows\system32\avgrsstx.dll
2009-03-04 10:03 107,912 a------- c:\windows\system32\drivers\avgtdix.sys
2009-03-04 10:02 325,640 a------- c:\windows\system32\drivers\avgldx86.sys
2009-03-04 10:02 <DIR> --d----- c:\windows\system32\drivers\Avg
==================== Find3M ====================
2009-01-20 11:30 130,349 ac------ c:\windows\hpoins13.dat
2009-01-17 14:54 103,994 a------- c:\windows\hpqins01.dat
2009-01-04 20:35 410,984 a------- c:\windows\system32\deploytk.dll
2008-12-20 16:15 826,368 a------- c:\windows\system32\wininet.dll
2007-02-20 20:20 87,608 ac------ c:\docume~1\eric\applic~1\ezpinst.exe
2007-02-20 20:20 47,360 ac------ c:\docume~1\eric\applic~1\pcouffin.sys
2004-10-01 16:00 40,960 ac------ c:\program files\Uninstall_CDS.exe
2004-08-04 05:00 94,784 -c-sh--- c:\windows\twain.dll
2004-08-04 05:00 50,688 -c-sh--- c:\windows\twain_32.dll
2004-08-04 05:00 1,028,096 ---sh--- c:\windows\system32\mfc42.dll
2004-08-04 05:00 413,696 ---sh--- c:\windows\system32\msvcp60.dll
2004-08-04 05:00 11,776 ---sh--- c:\windows\system32\regsvr32.exe
============= FINISH: 13:29:56.43 ===============
Chuck, I really hope this works!
Eric