Various Virii , connection issues , 480 open connections

[RichJacoby]

I hope I didn't mess up this computer too much!!!

I'd be happy to turn off Avast , Symantec and Kaspersky and run a program which will help, hint hint.

When I 'disable' Kaspersky for '1 hour' for a minute , I am given a warning sometimes 480 connections will be closed.

after running a series of deep scans, boot scans, etc, and reseting my TCP values to windows defaults using TCP optimizer.

I am sometimes able to take control of my computer and get online searching for real answers brings me here:

Please help if you can, please and thanks.!!!!

I think I found the set of virii which attacked Toledo Police....

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421

Run by Richard at 23:02:31 on 2012-02-28

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4040.1649 [GMT -8:00]

.

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

AV: Norton AntiVirus *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

AV: Kaspersky Anti-Virus *Enabled/Updated* {2EAA32A5-1EE1-1B22-95DA-337730C6E984}

SP: Kaspersky Anti-Virus *Enabled/Updated* {95CBD341-38DB-14AC-AF6A-08054B41A339}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Norton AntiVirus *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

.

============== Running Processes ===============

.

C:\windows\system32\wininit.exe

C:\windows\system32\lsm.exe

C:\windows\system32\svchost.exe -k DcomLaunch

C:\windows\system32\svchost.exe -k RPCSS

C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\windows\system32\svchost.exe -k netsvcs

C:\windows\system32\svchost.exe -k LocalService

C:\windows\system32\svchost.exe -k NetworkService

C:\windows\System32\spoolsv.exe

C:\windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe

C:\Program Files (x86)\ElephantDrive\ElephantDrive Desktop\ElephantDesktop-MappedDrive.exe

C:\windows\System32\svchost.exe -k ipripsvc

C:\Program Files (x86)\Norton AntiVirus\Engine\19.5.0.145\ccSvcHst.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

C:\windows\System32\snmp.exe

C:\windows\system32\svchost.exe -k iissvcs

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\windows\system32\SearchIndexer.exe

C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\windows\system32\taskhost.exe

C:\Program Files (x86)\Norton AntiVirus\Engine\19.5.0.145\ccSvcHst.exe

C:\windows\system32\taskeng.exe

C:\windows\system32\taskeng.exe

C:\windows\system32\Dwm.exe

C:\windows\Explorer.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe

C:\Program Files (x86)\Lenovo\Energy Management\utility.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe

C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\windows\system32\svchost.exe -k SDRSVC

C:\Program Files (x86)\Wireless Wizard\AzulstarLinkTest.exe

C:\windows\SysWOW64\ctfmon.exe

C:\Program Files (x86)\WinUtilities\WinUtil.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Users\Richard\AppData\Local\Temp\install_flashplayer11x64_mssa_aih.exe

C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtblfs.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Norton Management\Engine\2.1.0.12\ccSvcHst.exe

C:\Program Files (x86)\Norton Management\Engine\2.1.0.12\ccSvcHst.exe

C:\Program Files (x86)\Mozilla Firefox\standardrichard\firefox.exe

C:\windows\system32\SearchProtocolHost.exe

C:\windows\system32\SearchFilterHost.exe

C:\windows\system32\igfxsrvc.exe

C:\windows\system32\DllHost.exe

C:\windows\system32\DllHost.exe

C:\windows\SysWOW64\cmd.exe

C:\windows\system32\conhost.exe

C:\windows\SysWOW64\cscript.exe

C:\windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uSearch Bar = Preserve

mStart Page = about:blank

mWinlogon: Userinit=userinit.exe,

BHO: Disabled:{6D53EC84-6AAE-4787-AEEE-F4628F01010C} - No File

BHO: Disabled:{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File

BHO: Disabled:{DBC80044-A445-435b-BC74-9C25C1C588A9} - No File

BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll

BHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton AntiVirus\Engine\19.5.0.145\IPS\IPSBHO.DLL

BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

BHO: Norton Safety Minder BHO: {b8e07826-0971-4f16-b133-047b88034e89} - C:\Program Files (x86)\Norton Online\AddOns\Norton Safety Minder\Engine\2.3.0.17\coIEPlg.dll

BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll

TB: ooVoo toolbar, powered by Ask.com: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

uRun: [installIQUpdater] "C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe" /silent /autorun

mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun: [<NO NAME>]

mRun: [updateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"

mRun: [updatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"

mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

mRun: [avp] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe"

dRun: [Norton Download Manager{NSME22-B22-4abb-B07C-C084B04B4F12}] C:\Users\Public\Downloads\Norton\{NSME22-B22-4abb-B07C-C084B04B4F12}\ccSvcHst.exe /m

StartupFolder: C:\Users\Richard\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\CONNEC~1.LNK - C:\Program Files (x86)\Connection Keeper\conkeepm.exe

StartupFolder: C:\Users\Richard\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\WeFi.lnk - C:\Program Files (x86)\WeFi\WeFi.exe

StartupFolder: C:\Users\Richard\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\WIRELE~1.LNK - C:\Program Files (x86)\Wireless Wizard\AzulstarLinkTest.exe

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll

IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

TCP: DhcpNameServer = 75.36.151.1

TCP: Interfaces\{73B8F4AE-6469-4024-9029-8469BCCB146F} : DhcpNameServer = 75.36.151.1

TCP: Interfaces\{73B8F4AE-6469-4024-9029-8469BCCB146F}\356484140277966696 : DhcpNameServer = 10.128.128.128

Handler: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\ReImageCompanion\tdataprotocol.dll

Handler: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\ReImageCompanion\tdataprotocol.dll

Handler: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\ReImageCompanion\tdataprotocol.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

BHO-X64: Disabled:{6D53EC84-6AAE-4787-AEEE-F4628F01010C} - No File

BHO-X64: Norton Vulnerability Protection - No File

BHO-X64: Disabled:{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File

BHO-X64: Disabled:{DBC80044-A445-435b-BC74-9C25C1C588A9} - No File

BHO-X64: IEVkbdBHO Class: {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll

BHO-X64: IEVkbdBHO - No File

BHO-X64: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\19.5.0.145\IPS\IPSBHO.DLL

BHO-X64: Norton Vulnerability Protection - No File

BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

BHO-X64: Norton Safety Minder BHO: {B8E07826-0971-4f16-B133-047B88034E89} - C:\Program Files (x86)\Norton Online\AddOns\Norton Safety Minder\Engine\2.3.0.17\coIEPlg.dll

BHO-X64: Norton Safety Minder BHO - No File

BHO-X64: FilterBHO Class: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll

BHO-X64: link filter bho - No File

TB-X64: ooVoo toolbar, powered by Ask.com: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

TB-X64: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

mRun-x64: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun-x64: [(Default)]

mRun-x64: [updateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"

mRun-x64: [updatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"

mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

mRun-x64: [avp] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe"

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\rg46nemv.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com

FF - prefs.js: network.proxy.http - 127.0.0.1

FF - prefs.js: network.proxy.http_port - 8080

FF - prefs.js: network.proxy.ssl - 127.0.0.1

FF - prefs.js: network.proxy.ssl_port - 8080

FF - prefs.js: network.proxy.type - 0

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

.

---- FIREFOX POLICIES ----

.

FF - user.js: extensions.funmoods_i.newTab - false

FF - user.js: extensions.funmoods_i.tlbrSrchUrl - hxxp://start.funmoods.com/results.php?f=3&a=adknlg&q=

FF - user.js: extensions.funmoods_i.id - 1e4d892f00000000000016de2bee20bf

FF - user.js: extensions.funmoods_i.instlDay - 15388

FF - user.js: extensions.funmoods_i.vrsn - 1.5.11.16

FF - user.js: extensions.funmoods_i.vrsni - 1.5.11.16

FF - user.js: extensions.funmoods_i.vrsnTs - 1.5.11.1621:20:59

FF - user.js: extensions.funmoods_i.prtnrId - funmoods

FF - user.js: extensions.funmoods_i.prdct - funmoods

FF - user.js: extensions.funmoods_i.aflt - adknlg

FF - user.js: extensions.funmoods_i.smplGrp - none

FF - user.js: extensions.funmoods_i.tlbrId - base

FF - user.js: extensions.funmoods_i.instlRef -

FF - user.js: extensions.funmoods_i.dfltLng -

FF - user.js: extensions.funmoods_i.excTlbr - false

.

============= SERVICES / DRIVERS ===============

.

R0 fbfmon;fbfmon;C:\windows\system32\drivers\fbfmon.sys --> C:\windows\system32\drivers\fbfmon.sys [?]

R0 LHDmgr;LHDmgr;C:\windows\system32\DRIVERS\LhdX64.sys --> C:\windows\system32\DRIVERS\LhdX64.sys [?]

R0 SymDS;Symantec Data Store;C:\windows\system32\drivers\NAVx64\1305000.091\SYMDS64.SYS --> C:\windows\system32\drivers\NAVx64\1305000.091\SYMDS64.SYS [?]

R0 SymEFA;Symantec Extended File Attributes;C:\windows\system32\drivers\NAVx64\1305000.091\SYMEFA64.SYS --> C:\windows\system32\drivers\NAVx64\1305000.091\SYMEFA64.SYS [?]

R1 aswSnx;aswSnx;C:\windows\system32\drivers\aswSnx.sys --> C:\windows\system32\drivers\aswSnx.sys [?]

R1 aswSP;aswSP;C:\windows\system32\drivers\aswSP.sys --> C:\windows\system32\drivers\aswSP.sys [?]

R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\BASHDefs\20120215.001\BHDrvx64.sys [2012-2-15 1157240]

R1 BPntDrv;BPntDrv;C:\windows\system32\drivers\BPntDrv.sys --> C:\windows\system32\drivers\BPntDrv.sys [?]

R1 ccSet_MCLIENT;Norton Management Settings Manager;C:\windows\system32\drivers\MCLIENTx64\0201000.00C\ccSetx64.sys --> C:\windows\system32\drivers\MCLIENTx64\0201000.00C\ccSetx64.sys [?]

R1 ccSet_NAV;Norton AntiVirus Settings Manager;C:\windows\system32\drivers\NAVx64\1305000.091\ccSetx64.sys --> C:\windows\system32\drivers\NAVx64\1305000.091\ccSetx64.sys [?]

R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\IPSDefs\20120225.004\IDSviA64.sys [2012-2-28 488568]

R1 kl2;kl2;C:\windows\system32\DRIVERS\kl2.sys --> C:\windows\system32\DRIVERS\kl2.sys [?]

R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\windows\system32\DRIVERS\klim6.sys --> C:\windows\system32\DRIVERS\klim6.sys [?]

R1 SymIRON;Symantec Iron Driver;C:\windows\system32\drivers\NAVx64\1305000.091\Ironx64.SYS --> C:\windows\system32\drivers\NAVx64\1305000.091\Ironx64.SYS [?]

R1 SymNetS;Symantec Network Security WFP Driver;C:\windows\system32\Drivers\NAVx64\1305000.091\SYMNETS.SYS --> C:\windows\system32\Drivers\NAVx64\1305000.091\SYMNETS.SYS [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys --> C:\windows\system32\DRIVERS\vwififlt.sys [?]

R2 aswFsBlk;aswFsBlk;C:\windows\system32\drivers\aswFsBlk.sys --> C:\windows\system32\drivers\aswFsBlk.sys [?]

R2 aswMonFlt;aswMonFlt;\??\C:\windows\system32\drivers\aswMonFlt.sys --> C:\windows\system32\drivers\aswMonFlt.sys [?]

R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-2-24 44768]

R2 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [2011-4-24 202296]

R2 ElephantDrive-MappedDrive.exe;ElephantDrive-MappedDrive;C:\Program Files (x86)\ElephantDrive\ElephantDrive Desktop\ElephantDesktop-MappedDrive.exe [2011-5-13 118968]

R2 iprip;RIP Listener;C:\windows\System32\svchost.exe -k ipripsvc [2009-7-13 20992]

R2 MCLIENT;Norton Management;C:\Program Files (x86)\Norton Management\Engine\2.1.0.12\ccSvcHst.exe [2012-2-28 138232]

R2 NAV;Norton AntiVirus;C:\Program Files (x86)\Norton AntiVirus\Engine\19.5.0.145\ccsvchst.exe [2012-2-27 138248]

R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]

R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-11-26 2656280]

R3 ACPIVPC;Lenovo Virtual Power Controller Driver;C:\windows\system32\DRIVERS\AcpiVpc.sys --> C:\windows\system32\DRIVERS\AcpiVpc.sys [?]

R3 clwvd;CyberLink WebCam Virtual Driver;C:\windows\system32\DRIVERS\clwvd.sys --> C:\windows\system32\DRIVERS\clwvd.sys [?]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-2-26 138360]

R3 IntcDAud;Intel® Display Audio;C:\windows\system32\DRIVERS\IntcDAud.sys --> C:\windows\system32\DRIVERS\IntcDAud.sys [?]

R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\windows\system32\DRIVERS\klmouflt.sys --> C:\windows\system32\DRIVERS\klmouflt.sys [?]

R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\windows\system32\DRIVERS\L1C62x64.sys --> C:\windows\system32\DRIVERS\L1C62x64.sys [?]

R3 MEIx64;Intel® Management Engine Interface;C:\windows\system32\DRIVERS\HECIx64.sys --> C:\windows\system32\DRIVERS\HECIx64.sys [?]

R3 Sftfs;Sftfs;C:\windows\system32\DRIVERS\Sftfslh.sys --> C:\windows\system32\DRIVERS\Sftfslh.sys [?]

R3 Sftplay;Sftplay;C:\windows\system32\DRIVERS\Sftplaylh.sys --> C:\windows\system32\DRIVERS\Sftplaylh.sys [?]

R3 Sftredir;Sftredir;C:\windows\system32\DRIVERS\Sftredirlh.sys --> C:\windows\system32\DRIVERS\Sftredirlh.sys [?]

R3 Sftvol;Sftvol;C:\windows\system32\DRIVERS\Sftvollh.sys --> C:\windows\system32\DRIVERS\Sftvollh.sys [?]

R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]

R3 vm2uvcflt;Vimicro USB Camera Filter 2;C:\windows\system32\Drivers\vm2uvcflt.sys --> C:\windows\system32\Drivers\vm2uvcflt.sys [?]

R3 vm332avs;Lenovo Camera2;C:\windows\system32\Drivers\vm332avs.sys --> C:\windows\system32\Drivers\vm332avs.sys [?]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\windows\system32\DRIVERS\vwifimp.sys --> C:\windows\system32\DRIVERS\vwifimp.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-11-26 136176]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-26 13592]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-1-31 158856]

S3 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]

S3 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]

S3 ElephantDrive-Service.exe;ElephantDrive-Service;C:\Program Files (x86)\ElephantDrive\ElephantDrive Desktop\ElephantDesktop-Service.exe [2011-5-13 118456]

S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-11-26 136176]

S3 McAWFwk;McAfee Activation Service;c:\PROGRA~1\mcafee\msc\mcawfwk.exe --> c:\PROGRA~1\mcafee\msc\mcawfwk.exe [?]

S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]

S3 Partner Service;Partner Service;C:\ProgramData\Partner\Partner.exe [2011-11-26 332272]

S3 PCAMp50a64;PCAMp50a64 NDIS Protocol Driver;C:\windows\system32\Drivers\PCAMp50a64.sys --> C:\windows\system32\Drivers\PCAMp50a64.sys [?]

S3 PCASp50a64;PCASp50a64 NDIS Protocol Driver;C:\windows\system32\Drivers\PCASp50a64.sys --> C:\windows\system32\Drivers\PCASp50a64.sys [?]

S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\windows\system32\Drivers\RtsUVStor.sys --> C:\windows\system32\Drivers\RtsUVStor.sys [?]

S3 RTL8167;Realtek 8167 NT Driver;C:\windows\system32\DRIVERS\Rt64win7.sys --> C:\windows\system32\DRIVERS\Rt64win7.sys [?]

S3 SWDUMon;SWDUMon;C:\windows\system32\DRIVERS\SWDUMon.sys --> C:\windows\system32\DRIVERS\SWDUMon.sys [?]

S3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys --> C:\windows\system32\drivers\tsusbflt.sys [?]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\system32\drivers\TsUsbGD.sys --> C:\windows\system32\drivers\TsUsbGD.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe --> C:\windows\system32\Wat\WatAdminSvc.exe [?]

S3 Webcam Corp. Service Starter;Webcam Corp. Service Starter;C:\Program Files (x86)\Webcam\Webcam123\dogsvc.exe [2007-12-5 189440]

S3 WefiEngSvc;WeFi Engine Service;C:\Program Files (x86)\WeFi\WefiEngSvc.exe [2010-11-3 120152]

S3 wsvd;wsvd;C:\windows\system32\DRIVERS\wsvd.sys --> C:\windows\system32\DRIVERS\wsvd.sys [?]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== Created Last 30 ================

.

2012-02-29 07:03:05 218232 ----a-r- C:\windows\System32\drivers\NSMx64\0203000.011\symrdrs.sys

2012-02-29 07:03:04 -------- d-----w- C:\windows\System32\drivers\NSMx64\0203000.011

2012-02-29 07:03:04 -------- d-----w- C:\windows\System32\drivers\NSMx64

2012-02-29 07:03:01 167048 ----a-r- C:\windows\System32\drivers\NOFx64\0203000.007\ccSetx64.sys

2012-02-29 07:03:00 -------- d-----w- C:\windows\System32\drivers\NOFx64\0203000.007

2012-02-29 07:03:00 -------- d-----w- C:\windows\System32\drivers\NOFx64

2012-02-29 06:56:11 167048 ----a-r- C:\windows\System32\drivers\MCLIENTx64\0201000.00C\ccSetx64.sys

2012-02-29 06:56:09 -------- d-----w- C:\windows\System32\drivers\MCLIENTx64\0201000.00C

2012-02-29 06:56:09 -------- d-----w- C:\windows\System32\drivers\MCLIENTx64

2012-02-29 06:56:09 -------- d-----w- C:\Program Files (x86)\Norton Management

2012-02-28 05:11:05 738936 ----a-w- C:\windows\System32\drivers\NAVx64\1305000.091\srtsp64.sys

2012-02-28 05:11:05 451192 ----a-r- C:\windows\System32\drivers\NAVx64\1305000.091\symds64.sys

2012-02-28 05:11:05 405624 ----a-w- C:\windows\System32\drivers\NAVx64\1305000.091\symnets.sys

2012-02-28 05:11:05 37496 ----a-w- C:\windows\System32\drivers\NAVx64\1305000.091\srtspx64.sys

2012-02-28 05:11:05 190072 ----a-w- C:\windows\System32\drivers\NAVx64\1305000.091\ironx64.sys

2012-02-28 05:11:05 167048 ----a-w- C:\windows\System32\drivers\NAVx64\1305000.091\ccsetx64.sys

2012-02-28 05:11:05 1092728 ----a-w- C:\windows\System32\drivers\NAVx64\1305000.091\symefa64.sys

2012-02-28 05:10:51 -------- d-----w- C:\windows\System32\drivers\NAVx64\1305000.091

2012-02-26 17:14:51 175736 ----a-w- C:\windows\System32\drivers\SYMEVENT64x86.SYS

2012-02-26 17:14:51 -------- d-----w- C:\Program Files\Symantec

2012-02-26 17:14:51 -------- d-----w- C:\Program Files\Common Files\Symantec Shared

2012-02-26 17:14:13 -------- d-----w- C:\windows\System32\drivers\NAVx64

2012-02-26 17:14:10 -------- d-----w- C:\Program Files (x86)\Norton AntiVirus

2012-02-26 13:28:06 -------- d-----w- C:\ProgramData\Vocaboly

2012-02-26 13:27:56 626688 ----a-w- C:\windows\SysWow64\msvcr80.dll

2012-02-26 13:27:56 548864 ----a-w- C:\windows\SysWow64\msvcp80.dll

2012-02-26 13:27:56 1093632 ----a-w- C:\windows\SysWow64\mfc80.dll

2012-02-26 06:46:22 77312 ----a-w- C:\windows\SysWow64\ztvunace26.dll

2012-02-26 06:46:22 75264 ----a-w- C:\windows\SysWow64\unacev2.dll

2012-02-26 06:46:22 69632 ----a-w- C:\windows\SysWow64\ztvcabinet.dll

2012-02-26 06:46:22 162304 ----a-w- C:\windows\SysWow64\ztvunrar36.dll

2012-02-26 06:46:22 153088 ----a-w- C:\windows\SysWow64\UNRAR3.dll

2012-02-24 14:46:17 8643640 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2E63701F-F31C-489B-BF90-79B0EE9372FD}\mpengine.dll

2012-02-24 13:44:35 53080 ----a-w- C:\windows\System32\drivers\aswRdr2.sys

2012-02-24 13:44:32 817496 ----a-w- C:\windows\System32\drivers\aswSnx.sys

2012-02-24 13:44:32 69976 ----a-w- C:\windows\System32\drivers\aswMonFlt.sys

2012-02-24 13:44:03 41184 ----a-w- C:\windows\avastSS.scr

2012-02-24 13:41:12 -------- d-----w- C:\ProgramData\AVAST Software

2012-02-24 13:41:12 -------- d-----w- C:\Program Files\AVAST Software

2012-02-23 08:10:48 -------- d-----w- C:\ProgramData\Kaspersky Lab

2012-02-23 08:10:48 -------- d-----w- C:\Program Files (x86)\Kaspersky Lab

2012-02-21 18:15:03 -------- d-----w- C:\Users\Richard\AppData\Roaming\GlarySoft

2012-02-21 06:38:12 199168 ------w- C:\windows\SysWow64\actskin4ku.ocx

2012-02-21 06:38:10 67632 ------w- C:\windows\SysWow64\mswinsckku.ocx

2012-02-21 06:38:10 11264 ------w- C:\windows\SysWow64\browser.ocx

2012-02-21 06:38:07 -------- d-----w- C:\Program Files (x86)\Super Speed Internet

2012-02-21 06:37:38 -------- d-----w- C:\Program Files (x86)\Common Files\SY Company

2012-02-21 06:37:22 -------- d-----w- C:\temp

2012-02-21 06:32:46 -------- d-----w- C:\Program Files (x86)\Badosoft

2012-02-21 05:55:20 -------- d-----w- C:\Program Files (x86)\SySpeed

2012-02-21 04:05:24 557848 ----a-w- C:\windows\System32\drivers\iaStor.sys

2012-02-20 15:54:28 -------- d-----w- C:\Users\Richard\AppData\Roaming\Simply Super Software

2012-02-20 15:54:28 -------- d-----w- C:\ProgramData\Simply Super Software

2012-02-20 15:54:28 -------- d-----w- C:\Program Files (x86)\Trojan Remover

2012-02-20 15:22:18 -------- d-----w- C:\Program Files (x86)\CheckPoint

2012-02-20 14:40:43 -------- d-----w- C:\Users\Richard\AppData\Local\CrashDumps

2012-02-20 03:01:25 -------- d-----w- C:\AutoMacroRecorder

2012-02-20 00:29:33 -------- d-----r- C:\Program Files (x86)\Skype

2012-02-19 23:30:03 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared

2012-02-19 22:35:08 -------- d-----w- C:\Program Files (x86)\NortonInstaller

2012-02-19 22:17:44 -------- d-----w- C:\Users\Richard\AppData\Roaming\SpeedMaxPc

2012-02-19 22:17:44 -------- d-----w- C:\Users\Richard\AppData\Roaming\DriverCure

2012-02-19 22:17:16 -------- d-----w- C:\Program Files (x86)\Common Files\SpeedMaxPc

2012-02-19 22:17:15 -------- d-----w- C:\ProgramData\SpeedMaxPc

2012-02-19 22:17:15 -------- d-----w- C:\Program Files (x86)\SpeedMaxPc

2012-02-19 13:37:48 -------- d-----w- C:\c

2012-02-19 04:48:31 -------- d-----w- C:\rei

2012-02-19 04:48:23 -------- d-----w- C:\Program Files\Reimage

2012-02-19 04:48:15 -------- d-----w- C:\Program Files (x86)\ReImageCompanion

2012-02-19 04:28:15 -------- d-----w- C:\Users\Richard\AppData\Roaming\Malwarebytes

2012-02-19 04:01:11 -------- d--h--w- C:\ProgramData\Common Files

2012-02-19 03:56:35 -------- d-----w- C:\ProgramData\MFAData

2012-02-18 14:42:53 28672 ----a-w- C:\windows\SysWow64\vbWebDownload.dll

2012-02-18 14:42:53 1081616 ----a-w- C:\windows\SysWow64\mscomctl.ocx

2012-02-18 14:42:52 -------- d-----w- C:\Program Files (x86)\Wireless Wizard

2012-02-18 14:01:31 -------- d-----w- C:\ProgramData\WeFi

2012-02-18 14:00:13 -------- d-----w- C:\Program Files (x86)\WeFi

2012-02-18 13:14:15 -------- d-----w- C:\Program Files (x86)\NirSoft

2012-02-18 05:55:49 -------- d-----w- C:\Program Files (x86)\Ask.com

2012-02-18 05:55:43 -------- d-----w- C:\Users\Richard\AppData\Local\APN

2012-02-18 05:46:31 -------- d-----w- C:\Program Files (x86)\Common Files\System-G

2012-02-18 05:46:29 -------- d-----w- C:\Program Files (x86)\Connection Keeper

2012-02-18 05:22:45 -------- d-----w- C:\Users\Richard\AppData\Local\DownloadManager

2012-02-18 05:22:43 -------- d-----w- C:\Program Files (x86)\Download Manager

2012-02-17 18:19:31 56496 ----a-w- C:\windows\SysWow64\wbhelp2.dll

2012-02-17 18:19:31 544768 ----a-w- C:\windows\SysWow64\wbocx.ocx

2012-02-17 18:19:31 4608 ----a-w- C:\windows\SysWow64\W95INF32.DLL

2012-02-17 18:19:31 33968 ----a-w- C:\windows\SysWow64\anim.dll

2012-02-17 18:19:31 258352 ----a-w- C:\windows\SysWow64\unicows.dll

2012-02-17 18:19:31 2272 ----a-w- C:\windows\SysWow64\W95INF16.DLL

2012-02-17 18:19:31 1706800 ----a-w- C:\windows\SysWow64\gdiplus.dll

2012-02-17 18:19:30 -------- d-----w- C:\Program Files (x86)\WinUtilities

2012-02-17 17:03:47 -------- d-----w- C:\Program Files (x86)\Glary Utilities

2012-02-17 05:23:27 -------- d-----w- C:\Users\Richard\AppData\Local\KSafe

2012-02-16 16:36:00 -------- d--h--w- C:\SafeRecycle

2012-02-16 16:32:54 -------- d-----w- C:\Users\Richard\AppData\Roaming\kingsoft

2012-02-16 16:28:16 -------- d-sh--w- C:\KRSHistory

2012-02-16 16:27:46 -------- d-sh--w- C:\ProgramData\KRSHistory

2012-02-16 16:27:46 -------- d-----w- C:\ProgramData\Safe

2012-02-16 16:26:46 -------- d-----w- C:\ProgramData\kingsoft

2012-02-16 16:26:31 -------- d-----w- C:\Program Files (x86)\Kingsoft

2012-02-16 04:38:05 509952 ----a-w- C:\windows\System32\ntshrui.dll

2012-02-16 04:38:05 442880 ----a-w- C:\windows\SysWow64\ntshrui.dll

2012-02-16 04:29:26 515584 ----a-w- C:\windows\System32\timedate.cpl

2012-02-16 04:29:26 478720 ----a-w- C:\windows\SysWow64\timedate.cpl

2012-02-16 04:05:45 3145728 ----a-w- C:\windows\System32\win32k.sys

2012-02-16 02:07:58 498688 ----a-w- C:\windows\System32\drivers\afd.sys

2012-02-16 02:07:36 690688 ----a-w- C:\windows\SysWow64\msvcrt.dll

2012-02-16 02:07:36 634880 ----a-w- C:\windows\System32\msvcrt.dll

2012-02-15 22:30:09 -------- d-----w- C:\ProgramData\richardy Lab

2012-02-14 15:56:49 -------- d-----w- C:\Users\Richard\AppData\Local\{B87FEE52-0B37-44C7-B7BF-03FD22D334AE}

2012-02-14 03:38:44 -------- d-----w- C:\Users\Richard\files_files

2012-02-11 05:48:40 -------- d-----w- C:\Users\Richard\ftp

2012-02-11 04:15:14 -------- d-----w- C:\Users\Richard\AppData\Local\I Want This

2012-02-11 04:15:13 -------- d-----w- C:\Program Files (x86)\I Want This

2012-02-11 03:41:37 -------- d-----w- C:\Users\Richard\AppData\Roaming\ooVoo Details

2012-02-09 19:21:46 -------- d-----w- C:\Users\Richard\AppData\Local\jZip

2012-02-09 19:20:29 -------- d-----w- C:\Program Files (x86)\jZip

2012-02-09 16:12:06 -------- d-----w- C:\Users\Richard\AppData\Local\Microsoft Help

2012-02-09 14:13:37 -------- d-----w- C:\Users\Richard\AppData\Roaming\FinalTorrent

2012-02-09 14:12:24 -------- d-----w- C:\Program Files (x86)\FinalTorrent

2012-02-09 05:21:42 -------- d-----w- C:\Users\Richard\AppData\Local\DeskShare Data

2012-02-09 05:21:40 -------- d-----w- C:\ProgramData\firebird

2012-02-09 05:21:34 -------- d-----w- C:\Users\Richard\AppData\Local\Spoon

2012-02-09 05:21:31 -------- d-----w- C:\Program Files (x86)\Deskshare

2012-02-09 05:19:10 -------- d-----w- C:\Program Files (x86)\Microsoft

2012-02-08 01:50:15 -------- d-----w- C:\Fraps

2012-02-06 14:19:31 -------- d-----w- C:\Users\Richard\AppData\Roaming\qualys

2012-02-01 17:47:57 -------- d-----w- C:\Users\Richard\AppData\Local\MediaServer

2012-02-01 17:47:55 -------- d-----w- C:\ProgramData\PDVD

2012-02-01 17:44:59 -------- d-----w- C:\ProgramData\install_clap

2012-01-31 19:44:06 -------- d-----w- C:\Program Files (x86)\DictionaryBoss

2012-01-31 06:05:20 -------- d-s---w- C:\windows\SysWow64\Microsoft

2012-01-30 16:15:21 -------- d-----w- C:\windows\SysWow64\BestPractices

2012-01-30 16:15:18 -------- d-----w- C:\windows\System32\BestPractices

2012-01-30 16:15:17 -------- d-----w- C:\inetpub

2012-01-30 16:07:22 0 ---ha-w- C:\Users\Richard\AppData\Local\BITCA62.tmp

.

==================== Find3M ====================

.

2012-02-21 05:52:13 414368 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-02-20 02:24:00 472808 ----a-w- C:\windows\SysWow64\deployJava1.dll

2012-01-29 13:10:42 279656 ------w- C:\windows\System32\MpSigStub.exe

2012-01-27 02:45:08 15672 ----a-w- C:\windows\System32\drivers\SWDUMon.sys

2012-01-19 03:11:11 0 ----a-w- C:\windows\SysWow64\sho3894.tmp

2012-01-13 06:58:07 0 ----a-w- C:\windows\SysWow64\sho478F.tmp

2012-01-12 23:01:55 0 ----a-w- C:\windows\SysWow64\sho55DC.tmp

2011-12-14 07:11:03 2308096 ----a-w- C:\windows\System32\jscript9.dll

2011-12-14 07:04:30 1390080 ----a-w- C:\windows\System32\wininet.dll

2011-12-14 07:03:38 1493504 ----a-w- C:\windows\System32\inetcpl.cpl

2011-12-14 06:57:28 2382848 ----a-w- C:\windows\System32\mshtml.tlb

2011-12-14 03:04:54 1798656 ----a-w- C:\windows\SysWow64\jscript9.dll

2011-12-14 02:57:18 1127424 ----a-w- C:\windows\SysWow64\wininet.dll

2011-12-14 02:56:58 1427456 ----a-w- C:\windows\SysWow64\inetcpl.cpl

2011-12-14 02:50:04 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb

.

============= FINISH: 23:03:46.15 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 1/6/2012 2:02:14 PM

System Uptime: 2/28/2012 7:05:11 PM (4 hours ago)

.

Motherboard: LENOVO | | Base Board Product Name

Processor: Intel® Pentium® CPU B960 @ 2.20GHz | CPU1 | 2200/1333mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 422 GiB total, 365.584 GiB free.

D: is FIXED (NTFS) - 29 GiB total, 26.818 GiB free.

F: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP92: 2/24/2012 5:40:55 AM - avast! Free Antivirus Setup

RP93: 2/24/2012 5:43:44 AM - avast! Free Antivirus Setup

RP94: 2/24/2012 1:56:37 PM - Windows Update

RP95: 2/24/2012 7:44:49 PM - Installed TuneUp Utilities 2012

RP96: 2/24/2012 8:43:14 PM - Removed TuneUp Utilities 2012

RP97: 2/24/2012 8:43:46 PM - Removed TuneUp Utilities Language Pack (en-US)

RP98: 2/25/2012 8:10:22 PM - Restore Operation

RP99: 2/26/2012 7:00:52 PM - Windows Backup

RP100: 2/27/2012 1:28:08 PM - OTL Restore Point - 2/27/2012 1:28:05 PM

RP101: 2/27/2012 1:28:39 PM - OTL Restore Point - 2/27/2012 1:28:39 PM

RP102: 2/28/2012 5:44:13 PM - Restore Operation

.

==== Installed Programs ======================

.

Adobe AIR

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.2)

Ask Toolbar

Atheros Client Installation Program

Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver

avast! Free Antivirus

Connection Keeper

Connection Monitor

Connectivity Fixer

Download Manager

DriverUpdate

ElephantDrive Desktop

Energy Management

Glary Utilities 2.42.0.1389

Google Chrome

Google Update Helper

InstallIQ Updater

Intel® Control Center

Intel® Management Engine Components

Intel® Processor Graphics

Intel® Rapid Storage Technology

Itibiti RTC

Java Auto Updater

Java 6 Update 31

Junk Mail filter update

Kaspersky Anti-Virus 2012

Knctr

Lenovo Driver Download Manager

Lenovo EasyCamera

Lenovo Games Console

Lenovo OneKey Recovery

Lenovo YouCam

Mesh Runtime

Microsoft Office 2010

Microsoft Office Click-to-Run 2010

Microsoft Office Starter 2010 - English

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Mozilla Firefox 10.0.2 (x86 en-US)

Mozilla Thunderbird 10.0.2 (x86 en-US)

MSRedx64

MSVCRT

MSVCRT_amd64

NETGEAR RangeMax Wireless USB 2.0 Adapter WPN111

NirSoft WirelessNetView

Norton AntiVirus

Norton Management

Norton Online

Norton Safety Minder

ooVoo

ooVoo toolbar, powered by Ask.com Updater

Pando Media Booster

Power Tab Editor 1.7

Power2Go

Realtek USB 2.0 Reader Driver

ReImageCompanion

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

SendSpace Wizard

Skype™ 5.8

Star Trek Online

Super Speed Internet & Browser Assistant

SySpeed

TransferBigFiles Desktop Client

Trojan Remover 6.8.2

TuneUp Utilities Language Pack (en-US)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

UserGuide

Webcam 1-2-3

WeFi 4.0.1.0

Windows Live Communications Platform

Windows Live Essentials

Windows Live Installer

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Windows Media Encoder 9 Series

WinUtilities 10.41 Professional Edition

Wireless Wizard ver 5.2

.

==== Event Viewer Messages From Past Week ========

.

2/28/2012 7:09:34 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the seclogon service.

2/28/2012 7:09:34 PM, Error: Service Control Manager [7000] - The Secondary Logon service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

2/28/2012 7:09:04 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

2/28/2012 7:08:07 PM, Error: Service Control Manager [7034] - The Intel® Rapid Storage Technology service terminated unexpectedly. It has done this 1 time(s).

2/28/2012 7:05:44 PM, Error: SNMP [1500] - The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.

2/28/2012 5:54:35 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the SSDP Discovery service to connect.

2/28/2012 5:54:35 PM, Error: Service Control Manager [7000] - The SSDP Discovery service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

2/28/2012 5:54:35 PM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x8007041d'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.

2/28/2012 5:44:46 PM, Error: Service Control Manager [7034] - The ElephantDrive-MappedDrive service terminated unexpectedly. It has done this 1 time(s).

2/27/2012 9:51:42 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

2/27/2012 9:51:41 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

2/27/2012 9:51:41 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

2/27/2012 9:51:40 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}

2/27/2012 9:51:40 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}

2/27/2012 9:51:38 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

2/27/2012 9:51:30 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

2/27/2012 9:40:50 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD aswRdr aswSnx aswSP aswTdi BHDrvx64 BPntDrv ccSet_NAV DfsC discache eeCtrl IDSVia64 kl2 KLIF KLIM6 NetBIOS NetBT nsiproxy Psched rdbss spldr SRTSPX SymIRON SymNetS tdx vwififlt Wanarpv6 WfpLwf

2/27/2012 9:40:49 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

2/27/2012 9:40:49 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.

2/27/2012 9:40:49 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

2/27/2012 9:40:49 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

2/27/2012 9:40:49 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

2/27/2012 9:40:48 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

2/27/2012 9:40:48 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.

2/27/2012 9:40:48 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.

2/27/2012 9:40:48 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

2/27/2012 9:36:08 AM, Error: bowser [8003] - The master browser has received a server announcement from the computer JOSE that believes that it is the master browser for the domain on transport NetBT_Tcpip_{73B8F4AE-6469-4024-9029-8469BCCB146F}. The master browser is stopping or an election is being forced.

2/27/2012 6:17:17 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Application Virtualization Client service to connect.

2/27/2012 6:17:17 AM, Error: Service Control Manager [7000] - The Application Virtualization Client service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

2/26/2012 9:03:17 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: BHDrvx64 ccSet_NAV SymIRON SymNetS

2/26/2012 5:04:57 PM, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control.

2/26/2012 3:31:30 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WinDefend service.

2/26/2012 12:11:58 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.

2/26/2012 12:11:30 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Spooler service.

2/26/2012 12:10:58 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AVP service.

2/25/2012 8:58:17 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.

2/25/2012 8:39:09 PM, Error: IPRIP [29053] - IPRIP could not join the multicast group 224.0.0.9 on the local interface with IP address 169.254.228.96. The data is the error code.

2/25/2012 8:39:09 PM, Error: IPRIP [29052] - IPRIP could not request multicasting on the local interface with IP address 169.254.228.96. The data is the error code.

2/25/2012 8:22:17 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

2/25/2012 8:19:35 PM, Error: Service Control Manager [7024] - The Power service terminated with service-specific error The operation completed successfully..

2/23/2012 12:09:21 AM, Error: Service Control Manager [7034] - The MBAMService service terminated unexpectedly. It has done this 1 time(s).

2/23/2012 11:25:08 AM, Error: IPRIP [29053] - IPRIP could not join the multicast group 224.0.0.9 on the local interface with IP address 192.168.1.113. The data is the error code.

2/22/2012 3:18:27 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: BHDrvx64 ccSet_NAV KLIM6 SymIRON SymNetS

2/21/2012 11:40:43 AM, Error: Microsoft Antimalware [3002] -

2/21/2012 10:21:56 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: BHDrvx64 ccSet_NAV KLIM6 SymIRON

2/21/2012 1:37:09 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD BHDrvx64 BPntDrv ccSet_NAV DfsC discache eeCtrl IDSVia64 KLIM6 NetBIOS NetBT nsiproxy Psched rdbss spldr SRTSPX SymIRON SymNetS tdx vwififlt Wanarpv6 WfpLwf

.

==== End Of File ===========================

From RichJacoby , additional info:

I have a set of png's from various screen captures of differnet warnings etc.such as NPFS32.dll is infected;

Norton:trojan.adh.2 has been removed...

On my first run of Malwarebytes:

Malwarebytes Anti-Malware (Trial) 1.60.1.1000

www.malwarebytes.org

Database version: v2012.02.19.01

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Richard :: FRED [administrator]

Protection: Enabled

2/18/2012 8:39:02 PM

mbam-log-2012-02-18 (20-39-02).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 284132

Time elapsed: 9 minute(s), 14 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 2

C:\Program Files (x86)\DictionaryBoss\bar\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files (x86)\DictionaryBoss\bar\1.bin\chrome (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Files Detected: 7

C:\Users\Richard\Downloads\DownloadManager_Setup.exe (PUP.Bundle.Installer.OI) -> No action taken.

C:\Users\Richard\Downloads\jenkatarcade.exe (PUP.BundleOffers.IIQ) -> No action taken.

C:\Users\Richard\AppData\Local\Temp\.exe (Trojan.Agent) -> Quarantined and deleted successfully.

C:\Program Files (x86)\DictionaryBoss\bar\1.bin\INSTALL.RDF (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files (x86)\DictionaryBoss\bar\1.bin\installKeys.js (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files (x86)\DictionaryBoss\bar\1.bin\LOGO.BMP (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files (x86)\DictionaryBoss\bar\1.bin\chrome\v4ffxtbr.jar (Adware.MyWebSearch) -> Quarantined and deleted successfully.

(end)

[Elise]

Hello and

First of all you have way too many security programs installed. I do not recommend that you have more than one anti virus product installed and running on your computer at a time. The reason for this is that if both products have their automatic (Real-Time) protection switched on, then those products which do not encrypt the virus strings within them can cause other anti virus products to cause "false alarms". It can also lead to a clash as both products fight for access to files which are opened again this is the resident/automatic protection. In general terms, the two programs may conflict and cause:

• False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.
  
• System Performance Problems: Your system may lock up due to both products attempting to access the same file at the same time.
  

Please keep either Avast, Kaspersky or Symantec and completely uninstall the other two.

After that let me know what problems you are still having.

[Maurice Naggar]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!