0

i m currently using windows7 ultimate and i m experiencing current problems:

1. picasa 3.0 just crashes at the start
2. gtalk wouldn't connect
3. adobe acrobat reader got deleted
4. google chrome crashes at the start

for problem3, all the dlls and the exe were missing when i try to run the application

these problems just happened 2 or 3 days ago. pls, give me suggestions of whether my system is being infected by a virus or something else had happened. thank u.

2
Contributors
4
Replies
5
Views
6 Years
Discussion Span
Last Post by jholland1964
0

this is what the log said

.
DDS (Ver_2011-06-23.01) - NTFSx86
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_16
Run by User at 13:38:23 on 2011-07-01
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.985.409 [GMT 6.5:30]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Microsoft SQL Server\90\DTS\Binn\MsDtsSrvr.exe
C:\Program Files\Microsoft SQL Server\MSSQL.3\OLAP\bin\msmdsrv.exe
C:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe
C:\Program Files\System Protect\SysProtect_srv.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Windows\Explorer.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\USB Disk Security\USBGuard.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\System Protect\SysProtect_Tray.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Lenovo\Energy Management\Energy Management.exe
C:\Program Files\Lenovo\Energy Management\utility.exe
C:\Program Files\Conexant\SAII\SmartAudio.exe
D:\Programs\Stardock\CursorFX\CursorFX.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uSearch Bar = hxxp://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60075
uInternet Settings,ProxyOverride = local
mSearchAssistant = hxxp://www.crawler.com/search/ie.aspx?tb_id=60075
mCustomizeSearch = hxxp://dnl.crawler.com/support/sa_customize.aspx?TbId=60075
uURLSearchHooks: N/A: {1cb20bf0-bbae-40a7-93f4-6435ff3d0411} - c:\progra~1\crawler\toolbar\ctbr.dll
BHO: IDMIEHlprObj Class: {0055c089-8582-441b-a0bf-17b458c2a3a8} - c:\program files\internet download manager\IDMIECC.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: : {1cb20bf0-bbae-40a7-93f4-6435ff3d0411} - c:\progra~1\crawler\toolbar\ctbr.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~4\office12\GR469A~1.DLL
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - d:\bin\jp2ssv.dll
TB: {965B54B0-71E0-4611-8DE7-F73FA0B20E26} - No File
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: &Crawler Toolbar: {4b3803ea-5230-4dc3-a7fc-33638f3d3542} - c:\progra~1\crawler\toolbar\ctbr.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
uRun: [CursorFX] "d:\programs\stardock\cursorfx\CursorFX.exe"
uRun: [IDMan] c:\program files\internet download manager\IDMan.exe /onboot
uRun: [SmartAudio] c:\program files\conexant\saii\SAIICpl.exe /c
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [USB Antivirus] c:\program files\usb disk security\USBGuard.exe
mRun: [<NO NAME>]
mRun: [SystemProtect] c:\program files\system protect\SysProtect_Tray.exe
mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui
mRun: [SmartAudio] c:\program files\conexant\saii\SAIICpl.exe /t
mRun: [Energy Management] c:\program files\lenovo\energy management\Energy Management.exe
mRun: [EnergyUtility] c:\program files\lenovo\energy management\utility.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Crawler Search - tbr:iemenu
IE: Download all links with IDM - c:\program files\internet download manager\IEGetAll.htm
IE: Download FLV video content with IDM - c:\program files\internet download manager\IEGetVL.htm
IE: Download with IDM - c:\program files\internet download manager\IEExt.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\lenovo\bluetooth software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\lenovo\bluetooth software\btsendto_ie.htm
IE: Translate with &Babylon - c:\program files\babylon\babylon-pro\utils\BabylonIEPI.dll/Translate.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\lenovo\bluetooth software\btsendto_ie.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~4\office12\ONBttnIE.dll
LSP: c:\windows\system32\idmmbc.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
TCP: Interfaces\{57A7CDF5-771D-4F4F-B2E4-9C1A5286A267} : NameServer = 203.81.162.22,203.81.162.23
TCP: Interfaces\{7AB96EFD-6B54-4CCF-804C-E38EE63BA054}\54E67456E60424349574E41333 : DhcpNameServer = 203.81.162.22 203.81.162.23
TCP: Interfaces\{7AB96EFD-6B54-4CCF-804C-E38EE63BA054}\54E67456E60424349574E41343 : DhcpNameServer = 203.81.162.22 203.81.162.23
TCP: Interfaces\{7AB96EFD-6B54-4CCF-804C-E38EE63BA054}\54E67456E60424349574E41363 : DhcpNameServer = 203.81.162.22 203.81.162.23
TCP: Interfaces\{7AB96EFD-6B54-4CCF-804C-E38EE63BA054}\A457E6364796F6E6023456E647275602D41677024596E6 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{B7ECA326-C6AF-43F0-80CE-E0D82FDE8056} : NameServer = 203.81.64.20 203.81.64.19
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~4\office12\GRA32A~1.DLL
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\crawler\toolbar\ctbr.dll
Notify: igfxcui - igfxdev.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~4\office12\GR469A~1.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\user\appdata\roaming\mozilla\firefox\profiles\2njrt6dn.default\
FF - prefs.js: browser.startup.homepage - hxxp://facebook.com/
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?PC=BRTH&FORM=BT100D&q=
FF - prefs.js: network.proxy.ftp - 127.0.0.1
FF - prefs.js: network.proxy.ftp_port - 8118
FF - prefs.js: network.proxy.gopher - 127.0.0.1
FF - prefs.js: network.proxy.gopher_port - 8118
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 8118
FF - prefs.js: network.proxy.socks - 127.0.0.1
FF - prefs.js: network.proxy.socks_port - 8118
FF - prefs.js: network.proxy.ssl - 127.0.0.1
FF - prefs.js: network.proxy.ssl_port - 8118
FF - prefs.js: network.proxy.type - 4
FF - component: c:\users\user\appdata\roaming\idm\idmmzcc3\components\idmmzcc.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: d:\bin\new_plugin\npdeploytk.dll
FF - plugin: d:\bin\new_plugin\npjp2.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.http.pipelining - false
FF - user.js: network.http.proxy.pipelining - false
FF - user.js: network.http.pipelining.ssl - false
FF - user.js: network.http.pipelining.maxrequests - 4
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-3-9 441176]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-8-27 307928]
R1 funfrm;funfrm;c:\windows\system32\drivers\funfrm.sys [2010-6-17 54800]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/06/17 10:13:03];c:\program files\cyberlink\powerdvd10\navfilter\000.fcl [2010-3-13 87536]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-8-27 19544]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-8-27 53592]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2011-5-18 42184]
R2 cpuz132;cpuz132;c:\windows\system32\drivers\cpuz132_x32.sys [2010-6-17 12672]
R2 MsDtsServer;SQL Server Integration Services;c:\program files\microsoft sql server\90\dts\binn\MsDtsSrvr.exe [2005-10-14 199384]
R2 MSOLAP$SQLEXPRESS;SQL Server Analysis Services (SQLEXPRESS);c:\program files\microsoft sql server\mssql.3\olap\bin\msmdsrv.exe [2005-10-14 14557912]
R2 SP_Service;System Protect Deletion Prevention Service;c:\program files\system protect\SysProtect_srv.exe [2010-9-1 598528]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\tuneup utilities 2010\TuneUpUtilitiesService32.exe [2009-11-17 1021256]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\drivers\AcpiVpc.sys [2010-6-17 21520]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2010-6-17 29472]
R3 sp_prot;System Protect Filter Driver;c:\windows\system32\drivers\sp_prot.sys [2010-9-1 12288]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-14 14336]
S2 msftesql$SQLEXPRESS;SQL Server FullText Search (SQLEXPRESS);c:\program files\microsoft sql server\mssql.2\mssql\binn\msftesql.exe [2005-8-26 92880]
S3 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\microsoft sql server\mssql.2\mssql\binn\SQLAGENT90.EXE [2005-10-14 318680]
S3 SwitchBoard;SwitchBoard;"c:\program files\common files\adobe\switchboard\switchboard.exe" --> c:\program files\common files\adobe\switchboard\SwitchBoard.exe [?]
S3 wsvd;wsvd;c:\windows\system32\drivers\wsvd.sys [2009-7-21 81704]
S4 msvsmon80;Visual Studio 2005 Remote Debugger;c:\program files\microsoft visual studio 8\common7\ide\remote debugger\x86\msvsmon.exe [2006-10-26 2799808]
.
=============== Created Last 30 ================
.
2011-06-30 11:41:34 7074640 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{156d5b97-c488-47c4-8145-0d8428f1fee8}\mpengine.dll
2011-06-30 10:47:37 1553920 ----a-w- c:\windows\system32\tquery.dll
2011-06-30 10:47:37 1401856 ----a-w- c:\windows\system32\mssrch.dll
2011-06-30 10:47:36 666624 ----a-w- c:\windows\system32\mssvp.dll
2011-06-30 10:47:36 428032 ----a-w- c:\windows\system32\SearchIndexer.exe
2011-06-30 10:47:35 86528 ----a-w- c:\windows\system32\SearchFilterHost.exe
2011-06-30 10:47:35 59392 ----a-w- c:\windows\system32\msscntrs.dll
2011-06-30 10:47:35 337408 ----a-w- c:\windows\system32\mssph.dll
2011-06-30 10:47:35 197120 ----a-w- c:\windows\system32\mssphtb.dll
2011-06-30 10:47:35 164352 ----a-w- c:\windows\system32\SearchProtocolHost.exe
2011-06-30 04:44:35 294912 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-06-24 09:14:30 -------- d-sh--w- C:\$RECYCLE.BIN
2011-06-23 05:22:06 311296 ----a-w- c:\windows\system32\drivers\srv.sys
2011-06-23 05:22:06 309760 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-06-23 05:22:06 114176 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-06-23 05:22:02 1286016 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-06-23 05:22:01 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2011-06-23 05:21:11 571904 ----a-w- c:\windows\system32\oleaut32.dll
2011-06-23 05:16:06 78336 ----a-w- c:\windows\system32\drivers\dfsc.sys
2011-06-23 05:16:04 740864 ----a-w- c:\windows\system32\inetcomm.dll
2011-06-23 05:16:02 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2011-06-23 05:16:00 759296 ----a-w- c:\program files\common files\microsoft shared\vgx\VGX.dll
2011-06-04 14:36:27 -------- d-----w- c:\users\user\appdata\roaming\funkitron
.
==================== Find3M ====================
.
2011-05-28 03:00:02 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-05-24 12:44:10 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-05-10 12:10:59 40112 ----a-w- c:\windows\avastSS.scr
2011-05-10 12:03:54 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-05-10 11:59:44 53592 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-05-04 02:43:59 222720 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-05-04 02:43:48 96256 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-05-04 02:43:41 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-22 19:36:05 26496 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-04-22 19:31:50 981504 ----a-w- c:\windows\system32\wininet.dll
2011-04-22 19:31:26 44544 ----a-w- c:\windows\system32\licmgr10.dll
2011-04-22 18:23:59 386048 ----a-w- c:\windows\system32\html.iec
2011-04-09 06:13:06 3957632 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-04-09 06:13:06 3901824 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-04-09 05:56:38 123904 ----a-w- c:\windows\system32\poqexec.exe
.
============= FINISH: 13:41:32.87 ===============

0

this is what the log said

.
DDS (Ver_2011-06-23.01) - NTFSx86
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_16
Run by User at 13:38:23 on 2011-07-01
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.985.409 [GMT 6.5:30]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Microsoft SQL Server\90\DTS\Binn\MsDtsSrvr.exe
C:\Program Files\Microsoft SQL Server\MSSQL.3\OLAP\bin\msmdsrv.exe
C:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe
C:\Program Files\System Protect\SysProtect_srv.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Windows\Explorer.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\USB Disk Security\USBGuard.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\System Protect\SysProtect_Tray.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Lenovo\Energy Management\Energy Management.exe
C:\Program Files\Lenovo\Energy Management\utility.exe
C:\Program Files\Conexant\SAII\SmartAudio.exe
D:\Programs\Stardock\CursorFX\CursorFX.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uSearch Bar = hxxp://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60075
uInternet Settings,ProxyOverride = local
mSearchAssistant = hxxp://www.crawler.com/search/ie.aspx?tb_id=60075
mCustomizeSearch = hxxp://dnl.crawler.com/support/sa_customize.aspx?TbId=60075
uURLSearchHooks: N/A: {1cb20bf0-bbae-40a7-93f4-6435ff3d0411} - c:\progra~1\crawler\toolbar\ctbr.dll
BHO: IDMIEHlprObj Class: {0055c089-8582-441b-a0bf-17b458c2a3a8} - c:\program files\internet download manager\IDMIECC.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: : {1cb20bf0-bbae-40a7-93f4-6435ff3d0411} - c:\progra~1\crawler\toolbar\ctbr.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~4\office12\GR469A~1.DLL
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - d:\bin\jp2ssv.dll
TB: {965B54B0-71E0-4611-8DE7-F73FA0B20E26} - No File
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: &Crawler Toolbar: {4b3803ea-5230-4dc3-a7fc-33638f3d3542} - c:\progra~1\crawler\toolbar\ctbr.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
uRun: [CursorFX] "d:\programs\stardock\cursorfx\CursorFX.exe"
uRun: [IDMan] c:\program files\internet download manager\IDMan.exe /onboot
uRun: [SmartAudio] c:\program files\conexant\saii\SAIICpl.exe /c
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [USB Antivirus] c:\program files\usb disk security\USBGuard.exe
mRun: [<NO NAME>]
mRun: [SystemProtect] c:\program files\system protect\SysProtect_Tray.exe
mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui
mRun: [SmartAudio] c:\program files\conexant\saii\SAIICpl.exe /t
mRun: [Energy Management] c:\program files\lenovo\energy management\Energy Management.exe
mRun: [EnergyUtility] c:\program files\lenovo\energy management\utility.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Crawler Search - tbr:iemenu
IE: Download all links with IDM - c:\program files\internet download manager\IEGetAll.htm
IE: Download FLV video content with IDM - c:\program files\internet download manager\IEGetVL.htm
IE: Download with IDM - c:\program files\internet download manager\IEExt.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\lenovo\bluetooth software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\lenovo\bluetooth software\btsendto_ie.htm
IE: Translate with &Babylon - c:\program files\babylon\babylon-pro\utils\BabylonIEPI.dll/Translate.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\lenovo\bluetooth software\btsendto_ie.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~4\office12\ONBttnIE.dll
LSP: c:\windows\system32\idmmbc.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
TCP: Interfaces\{57A7CDF5-771D-4F4F-B2E4-9C1A5286A267} : NameServer = 203.81.162.22,203.81.162.23
TCP: Interfaces\{7AB96EFD-6B54-4CCF-804C-E38EE63BA054}\54E67456E60424349574E41333 : DhcpNameServer = 203.81.162.22 203.81.162.23
TCP: Interfaces\{7AB96EFD-6B54-4CCF-804C-E38EE63BA054}\54E67456E60424349574E41343 : DhcpNameServer = 203.81.162.22 203.81.162.23
TCP: Interfaces\{7AB96EFD-6B54-4CCF-804C-E38EE63BA054}\54E67456E60424349574E41363 : DhcpNameServer = 203.81.162.22 203.81.162.23
TCP: Interfaces\{7AB96EFD-6B54-4CCF-804C-E38EE63BA054}\A457E6364796F6E6023456E647275602D41677024596E6 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{B7ECA326-C6AF-43F0-80CE-E0D82FDE8056} : NameServer = 203.81.64.20 203.81.64.19
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~4\office12\GRA32A~1.DLL
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\crawler\toolbar\ctbr.dll
Notify: igfxcui - igfxdev.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~4\office12\GR469A~1.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\user\appdata\roaming\mozilla\firefox\profiles\2njrt6dn.default\
FF - prefs.js: browser.startup.homepage - hxxp://facebook.com/
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?PC=BRTH&FORM=BT100D&q=
FF - prefs.js: network.proxy.ftp - 127.0.0.1
FF - prefs.js: network.proxy.ftp_port - 8118
FF - prefs.js: network.proxy.gopher - 127.0.0.1
FF - prefs.js: network.proxy.gopher_port - 8118
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 8118
FF - prefs.js: network.proxy.socks - 127.0.0.1
FF - prefs.js: network.proxy.socks_port - 8118
FF - prefs.js: network.proxy.ssl - 127.0.0.1
FF - prefs.js: network.proxy.ssl_port - 8118
FF - prefs.js: network.proxy.type - 4
FF - component: c:\users\user\appdata\roaming\idm\idmmzcc3\components\idmmzcc.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: d:\bin\new_plugin\npdeploytk.dll
FF - plugin: d:\bin\new_plugin\npjp2.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.http.pipelining - false
FF - user.js: network.http.proxy.pipelining - false
FF - user.js: network.http.pipelining.ssl - false
FF - user.js: network.http.pipelining.maxrequests - 4
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-3-9 441176]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-8-27 307928]
R1 funfrm;funfrm;c:\windows\system32\drivers\funfrm.sys [2010-6-17 54800]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/06/17 10:13:03];c:\program files\cyberlink\powerdvd10\navfilter\000.fcl [2010-3-13 87536]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-8-27 19544]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-8-27 53592]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2011-5-18 42184]
R2 cpuz132;cpuz132;c:\windows\system32\drivers\cpuz132_x32.sys [2010-6-17 12672]
R2 MsDtsServer;SQL Server Integration Services;c:\program files\microsoft sql server\90\dts\binn\MsDtsSrvr.exe [2005-10-14 199384]
R2 MSOLAP$SQLEXPRESS;SQL Server Analysis Services (SQLEXPRESS);c:\program files\microsoft sql server\mssql.3\olap\bin\msmdsrv.exe [2005-10-14 14557912]
R2 SP_Service;System Protect Deletion Prevention Service;c:\program files\system protect\SysProtect_srv.exe [2010-9-1 598528]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\tuneup utilities 2010\TuneUpUtilitiesService32.exe [2009-11-17 1021256]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\drivers\AcpiVpc.sys [2010-6-17 21520]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2010-6-17 29472]
R3 sp_prot;System Protect Filter Driver;c:\windows\system32\drivers\sp_prot.sys [2010-9-1 12288]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-14 14336]
S2 msftesql$SQLEXPRESS;SQL Server FullText Search (SQLEXPRESS);c:\program files\microsoft sql server\mssql.2\mssql\binn\msftesql.exe [2005-8-26 92880]
S3 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\microsoft sql server\mssql.2\mssql\binn\SQLAGENT90.EXE [2005-10-14 318680]
S3 SwitchBoard;SwitchBoard;"c:\program files\common files\adobe\switchboard\switchboard.exe" --> c:\program files\common files\adobe\switchboard\SwitchBoard.exe [?]
S3 wsvd;wsvd;c:\windows\system32\drivers\wsvd.sys [2009-7-21 81704]
S4 msvsmon80;Visual Studio 2005 Remote Debugger;c:\program files\microsoft visual studio 8\common7\ide\remote debugger\x86\msvsmon.exe [2006-10-26 2799808]
.
=============== Created Last 30 ================
.
2011-06-30 11:41:34 7074640 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{156d5b97-c488-47c4-8145-0d8428f1fee8}\mpengine.dll
2011-06-30 10:47:37 1553920 ----a-w- c:\windows\system32\tquery.dll
2011-06-30 10:47:37 1401856 ----a-w- c:\windows\system32\mssrch.dll
2011-06-30 10:47:36 666624 ----a-w- c:\windows\system32\mssvp.dll
2011-06-30 10:47:36 428032 ----a-w- c:\windows\system32\SearchIndexer.exe
2011-06-30 10:47:35 86528 ----a-w- c:\windows\system32\SearchFilterHost.exe
2011-06-30 10:47:35 59392 ----a-w- c:\windows\system32\msscntrs.dll
2011-06-30 10:47:35 337408 ----a-w- c:\windows\system32\mssph.dll
2011-06-30 10:47:35 197120 ----a-w- c:\windows\system32\mssphtb.dll
2011-06-30 10:47:35 164352 ----a-w- c:\windows\system32\SearchProtocolHost.exe
2011-06-30 04:44:35 294912 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-06-24 09:14:30 -------- d-sh--w- C:\$RECYCLE.BIN
2011-06-23 05:22:06 311296 ----a-w- c:\windows\system32\drivers\srv.sys
2011-06-23 05:22:06 309760 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-06-23 05:22:06 114176 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-06-23 05:22:02 1286016 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-06-23 05:22:01 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2011-06-23 05:21:11 571904 ----a-w- c:\windows\system32\oleaut32.dll
2011-06-23 05:16:06 78336 ----a-w- c:\windows\system32\drivers\dfsc.sys
2011-06-23 05:16:04 740864 ----a-w- c:\windows\system32\inetcomm.dll
2011-06-23 05:16:02 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2011-06-23 05:16:00 759296 ----a-w- c:\program files\common files\microsoft shared\vgx\VGX.dll
2011-06-04 14:36:27 -------- d-----w- c:\users\user\appdata\roaming\funkitron
.
==================== Find3M ====================
.
2011-05-28 03:00:02 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-05-24 12:44:10 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-05-10 12:10:59 40112 ----a-w- c:\windows\avastSS.scr
2011-05-10 12:03:54 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-05-10 11:59:44 53592 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-05-04 02:43:59 222720 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-05-04 02:43:48 96256 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-05-04 02:43:41 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-22 19:36:05 26496 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-04-22 19:31:50 981504 ----a-w- c:\windows\system32\wininet.dll
2011-04-22 19:31:26 44544 ----a-w- c:\windows\system32\licmgr10.dll
2011-04-22 18:23:59 386048 ----a-w- c:\windows\system32\html.iec
2011-04-09 06:13:06 3957632 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-04-09 06:13:06 3901824 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-04-09 05:56:38 123904 ----a-w- c:\windows\system32\poqexec.exe
.
============= FINISH: 13:41:32.87 ===============

0

You have posted the DDS log twice, it produces two logs, you need to also copy/past the second one labeled Attach.txt. We also need the GMER log and the MBA-M log.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.