Somehow I've gotten Trojan and Malware stuff on my computer. I ran my anti-virus programs and wasn't able to remove everything and am still having problems. I ran malwarebytes last night and tried to clean it up. Still having issues.
I was finally able to run DDS (I am not able to run OTL). Here's what I got...
DDS (Ver_10-03-17.01) - NTFSx86
Run by mhfonta at 7:57:52.96 on Wed 08/04/2010
Internet Explorer: 6.0.2900.2180
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2039.859 [GMT -4:00]
AV: Spyware Doctor with AntiVirus *On-access scanning disabled* (Updated) {D3C23B96-C9DC-477F-8EF1-69AF17A6EFF6}
AV: Lavasoft Ad-Watch Live! Anti-Virus *On-access scanning enabled* (Updated) {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}
============== Running Processes ===============
c:\Program Files\Fingerprint Sensor\AtService.exe
C:\WINNT\system32\svchost -k DcomLaunch
C:\WINNT\system32\svchost -k rpcss
C:\WINNT\System32\svchost.exe -k netsvcs
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
C:\WINNT\system32\svchost.exe -k NetworkService
C:\WINNT\system32\svchost.exe -k LocalService
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Encryption Anywhere\Encryption Anywhere Clients\EAFRCliManager.exe
C:\WINNT\system32\svchost.exe -k LocalService
C:\Program Files\GuardianEdge\GuardianEdge Autologon Client\EAHDCheckSvr.exe
C:\Program Files\Encryption Anywhere\Encryption Anywhere Clients\EACommunication.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\WINNT\system32\agrsmsvc.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Kontiki\KService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
C:\WINNT\system32\NLSSRV32.EXE
C:\Program Files\Hewlett-Packard\Discovery Agent\bin32\discagnt.exe
C:\WINNT\system32\Qinst67.exe
C:\Program Files\Hewlett-Packard\Discovery Agent\Plugins\usage\discusge.exe
C:\Program Files\Qwest Communications\QSDMServiceSetup\QSDMService.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\WINNT\system32\svchost.exe -k imgsvc
C:\Program Files\Intel\WiFi\bin\WLKeeper.exe
C:\WINNT\system32\CCM\CcmExec.exe
C:\WINNT\system32\wbem\unsecapp.exe
C:\WINNT\system32\wbem\wmiprvse.exe
C:\WINNT\system32\wbem\wmiprvse.exe
C:\WINNT\System32\alg.exe
C:\WINNT\system32\wbem\wmiprvse.exe
C:\Program Files\Spyware Doctor\TFEngine\TFService.exe
C:\WINNT\system32\wbem\wmiprvse.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\igfxpers.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINNT\system32\AccelerometerSt.exe
C:\WINNT\system32\igfxsrvc.exe
C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\Hewlett-Packard\Discovery Agent\Plugins\usage\discfcsn.exe
C:\Program Files\Encryption Anywhere\Encryption Anywhere Clients\Client Console\EAFRCliStart.exe
C:\Program Files\Microsoft Office Communicator\communicator.exe
C:\Program Files\Qwest Communications\Qwest SMS Software Distribution Manager\Vercheck.exe
C:\Program Files\Kontiki\KHost.exe
C:\PROGRA~1\WEBMEE~1\Modules\Launcher\mcLauncher.exe
C:\WINNT\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\WINNT\system32\wbem\unsecapp.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Citrix\ICA Client\Wfcrun32.exe
C:\PROGRA~1\Citrix\ICACLI~1\WFICA32.EXE
C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE
C:\WINNT\system32\notepad.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\mhfonta\Desktop\dds.scr
C:\WINNT\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uStart Page = hxxp://theq.qwest.net/
uWindow Title = Windows Internet Explorer provided by Qwest Communications
mDefault_Page_URL = hxxp://www.msn.com
uInternet Settings,ProxyOverride = DENEVJA01;QTDENEVAP06;DENEVMA01;QTDENEVAP01;DENEVMA02;QTDENEVAP02;DENEVMA03;QTDENEVAP03;DENEVMA04;QTDENEVAP04;DENEVMA05;QTDENEVAP05;OMAEVMA01;QTOMAEVAP01;OMAEVMA02;QTOMAEVAP02;OMAEVMA03;QTOMAEVAP03;OMAEVMA04;QTOMAEVAP04;OMAEVMA05;QTOMAEVAP05;OMAEVPFA01;QTOMAEVAP06;
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
TB: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File
uRun: [MeetingLauncher] "c:\progra~1\webmee~1\modules\launcher\mcLauncher.exe"
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [ctfmon.exe] c:\winnt\system32\ctfmon.exe
uRun: [XA5RJ9EADJ] c:\docume~1\mhfonta\locals~1\temp\Bsm.exe
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [IgfxTray] c:\winnt\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\winnt\system32\hkcmd.exe
mRun: [Persistence] c:\winnt\system32\igfxpers.exe
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [QlbCtrl.exe] c:\program files\hewlett-packard\hp quick launch buttons\QlbCtrl.exe /Start
mRun: [hpWirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [AccelerometerSysTrayApplet] c:\winnt\system32\AccelerometerSt.exe
mRun: [IntelZeroConfig] "c:\program files\intel\wifi\bin\ZCfgSvc.exe"
mRun: [IntelWireless] "c:\program files\common files\intel\wirelesscommon\iFrmewrk.exe" /tf Intel Wireless Tray
mRun: [EDFcsn] c:\program files\hewlett-packard\discovery agent\plugins\usage\discfcsn.exe
mRun: [MeetingLauncher] c:\program files\web meeting\Vercheck.exe Start:mcLauncher.exe
mRun: [EAFRCliStart] c:\program files\encryption anywhere\encryption anywhere clients\client console\EAFRCliStart.exe /p
mRun: [Communicator] "c:\program files\microsoft office communicator\communicator.exe" /fromrunkey
mRun: [QSDM] "c:\program files\qwest communications\qwest sms software distribution manager\Vercheck.exe" /s
mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [kdx] c:\program files\kontiki\KHost.exe -all
mRun: [ISTray] "c:\program files\spyware doctor\pctsTray.exe"
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\kodake~1.lnk - c:\program files\kodak\kodak easyshare software\bin\EasyShare.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WZQKPICK.EXE
uPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)
mPolicies-system: EnableLUA = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
LSP: c:\program files\common files\pc tools\lsp\PCTLsp.dll
Trusted Zone: confarchives.com
Trusted Zone: conferencing.com
Trusted Zone: directv.com
Trusted Zone: e-invoice.com\qwest26
Trusted Zone: etalkco1
Trusted Zone: iconf.net
Trusted Zone: prod.com\rio2ui
Trusted Zone: prod.com\rio2ui2
Trusted Zone: qintra.com\eccpo
Trusted Zone: qintra.com\einstein
Trusted Zone: qintra.com\epaycce.ad
Trusted Zone: qintra.com\qgem.ad
Trusted Zone: qintra.com\rms.ad
Trusted Zone: qintra.com\som.ad
Trusted Zone: qintra.com\twist2
Trusted Zone: qshare
Trusted Zone: qtomaacmw01
Trusted Zone: uswest.com\consultingplusordering.uswc
Trusted Zone: uswest.com\consultingplustraining.uswc
Trusted Zone: uswest.com\qbat.uswc
Trusted Zone: uswest.com\qtracker.uswc
DPF: Microsoft XML Parser for Java - file://c:\winnt\java\classes\xmldso.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1259859791718
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - hxxp://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: GEWinlogonNotify - GENotify.dll
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\winnt\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
mASetup: {EEBF9CA6-567B-41cd-B5F6-EF2C7FEF37B5} - rundll32.exe advpack.dll,LaunchINFSectionEx c:\winnt\inf\wmactedp.inf,PerUserStub,,4
============= SERVICES / DRIVERS ===============
R0 EAFSPROT;EAFSPROT;c:\winnt\system32\drivers\eafsprot.sys [2008-8-26 13440]
R0 EPHDXLAT;PC Guardian Encryption Filter;c:\winnt\system32\drivers\ephdxlat.sys [2008-8-26 86784]
R0 Lbd;Lbd;c:\winnt\system32\drivers\Lbd.sys [2010-7-29 64288]
R0 PCTCore;PCTools KDS;c:\winnt\system32\drivers\PCTCore.sys [2010-8-3 207280]
R0 TfFsMon;TfFsMon;c:\winnt\system32\drivers\TfFsMon.sys [2010-8-3 51984]
R0 TfSysMon;TfSysMon;c:\winnt\system32\drivers\TfSysMon.sys [2010-8-3 59664]
R0 vmscsi;vmscsi;c:\winnt\system32\drivers\vmscsi.sys [2009-4-21 10880]
R1 pctgntdi;pctgntdi;c:\winnt\system32\drivers\pctgntdi.sys [2010-8-3 233136]
R1 Qinst67_;Qinst67_;c:\winnt\system32\Qinst67_.sys [2009-10-28 25472]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656]
R2 ATService;AuthenTec Fingerprint Service;c:\program files\fingerprint sensor\AtService.exe [2008-6-12 1164536]
R2 EAFRCliManager;EAFRCliManager;c:\program files\encryption anywhere\encryption anywhere clients\EAFRCliManager.exe [2009-3-11 221184]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2010-7-12 1352832]
R2 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool;c:\program files\nitro pdf\professional\NitroPDFDriverService.exe [2009-12-16 188736]
R2 nlsX86cc;NLS Service;c:\winnt\system32\NLSSRV32.EXE [2009-12-16 65856]
R2 prgnDiscAgent;HP DDMI Agent;c:\program files\hewlett-packard\discovery agent\bin32\discagnt.exe [2010-3-1 775736]
R2 Qinst67;Qinst67;c:\winnt\system32\Qinst67.exe [2009-10-28 741376]
R2 QSDMMonitor;QSDMMonitor;c:\program files\qwest communications\qsdmservicesetup\QSDMService.exe [2008-4-3 49152]
R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2010-8-3 365280]
R2 sdCoreService;PC Tools Security Service;c:\program files\spyware doctor\pctsSvc.exe [2010-8-3 1141712]
R3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver;c:\winnt\system32\drivers\ATSwpWDF.sys [2008-6-12 477696]
R3 Com4QLBEx;Com4QLBEx;c:\program files\hewlett-packard\hp quick launch buttons\Com4QLBEx.exe [2009-10-21 193840]
R3 IFXTPM;IFXTPM;c:\winnt\system32\drivers\ifxtpm.sys [2009-4-21 44800]
R3 pctplsg;pctplsg;c:\winnt\system32\drivers\pctplsg.sys [2010-8-3 70408]
R3 TfNetMon;TfNetMon;c:\winnt\system32\drivers\TfNetMon.sys [2010-8-3 33552]
R3 ThreatFire;ThreatFire;c:\program files\spyware doctor\tfengine\tfservice.exe service --> c:\program files\spyware doctor\tfengine\TFService.exe service [?]
S3 RemoteCMD;Remote Command Server;c:\winnt\system32\rcmdsvc.exe [2009-4-21 41472]
=============== Created Last 30 ================
2010-08-04 11:33:15 16384 ----atw- c:\temp\Perflib_Perfdata_528.dat
2010-08-04 11:32:58 16384 ----atw- c:\temp\Perflib_Perfdata_6f0.dat
2010-08-04 10:14:36 95024 ----a-w- c:\winnt\system32\drivers\SBREDrv.sys
2010-08-04 02:15:11 16384 ----atw- c:\temp\Perflib_Perfdata_6fc.dat
2010-08-04 00:40:52 0 d-----w- c:\docume~1\mhfonta\applic~1\SUPERAntiSpyware.com
2010-08-04 00:40:52 0 d-----w- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2010-08-04 00:40:16 0 d-----w- c:\program files\SUPERAntiSpyware
2010-08-04 00:39:36 0 d-----w- c:\docume~1\mhfonta\applic~1\Malwarebytes
2010-08-04 00:21:06 0 d-----w- c:\temp\tfxz
2010-08-04 00:20:45 59664 --s---w- c:\winnt\system32\drivers\TfSysMon.sys
2010-08-04 00:20:45 51984 --s---w- c:\winnt\system32\drivers\TfFsMon.sys
2010-08-04 00:20:45 33552 --s---w- c:\winnt\system32\drivers\TfNetMon.sys
2010-08-04 00:20:41 16384 ----atw- c:\temp\Perflib_Perfdata_14b8.dat
2010-08-04 00:20:22 7387 ----a-w- c:\winnt\system32\drivers\pctgntdi.cat
2010-08-04 00:20:22 233136 ----a-w- c:\winnt\system32\drivers\pctgntdi.sys
2010-08-04 00:20:17 87784 ----a-w- c:\winnt\system32\drivers\PCTAppEvent.sys
2010-08-04 00:20:17 7412 ----a-w- c:\winnt\system32\drivers\PCTAppEvent.cat
2010-08-04 00:20:17 7383 ----a-w- c:\winnt\system32\drivers\pctcore.cat
2010-08-04 00:20:17 207280 ----a-w- c:\winnt\system32\drivers\PCTCore.sys
2010-08-04 00:20:12 7383 ----a-w- c:\winnt\system32\drivers\pctplsg.cat
2010-08-04 00:20:12 70408 ----a-w- c:\winnt\system32\drivers\pctplsg.sys
2010-08-04 00:20:05 0 d-----w- c:\program files\Spyware Doctor
2010-08-04 00:20:05 0 d-----w- c:\program files\common files\PC Tools
2010-08-04 00:20:05 0 d-----w- c:\docume~1\mhfonta\applic~1\PC Tools
2010-08-04 00:20:05 0 d-----w- c:\docume~1\alluse~1\applic~1\PC Tools
2010-08-03 23:11:00 16384 ----atw- c:\temp\Perflib_Perfdata_1c8.dat
2010-08-03 23:06:40 0 d-----w- c:\program files\TrendMicro
2010-08-03 23:02:47 0 dc-h--w- c:\docume~1\alluse~1\applic~1\{83C91755-2546-441D-AC40-9A6B4B860800}
2010-08-03 22:59:52 16384 ----atw- c:\temp\Perflib_Perfdata_37c.dat
2010-08-03 22:27:18 16384 ----atw- c:\temp\Perflib_Perfdata_254.dat
2010-08-03 22:15:31 16384 ----atw- c:\temp\Perflib_Perfdata_798.dat
2010-07-29 07:31:36 15880 ----a-w- c:\winnt\system32\lsdelete.exe
2010-07-29 05:45:51 64288 ----a-w- c:\winnt\system32\drivers\Lbd.sys
2010-07-29 04:53:38 0 dc-h--w- c:\docume~1\alluse~1\applic~1\{BD986C1B-72EC-4B82-B47B-6CAC4E6F494E}
2010-07-29 04:53:19 0 d-----w- c:\program files\Lavasoft
2010-07-28 02:00:12 16384 ----atw- c:\temp\Perflib_Perfdata_238.dat
2010-07-28 00:55:37 16384 ----atw- c:\temp\Perflib_Perfdata_240.dat
2010-07-28 00:37:32 16384 ----atw- c:\temp\Perflib_Perfdata_168.dat
2010-07-24 18:08:07 195072 ----a-w- c:\winnt\Blavob.exe
2010-07-24 17:49:59 38224 ----a-w- c:\winnt\system32\drivers\mbamswissarmy.sys
2010-07-24 17:49:58 20952 ----a-w- c:\winnt\system32\drivers\mbam.sys
2010-07-24 17:49:58 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-07-24 17:49:58 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2010-07-24 17:18:04 0 d-----w- c:\docume~1\mhfonta\applic~1\GoldWaveCDDB
2010-07-24 17:18:04 0 d-----w- c:\docume~1\alluse~1\applic~1\GoldWaveCDDB
2010-07-24 17:03:28 195072 ----a-w- c:\winnt\Blavoa.exe
2010-07-12 21:26:13 0 d-----w- c:\docume~1\alluse~1\applic~1\Kontiki
2010-07-12 21:24:57 0 d-----w- c:\program files\Kontiki
2010-07-08 10:28:28 0 d-----w- c:\temp\BDIJWSFL
2010-07-06 11:09:17 0 d-----w- c:\temp\JUJYBVKL
==================== Find3M ====================
2010-07-24 17:03:21 46592 ----a-w- c:\docume~1\mhfonta\applic~1\6c5a2965.exe
2010-06-27 17:49:53 58860 ----a-w- c:\winnt\fonts\LINOSCRI.TTF
2010-06-27 17:49:37 45192 ----a-w- c:\winnt\fonts\LINCOLNN.TTF
2010-06-27 17:49:23 50992 ----a-w- c:\winnt\fonts\LINOTEXT.TTF
2010-06-27 17:38:20 52984 ----a-w- c:\winnt\fonts\Diploma Regular.ttf
2010-06-27 17:37:54 44820 ----a-w- c:\winnt\fonts\Diploma (Sec).ttf
============= FINISH: 8:00:23.75 ===============
I was finally able to run DDS (I am not able to run OTL). Here's what I got...
DDS (Ver_10-03-17.01) - NTFSx86
Run by mhfonta at 7:57:52.96 on Wed 08/04/2010
Internet Explorer: 6.0.2900.2180
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2039.859 [GMT -4:00]
AV: Spyware Doctor with AntiVirus *On-access scanning disabled* (Updated) {D3C23B96-C9DC-477F-8EF1-69AF17A6EFF6}
AV: Lavasoft Ad-Watch Live! Anti-Virus *On-access scanning enabled* (Updated) {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}
============== Running Processes ===============
c:\Program Files\Fingerprint Sensor\AtService.exe
C:\WINNT\system32\svchost -k DcomLaunch
C:\WINNT\system32\svchost -k rpcss
C:\WINNT\System32\svchost.exe -k netsvcs
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
C:\WINNT\system32\svchost.exe -k NetworkService
C:\WINNT\system32\svchost.exe -k LocalService
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Encryption Anywhere\Encryption Anywhere Clients\EAFRCliManager.exe
C:\WINNT\system32\svchost.exe -k LocalService
C:\Program Files\GuardianEdge\GuardianEdge Autologon Client\EAHDCheckSvr.exe
C:\Program Files\Encryption Anywhere\Encryption Anywhere Clients\EACommunication.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\WINNT\system32\agrsmsvc.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Kontiki\KService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
C:\WINNT\system32\NLSSRV32.EXE
C:\Program Files\Hewlett-Packard\Discovery Agent\bin32\discagnt.exe
C:\WINNT\system32\Qinst67.exe
C:\Program Files\Hewlett-Packard\Discovery Agent\Plugins\usage\discusge.exe
C:\Program Files\Qwest Communications\QSDMServiceSetup\QSDMService.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\WINNT\system32\svchost.exe -k imgsvc
C:\Program Files\Intel\WiFi\bin\WLKeeper.exe
C:\WINNT\system32\CCM\CcmExec.exe
C:\WINNT\system32\wbem\unsecapp.exe
C:\WINNT\system32\wbem\wmiprvse.exe
C:\WINNT\system32\wbem\wmiprvse.exe
C:\WINNT\System32\alg.exe
C:\WINNT\system32\wbem\wmiprvse.exe
C:\Program Files\Spyware Doctor\TFEngine\TFService.exe
C:\WINNT\system32\wbem\wmiprvse.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\igfxpers.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINNT\system32\AccelerometerSt.exe
C:\WINNT\system32\igfxsrvc.exe
C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\Hewlett-Packard\Discovery Agent\Plugins\usage\discfcsn.exe
C:\Program Files\Encryption Anywhere\Encryption Anywhere Clients\Client Console\EAFRCliStart.exe
C:\Program Files\Microsoft Office Communicator\communicator.exe
C:\Program Files\Qwest Communications\Qwest SMS Software Distribution Manager\Vercheck.exe
C:\Program Files\Kontiki\KHost.exe
C:\PROGRA~1\WEBMEE~1\Modules\Launcher\mcLauncher.exe
C:\WINNT\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\WINNT\system32\wbem\unsecapp.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Citrix\ICA Client\Wfcrun32.exe
C:\PROGRA~1\Citrix\ICACLI~1\WFICA32.EXE
C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE
C:\WINNT\system32\notepad.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\mhfonta\Desktop\dds.scr
C:\WINNT\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uStart Page = hxxp://theq.qwest.net/
uWindow Title = Windows Internet Explorer provided by Qwest Communications
mDefault_Page_URL = hxxp://www.msn.com
uInternet Settings,ProxyOverride = DENEVJA01;QTDENEVAP06;DENEVMA01;QTDENEVAP01;DENEVMA02;QTDENEVAP02;DENEVMA03;QTDENEVAP03;DENEVMA04;QTDENEVAP04;DENEVMA05;QTDENEVAP05;OMAEVMA01;QTOMAEVAP01;OMAEVMA02;QTOMAEVAP02;OMAEVMA03;QTOMAEVAP03;OMAEVMA04;QTOMAEVAP04;OMAEVMA05;QTOMAEVAP05;OMAEVPFA01;QTOMAEVAP06;
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
TB: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File
uRun: [MeetingLauncher] "c:\progra~1\webmee~1\modules\launcher\mcLauncher.exe"
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [ctfmon.exe] c:\winnt\system32\ctfmon.exe
uRun: [XA5RJ9EADJ] c:\docume~1\mhfonta\locals~1\temp\Bsm.exe
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [IgfxTray] c:\winnt\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\winnt\system32\hkcmd.exe
mRun: [Persistence] c:\winnt\system32\igfxpers.exe
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [QlbCtrl.exe] c:\program files\hewlett-packard\hp quick launch buttons\QlbCtrl.exe /Start
mRun: [hpWirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [AccelerometerSysTrayApplet] c:\winnt\system32\AccelerometerSt.exe
mRun: [IntelZeroConfig] "c:\program files\intel\wifi\bin\ZCfgSvc.exe"
mRun: [IntelWireless] "c:\program files\common files\intel\wirelesscommon\iFrmewrk.exe" /tf Intel Wireless Tray
mRun: [EDFcsn] c:\program files\hewlett-packard\discovery agent\plugins\usage\discfcsn.exe
mRun: [MeetingLauncher] c:\program files\web meeting\Vercheck.exe Start:mcLauncher.exe
mRun: [EAFRCliStart] c:\program files\encryption anywhere\encryption anywhere clients\client console\EAFRCliStart.exe /p
mRun: [Communicator] "c:\program files\microsoft office communicator\communicator.exe" /fromrunkey
mRun: [QSDM] "c:\program files\qwest communications\qwest sms software distribution manager\Vercheck.exe" /s
mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [kdx] c:\program files\kontiki\KHost.exe -all
mRun: [ISTray] "c:\program files\spyware doctor\pctsTray.exe"
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\kodake~1.lnk - c:\program files\kodak\kodak easyshare software\bin\EasyShare.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WZQKPICK.EXE
uPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)
mPolicies-system: EnableLUA = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
LSP: c:\program files\common files\pc tools\lsp\PCTLsp.dll
Trusted Zone: confarchives.com
Trusted Zone: conferencing.com
Trusted Zone: directv.com
Trusted Zone: e-invoice.com\qwest26
Trusted Zone: etalkco1
Trusted Zone: iconf.net
Trusted Zone: prod.com\rio2ui
Trusted Zone: prod.com\rio2ui2
Trusted Zone: qintra.com\eccpo
Trusted Zone: qintra.com\einstein
Trusted Zone: qintra.com\epaycce.ad
Trusted Zone: qintra.com\qgem.ad
Trusted Zone: qintra.com\rms.ad
Trusted Zone: qintra.com\som.ad
Trusted Zone: qintra.com\twist2
Trusted Zone: qshare
Trusted Zone: qtomaacmw01
Trusted Zone: uswest.com\consultingplusordering.uswc
Trusted Zone: uswest.com\consultingplustraining.uswc
Trusted Zone: uswest.com\qbat.uswc
Trusted Zone: uswest.com\qtracker.uswc
DPF: Microsoft XML Parser for Java - file://c:\winnt\java\classes\xmldso.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1259859791718
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - hxxp://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: GEWinlogonNotify - GENotify.dll
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\winnt\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
mASetup: {EEBF9CA6-567B-41cd-B5F6-EF2C7FEF37B5} - rundll32.exe advpack.dll,LaunchINFSectionEx c:\winnt\inf\wmactedp.inf,PerUserStub,,4
============= SERVICES / DRIVERS ===============
R0 EAFSPROT;EAFSPROT;c:\winnt\system32\drivers\eafsprot.sys [2008-8-26 13440]
R0 EPHDXLAT;PC Guardian Encryption Filter;c:\winnt\system32\drivers\ephdxlat.sys [2008-8-26 86784]
R0 Lbd;Lbd;c:\winnt\system32\drivers\Lbd.sys [2010-7-29 64288]
R0 PCTCore;PCTools KDS;c:\winnt\system32\drivers\PCTCore.sys [2010-8-3 207280]
R0 TfFsMon;TfFsMon;c:\winnt\system32\drivers\TfFsMon.sys [2010-8-3 51984]
R0 TfSysMon;TfSysMon;c:\winnt\system32\drivers\TfSysMon.sys [2010-8-3 59664]
R0 vmscsi;vmscsi;c:\winnt\system32\drivers\vmscsi.sys [2009-4-21 10880]
R1 pctgntdi;pctgntdi;c:\winnt\system32\drivers\pctgntdi.sys [2010-8-3 233136]
R1 Qinst67_;Qinst67_;c:\winnt\system32\Qinst67_.sys [2009-10-28 25472]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656]
R2 ATService;AuthenTec Fingerprint Service;c:\program files\fingerprint sensor\AtService.exe [2008-6-12 1164536]
R2 EAFRCliManager;EAFRCliManager;c:\program files\encryption anywhere\encryption anywhere clients\EAFRCliManager.exe [2009-3-11 221184]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2010-7-12 1352832]
R2 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool;c:\program files\nitro pdf\professional\NitroPDFDriverService.exe [2009-12-16 188736]
R2 nlsX86cc;NLS Service;c:\winnt\system32\NLSSRV32.EXE [2009-12-16 65856]
R2 prgnDiscAgent;HP DDMI Agent;c:\program files\hewlett-packard\discovery agent\bin32\discagnt.exe [2010-3-1 775736]
R2 Qinst67;Qinst67;c:\winnt\system32\Qinst67.exe [2009-10-28 741376]
R2 QSDMMonitor;QSDMMonitor;c:\program files\qwest communications\qsdmservicesetup\QSDMService.exe [2008-4-3 49152]
R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2010-8-3 365280]
R2 sdCoreService;PC Tools Security Service;c:\program files\spyware doctor\pctsSvc.exe [2010-8-3 1141712]
R3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver;c:\winnt\system32\drivers\ATSwpWDF.sys [2008-6-12 477696]
R3 Com4QLBEx;Com4QLBEx;c:\program files\hewlett-packard\hp quick launch buttons\Com4QLBEx.exe [2009-10-21 193840]
R3 IFXTPM;IFXTPM;c:\winnt\system32\drivers\ifxtpm.sys [2009-4-21 44800]
R3 pctplsg;pctplsg;c:\winnt\system32\drivers\pctplsg.sys [2010-8-3 70408]
R3 TfNetMon;TfNetMon;c:\winnt\system32\drivers\TfNetMon.sys [2010-8-3 33552]
R3 ThreatFire;ThreatFire;c:\program files\spyware doctor\tfengine\tfservice.exe service --> c:\program files\spyware doctor\tfengine\TFService.exe service [?]
S3 RemoteCMD;Remote Command Server;c:\winnt\system32\rcmdsvc.exe [2009-4-21 41472]
=============== Created Last 30 ================
2010-08-04 11:33:15 16384 ----atw- c:\temp\Perflib_Perfdata_528.dat
2010-08-04 11:32:58 16384 ----atw- c:\temp\Perflib_Perfdata_6f0.dat
2010-08-04 10:14:36 95024 ----a-w- c:\winnt\system32\drivers\SBREDrv.sys
2010-08-04 02:15:11 16384 ----atw- c:\temp\Perflib_Perfdata_6fc.dat
2010-08-04 00:40:52 0 d-----w- c:\docume~1\mhfonta\applic~1\SUPERAntiSpyware.com
2010-08-04 00:40:52 0 d-----w- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2010-08-04 00:40:16 0 d-----w- c:\program files\SUPERAntiSpyware
2010-08-04 00:39:36 0 d-----w- c:\docume~1\mhfonta\applic~1\Malwarebytes
2010-08-04 00:21:06 0 d-----w- c:\temp\tfxz
2010-08-04 00:20:45 59664 --s---w- c:\winnt\system32\drivers\TfSysMon.sys
2010-08-04 00:20:45 51984 --s---w- c:\winnt\system32\drivers\TfFsMon.sys
2010-08-04 00:20:45 33552 --s---w- c:\winnt\system32\drivers\TfNetMon.sys
2010-08-04 00:20:41 16384 ----atw- c:\temp\Perflib_Perfdata_14b8.dat
2010-08-04 00:20:22 7387 ----a-w- c:\winnt\system32\drivers\pctgntdi.cat
2010-08-04 00:20:22 233136 ----a-w- c:\winnt\system32\drivers\pctgntdi.sys
2010-08-04 00:20:17 87784 ----a-w- c:\winnt\system32\drivers\PCTAppEvent.sys
2010-08-04 00:20:17 7412 ----a-w- c:\winnt\system32\drivers\PCTAppEvent.cat
2010-08-04 00:20:17 7383 ----a-w- c:\winnt\system32\drivers\pctcore.cat
2010-08-04 00:20:17 207280 ----a-w- c:\winnt\system32\drivers\PCTCore.sys
2010-08-04 00:20:12 7383 ----a-w- c:\winnt\system32\drivers\pctplsg.cat
2010-08-04 00:20:12 70408 ----a-w- c:\winnt\system32\drivers\pctplsg.sys
2010-08-04 00:20:05 0 d-----w- c:\program files\Spyware Doctor
2010-08-04 00:20:05 0 d-----w- c:\program files\common files\PC Tools
2010-08-04 00:20:05 0 d-----w- c:\docume~1\mhfonta\applic~1\PC Tools
2010-08-04 00:20:05 0 d-----w- c:\docume~1\alluse~1\applic~1\PC Tools
2010-08-03 23:11:00 16384 ----atw- c:\temp\Perflib_Perfdata_1c8.dat
2010-08-03 23:06:40 0 d-----w- c:\program files\TrendMicro
2010-08-03 23:02:47 0 dc-h--w- c:\docume~1\alluse~1\applic~1\{83C91755-2546-441D-AC40-9A6B4B860800}
2010-08-03 22:59:52 16384 ----atw- c:\temp\Perflib_Perfdata_37c.dat
2010-08-03 22:27:18 16384 ----atw- c:\temp\Perflib_Perfdata_254.dat
2010-08-03 22:15:31 16384 ----atw- c:\temp\Perflib_Perfdata_798.dat
2010-07-29 07:31:36 15880 ----a-w- c:\winnt\system32\lsdelete.exe
2010-07-29 05:45:51 64288 ----a-w- c:\winnt\system32\drivers\Lbd.sys
2010-07-29 04:53:38 0 dc-h--w- c:\docume~1\alluse~1\applic~1\{BD986C1B-72EC-4B82-B47B-6CAC4E6F494E}
2010-07-29 04:53:19 0 d-----w- c:\program files\Lavasoft
2010-07-28 02:00:12 16384 ----atw- c:\temp\Perflib_Perfdata_238.dat
2010-07-28 00:55:37 16384 ----atw- c:\temp\Perflib_Perfdata_240.dat
2010-07-28 00:37:32 16384 ----atw- c:\temp\Perflib_Perfdata_168.dat
2010-07-24 18:08:07 195072 ----a-w- c:\winnt\Blavob.exe
2010-07-24 17:49:59 38224 ----a-w- c:\winnt\system32\drivers\mbamswissarmy.sys
2010-07-24 17:49:58 20952 ----a-w- c:\winnt\system32\drivers\mbam.sys
2010-07-24 17:49:58 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-07-24 17:49:58 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2010-07-24 17:18:04 0 d-----w- c:\docume~1\mhfonta\applic~1\GoldWaveCDDB
2010-07-24 17:18:04 0 d-----w- c:\docume~1\alluse~1\applic~1\GoldWaveCDDB
2010-07-24 17:03:28 195072 ----a-w- c:\winnt\Blavoa.exe
2010-07-12 21:26:13 0 d-----w- c:\docume~1\alluse~1\applic~1\Kontiki
2010-07-12 21:24:57 0 d-----w- c:\program files\Kontiki
2010-07-08 10:28:28 0 d-----w- c:\temp\BDIJWSFL
2010-07-06 11:09:17 0 d-----w- c:\temp\JUJYBVKL
==================== Find3M ====================
2010-07-24 17:03:21 46592 ----a-w- c:\docume~1\mhfonta\applic~1\6c5a2965.exe
2010-06-27 17:49:53 58860 ----a-w- c:\winnt\fonts\LINOSCRI.TTF
2010-06-27 17:49:37 45192 ----a-w- c:\winnt\fonts\LINCOLNN.TTF
2010-06-27 17:49:23 50992 ----a-w- c:\winnt\fonts\LINOTEXT.TTF
2010-06-27 17:38:20 52984 ----a-w- c:\winnt\fonts\Diploma Regular.ttf
2010-06-27 17:37:54 44820 ----a-w- c:\winnt\fonts\Diploma (Sec).ttf
============= FINISH: 8:00:23.75 ===============