Laptop shuts down during virus scan in safe mode

My laptop shut down while surfing the internet Monday night, corrupting Symantec Antivirus and Firefox. I was able to uninstall the A/V program but Firefox won't uninstall no matter what I do. I downloaded Malwarebytes and Avira to try and fix the problem, but my computer shut down in both regular mode and safe mode when I tried to run scans with either program. If you could please help me troubleshoot and fix these problems, it would be greatly appreciated. Thanks...

Here's the logfile from Hijackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:27:24 AM, on 4/22/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18226)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Verizon Wireless\VZAccess Manager\VZAccess Manager.exe
C:\Windows\System32\wsqmcons.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E2CC0SUI\hijackgpthis[1].exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [BroadcomWireless] C:\Program Files\Broadcom\Wireless\Utility\WlanUtil.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O13 - Gopher Prefix:
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B216086D-AC8B-4D58-A4FA-83A12B22C9D2}: NameServer = 66.174.95.44 66.174.92.14
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

--
End of file - 6542 bytes

1. Please download The Avenger by Swandog46 to your Desktop
Link: HERE or HERE.

• Click on Avenger.zip to open the file
  
• Extract avenger.exe to your desktop
  

Note: This tool was posted. specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.[/color][/b][/i]

2. Now, start The Avenger program by clicking on its icon on your desktop.

• Leave the sript box empty.
  
• Leave the ticked box "Scan for rootkit" ticked.
  
• Then tick "Disable any rootkits found"
  
• Now click on the Execute to begin execution of the script.
  
• Answer "Yes" twice when prompted.
  
  The Avenger will automatically do the following:
  
  
• It will Restart your computer.
  
• On reboot, it will briefly open a black command window on your desktop, this is normal.
  
• After the restart, it creates a log file that should open with the results of Avenger’s actions. This log file will be located at C:\avenger.txt
  
• The Avenger will also have backed up all the files, etc., that you asked it to delete, and will have zipped them and moved the zip archives to C:\avenger\backup.zip.
  

3. Please copy/paste the content of c:\avenger.txt into your reply.

Here's the logfile from Avenger. It didn't find anything.

Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows Vista

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.
No rootkits found!


Completed script processing.

*******************

Finished! Terminate.

Hmm.

• Please download DDS by sUBs to your Desktop (Important!!) from one of these locations:
  Link 1
  Link 2
  
• Double click DDS.scr to run
  
• When complete, DDS.txt will open.
  
• Save the report to your Desktop.
  
• Copy and paste DDS.txt back here, I don't need to see attach.txt.
  

Ok, here's part one of the DDS.txt.


DDS (Ver_09-03-16.01) - NTFSx86
Run by Owner at 15:46:11.48 on Wed 04/22/2009
Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_13
Microsoft Windows Vista Home Premium 6.0.6001.1.1252.1.1033.18.1790.1132 [GMT -4:00]

AV: AntiVir Desktop *On-access scanning enabled* (Updated)

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Verizon Wireless\VZAccess Manager\VZAccess Manager.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Microsoft\Office Live\OfficeLiveSignIn.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E1KCN6GB\dds[1].scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.yahoo.com/
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [BitTorrent DNA] "c:\program files\dna\btdna.exe"
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [BroadcomWireless] c:\program files\broadcom\wireless\utility\WlanUtil.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://support.microsoft.com/OAS/ActiveX/MSDcode.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: {B216086D-AC8B-4D58-A4FA-83A12B22C9D2} = 66.174.95.44 66.174.92.14

I accidentally closed DDS.txt without saving it, and lost the rest of the info that I needed to give you. Can I run it again?

You'll probably need to run it again.

Sorry about that. Here's part one of DDS.text again, more to follow.

DDS (Ver_09-03-16.01) - NTFSx86
Run by Owner at 16:15:17.39 on Wed 04/22/2009
Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_13
Microsoft Windows Vista Home Premium 6.0.6001.1.1252.1.1033.18.1790.1054 [GMT -4:00]

AV: AntiVir Desktop *On-access scanning enabled* (Updated)

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Verizon Wireless\VZAccess Manager\VZAccess Manager.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Microsoft\Office Live\OfficeLiveSignIn.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E1KCN6GB\dds[1].scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.yahoo.com/
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [BitTorrent DNA] "c:\program files\dna\btdna.exe"
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [BroadcomWireless] c:\program files\broadcom\wireless\utility\WlanUtil.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://support.microsoft.com/OAS/ActiveX/MSDcode.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: {B216086D-AC8B-4D58-A4FA-83A12B22C9D2} = 66.174.95.44 66.174.92.14

Part 2 of DDS.txt:

================= FIREFOX ===================

FF - ProfilePath - c:\users\owner\appdata\roaming\mozilla\firefox\profiles\4smyzrxw.default\

============= SERVICES / DRIVERS ===============

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2009-4-22 108289]
R2 SeaPort;SeaPort;c:\program files\microsoft\search enhancement pack\seaport\SeaPort.exe [2009-1-14 226656]
R3 enecir;ENE CIR Receiver;c:\windows\system32\drivers\enecir.sys [2008-9-4 54784]
R3 PTDMBus;PANTECH USB Modem Composite Device Driver ;c:\windows\system32\drivers\PTDMBus.sys [2009-4-3 29952]
R3 PTDMMdm;PANTECH USB Modem Drivers ;c:\windows\system32\drivers\PTDMMdm.sys [2009-4-3 41856]
R3 PTDMVsp;PANTECH USB Modem Serial Port ;c:\windows\system32\drivers\PTDMVsp.sys [2009-4-3 39936]
R3 PTDMWWAN;PANTECH USB Modem WWAN Driver;c:\windows\system32\drivers\PTDMWWAN.sys [2009-4-3 59520]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2009-4-5 55280]
S3 fsssvc;Windows Live Family Safety;c:\program files\windows live\family safety\fsssvc.exe [2009-2-6 533360]

=============== Created Last 30 ================

2009-04-22 04:16 1,541,120 a------- c:\windows\system32\onex.dll
2009-04-22 04:16 2,623,488 a------- c:\windows\system32\SLsvc.exe
2009-04-22 04:16 51,768 a------- c:\windows\system32\PSHED.DLL
2009-04-22 04:16 705,536 a------- c:\windows\system32\imagesp1.dll
2009-04-22 04:16 681,984 a------- c:\windows\system32\drivers\spsys.sys
2009-04-22 04:16 2,091,520 a------- c:\windows\system32\dfsr.exe
2009-04-22 04:16 1,107,968 a------- c:\windows\system32\pidgenx.dll
2009-04-22 04:16 2,061,824 a------- c:\windows\system32\mstscax.dll
2009-04-22 04:16 116,736 a------- c:\windows\system32\sstpsvc.dll
2009-04-22 04:14 210,432 a------- c:\windows\system32\msv1_0.dll
2009-04-22 04:13 825,856 a------- c:\windows\system32\rasdlg.dll
2009-04-22 04:12 532,992 a------- c:\windows\system32\wpcao.dll
2009-04-22 04:11 130,048 a------- c:\windows\system32\drivers\drmk.sys
2009-04-22 04:10 357,888 a------- c:\windows\system32\wbemcomn.dll
2009-04-22 04:10 129,536 a------- c:\windows\system32\sqmapi.dll
2009-04-22 04:10 704,512 a------- c:\windows\system32\SmiEngine.dll
2009-04-22 04:10 139,264 a------- c:\windows\system32\SmiInstaller.dll
2009-04-22 04:10 218,624 a------- c:\windows\system32\wdscore.dll
2009-04-22 04:10 130,560 a------- c:\windows\system32\PkgMgr.exe
2009-04-22 04:10 246,784 a------- c:\windows\system32\drvstore.dll
2009-04-22 04:10 258,560 a------- c:\windows\system32\dpx.dll
2009-04-22 04:10 35,328 a------- c:\windows\system32\mspatcha.dll
2009-04-22 04:10 305,152 a------- c:\windows\system32\msdelta.dll
2009-04-22 04:09 6,656 a------- c:\windows\system32\kbd106.dll
2009-04-22 01:11 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-04-22 01:11 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-22 01:07 55,640 a------- c:\windows\system32\drivers\avgntflt.sys
2009-04-22 00:46 --d----- c:\users\owner\appdata\roaming\BitTorrent
2009-04-22 00:45 --d----- c:\users\owner\appdata\roaming\DNA
2009-04-22 00:45 --d----- c:\program files\DNA
2009-04-22 00:45 --d----- c:\program files\BitTorrent
2009-04-21 13:40 --d----- c:\program files\AskBarDis
2009-04-21 13:38 --d----- c:\programdata\Comodo
2009-04-21 13:38 --d----- c:\progra~2\Comodo
2009-04-21 13:38 --d----- c:\program files\COMODO
2009-04-21 12:44 --d----- c:\programdata\SUPERAntiSpyware.com
2009-04-21 12:44 --d----- c:\progra~2\SUPERAntiSpyware.com
2009-04-21 12:43 --d----- c:\users\owner\appdata\roaming\SUPERAntiSpyware.com
2009-04-21 12:43 --d----- c:\program files\SUPERAntiSpyware
2009-04-21 06:40 --d----- c:\programdata\Avira
2009-04-21 06:40 --d----- c:\program files\Avira
2009-04-21 06:40 --d----- c:\progra~2\Avira
2009-04-21 03:24 --d----- c:\users\owner\appdata\roaming\Malwarebytes
2009-04-21 03:24 --d----- c:\programdata\Malwarebytes
2009-04-21 03:24 --d----- c:\program files\Malwarebytes' Anti-Malware
2009-04-21 03:24 --d----- c:\progra~2\Malwarebytes
2009-04-15 20:38 --d----- c:\programdata\Adobe
2009-04-15 20:32 --d----- c:\programdata\NOS
2009-04-08 01:42 --d-h--- c:\program files\Temp
2009-04-07 23:43 --d----- c:\programdata\WinZip
2009-04-05 22:54 --d----- C:\PerfLogs
2009-04-05 21:17 --d----- c:\programdata\PC Drivers HeadQuarters
2009-04-05 21:17 --d----- c:\progra~2\PC Drivers HeadQuarters
2009-04-05 18:43 410,984 a------- c:\windows\system32\deploytk.dll
2009-04-05 18:33 --d----- c:\users\owner\appdata\roaming\Mozilla(923)
2009-04-05 18:33 --d----- c:\users\owner\appdata\roaming\Mozilla(412)
2009-04-05 16:09 --d----- c:\program files\Microsoft CAPICOM 2.1.0.2
2009-04-05 16:08 --d----- c:\program files\Microsoft Office Outlook Connector
2009-04-05 15:51 --d----- c:\users\owner\Tracing
2009-04-05 15:47 55,280 a------- c:\windows\system32\drivers\fssfltr.sys
2009-04-05 15:45 3,426,072 a------- c:\windows\system32\d3dx9_32.dll
2009-04-05 15:44 --d----- c:\program files\Microsoft SQL Server Compact Edition
2009-04-05 15:43 712,704 a------- c:\windows\system32\WindowsCodecs.dll
2009-04-05 15:43 347,648 a------- c:\windows\system32\WindowsCodecsExt.dll
2009-04-05 15:42 --d----- c:\program files\Microsoft
2009-04-05 15:42 --d----- c:\program files\Windows Live SkyDrive
2009-04-05 15:27 --d----- c:\program files\common files\Windows Live
2009-04-05 12:52 269,312 a------- c:\windows\system32\es.dll
2009-04-05 12:51 --d----- c:\program files\MSXML 4.0
2009-04-04 16:45 109,696 a------- c:\windows\hpqins00.dat
2009-04-04 16:16 --d----- c:\programdata\Yahoo! Companion
2009-04-04 16:05 --d----- c:\programdata\WEBREG
2009-04-04 16:05 --d----- c:\progra~2\WEBREG
2009-04-04 16:04 --d----- c:\programdata\Hewlett-Packard
2009-04-04 16:02 --d----- c:\program files\Yahoo!
2009-04-04 15:59 --d----- c:\programdata\HP Product Assistant
2009-04-04 15:59 --d----- c:\program files\common files\Hewlett-Packard
2009-04-04 15:58 --d----- c:\program files\common files\HP
2009-04-04 15:57 117,760 a------- c:\windows\system32\hpzll5mu.dll
2009-04-04 15:55 --d----- c:\program files\HP
2009-04-04 15:55 157,603 a------- c:\windows\hpoins27.dat
2009-04-04 15:55 932 -------- c:\windows\hpomdl27.dat
2009-04-04 15:54 --d----- c:\programdata\HP
2009-04-04 15:54 729,088 a------- c:\windows\system32\hpowiax7.dll
2009-04-04 15:54 581,632 a------- c:\windows\system32\hpotscl6.dll
2009-04-04 15:54 372,736 a------- c:\windows\system32\hppldcoi.dll
2009-04-04 15:54 303,104 a------- c:\windows\system32\hpovst15.dll
2009-04-04 15:54 271,704 a------- c:\windows\system32\hpzids01.dll
2009-04-04 15:06 361,984 a------- c:\windows\system32\IPSECSVC.DLL
2009-04-04 15:06 61,440 a------- c:\windows\system32\winipsec.dll
2009-04-04 15:06 28,672 a------- c:\windows\system32\FwRemoteSvr.dll
2009-04-04 15:06 272,896 a------- c:\windows\system32\polstore.dll
2009-04-04 14:50 296,960 a------- c:\windows\system32\gdi32.dll
2009-04-04 14:48 212,480 a------- c:\windows\system32\drivers\mrxsmb10.sys
2009-04-04 14:46 28,672 a------- c:\windows\system32\Apphlpdm.dll
2009-04-04 14:46 4,240,384 a------- c:\windows\system32\GameUXLegacyGDFs.dll
2009-04-04 14:46 1,695,744 a------- c:\windows\system32\gameux.dll
2009-04-04 14:45 303,616 a------- c:\windows\system32\wmpeffects.dll
2009-04-04 14:43 1,191,936 a------- c:\windows\system32\msxml3.dll
2009-04-04 14:43 2,048 a------- c:\windows\system32\msxml3r.dll
2009-04-04 14:35 2,048 a------- c:\windows\system32\tzres.dll
2009-04-04 14:32 8,147,456 a------- c:\windows\system32\wmploc.DLL
2009-04-04 14:32 7,680 a------- c:\windows\system32\spwmp.dll
2009-04-04 14:32 4,096 a------- c:\windows\system32\dxmasf.dll
2009-04-04 14:32 4,096 a------- c:\windows\system32\msdxm.ocx
2009-04-04 14:23 2,927,104 a------- c:\windows\explorer.exe
2009-04-04 14:14 6,346,240 a------- c:\windows\system32\NlsLexicons001d.dll
2009-04-04 14:09 6,656 a------- c:\windows\system32\kbd106n.dll
2009-04-04 14:09 988,216 a------- c:\windows\system32\winload.exe
2009-04-04 14:09 927,288 a------- c:\windows\system32\winresume.exe
2009-04-04 14:09 378,368 a------- c:\windows\system32\srcore.dll
2009-04-04 14:09 318,464 a------- c:\windows\system32\rstrui.exe
2009-04-04 14:09 40,960 a------- c:\windows\system32\srclient.dll
2009-04-04 14:09 14,848 a------- c:\windows\system32\srdelayed.exe
2009-04-04 14:09 46,592 a------- c:\windows\system32\setbcdlocale.dll
2009-04-04 14:09 19,000 a------- c:\windows\system32\kd1394.dll
2009-04-04 14:09 615,992 a------- c:\windows\system32\ci.dll
2009-04-04 14:04 443,392 a------- c:\windows\system32\win32spl.dll
2009-04-04 14:04 37,888 a------- c:\windows\system32\printcom.dll
2009-04-04 14:03 113,664 a------- c:\windows\system32\drivers\rmcast.sys

Part 3(end) of DDS.txt:

2009-04-04 14:03 14,848 a------- c:\windows\system32\wshrm.dll
2009-04-04 13:59 288,768 a------- c:\windows\system32\drivers\srv.sys
2009-04-04 13:56 268,288 a------- c:\windows\system32\schannel.dll
2009-04-04 13:49 622,080 a------- c:\windows\system32\icardagt.exe
2009-04-04 13:49 97,800 a------- c:\windows\system32\infocardapi.dll
2009-04-04 13:49 11,264 a------- c:\windows\system32\icardres.dll
2009-04-04 13:49 37,384 a------- c:\windows\system32\infocardcpl.cpl
2009-04-04 13:49 105,016 a------- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-04-04 13:49 781,344 a------- c:\windows\system32\PresentationNative_v0300.dll
2009-04-04 13:49 326,160 a------- c:\windows\system32\PresentationHost.exe
2009-04-04 13:49 43,544 a------- c:\windows\system32\PresentationHostProxy.dll
2009-04-04 13:34 15,400,960 a------- c:\windows\ocsetup_install_NetFx3.etl
2009-04-04 13:34 196,608 a------- c:\windows\ocsetup_cbs_install_NetFx3.perf
2009-04-04 13:34 65,536 a------- c:\windows\ocsetup_cbs_install_NetFx3.dpx
2009-04-04 13:29 96,760 a------- c:\windows\system32\dfshim.dll
2009-04-04 13:29 41,984 a------- c:\windows\system32\netfxperf.dll
2009-04-04 13:29 282,112 a------- c:\windows\system32\mscoree.dll
2009-04-04 13:29 158,720 a------- c:\windows\system32\mscorier.dll
2009-04-04 13:29 83,968 a------- c:\windows\system32\mscories.dll
2009-04-04 13:09 2,868,736 a------- c:\windows\system32\mf.dll
2009-04-04 13:09 98,816 a------- c:\windows\system32\mfps.dll
2009-04-04 13:09 53,248 a------- c:\windows\system32\rrinstaller.exe
2009-04-04 13:09 24,576 a------- c:\windows\system32\mfpmp.exe
2009-04-04 13:09 2,048 a------- c:\windows\system32\mferror.dll
2009-04-04 13:09 996,352 a------- c:\windows\system32\WMNetMgr.dll
2009-04-04 13:09 94,720 a------- c:\windows\system32\logagent.exe
2009-04-04 13:08 738,304 a------- c:\windows\system32\inetcomm.dll
2009-04-04 13:08 84,480 a------- c:\windows\system32\INETRES.dll
2009-04-04 13:07 1,314,816 a------- c:\windows\system32\quartz.dll
2009-04-04 13:07 2,033,152 a------- c:\windows\system32\win32k.sys
2009-04-04 13:06 1,334,272 a------- c:\windows\system32\msxml6.dll
2009-04-04 13:06 2,048 a------- c:\windows\system32\msxml6r.dll
2009-04-04 12:25 1,524,736 a------- c:\windows\system32\wucltux.dll
2009-04-04 12:24 83,456 a------- c:\windows\system32\wudriver.dll
2009-04-04 12:24 162,064 a------- c:\windows\system32\wuwebv.dll
2009-04-04 12:24 31,232 a------- c:\windows\system32\wuapp.exe
2009-04-03 15:14 --d----- c:\users\owner\appdata\roaming\Smith Micro
2009-04-03 14:58 77,824 a------- c:\windows\system32\ptdmwmcp.dll
2009-04-03 14:58 319,456 a------- c:\windows\system32\DIFxAPI.dll
2009-04-03 14:58 59,520 a------- c:\windows\system32\drivers\PTDMWWAN.sys
2009-04-03 14:58 39,936 a------- c:\windows\system32\drivers\PTDMVsp.sys
2009-04-03 14:58 41,856 a------- c:\windows\system32\drivers\PTDMMdm.sys
2009-04-03 14:58 29,952 a------- c:\windows\system32\drivers\PTDMBus.sys
2009-04-03 14:58 --d----- c:\program files\PANTECH
2009-04-03 14:58 401,462 a------- c:\windows\system32\temp.001
2009-04-03 14:58 278,581 a------- c:\windows\system32\temp.000
2009-04-03 14:58 --d----- c:\program files\Verizon Wireless
2009-04-03 14:54 --d----- c:\programdata\NVIDIA
2009-04-03 14:48 376 a------- c:\windows\ODBC.INI
2009-04-03 14:48 28,040 a------- c:\windows\system32\mdimon.dll
2009-04-03 14:45 --d----- c:\program files\common files\L&H
2009-04-03 14:45 --d----- c:\program files\Microsoft ActiveSync
2009-04-03 14:42 --d----- c:\windows\PCHEALTH
2009-04-03 14:31 --d----- C:\swsetup
2009-04-03 14:26 --d----- c:\windows\Panther
2009-04-03 14:26 8,192 a--s-r-- C:\BOOTSECT.BAK
2009-04-03 14:26 333,203 a--shr-- C:\bootmgr
2009-04-03 14:26 --dsh--- C:\Boot
2009-04-03 14:25 36 a---hr-- c:\windows\DELL_VERSION
2009-04-03 14:25 --d----- c:\windows\system32\OEM
2009-04-03 14:06 8 a--shr-- c:\windows\system32\Desktop_.ini
2009-04-03 14:06 743,424 a------- c:\windows\system32\drivers\athr.sys
2009-04-03 14:06 743,424 a------- c:\windows\system32\athr.sys
2009-04-03 14:06 92,917 a------- c:\windows\system32\netathr.inf
2009-04-03 14:06 30,696 a------- c:\windows\system32\athrext.cat
2009-04-03 14:06 24,576 a------- c:\windows\system32\PressCancel.exe
2009-04-03 14:03 --d----- c:\program files\Broadcom
2009-04-03 14:01 --d----- c:\windows\Options
2009-04-03 14:01 --d----- c:\program files\Atheros
2009-04-03 14:01 --d----- c:\programdata\Atheros
2009-04-03 14:01 --d----- c:\progra~2\Atheros
2009-04-03 13:28 3,636 a------- c:\windows\system32\drivers\nvphy.bin
2009-04-03 13:28 356,352 a------- c:\windows\system32\nvusmu.exe
2009-04-03 13:28 528 a------- c:\windows\system32\nvsmu.nvu
2009-04-03 13:27 356,352 a------- c:\windows\system32\nvusmb.exe
2009-04-03 13:27 1,864 a------- c:\windows\system32\nvsmb.nvu
2009-04-03 13:26 12,032 a------- c:\windows\system32\drivers\nvsmu.sys
2009-04-03 13:26 1,040,544 a------- c:\windows\system32\drivers\nvmfdx32.sys
2009-04-03 13:26 356,352 a------- c:\windows\system32\nvunrm.exe
2009-04-03 13:26 3,582 a------- c:\windows\system32\nvnrm.nvu
2009-04-03 13:26 203,264 a------- c:\windows\system32\fdco1ins.dll
2009-04-03 13:26 203,264 a------- c:\windows\system32\fdco1.dll
2009-04-03 13:26 35,328 a------- c:\windows\system32\nvconrm.dll
2009-04-03 13:23 1,073,152 a------- c:\windows\system32\nvcpluir.dll
2009-04-03 13:23 307,200 a------- c:\windows\system32\nvexpbar.dll
2009-04-03 13:23 753,664 a------- c:\windows\system32\nvcplui.exe
2009-04-03 13:23 413,696 a------- c:\windows\system32\nvcpl.cpl
2009-04-03 13:18 356,352 a------- c:\windows\system32\NVUNINST.EXE
2009-04-03 13:13 90,112 a------- c:\windows\system32\snymsico.dll
2009-04-03 13:13 42,496 a------- c:\windows\system32\drivers\rimsptsk.sys
2009-04-03 13:13 39,936 a------- c:\windows\system32\drivers\rimmptsk.sys
2009-04-03 13:13 37,376 a------- c:\windows\system32\drivers\rixdptsk.sys
2009-04-03 13:13 16,480 a------- c:\windows\system32\rixdicon.dll
2009-04-03 13:12 --d----- c:\programdata\Symantec
2009-04-03 13:12 --d----- c:\progra~2\Symantec
2009-04-03 13:11 --dsh--- c:\windows\Installer
2009-04-03 11:35 --d----- c:\users\Owner

==================== Find3M ====================

2009-04-22 05:05 174 a--sh--- c:\program files\desktop.ini
2009-04-22 05:01 86,016 a------- c:\windows\inf\infstrng.dat
2009-04-22 05:01 86,016 a------- c:\windows\inf\infstor.dat
2009-04-22 05:01 51,200 a------- c:\windows\inf\infpub.dat
2009-04-22 04:51 665,600 a------- c:\windows\inf\drvindex.dat
2009-04-22 04:33 101,888 a------- c:\windows\system32\ifxcardm.dll
2009-04-22 04:33 82,432 a------- c:\windows\system32\axaltocm.dll
2009-04-04 14:46 2,560 a------- c:\windows\apppatch\AcRes.dll
2009-04-04 14:46 2,154,496 a------- c:\windows\apppatch\AcGenral.dll
2009-04-04 14:46 541,696 a------- c:\windows\apppatch\AcLayers.dll
2009-04-04 14:46 460,288 a------- c:\windows\apppatch\AcSpecfc.dll
2009-04-04 14:46 173,056 a------- c:\windows\apppatch\AcXtrnal.dll
2009-04-04 14:46 52,736 a------- c:\windows\apppatch\iebrshim.dll
2009-04-04 14:14 9,892,864 a------- c:\windows\system32\NlsLexicons000a.dll
2009-04-03 13:17 2,519,040 a------- c:\windows\system32\nvwssr.dll
2009-03-16 23:38 40,960 a------- c:\windows\apppatch\apihex86.dll
2009-03-16 23:38 13,824 a------- c:\windows\system32\apilogen.dll
2009-03-16 23:38 24,064 a------- c:\windows\system32\amxread.dll
2009-03-03 00:46 3,599,328 a------- c:\windows\system32\ntkrnlpa.exe
2009-03-03 00:46 3,547,632 a------- c:\windows\system32\ntoskrnl.exe
2009-03-03 00:40 827,392 a------- c:\windows\system32\wininet.dll
2009-03-03 00:39 183,296 a------- c:\windows\system32\sdohlp.dll
2009-03-03 00:39 551,424 a------- c:\windows\system32\rpcss.dll
2009-03-03 00:39 26,112 a------- c:\windows\system32\printfilterpipelineprxy.dll
2009-03-03 00:37 78,336 a------- c:\windows\system32\ieencode.dll
2009-03-03 00:37 98,304 a------- c:\windows\system32\iasrecst.dll
2009-03-03 00:37 54,784 a------- c:\windows\system32\iasads.dll
2009-03-03 00:37 44,032 a------- c:\windows\system32\iasdatastore.dll
2009-03-02 23:04 666,624 a------- c:\windows\system32\printfilterpipelinesvc.exe
2009-03-02 22:38 17,408 a------- c:\windows\system32\iashost.exe
2009-03-02 22:28 26,624 a------- c:\windows\system32\ieUnatt.exe
2009-02-13 04:49 72,704 a------- c:\windows\system32\secur32.dll
2009-02-13 04:49 1,255,936 a------- c:\windows\system32\lsasrv.dll
2009-02-06 19:03 307,576 a------- c:\windows\WLXPGSS.SCR
2009-02-06 18:52 49,504 a------- c:\windows\system32\sirenacm.dll
2006-11-02 08:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 08:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 08:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 08:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 05:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 05:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 05:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 05:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat
2007-02-21 15:49 8,192 a--sh--- c:\windows\users\default\NTUSER.DAT

============= FINISH: 16:15:39.41 ===============

Uninstall_list.txt from HijackThis:

2 Bit HP CIO Components Installer
Adobe AIR
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Reader 9.1
Atheros for Acer Driver 5.3.0.56_Foxconn Installation Program
Atheros for Acer Driver v7.3.1.73_Foxconn Installation Program
Avira AntiVir Personal - Free Antivirus
Broadcom Wireless LAN Driver 4.100.15.7_Negative_Foxconn
Choice Guard
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Customer Participation Program 10.0
HP Deskjet F2200 All-In-One Driver Software 10.0 Rel .3
HP Imaging Device Functions 10.0
HP Photosmart Essential 2.5
HP Smart Web Printing
HP Solution Center 10.0
HP Update
Java(TM) 6 Update 13
Junk Mail filter update
Malwarebytes' Anti-Malware
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Office Live Add-in 1.3
Microsoft Office Outlook Connector
Microsoft Office Professional Edition 2003
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Mozilla Firefox (3.0.8)
MSVCRT
MSXML 4.0 SP2 (KB954430)
NVIDIA Drivers
PANTECH PC USB Modem Software
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Shop for HP Supplies
VZAccess Manager
Windows Driver Package - ENE (enecir) HIDClass (09/04/2008 2.6.0.0)
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Family Safety
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker Beta
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Toolbar
Windows Live Upload Tool
Windows Live Writer
Yahoo! Toolbar

Hello.
I don't think the freezing or rebooting is malware related.

Please download the OTMoveIt3 by OldTimer.

• Save it to your desktop.
  
• Please double-click OTMoveIt3.exe to run it.
  
• Copy the bolded text below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
  
  
  :files
  c:\users\owner\appdata\roaming\BitTorrent
  c:\users\owner\appdata\roaming\DNA
  c:\program files\DNA
  c:\program files\BitTorrent
  c:\program files\AskBarDis
  
  :reg
  [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "BitTorrent DNA"=-
  
  
  
• Return to OTMoveIt3, right click in the "Paste instructions for items to be Moved" window (under the light blue bar) and choose Paste.
  
• Click the red Moveit! button.
  
• Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  
• Close OTMoveIt3
  

If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

Please post the OTMoveIt log.

Here's the results from OTMoveIt3.

========== FILES ==========
c:\users\owner\appdata\roaming\BitTorrent moved successfully.
c:\users\owner\appdata\roaming\DNA moved successfully.
c:\program files\DNA\plugins moved successfully.
c:\program files\DNA moved successfully.
c:\program files\BitTorrent moved successfully.
c:\program files\AskBarDis\bar\Settings moved successfully.
c:\program files\AskBarDis\bar moved successfully.
c:\program files\AskBarDis moved successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\BitTorrent DNA deleted successfully.

OTMoveIt3 by OldTimer - Version 1.0.11.0 log created on 04222009_170140

If the problem isn't malware, then what else could it possibly be?

Not too sure, perhaps there isn't enough memory in the machine.
How much RAM has this machine got?

2 GB.

Hello. Lets free up some resources first and see if it makes any difference.

• Open HijackThis
  
• Choose "Do a system scan only"
  
• Check the boxes in front of these lines:
  
  
  O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
  O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
  O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
  O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
  O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
  
  
  
• Press "Fix Checked"
  
• Close Hijack This.
  

Reboot normally.
Try running a virus scan now in safe mode and let me know if there's any difference.

Ok, I got rid of those files with HJT. I'm going to reboot and try a full scan in safe mode, so I'll check back with you as soon as I'm done. Thanks...

I was able to run a full scan with Malwarebytes without the computer shutting down, but when I rebooted to regular mode it shut off a few seconds after the Acer screen popped up. However, I powered it up again afterwards and it didn't shut off.

This is the report from Malwarebytes:

Malwarebytes' Anti-Malware 1.36
Database version: 2024
Windows 6.0.6001 Service Pack 1

4/22/2009 7:20:21 PM
mbam-log-2009-04-22 (19-20-21).txt

Scan type: Full Scan (C:\|)
Objects scanned: 156951
Time elapsed: 29 minute(s), 30 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Well, the scan ran to completion after freeing up some resources, so hopefully it stays that way.

True, but I just ran Avira in safe mode and the machine shut down again. It took me three tries just to power it up completely.

Hmm. Sounds like something hardware related could be happening if it took over 3 times just to boot normally.

Moving this to software, lets see if Doc has any ideas.

Hello joeK64,

This could be due to overheating especially when it took you 3 tries to turn it on again.

I would like you to use the computer normally, and see if it shuts down automatically.

Another possibility would be a faulty PSU (Power Supply Unit)

Also, is there a particular percentage during the scan when your computer shuts down?

No, it happens during various stages of the scanning process.

For the most part, the computer doesn't shut down when I'm on the internet, but I've had problems before with this same issue. The first time this happened to me, it got so bad that it would shut off constantly within a few minutes whether the computer was hot or cold. I took it to a shop to be repaired and they did a clean install, but instead of using Vista proprietary to Acer(I have a Aspire 5520-5912 laptop) I believe they used a version meant for Dell computers. It also came preloaded and I am unable to get another copy of it from Acer on disk. In addition, I always used an additional computer fan to keep the CPU as cool as possible, and now my Outlook program doesn't work because I used Revo Uninstaller to delete Firefox. I really don't know what to do anymore...

One last thing that I forgot to mention - I ran a full scan with Avira in regular mode yesterday and the machine didn't shut off, but it did shut off when I ran Avira in safe mode.

If it happens during various stages then I don't think it has to do with malware. Only 4 possibilities I could think of:

1. Overheating
2. Faulty power supply unit (PSU)
3. Faulty motherboard
4. Corrupted Windows, but still, I have never heard of a corrupted Windows shutting down by itself.

This may not be the best solution, but I recommend performing a format of Windows, since there's nothing else to try.

I'm beginning to agree with you, and I'd like to do the reformat since it's the only option that I have. I ran the online scan from ESET yesterday and it showed no signs of any threats, and I ran Malwarebytes again in Safe Mode and it completed the full scan with no infections, but the computer did shut down one time when I rebooted to regular mode. The problem with the reformat is that I tried to contact Acer and they couldn't(or wouldn't) help me because my computer is out of warranty, and I really cannot afford to buy a copy of Vista to do a reformat or clean install at this time because I am unemployed at this time. If you know of any other options, it would be greatly appreciated. Thanks...

JoeK64 wrote:

I'm beginning to agree with you, and I'd like to do the reformat since it's the only option that I have. I ran the online scan from ESET yesterday and it showed no signs of any threats, and I ran Malwarebytes again in Safe Mode and it completed the full scan with no infections, but the computer did shut down one time when I rebooted to regular mode. The problem with the reformat is that I tried to contact Acer and they couldn't(or wouldn't) help me because my computer is out of warranty, and I really cannot afford to buy a copy of Vista to do a reformat or clean install at this time because I am unemployed at this time. If you know of any other options, it would be greatly appreciated. Thanks...

linux is freeware

Aurora Range:

Sounds interesting - I always wanted to learn Linux anyway. I'm downloading Kubuntu right now and burning it to CD to test drive it. I do have one concern though: I use Verizon wireless broadband for my internet connection, and I'm not sure if they make software that's compatible to Windows.

I'm sorry, I meant compatible with LINUX, not Windows. I've had enough problems with the latter OS to begin with...