Spyware Warrior Spyware Warrior
Help with Spyware, Hijacking & Other Internet Nuisances
 
FAQ :: Search :: Memberlist :: Usergroups :: Register
Profile :: Log in to check your private messages :: Log in

Possible virus and very slow performance

 
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Spyware Warrior Forum Index -> Archived Spyware Removal Help Topics
View previous topic :: View next topic  
Author Message
Headbanger78
Newbie


Joined: 29 Oct 2011
Last Visit: 14 Mar 2012
Posts: 9

PostPosted: Mon Mar 12, 2012 8:10 am    Post subject: Possible virus and very slow performance Reply with quote

My wife might have downloaded something ugly to our laptop, the system is running unusually slow. I have seen some odd phishing sites come up as our internet home page also. Have run malware bytes and some other scans, but not sure I've gotten everything. My machine should contain no illegal or pirated software whatsoever.


DDS Log


.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_31
Run by Rob and Jenn Laptop at 12:04:00 on 2012-03-12
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4056.2075 [GMT -4:00]
.
AV: Norton 360 *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe
C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Norton 360\Engine\6.1.1.8\ccSvcHst.exe
C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
C:\Program Files (x86)\Intuit\QuickBooks 2011\QBW32.EXE
C:\Program Files (x86)\Norton 360\Engine\6.1.1.8\ccSvcHst.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\DllHost.exe
C:\PROGRA~2\Raptr\raptr.exe
C:\PROGRA~2\Raptr\raptr_im.exe
C:\Program Files (x86)\Raptr\raptr_ep64.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
C:\Windows\system32\msiexec.exe
C:\Users\Rob and Jenn Laptop\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Rob and Jenn Laptop\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Rob and Jenn Laptop\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Rob and Jenn Laptop\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Rob and Jenn Laptop\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Rob and Jenn Laptop\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Rob and Jenn Laptop\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Rob and Jenn Laptop\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Norton Identity Protection: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton 360\Engine\6.1.1.8\coIEPlg.dll
BHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton 360\Engine\6.1.1.8\IPS\IPSBHO.DLL
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton 360\Engine\6.1.1.8\coIEPlg.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
uRun: [Google Update] "C:\Users\Rob and Jenn Laptop\AppData\Local\Google\Update\GoogleUpdate.exe" /c
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} - hxxp://i.dell.com/images/global/js/scanner/SysProExe.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{D167C8E5-9FE8-4DA9-9E0F-EC2DBDAD54EB} : DhcpNameServer = 8.8.8.8 8.8.4.4 4.2.2.2
TCP: Interfaces\{FE058ECD-76D9-4F98-91AA-A0FBD02E255F} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{FE058ECD-76D9-4F98-91AA-A0FBD02E255F}\16474777966696 : DhcpNameServer = 10.131.106.129 64.134.255.2 64.134.255.10
TCP: Interfaces\{FE058ECD-76D9-4F98-91AA-A0FBD02E255F}\D4561646F677 : DhcpNameServer = 167.206.254.2 167.206.254.1 192.168.1.1
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll
Handler: intu-help-qb4 - {ACE22922-D07C-4860-B51B-8CF472FEC2CB} - C:\Program Files (x86)\Intuit\QuickBooks 2011\HelpAsyncPluggableProtocol.dll
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\System32\mscoree.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
mASetup: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\6.1.1.8\coIEPlg.dll
BHO-X64: Norton Identity Protection - No File
BHO-X64: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\6.1.1.8\IPS\IPSBHO.DLL
BHO-X64: Norton Vulnerability Protection - No File
BHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO-X64: Search Helper - No File
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\6.1.1.8\coIEPlg.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRunOnce-x64: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Rob and Jenn Laptop\AppData\Roaming\Mozilla\Firefox\Profiles\o2u7h9qg.default\
FF - prefs.js: browser.search.selectedEngine - Secure Search
FF - prefs.js: browser.startup.homepage - hxxp://dell.msn.com/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p=
FF - prefs.js: network.proxy.type - 0
FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn_2011_7_5_1\components\coFFPlgn.dll
FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPlgn\components\IPSFFPl.dll
FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Research In Motion Limited\BlackBerry App World Browser Plugin\npappworld.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Rob and Jenn Laptop\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
.
============= SERVICES / DRIVERS ===============
.
R0 Lbd;Lbd;C:\Windows\system32\DRIVERS\Lbd.sys --> C:\Windows\system32\DRIVERS\Lbd.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\N360x64\0601010.008\SYMDS64.SYS --> C:\Windows\system32\drivers\N360x64\0601010.008\SYMDS64.SYS [?]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\N360x64\0601010.008\SYMEFA64.SYS --> C:\Windows\system32\drivers\N360x64\0601010.008\SYMEFA64.SYS [?]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\BASHDefs\20120302.001\BHDrvx64.sys [2012-3-2 1157240]
R1 ccSet_N360;Norton 360 Settings Manager;C:\Windows\system32\drivers\N360x64\0601010.008\ccSetx64.sys --> C:\Windows\system32\drivers\N360x64\0601010.008\ccSetx64.sys [?]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\IPSDefs\20120309.002\IDSviA64.sys [2012-3-9 488568]
R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\N360x64\0601010.008\Ironx64.SYS --> C:\Windows\system32\drivers\N360x64\0601010.008\Ironx64.SYS [?]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\system32\Drivers\N360x64\0601010.008\SYMNETS.SYS --> C:\Windows\system32\Drivers\N360x64\0601010.008\SYMNETS.SYS [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe [2010-9-25 89600]
R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648]
R2 FlipShareServer;FlipShare Server;C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe [2011-5-6 1085440]
R2 IHA_MessageCenter;IHA_MessageCenter;C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [2011-7-1 290832]
R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\6.1.1.8\ccsvchst.exe [2012-3-9 138232]
R2 QBVSS;QBIDPService;C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [2010-9-17 1251840]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2010-11-5 1692480]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-2-15 138360]
R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\Dell Support Center\pcdsrvc_x64.pkms [2012-2-1 25072]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
S2 0169141302695984mcinstcleanup;McAfee Application Installer Cleanup (0169141302695984);C:\Windows\TEMP\016914~1.EXE C:\PROGRA~2\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service --> C:\Windows\TEMP\016914~1.EXE C:\PROGRA~2\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-11-10 136176]
S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-13 1492840]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-11-10 136176]
S3 Leapfrog-USBLAN;Leapfrog-USBLAN;C:\Windows\system32\DRIVERS\btblan.sys --> C:\Windows\system32\DRIVERS\btblan.sys [?]
S3 SIUSBXP;SIUSBXP;C:\Windows\system32\drivers\SiUSBXp.sys --> C:\Windows\system32\drivers\SiUSBXp.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-03-12 15:45:59 59904 ----a-w- C:\Windows\SysWow64\zlib1.dll
2012-03-11 13:51:51 127232 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\TBDA2.tmp
2012-03-11 13:11:46 -------- d-----w- C:\Windows\en
2012-03-11 13:06:36 18328 ----a-w- C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-03-11 13:02:41 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\3dd9ba9f1ccff8719\MeshBetaRemover.exe
2012-03-09 11:22:11 405624 ----a-r- C:\Windows\System32\drivers\N360x64\0601010.008\symnets.sys
2012-03-09 11:22:11 1092728 ----a-r- C:\Windows\System32\drivers\N360x64\0601010.008\symefa64.sys
2012-03-09 11:22:10 738936 ----a-r- C:\Windows\System32\drivers\N360x64\0601010.008\srtsp64.sys
2012-03-09 11:22:10 451192 ----a-r- C:\Windows\System32\drivers\N360x64\0601010.008\symds64.sys
2012-03-09 11:22:10 37496 ----a-r- C:\Windows\System32\drivers\N360x64\0601010.008\srtspx64.sys
2012-03-09 11:22:10 190072 ----a-r- C:\Windows\System32\drivers\N360x64\0601010.008\ironx64.sys
2012-03-09 11:22:10 167048 ----a-r- C:\Windows\System32\drivers\N360x64\0601010.008\ccsetx64.sys
2012-03-09 11:21:55 -------- d-----w- C:\Windows\System32\drivers\N360x64\0601010.008
2012-02-18 22:26:20 -------- d-----w- C:\Users\Rob and Jenn Laptop\AppData\Local\{C4EB696E-E089-42B0-A683-39307FD5E979}
2012-02-18 22:25:47 -------- d-----w- C:\Users\Rob and Jenn Laptop\AppData\Local\{62086673-78DE-4A8E-B2A3-288A8E0A0085}
2012-02-18 20:22:10 -------- d-----w- C:\Users\Rob and Jenn Laptop\AppData\Local\Turbine
2012-02-18 20:19:27 1974616 ----a-w- C:\Windows\SysWow64\D3DCompiler_42.dll
2012-02-18 20:19:26 1892184 ----a-w- C:\Windows\SysWow64\D3DX9_42.dll
2012-02-18 20:19:24 3495784 ----a-w- C:\Windows\SysWow64\d3dx9_33.dll
2012-02-18 20:18:18 -------- d-----w- C:\Users\Rob and Jenn Laptop\AppData\Local\ApplicationHistory
2012-02-18 20:16:20 -------- d-----w- C:\Windows\SysWow64\URTTEMP
2012-02-18 19:50:00 -------- d-----w- C:\Program Files (x86)\Turbine
2012-02-18 13:13:55 -------- d-----w- C:\Users\Rob and Jenn Laptop\AppData\Local\PMB Files
2012-02-18 13:13:51 -------- d-----w- C:\ProgramData\PMB Files
2012-02-18 13:13:41 -------- d-----w- C:\Program Files (x86)\Pando Networks
2012-02-16 00:41:15 509952 ----a-w- C:\Windows\System32\ntshrui.dll
2012-02-16 00:41:15 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll
2012-02-16 00:41:13 515584 ----a-w- C:\Windows\System32\timedate.cpl
2012-02-16 00:41:13 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl
2012-02-16 00:41:11 3145728 ----a-w- C:\Windows\System32\win32k.sys
2012-02-16 00:41:10 498688 ----a-w- C:\Windows\System32\drivers\afd.sys
2012-02-16 00:41:01 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll
2012-02-16 00:41:01 634880 ----a-w- C:\Windows\System32\msvcrt.dll
.
==================== Find3M ====================
.
2012-03-09 11:22:18 175736 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2012-02-27 11:33:22 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-02-16 11:22:35 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-12-16 08:47:38 1188864 ----a-w- C:\Windows\System32\wininet.dll
2011-12-16 07:54:22 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-12-16 06:44:38 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2011-12-16 06:09:17 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
.
============= FINISH: 12:04:56.48 ===============


Attach Log


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 11/10/2010 5:15:43 PM
System Uptime: 3/11/2012 9:16:55 AM (27 hours ago)
.
Motherboard: Dell Inc. | | 0G848F
Processor: Pentium(R) Dual-Core CPU T4500 @ 2.30GHz | Microprocessor | 2300/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 451 GiB total, 349.958 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP143: 2/16/2012 3:01:35 AM - Windows Update
RP144: 2/18/2012 3:18:23 PM - Installed DirectX
RP145: 2/27/2012 6:31:02 AM - Installed Java(TM) 6 Update 31
RP146: 3/11/2012 8:51:31 AM - Removed Microsoft Office Home and Business 2010
RP147: 3/11/2012 9:00:40 AM - CheckIfInstallerIsBusy
RP148: 3/11/2012 9:02:40 AM - Windows Live Essentials
RP149: 3/11/2012 9:03:34 AM - Installed DirectX
RP150: 3/11/2012 9:04:27 AM - Installed DirectX
RP151: 3/11/2012 9:06:19 AM - WLSetup
RP152: 3/11/2012 9:44:02 AM - Installed Microsoft Office Home and Business 2010 Trial
RP153: 3/12/2012 11:47:56 AM - DLL-Files.com Fixer Mon, Mar 12, 12 11:47
RP154: 3/12/2012 11:54:44 AM - Removed OpenOffice.org 3.3
.
==== Installed Programs ======================
.
3ivx MPEG-4 5.0.3 (remove only)
AbiWord 2.8.6
Adobe AIR
Adobe Flash Player 10 Plugin
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.2)
Adobe Shockwave Player 11.5
BlackBerry App World Browser Plugin
BlackBerry Desktop Software 6.1
Consumer In-Home Service Agreement
Cozi
Curse Client
D3DX10
Dell DataSafe Local Backup
Dell DataSafe Local Backup - Support Software
Dell Dock
Dell Driver Download Manager
Dell Getting Started Guide
Dell Wireless 1515 Driver Installation
EverQuest II
EverQuest II Extended
FlipShare
Google Chrome
Google Earth Plug-in
Google Toolbar for Internet Explorer
Google Update Helper
GoToAssist 8.0.0.514
IDT Audio
IHA_MessageCenter
Java Auto Updater
Java(TM) 6 Update 31
Junk Mail filter update
LeapFrog Connect
LeapFrog Leapster Explorer Plugin
LeapFrog MyOwnLeaptop Plugin
Malwarebytes' Anti-Malware version 1.51.2.1300
Marvell Miniport Driver
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 1.1
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Mozilla Firefox (3.6.23)
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MSXML 4.0 SP3 Parser (KB973685)
MyTomTom 3.0.2.286
Norton 360
Pando Media Booster
QuickBooks
QuickBooks Premier: Accountant Edition 2011
Raptr
Realtek USB 2.0 Card Reader
Redist
Roxio Burn
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
System Requirements Lab for Intel
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Use the entry named LeapFrog Connect to uninstall (LeapFrog Leapster Explorer Plugin)
Use the entry named LeapFrog Connect to uninstall (LeapFrog MyOwnLeaptop Plugin)
Verizon Media Manager
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
Visual Studio C++ 9.0 Runtime
Vz In Home Agent
WildTangent Games
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Player Firefox Plugin
WinRAR 4.01 (32-bit)
World of Warcraft
WriteWay
.
==== Event Viewer Messages From Past Week ========
.
3/7/2012 10:13:55 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer JENIFER-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{FE058ECD-76D9-4F98-91AA-A0FBD02E255F}. The master browser is stopping or an election is being forced.
3/10/2012 8:51:59 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.
.
==== End Of File ===========================
Back to top
View user's profile Send private message
Cypher
Moderator


Joined: 05 Jul 2009
Last Visit: 24 Jul 2014
Posts: 4571
Location: Land Of The Leprechauns

PostPosted: Tue Mar 13, 2012 3:01 am    Post subject: Reply with quote

Duplicate post therefore closed.
http://spywarewarrior.com/viewtopic.php?t=34368
_________________
Admin/Teacher at Malware Removal University
Member of...

Back to top
View user's profile Send private message
Display posts from previous:   
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Spyware Warrior Forum Index -> Archived Spyware Removal Help Topics All times are GMT - 8 Hours
Page 1 of 1

 
Jump to:  
You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



smartBlue Style © 2002 Smartor
Powered by phpBB © 2001, 2002 phpBB Group