Jump to content

busybeaver

Members
  • Posts

    1
  • Joined

  • Last visited

Everything posted by busybeaver

  1. Trying to work on cleaning up a friends PC. MB scans but crashes after about the same time. I've ran DSS and am attaching the files. Any help in getting this corrected would be greatly appreciated. thanks in advance. . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 9.0.8112.16421 Run by Mike at 8:12:08 on 2011-11-01 Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.766.127 [GMT -4:00] . AV: Norton 360 *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskeng.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\AERTSrv.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\system32\spool\DRIVERS\W32X86\3\lxduserv.exe C:\Windows\system32\lxducoms.exe C:\Program Files\Norton 360\Engine\5.1.0.29\ccSvcHst.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe C:\Program Files\Dell Support Center\bin\sprtsvc.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\DRIVERS\xaudio.exe C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe C:\Program Files\Norton 360\Engine\5.1.0.29\ccSvcHst.exe C:\Windows\system32\DllHost.exe C:\Windows\RtHDVCpl.exe C:\Windows\WindowsMobile\wmdc.exe C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Dell Support Center\bin\sprtcmd.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Lexmark 5600-6600 Series\lxdumon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Lexmark 5600-6600 Series\lxduMsdMon.exe C:\Windows\system32\svchost.exe -k WindowsMobile C:\Users\Mike\AppData\Local\Google\Update\1.3.21.79\GoogleCrashHandler.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\servicing\TrustedInstaller.exe C:\Windows\system32\msiexec.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.aol.com/ uWindow Title = Internet Explorer provided by Dell mDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=1071205 uURLSearchHooks: H - No File BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton 360\engine\5.1.0.29\coIEPlg.dll BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton 360\engine\5.1.0.29\ips\IPSBHO.DLL BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0\bin\ssv.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\dell\bae\BAE.dll BHO: Lexmark Printable Web: {d2c5e510-be6d-42cc-9f61-e4f939078474} - c:\program files\lexmark printable web\bho.dll TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton 360\engine\5.1.0.29\coIEPlg.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll TB: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No File TB: {37153479-1976-43C3-A1EE-557513977B64} - No File uRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" uRun: [Google Update] "c:\users\mike\appdata\local\google\update\GoogleUpdate.exe" /c mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide mRun: [ECenter] c:\dell\e-center\EULALauncher.exe mRun: [RtHDVCpl] RtHDVCpl.exe mRun: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start mRun: [<NO NAME>] mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe" mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe" mRun: [iSUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe mRun: [lxdumon.exe] "c:\program files\lexmark 5600-6600 series\lxdumon.exe" mRun: [lxduamon] "c:\program files\lexmark 5600-6600 series\lxduamon.exe" mRun: [Lexmark 5600-6600 Series Fax Server] "c:\program files\lexmark 5600-6600 series\fm3032.exe" /s mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html IE: {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\programs\partygaming\partypoker\RunApp.exe IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0\bin\npjpi160.dll IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: DhcpNameServer = 68.237.161.12 71.250.0.12 192.168.1.3 TCP: Interfaces\{275D516B-0BBA-408E-B130-71116C693E08} : DhcpNameServer = 68.237.161.12 71.250.0.12 192.168.1.3 AppInit_DLLs: c:\progra~1\google\google~2\GOEC62~1.DLL Hosts: 127.0.0.1 www.spywareinfo.com . ============= SERVICES / DRIVERS =============== . R0 amacpi;Microsoft Away Mode System;c:\windows\system32\drivers\null.sys [2010-8-15 4608] R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\0501000.01d\SymDS.sys [2011-8-4 340088] R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\0501000.01d\SymEFA.sys [2011-8-4 744568] R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.1.0.29\definitions\bashdefs\20111014.001\BHDrvx86.sys [2011-10-14 818808] R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.1.0.29\definitions\ipsdefs\20111028.030\IDSvix86.sys [2011-10-31 368248] R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\0501000.01d\Ironx86.sys [2011-8-4 136312] R1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\system32\drivers\n360\0501000.01d\symtdiv.sys [2011-8-4 331384] R2 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSrv.exe [2007-12-5 77824] R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2010-8-15 21504] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2011-8-4 105592] R4 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2011-10-31 41272] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-8-7 135664] S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2007-12-5 30192] S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-8-7 135664] . =============== Created Last 30 ================ . 2011-11-01 11:58:54 -------- d-----w- c:\programdata\PC Drivers HeadQuarters 2011-11-01 11:12:28 22216 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-11-01 11:12:28 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-11-01 02:50:38 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-11-01 02:50:13 -------- d-----w- c:\users\mike\appdata\roaming\Malwarebytes 2011-11-01 02:50:04 -------- d-----w- c:\programdata\Malwarebytes 2011-11-01 02:47:13 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-10-31 21:43:40 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2011-10-31 21:43:40 -------- d-----w- c:\program files\Spybot - Search & Destroy 2011-10-31 21:20:13 876032 ----a-w- c:\windows\system32\XpsPrint.dll 2011-10-31 19:22:16 -------- d-----w- c:\program files\Windows Portable Devices 2011-10-31 19:13:35 92672 ----a-w- c:\windows\system32\UIAnimation.dll 2011-10-31 19:13:34 3023360 ----a-w- c:\windows\system32\UIRibbon.dll 2011-10-31 19:13:34 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll 2011-10-31 19:10:31 369664 ----a-w- c:\windows\system32\WMPhoto.dll 2011-10-31 19:10:28 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll 2011-10-31 19:10:28 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll 2011-10-31 19:10:28 252928 ----a-w- c:\windows\system32\dxdiag.exe 2011-10-31 19:10:28 195584 ----a-w- c:\windows\system32\dxdiagn.dll 2011-10-31 19:10:28 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll 2011-10-31 19:10:27 519680 ----a-w- c:\windows\system32\d3d11.dll 2011-10-31 18:34:39 683008 ----a-w- c:\windows\system32\d2d1.dll 2011-10-31 18:33:58 98816 ----a-w- c:\windows\system32\mfps.dll 2011-10-31 18:33:58 258048 ----a-w- c:\windows\system32\winspool.drv 2011-10-31 18:33:57 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll 2011-10-31 18:33:11 563712 ----a-w- c:\windows\system32\oleaut32.dll 2011-10-31 18:33:11 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll 2011-10-31 18:33:11 4096 ----a-w- c:\windows\system32\oleaccrc.dll 2011-10-31 18:33:11 238080 ----a-w- c:\windows\system32\oleacc.dll 2011-10-31 18:32:21 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat 2011-10-31 18:32:19 6144 ----a-w- c:\program files\internet explorer\iecompat.dll 2011-10-31 18:32:07 3602832 ----a-w- c:\windows\system32\ntkrnlpa.exe 2011-10-31 18:32:06 3550096 ----a-w- c:\windows\system32\ntoskrnl.exe 2011-10-31 18:32:03 375808 ----a-w- c:\windows\system32\winsrv.dll 2011-10-31 18:32:01 905104 ----a-w- c:\windows\system32\drivers\tcpip.sys 2011-10-31 18:31:53 2048 ----a-w- c:\windows\system32\tzres.dll 2011-10-31 18:31:33 2043392 ----a-w- c:\windows\system32\win32k.sys 2011-10-31 18:31:30 293376 ----a-w- c:\windows\system32\psisdecd.dll 2011-10-31 18:31:29 69632 ----a-w- c:\windows\system32\Mpeg2Data.ax 2011-10-31 18:31:29 57856 ----a-w- c:\windows\system32\MSDvbNP.ax 2011-10-31 18:31:29 217088 ----a-w- c:\windows\system32\psisrndr.ax 2011-10-31 18:06:01 231424 ----a-w- c:\windows\system32\msshsq.dll 2011-10-31 16:39:02 -------- d-----w- c:\windows\system32\eu-ES 2011-10-31 16:39:02 -------- d-----w- c:\windows\system32\ca-ES 2011-10-31 16:38:45 -------- d-----w- c:\windows\system32\vi-VN . ==================== Find3M ==================== . 2011-08-17 10:55:14 1947194 ----a-w- c:\programdata\SPL7E34.tmp 2011-08-17 02:46:43 1947194 ----a-w- c:\programdata\SPLDDBA.tmp 2011-08-05 01:46:36 126584 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS . ============= FINISH: 8:14:34.22 =============== DDS11_1_11.txt Attach11_1_11.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.