Jump to content

johnnyvan

Members
  • Posts

    1
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Hello, I thought I was rid of a bug that hid my programs and redirected searches. But Now I'm getting redirects again and an unknown internet radio source. Attached are the requested DDS logs. thanks, John . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_22 Run by John at 5:31:58 on 2011-11-10 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3765.1317 [GMT -8:00] . AV: Sunbelt VIPRE *Enabled/Updated* {BE5DD172-7F42-7948-1A60-E6A720288F81} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Sunbelt VIPRE *Enabled/Updated* {053C3096-5978-76C6-20D0-DDD55BAFC53C} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted c:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\Dell\DellDock\DockLogin.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\Bonjour\mDNSResponder.exe c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe C:\Windows\system32\spool\DRIVERS\x64\3\lxebserv.exe C:\Windows\system32\lxebcoms.exe C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe c:\Program Files\Microsoft SQL Server\MSSQL10.ADCENTERDESKTOP\MSSQL\Binn\sqlservr.exe C:\Windows\system32\DRIVERS\o2flash.exe C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe C:\Program Files (x86)\Sunbelt Software\VIPRE\SBAMSvc.exe C:\Program Files (x86)\Sunbelt Software\VIPRE\SBPIMSvc.exe C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\IDT\WDM\sttray64.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebmon.exe C:\Program Files (x86)\Lexmark Pro200-S500 Series\ezprint.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files (x86)\Invention Pilot\Speed Typing\STyping.exe C:\Program Files (x86)\TechSmith\Jing\Jing.exe C:\Program Files (x86)\TimeLeft3\TimeLeft.exe C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Sunbelt Software\VIPRE\SBAMTray.exe C:\Program Files (x86)\Memeo\Memeo Send\MemeoSend.exe C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoDashboard.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\iPod\bin\iPodService.exe C:\Program Files (x86)\Memeo\AutoBackup\InstantBackup.exe C:\Program Files (x86)\Memeo\AutoBackup\MemeoUpdater.exe C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe C:\Windows\system32\wuauclt.exe C:\Program Files (x86)\Microsoft\BingBar\BingBar.exe C:\Program Files (x86)\Microsoft\BingBar\BingApp.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Windows\system32\taskhost.exe C:\Users\John\Desktop\Legal\AutoWebLaw\awlSP4.exe C:\Program Files (x86)\Stephen Hawkins\SEOLinkRobotPro\fastindexer.exe C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 12\firefox.exe C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 12\plugin-container.exe C:\Windows\system32\REGSVR32.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://google.com/ uInternet Settings,ProxyServer = 171.66.3.181:3128 uInternet Settings,ProxyOverride = <local>;*.local BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: FAIESSOHelper Class: {a2f122da-055f-4df7-8f24-7354dbdba85b} - c:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File uRun: [speed Typing] "C:\Program Files (x86)\Invention Pilot\Speed Typing\STyping.exe" uRun: [Jing] C:\Program Files (x86)\TechSmith\Jing\Jing.exe mRun: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m mRun: [FATrayAlert] c:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe mRun: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 mRun: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" mRun: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe mRun: [Memeo Instant Backup] C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe --silent --no_ui mRun: [Memeo AutoSync] C:\Program Files (x86)\Memeo\AutoSync\MemeoLauncher2.exe --silent mRun: [Memeo Send] C:\Program Files (x86)\Memeo\Memeo Send\MemeoLauncher.exe --silent mRun: [seagate Dashboard] C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui mRun: [iolo Startup] "C:\Program Files (x86)\iolo\Common\Lib\ioloLManager.exe" mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [sBAMTray] "C:\Program Files (x86)\Sunbelt Software\VIPRE\SBAMTray.exe" mRun: [FAStartup] mRunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent StartupFolder: C:\Users\John\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe StartupFolder: C:\Users\John\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\TimeLeft.lnk - C:\Program Files (x86)\TimeLeft3\TimeLeft.exe StartupFolder: C:\Users\John\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\_uninst_.lnk - C:\Users\John\AppData\Local\Temp\_uninst_.bat mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 IE: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab TCP: DhcpNameServer = 192.168.0.1 TCP: Interfaces\{825E93D2-38BE-4C33-BDC1-753D8A9F7F60} : DhcpNameServer = 192.168.0.1 TCP: Interfaces\{825E93D2-38BE-4C33-BDC1-753D8A9F7F60}\5534448435D27455543545 : DhcpNameServer = 68.87.76.182 68.87.78.134 8.8.8.8 TCP: Interfaces\{825E93D2-38BE-4C33-BDC1-753D8A9F7F60}\564646F6E6E616 : DhcpNameServer = 192.168.1.2 68.94.156.1 68.94.157.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll Notify: FastAccess - c:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: FAIESSOHelper Class: {A2F122DA-055F-4df7-8F24-7354DBDBA85B} - c:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll BHO-X64: FAIESSO Helper Object - No File BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO-X64: SkypeIEPluginBHO - No File BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL BHO-X64: URLRedirectionBHO - No File BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File mRun-x64: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m mRun-x64: [FATrayAlert] c:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe mRun-x64: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 mRun-x64: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" mRun-x64: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe mRun-x64: [Memeo Instant Backup] C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe --silent --no_ui mRun-x64: [Memeo AutoSync] C:\Program Files (x86)\Memeo\AutoSync\MemeoLauncher2.exe --silent mRun-x64: [Memeo Send] C:\Program Files (x86)\Memeo\Memeo Send\MemeoLauncher.exe --silent mRun-x64: [seagate Dashboard] C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui mRun-x64: [iolo Startup] "C:\Program Files (x86)\iolo\Common\Lib\ioloLManager.exe" mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun-x64: [sBAMTray] "C:\Program Files (x86)\Sunbelt Software\VIPRE\SBAMTray.exe" mRun-x64: [FAStartup] mRunOnce-x64: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\1lze15yw.default\ FF - prefs.js: keyword.URL - hxxp://www.google.com/search?sourceid=navclient&hl=en&q= FF - prefs.js: network.proxy.http - 211.222.202.109 FF - prefs.js: network.proxy.http_port - 80 FF - prefs.js: network.proxy.ssl - 72.44.82.146 FF - prefs.js: network.proxy.ssl_port - 3128 FF - prefs.js: network.proxy.type - 0 FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\John\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll . ============= SERVICES / DRIVERS =============== . R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?] R1 ElRawDisk;ElRawDisk;\??\C:\Windows\system32\drivers\ElRawDsk.sys --> C:\Windows\system32\drivers\ElRawDsk.sys [?] R1 SBRE;SBRE;C:\Windows\System32\drivers\SBREDrv.sys [2011-8-29 101720] R1 SbTis;SbTis;C:\Windows\system32\drivers\sbtis.sys --> C:\Windows\system32\drivers\sbtis.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe [2010-4-30 89600] R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648] R2 FAService;FAService;C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe [2010-2-22 2409800] R2 ioloSystemService;iolo System Service;C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [2011-8-25 722616] R2 lxeb_device;lxeb_device;C:\Windows\system32\lxebcoms.exe -service --> C:\Windows\system32\lxebcoms.exe -service [?] R2 lxebCATSCustConnectService;lxebCATSCustConnectService;C:\Windows\System32\spool\DRIVERS\x64\3\lxebserv.exe [2011-5-9 45736] R2 MemeoBackgroundService;MemeoBackgroundService;C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [2011-1-24 25824] R2 MSSQL$ADCENTERDESKTOP;SQL Server (ADCENTERDESKTOP);C:\Program Files\Microsoft SQL Server\MSSQL10.ADCENTERDESKTOP\MSSQL\Binn\sqlservr.exe [2009-3-30 57617752] R2 SBAMSvc;VIPRE Antivirus;C:\Program Files (x86)\Sunbelt Software\VIPRE\SBAMSvc.exe [2011-9-6 2804280] R2 sbapifs;sbapifs;C:\Windows\system32\DRIVERS\sbapifs.sys --> C:\Windows\system32\DRIVERS\sbapifs.sys [?] R2 SBPIMSvc;SB Recovery Service;C:\Program Files (x86)\Sunbelt Software\VIPRE\SBPIMSvc.exe [2011-9-6 181584] R2 SeagateDashboardService;Seagate Dashboard Service;C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe [2011-6-1 14088] R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2010-6-20 1692480] R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?] R3 Acceler;Accelerometer Service;C:\Windows\system32\DRIVERS\Acceler.sys --> C:\Windows\system32\DRIVERS\Acceler.sys [?] R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?] R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?] R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?] R3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?] R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?] R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETw5s64.sys --> C:\Windows\system32\DRIVERS\NETw5s64.sys [?] R3 O2MDGRDR;O2MDGRDR;C:\Windows\system32\DRIVERS\o2mdgx64.sys --> C:\Windows\system32\DRIVERS\o2mdgx64.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-15 183560] S3 FACAP;facap, FastAccess Video Capture;C:\Windows\system32\DRIVERS\facap.sys --> C:\Windows\system32\DRIVERS\facap.sys [?] S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2009-9-21 315664] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-2 126352] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-3-30 61976] S4 RsFx0103;RsFx0103 Driver;C:\Windows\system32\DRIVERS\RsFx0103.sys --> C:\Windows\system32\DRIVERS\RsFx0103.sys [?] S4 SQLAgent$ADCENTERDESKTOP;SQL Server Agent (ADCENTERDESKTOP);C:\Program Files\Microsoft SQL Server\MSSQL10.ADCENTERDESKTOP\MSSQL\Binn\SQLAGENT.EXE [2009-3-30 427880] . =============== File Associations =============== . JSEFile=NOTEPAD.EXE %1 . =============== Created Last 30 ================ . 2011-11-10 13:10:32 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys 2011-11-10 01:29:35 -------- d-----w- C:\Users\John\AppData\Roaming\YourLocalShorcut 2011-11-10 01:29:30 -------- d-----w- C:\Program Files (x86)\ Your Local Shortcut 2011-11-09 17:51:58 -------- d-sh--w- C:\$RECYCLE.BIN 2011-11-09 15:38:13 98816 ----a-w- C:\Windows\sed.exe 2011-11-09 15:38:13 518144 ----a-w- C:\Windows\SWREG.exe 2011-11-09 15:38:13 256000 ----a-w- C:\Windows\PEV.exe 2011-11-09 15:38:13 208896 ----a-w- C:\Windows\MBR.exe 2011-11-09 15:37:03 -------- d-----w- C:\ComboFix 2011-11-09 04:23:51 -------- d-----w- C:\ProgramData\Kaspersky Lab 2011-11-04 20:46:04 -------- d-----w- C:\Program Files (x86)\Market Samurai 2011-10-28 04:38:08 982912 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2011-10-28 04:38:08 265088 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys 2011-10-28 04:38:08 144384 ----a-w- C:\Windows\System32\cdd.dll 2011-10-25 18:38:07 -------- d-----w- C:\Program Files (x86)\KeywordBlueprint2 2011-10-24 02:23:53 -------- d-----w- C:\Program Files (x86)\Aruhat Technologies Pvt. Ltd 2011-10-22 01:05:11 737072 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll 2011-10-22 01:04:48 4283672 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll 2011-10-22 01:04:19 42776 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll 2011-10-21 19:34:27 -------- d-----w- C:\Users\John\AppData\Local\{2865715D-57F6-4183-B334-D5D5F0DCC203} 2011-10-21 19:34:15 -------- d-----w- C:\Users\John\AppData\Local\{B9AAC002-5CE9-4226-81BA-E62FCBA3D5E3} 2011-10-19 16:50:17 -------- d-----w- C:\Users\John\AppData\Roaming\CommissionBlueprint.KeywordBlueprint2.E611A7DFA7A14643DD636F3114ECD771F85A61E0.1 2011-10-14 14:40:33 -------- d-----w- C:\Users\John\AppData\Local\{62C2AE11-9588-4AB3-9A6F-FE6F66095388} 2011-10-14 13:23:24 -------- d-----w- C:\Users\John\AppData\Local\{2D588960-01EB-4D40-8DA7-035C971A51E6} 2011-10-14 13:22:08 -------- d-----w- C:\Users\John\AppData\Local\{B53D1843-D3DF-45B0-852A-EDC4214FF009} 2011-10-14 13:21:56 -------- d-----w- C:\Users\John\AppData\Local\{4C6DD6EB-B4AB-4F69-902F-F716F600B91B} 2011-10-14 07:09:56 -------- d-----w- C:\Users\John\AppData\Local\{4DB9D253-8ED7-4FE4-A69B-7DC00E3B8DAE} 2011-10-12 05:57:20 3134976 ----a-w- C:\Windows\System32\win32k.sys 2011-10-12 00:38:33 737072 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll 2011-10-12 00:38:18 4283672 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll 2011-10-12 00:37:53 42776 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll 2011-10-12 00:37:50 539968 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2011-10-12 00:37:12 -------- d-----w- C:\Users\John\AppData\Local\PowerDVD DX . ==================== Find3M ==================== . 2011-10-28 04:18:49 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2011-09-06 19:30:48 45904 ----a-w- C:\Windows\SysWow64\sbbd.exe 2011-09-06 19:30:48 45904 ----a-w- C:\Windows\System32\sbbd.exe 2011-08-30 00:36:34 71256 ----a-w- C:\Windows\System32\drivers\sbapifs.sys 2011-08-30 00:36:34 55384 ----a-w- C:\Windows\System32\drivers\sbredrv.sys 2011-08-30 00:36:34 101720 ----a-w- C:\Windows\SysWow64\drivers\SBREDrv.sys 2011-08-27 05:40:28 861184 ----a-w- C:\Windows\System32\oleaut32.dll 2011-08-27 05:40:28 331776 ----a-w- C:\Windows\System32\oleacc.dll 2011-08-27 04:43:07 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll 2011-08-27 04:43:06 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll 2011-08-17 05:32:24 613888 ----a-w- C:\Windows\System32\psisdecd.dll 2011-08-17 05:27:46 75776 ----a-w- C:\Windows\System32\MSDvbNP.ax 2011-08-17 05:27:46 288256 ----a-w- C:\Windows\System32\MSNP.ax 2011-08-17 05:27:46 108032 ----a-w- C:\Windows\System32\psisrndr.ax 2011-08-17 05:27:46 104960 ----a-w- C:\Windows\System32\Mpeg2Data.ax 2011-08-17 04:26:02 465408 ----a-w- C:\Windows\SysWow64\psisdecd.dll 2011-08-17 04:22:23 75776 ----a-w- C:\Windows\SysWow64\psisrndr.ax 2011-08-17 04:22:23 72704 ----a-w- C:\Windows\SysWow64\Mpeg2Data.ax 2011-08-17 04:22:23 59904 ----a-w- C:\Windows\SysWow64\MSDvbNP.ax 2011-08-17 04:22:23 204288 ----a-w- C:\Windows\SysWow64\MSNP.ax . ============= FINISH: 5:40:24.28 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 6/30/2010 10:10:58 AM System Uptime: 11/9/2011 4:31:55 PM (13 hours ago) . Motherboard: Dell Inc. | | 029DYC Processor: Intel® Core i3 CPU M 350 @ 2.27GHz | U2E1 | 929/1333mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 283 GiB total, 219.745 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f} Description: facap, FastAccess Video Capture Device ID: ROOT\IMAGE\0000 Manufacturer: Sensible Vision Name: facap, FastAccess Video Capture PNP Device ID: ROOT\IMAGE\0000 Service: FACAP . ==== System Restore Points =================== . RP132: 11/7/2011 3:54:38 PM - Scheduled Checkpoint RP133: 11/9/2011 7:38:50 AM - ComboFix created restore point . ==== Installed Programs ====================== . 7-Zip 4.65 aaa ABBYY FineReader 6.0 Sprint Adobe AIR Adobe Reader 9.2 Adobe Shockwave Player 11.5 Advanced Audio FX Engine Apple Application Support Apple Software Update Auto Traffic Xploit Keyword Tool Automotix (remove only) Bing Bar CherryPicker CoffeeCup Free HTML Editor Compatibility Pack for the 2007 Office system Content Notifier Core FTP LE D3DX10 Definition update for Microsoft Office 2010 (KB982726) 32-Bit Edition Dell DataSafe Local Backup Dell DataSafe Local Backup - Support Software Dell DataSafe Online Dell Dock Dell Getting Started Guide Dell Support Center (Support Software) Dell Webcam Central DHTML Editing Component Directory Submitter 1.0.29 Domain Name Dominator Domain Samurai Elite Proxy Switcher 1.10 Facebook iframe Made EZ Fast Content Producer Fences FileZilla Client 3.5.2 Google Chrome Google Instant Scraper version 1.2 Google Maps Scraper - Demo GoToAssist 8.0.0.514 GoToMeeting 5.0.0.799 Hot Item Finder HTML Executable Instant Blog Feeder Demo v2.01 InstantBannerPRO v2.01 Intel® Graphics Media Accelerator Driver iolo technologies' System Mechanic Java Auto Updater Java 6 Update 22 Jing Junk Mail filter update Kcast for Windows 7 Keyword Blueprint 2 Keyword Swarm Live! Cam Avatar Creator LoJack Factory Installer Malwarebytes' Anti-Malware version 1.51.2.1300 Market Samurai MassArticleCreator MassArticleSubmitter Memeo AutoSync Memeo Instant Backup Memeo Send Memeo Share Micro Niche Finder 5.0 Microsoft adCenter Desktop Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2007 Microsoft Office Excel MUI (English) 2010 Microsoft Office Home and Student 2010 Microsoft Office OneNote MUI (English) 2007 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Office Proof (English) 2007 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2007 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing (English) 2010 Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Single Image 2010 Microsoft Office Suite Activation Assistant Microsoft Office Word MUI (English) 2007 Microsoft Office Word MUI (English) 2010 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server 2008 Browser Microsoft SQL Server Compact 3.5 SP2 ENU Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable - KB2467175 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft Works Mozilla Firefox 8.0 (x86 en-US) MPT Domain Tool 1.0 MPT Keyword Tool 1.0 MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) OpenOffice.org 3.3 PowerDVD DX PromoSoft 1.81 Proxy Scraper QuickTime Roxio Burn Seagate Dashboard Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Extended (KB2416472) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft Excel 2010 (KB2553070) Security Update for Microsoft Office 2010 (KB2289078) Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2584066) Security Update for Microsoft PowerPoint 2010 (KB2519975) Security Update for Microsoft Publisher 2010 (KB2409055) Security Update for Microsoft SharePoint Workspace 2010 (KB2566445) Security Update for Microsoft Word 2010 (KB2345000) SEO Link Robot SEO SpyGlass SEO TrackBacks Suite Setup1 Sick Submitter Skype Click to Call Skype™ 5.5 SocialBot Speed Typing Spelling Dictionaries Support For Adobe Reader 9 Spin Writer Pro version 1.6 Submitter TextPad 5 TheBestSpinner TimeLeft Traffic Equalizer Ultimate Diamond Backlinks Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2010 (KB2202188) Update for Microsoft Office 2010 (KB2413186) Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2523113) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) Update for Microsoft OneNote 2010 (KB2493983) Update for Microsoft Outlook Social Connector (KB2583935) VIPRE Antivirus Viral Article Publisher Web CEO 8.1 WEB20Bot Website Indexer WildTangent Games Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Wondershare PPT2Video Pro 6.1.10 Word Wizard Xara Xtreme 5 Xara Xtreme Pro 5 XHeader XMind Your Local Shortcut . ==== Event Viewer Messages From Past Week ======== . 11/9/2011 8:25:46 AM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. 11/9/2011 8:20:56 AM, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. 11/9/2011 6:12:42 PM, Error: Service Control Manager [7023] - The Background Intelligent Transfer Service service terminated with the following error: Access is denied. 11/8/2011 9:53:51 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 11/8/2011 9:53:47 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 11/8/2011 9:53:41 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache ElRawDisk spldr Wanarpv6 11/8/2011 9:53:41 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 11/8/2011 9:53:41 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 11/8/2011 9:53:40 PM, Error: Service Control Manager [7022] - The iolo System Service service hung on starting. 11/8/2011 9:52:24 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\IWMSSvc.dll Error Code: 21 11/8/2011 10:20:27 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service VSS with arguments "" in order to run the server: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623} 11/8/2011 10:20:26 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334} 11/8/2011 10:04:32 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service BITS with arguments "" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097} 11/6/2011 6:30:46 PM, Error: Service Control Manager [7011] - A timeout (120000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service. 11/6/2011 2:20:03 PM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit. 11/10/2011 4:54:46 AM, Error: BTHUSB [17] - The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded. 11/10/2011 4:54:34 AM, Error: Service Control Manager [7011] - A timeout (120000 milliseconds) was reached while waiting for a transaction response from the SftService service. . ==== End Of File =========================== DDS.txt Attach.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.