Jump to content

Recommended Posts

Hi,

please help clear this infection!

thanks

it involves broswer hijacking and a very slow computer with around 100 processes running sometimes

dds.txt

###########################################################################

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 10.0.9200.16611 BrowserJavaVersion: 10.7.2

Run by gill at 17:10:08 on 2013-06-16

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.3037.1678 [GMT 1:00]

.

AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}

SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}

.

============== Running Processes ================

.

C:\windows\system32\wininit.exe

C:\windows\system32\lsm.exe

C:\windows\system32\nvvsvc.exe

C:\windows\system32\nvvsvc.exe

C:\windows\SYSTEM32\WISPTIS.EXE

C:\windows\System32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\windows\system32\taskhost.exe

C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe

C:\windows\SYSTEM32\WISPTIS.EXE

C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\windows\system32\Dwm.exe

C:\windows\Explorer.EXE

C:\windows\system32\taskeng.exe

C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe

C:\windows\system32\taskeng.exe

C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe

C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe

C:\Program Files\Samsung\EasyButtonManager\EasyButtonManager.exe

C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe

C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe

C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe

C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

C:\windows\system32\mfevtps.exe

C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe

C:\windows\system32\rundll32.exe

C:\windows\SYSTEM32\Rezip.exe

C:\Program Files\CyberLink\Shared files\RichVideo.exe

C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe

C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe

C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe

C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe

C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\McAfee.com\Agent\mcagent.exe

C:\Program Files\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Users\gill\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE

C:\Users\gill\AppData\Local\Google\Update\1.3.21.145\GoogleCrashHandler.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe

C:\Users\gill\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\windows\system32\SearchIndexer.exe

C:\windows\system32\DllHost.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe

C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Users\gill\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\gill\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\gill\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\gill\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files\McAfee Online Backup\MOBKbackup.exe

C:\Program Files\McAfee Online Backup\MOBKbackup.exe

C:\windows\system32\vssvc.exe

C:\Program Files\Common Files\Java\Java Update\jucheck.exe

C:\Users\gill\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files\Common Files\McAfee\Core\mchost.exe

C:\windows\System32\WUDFHost.exe

C:\Program Files\McAfee\VirusScan\mcods.exe

C:\windows\system32\taskeng.exe

C:\windows\system32\conhost.exe

C:\windows\system32\wbem\wmiprvse.exe

C:\windows\system32\svchost.exe -k DcomLaunch

C:\windows\system32\svchost.exe -k RPCSS

C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\windows\system32\svchost.exe -k LocalService

C:\windows\system32\svchost.exe -k netsvcs

C:\windows\system32\svchost.exe -k NetworkService

C:\windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\windows\system32\svchost.exe -k imgsvc

C:\windows\system32\svchost.exe -k bthsvcs

C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\windows\System32\svchost.exe -k LocalServicePeerNet

C:\windows\system32\svchost.exe -k SDRSVC

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://isearch.babylon.com/?affID=119370&babsrc=HP_ss_bayi&mntrId=96D8B482FEB5CD96

uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn

uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files\mcafee\siteadvisor\McIEPlg.dll

BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - c:\program files\mcafee security scan\3.0.318\McAfeeMSS_IE.dll

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} -

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll

BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\program files\mcafee\siteadvisor\McIEPlg.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll

TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files\mcafee\siteadvisor\McIEPlg.dll

TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

uRun: [Google Update] "c:\users\gill\appdata\local\google\update\GoogleUpdate.exe" /c

uRun: [spotify] "c:\users\gill\appdata\roaming\spotify\Spotify.exe" /uri spotify:autostart

uRun: [spotify Web Helper] "c:\users\gill\appdata\roaming\spotify\data\SpotifyWebHelper.exe"

uRun: [skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun

uRun: [OfficeSyncProcess] "c:\program files\microsoft office\office14\MSOSYNC.EXE"

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [spybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s

mRun: [updateLBPShortCut] "c:\program files\cyberlink\labelprint\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\labelprint" updatewithcreateonce "software\cyberlink\labelprint\2.5"

mRun: [CLMLServer] "c:\program files\cyberlink\power2go\CLMLSvc.exe"

mRun: [updateP2GoShortCut] "c:\program files\cyberlink\power2go\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\power2go" updatewithcreateonce "software\cyberlink\power2go\6.0"

mRun: [updatePDRShortCut] "c:\program files\cyberlink\powerdirector\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\powerdirector" updatewithcreateonce "software\cyberlink\powerdirector\7.0"

mRun: [RemoteControl8] "c:\program files\cyberlink\powerdvd8\PDVD8Serv.exe"

mRun: [PDVD8LanguageShortcut] "c:\program files\cyberlink\powerdvd8\language\Language.exe"

mRun: [updatePPShortCut] "c:\program files\cyberlink\powerproducer\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\powerproducer" updatewithcreateonce "software\cyberlink\powerproducer\5.0"

mRun: [updatePSTShortCut] "c:\program files\cyberlink\dvd suite\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\dvd suite" updatewithcreateonce "software\cyberlink\PowerStarter"

mRun: [uCam_Menu] "c:\program files\cyberlink\youcam\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\youcam" updatewithcreateonce "software\cyberlink\youcam\2.0"

mRun: [bCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices

mRun: [RIMBBLaunchAgent.exe] c:\program files\common files\research in motion\usb drivers\RIMBBLaunchAgent.exe

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [Conime] c:\windows\system32\conime.exe

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey

mRun: [EKStatusMonitor] c:\program files\kodak\aio\statusmonitor\EKStatusMonitor.exe

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

dRunOnce: [KodakHomeCenter] "c:\program files\kodak\aio\center\AiOHomeCenter.exe"

StartupFolder: c:\users\gill\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\gill\appdata\roaming\dropbox\bin\Dropbox.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\3.0.318\SSScheduler.exe

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105

IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm

IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm

DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} - hxxp://kitchenplanner.ikea.com/gb/Core/Player/2020PlayerAX_IKEA_Win32.cab

TCP: NameServer = 194.168.4.100 194.168.8.100

TCP: Interfaces\{1955EEBE-D9A3-4BE9-8B5E-733BA6907402} : DHCPNameServer = 194.168.4.100 194.168.8.100

TCP: Interfaces\{1955EEBE-D9A3-4BE9-8B5E-733BA6907402}\16277697C6C6E65647 : DHCPNameServer = 193.36.79.100 193.36.79.101

TCP: Interfaces\{1955EEBE-D9A3-4BE9-8B5E-733BA6907402}\E45445745414258383 : DHCPNameServer = 192.168.0.1

TCP: Interfaces\{EFA0729D-2EE6-4CC0-BE39-3BBB91CE7BBD} : DHCPNameServer = 192.168.0.1

Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files\mcafee\msc\McSnIePl.dll

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL

Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll

AppInit_DLLs= c:\progra~2\browse~1\261339~1.144\{c16c1~1\browse~1.dll

SSODL: WebCheck - <orphaned>

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL

.

============= SERVICES / DRIVERS ===============

.

R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2010-3-12 43944]

R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2010-8-23 29472]

R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2012-10-26 60920]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]

S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2010-8-23 54632]

S3 hidkmdf;Microsoft HID Class Shim for KMDF;c:\windows\system32\drivers\hidkmdf.sys [2009-12-23 10360]

S3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [2012-10-26 146872]

.

=============== Created Last 30 ================

.

2013-06-15 15:43:34 -------- d-----w- c:\programdata\Spybot - Search & Destroy

2013-06-15 15:43:34 -------- d-----w- c:\program files\Spybot - Search & Destroy

2013-06-14 09:27:29 -------- d-----w- c:\users\gill\appdata\roaming\Malwarebytes

2013-06-14 09:27:00 -------- d-----w- c:\programdata\Malwarebytes

2013-06-14 09:26:45 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-06-14 09:26:45 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2013-06-14 09:26:26 -------- d-----w- c:\users\gill\appdata\local\Programs

2013-06-13 10:27:04 2706432 ----a-w- c:\windows\system32\mshtml.tlb

2013-06-13 10:27:04 218112 ----a-w- c:\program files\internet explorer\sqmapi.dll

2013-06-12 20:52:36 1505280 ----a-w- c:\windows\system32\d3d11.dll

2013-06-12 20:52:28 24576 ----a-w- c:\windows\system32\cryptdlg.dll

2013-06-12 20:52:03 903168 ----a-w- c:\windows\system32\certutil.exe

2013-06-12 20:52:02 43008 ----a-w- c:\windows\system32\certenc.dll

2013-06-12 20:52:02 140288 ----a-w- c:\windows\system32\cryptsvc.dll

2013-06-12 20:52:02 1160192 ----a-w- c:\windows\system32\crypt32.dll

2013-06-12 20:52:02 103936 ----a-w- c:\windows\system32\cryptnet.dll

2013-06-12 20:16:22 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll

2013-06-12 18:53:55 3913576 ----a-w- c:\windows\system32\ntoskrnl.exe

2013-06-12 18:53:54 3968872 ----a-w- c:\windows\system32\ntkrnlpa.exe

2013-06-12 18:44:07 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys

2013-06-12 18:34:42 492544 ----a-w- c:\windows\system32\win32spl.dll

.

==================== Find3M ====================

.

2013-06-12 09:08:51 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-06-12 09:08:51 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-05-17 01:25:57 1767936 ----a-w- c:\windows\system32\wininet.dll

2013-05-17 01:25:27 2877440 ----a-w- c:\windows\system32\jscript9.dll

2013-05-17 01:25:26 61440 ----a-w- c:\windows\system32\iesetup.dll

2013-05-17 01:25:26 109056 ----a-w- c:\windows\system32\iesysprep.dll

2013-05-14 08:40:13 71680 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe

2013-04-13 04:45:16 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll

2013-04-13 04:45:15 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll

2013-04-12 13:45:29 1211752 ----a-w- c:\windows\system32\drivers\ntfs.sys

2013-04-10 05:18:40 728424 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys

2013-04-10 05:18:40 218984 ----a-w- c:\windows\system32\drivers\dxgmms1.sys

2013-04-10 03:14:06 2347520 ----a-w- c:\windows\system32\win32k.sys

2013-03-19 04:53:27 186368 ----a-w- c:\windows\system32\wwansvc.dll

2013-03-19 04:48:45 38912 ----a-w- c:\windows\system32\csrsrv.dll

2013-03-19 03:33:33 40960 ----a-w- c:\windows\system32\wwanprotdim.dll

2013-03-19 02:49:16 69632 ----a-w- c:\windows\system32\smss.exe

.

============= FINISH: 17:13:54.62 ===============

attach.txt

#######################################################################

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 03/08/2011 22:11:18

System Uptime: 16/06/2013 16:56:55 (1 hours ago)

.

Motherboard: SAMSUNG ELECTRONICS CO.,LTD | | Samsung DeskTop System

Processor: Intel® Core2 Duo CPU T6600 @ 2.20GHz | U2E1 | 2200/mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 225 GiB total, 153.895 GiB free.

D: is FIXED (NTFS) - 226 GiB total, 0.005 GiB free.

E: is CDROM ()

F: is Removable

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP905: 02/06/2013 21:26:15 - Windows Backup

RP906: 02/06/2013 23:51:09 - Windows Update

RP907: 04/06/2013 01:01:36 - Windows Update

RP908: 04/06/2013 15:15:29 - Windows Update

RP909: 05/06/2013 01:02:52 - Windows Update

RP910: 06/06/2013 03:01:37 - Windows Update

RP911: 06/06/2013 21:26:08 - Windows Update

RP912: 07/06/2013 03:00:36 - Windows Update

RP913: 07/06/2013 12:56:46 - Windows Update

RP914: 08/06/2013 21:21:16 - Windows Update

RP915: 10/06/2013 17:20:08 - Windows Backup

RP916: 10/06/2013 20:25:31 - Windows Update

RP917: 11/06/2013 10:12:04 - Windows Update

RP918: 11/06/2013 22:43:15 - Windows Update

RP919: 13/06/2013 02:06:44 - Windows Update

RP920: 13/06/2013 11:25:36 - Windows Update

RP921: 13/06/2013 22:34:19 - Windows Update

RP922: 15/06/2013 00:43:43 - Windows Update

RP923: 16/06/2013 09:38:51 - Windows Update

.

==== Installed Programs ======================

.

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader 9.5.3

aioscnnr

Alice Greenfingers

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Atheros Client Installation Program

BlackBerry Desktop Software 6.1

BlackBerry Device Manager 6.1

Bonjour

Business Contact Manager for Outlook 2007 SP2

C4USelfUpdater

center

ChargeableUSB

CyberLink DVD Suite

CyberLink LabelPrint

CyberLink Power2Go

CyberLink PowerDirector

CyberLink PowerDVD 8

CyberLink PowerProducer

CyberLink YouCam

Dairy Dash

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

Dropbox

Easy Button Manager

Easy SpeedUp Manager

essentials

Farm Frenzy 2

Game Pack

Go-Go Gourmet

Google Chrome

Google Toolbar for Internet Explorer

Google Update Helper

Intel® Matrix Storage Manager

iTunes

Java 7 Update 7

Java Auto Updater

JavaFX 2.1.1

Junk Mail filter update

Kalydo Player 4.06.04

Kodak AIO Printer

KODAK AiO Software

Malwarebytes Anti-Malware version 1.75.0.1300

Marvell Miniport Driver

McAfee Internet Security

McAfee Online Backup

McAfee Security Scan Plus

Microsoft .NET Framework 4 Client Profile

Microsoft Application Error Reporting

Microsoft Choice Guard

Microsoft Office 2003 Web Components

Microsoft Office 2007 Primary Interop Assemblies

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Groove MUI (English) 2010

Microsoft Office InfoPath MUI (English) 2010

Microsoft Office Live Add-in 1.3

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook Connector

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Professional Plus 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Small Business Connectivity Components

Microsoft Office Suite Activation Assistant

Microsoft Office Word MUI (English) 2010

Microsoft Silverlight

Microsoft SQL Server 2005

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)

Microsoft SQL Server Native Client

Microsoft SQL Server Setup Support Files (English)

Microsoft SQL Server VSS Writer

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

MSVCRT

NextWindow Drivers

Nostale

NVIDIA Drivers

ocr

Paint.NET v3.5.10

PDF Reader Packages

Play Touch

PreReq

PrintProjects

QuickTime

Realtek High Definition Audio Driver

REALTEK Wireless LAN Software

Samsung Recovery Solution 4

Samsung Support Center

Samsung Update Plus

SamsungMovie

SD226 Biological Psychology

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)

Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition

Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition

Security Update for Microsoft InfoPath 2010 (KB2687422) 32-Bit Edition

Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition

Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition

Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition

Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition

Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition

Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition

Shared C Run-time for x86

Skype Click to Call

Skype™ 6.3

Spotify

Spybot - Search & Destroy

Torch

Unity Web Player

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft Office 2010 (KB2494150)

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553092)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition

Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition

Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition

Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition

Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition

Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition

Update for PDF Reader

User Guide

WIDCOMM Bluetooth Software

Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405)

Windows Driver Package - Broadcom Bluetooth (09/11/2009 6.2.0.9407)

Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Family Safety

Windows Live Mail

Windows Live Messenger

Windows Live Movie Maker

Windows Live Photo Gallery

Windows Live Sign-in Assistant

Windows Live Sync

Windows Live Upload Tool

Windows Live Writer

.

==== Event Viewer Messages From Past Week ========

.

16/06/2013 16:59:15, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the SBSD Security Center Service service to connect.

16/06/2013 16:59:15, Error: Service Control Manager [7000] - The SBSD Security Center Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

16/06/2013 16:58:38, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

16/06/2013 09:45:08, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Office PowerPoint 2007 (KB2596764).

15/06/2013 18:10:15, Error: Service Control Manager [7000] - The BrowserProtect service failed to start due to the following error: The system cannot find the path specified.

15/06/2013 18:02:13, Error: Service Control Manager [7034] - The WajamUpdater service terminated unexpectedly. It has done this 1 time(s).

15/06/2013 18:02:00, Error: Service Control Manager [7034] - The BrowserProtect service terminated unexpectedly. It has done this 1 time(s).

11/06/2013 22:42:01, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service.

10/06/2013 20:14:33, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the defragsvc service.

.

==== End Of File ===========================

Attach.zip

Link to post
Share on other sites

Hi, deemyboy: :)

We can't review scan logs or work on malware diagnostics and removal in this sub-section of the forum.

So, for expert assistance, please follow the recommendations in this pinned topic: Available Assistance For Possibly Infected Computers.

A qualified helper will guide you through the cleanup process.

>>Since you've already run DDS, you just need to start a new topic in the malware removal section >>HERE<<, posting these same logs in that new topic. :)

Thanks,

daledoc1

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.