ArtemisTwo Posted October 14, 2013 ID:741629 Share Posted October 14, 2013 Today, a strange icon has appeared on the toolbar at the bottom of my screen and I don't know what it is or how to get rid of it. I fear it may indicate some kind of infection, so I'm posting an image here to see if anyone recognizes it and can tell me what it augers! It's the little black and white icon between the Firefox and the McAfee icons bottom right. Although it has an X in the upper right corner, clicking it does nothing. I can close the browser and it will go away for a while, but soon returns. Any ideas? Thanks in advance. Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted October 14, 2013 Root Admin ID:741646 Share Posted October 14, 2013 Not sure what that is. Please run the following scanner and send back the logs and we'll see if we can find out what it is.Make sure you disable your antivirus when running the scanner and then turn it back on once completed.Download DDS from one of the locations below and save to your Desktopdds.scrdds.comTemporarily disable any script blocker if your Anti-Virus/Anti-Malware has it.How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware ProgramsOnce downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.Then double click dds.scr or dds.com to run the tool.Click the Run button if prompted with an Open File - Security Warning dialog box.A black DOS console should open and run for a moment.When done, DDS will open two (2) logs:DDS.txtAttach.txtSave both reports to your desktopPlease include the following logs in your next reply as an attachment: DDS.txt and Attach.txtYou can ignore the note about zipping the Attach.txt file and just post it or attach it. Link to post Share on other sites More sharing options...
ArtemisTwo Posted October 14, 2013 Author ID:741648 Share Posted October 14, 2013 DDS.txt says: DDS (Ver_2012-11-20.01) - NTFS_AMD64Internet Explorer: 10.0.9200.16720Run by Diana Britt at 22:09:18 on 2013-10-13Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5943.3207 [GMT -7:00].AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}FW: McAfee Firewall *Disabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k GPSvcGroupC:\Program Files\Dell\DellDock\DockLogin.exeC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exeC:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exeC:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exeC:\Windows\SysWOW64\PSIService.exeC:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exeC:\Windows\system32\rundll32.exeC:\Windows\system32\rundll32.exeC:\Windows\SysWOW64\rundll32.exeC:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exeC:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXEC:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXEC:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Windows\system32\SearchIndexer.exeC:\Program Files\Common Files\McAfee\SystemCore\mcshield.exeC:\Program Files\Common Files\McAfee\SystemCore\mfefire.exeC:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exeC:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXEC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\System32\WUDFHost.exeC:\Windows\system32\taskhost.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXEC:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exeC:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXEC:\Program Files\Realtek\Audio\HDA\RAVCpl64.exeC:\Windows\System32\hkcmd.exeC:\Windows\System32\igfxpers.exeC:\Program Files (x86)\Rainlendar2\Rainlendar2.exeC:\Program Files (x86)\SocialSafe\SocialSafe files\native-helpers\SocialSafe.Helper.exeC:\Program Files (x86)\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exeC:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exeC:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exeC:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exeC:\Program Files (x86)\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exeC:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exeC:\Program Files (x86)\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exeC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exeC:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exeC:\Windows\system32\svchost.exe -k SDRSVCC:\Program Files\mcafee.com\agent\mcagent.exeC:\Program Files\mcafee\VirusScan\mcods.exeC:\Program Files\Common Files\McAfee\Core\mchost.exeC:\Windows\servicing\TrustedInstaller.exeC:\Windows\system32\taskhost.exeC:\Program Files (x86)\Real\RealPlayer\update\realsched.exeC:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Mozilla Firefox\plugin-container.exec:\PROGRA~2\mcafee\SITEAD~1\saui.exeC:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exeC:\Windows\system32\SearchProtocolHost.exeC:\Windows\system32\SearchFilterHost.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dllmWinlogon: Userinit = userinit.exe,BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dllBHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dllBHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dllBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllBHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\mcafee\SystemCore\ScriptSn.20120704182748.dllBHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dllBHO: AcroIEToolbarHelper Class: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dllBHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dllBHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllTB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dllTB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dllTB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dllTB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -EB: Adobe PDF: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - C:\Program Files (x86)\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dlluRun: [Rainlendar2] C:\Program Files (x86)\Rainlendar2\Rainlendar2.exeuRun: [socialSafe.Helper] C:\Program Files (x86)\SocialSafe\SocialSafe files\native-helpers\SocialSafe.Helper.exe "C:\Users\Diana Britt\AppData\Roaming/com.1minus1.socialsafe.D675411CF670AA3EFAC13BDD847989BEDE2115E2.1/Local Store/native-helpers/tasks.json"mRun: [shwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exemRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkeymRun: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exemRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resumemRun: [AdobeVersionCue] C:\Program Files (x86)\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exemRun: [intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe startupmRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottimemRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osbootmRunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ACROBA~1.LNK - C:\Program Files (x86)\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\PHOTOF~1.LNK - C:\Program Files (x86)\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\QUICKB~1.LNK - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exeuPolicies-Explorer: NoDriveTypeAutoRun = dword:145mPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dllIE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-001025-0002-0025-ABCDEFFEDCBC} - <orphaned>IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllTrusted Zone: internetTrusted Zone: mcafee.comTrusted Zone: mcafee.comTCP: NameServer = 71.9.127.107 68.190.192.35 24.205.224.36TCP: Interfaces\{E1F1FF5A-D694-470B-99C9-BF343E77CE8D} : DHCPNameServer = 71.9.127.107 68.190.192.35 24.205.224.36Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dllHandler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dllHandler: intu-help-qb2 - {84D77A00-41B5-4b8b-8ADF-86486D72E749} - C:\Program Files (x86)\Intuit\QuickBooks 2009\HelpAsyncPluggableProtocol.dllHandler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} -Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dllHandler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dllHandler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllSSODL: WebCheck - <orphaned>x64-BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\mcafee\SystemCore\ScriptSn.20120704182747.dllx64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllx64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dllx64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} -x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dllx64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -sx64-Run: [igfxTray] C:\Windows\System32\igfxtray.exex64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exex64-Run: [Persistence] C:\Windows\System32\igfxpers.exex64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dllx64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dllx64-Handler: intu-help-qb2 - {84D77A00-41B5-4b8b-8ADF-86486D72E749} - <orphaned>x64-Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - <orphaned>x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dllx64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\615\G2AWinLogon_x64.dllx64-Notify: GoToAssist Express Customer - C:\Program Files (x86)\Citrix\GoToAssist Remote Support Customer\461\g2ax_winlogonx64.dllx64-Notify: igfxcui - igfxdev.dllx64-SSODL: WebCheck - <orphaned>.================= FIREFOX ===================.FF - ProfilePath - C:\Users\Diana Britt\AppData\Roaming\Mozilla\Firefox\Profiles\nceht235.default\FF - plugin: c:\PROGRA~2\mcafee\msc\npMcSnFFPl.dllFF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLLFF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dllFF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dllFF - plugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMSS.dllFF - plugin: C:\Program Files (x86)\McAfee\SiteAdvisor\NPMcFFPlg32.dllFF - plugin: C:\Program Files (x86)\McAfee\Supportability\MVT\NPMVTPlugin.dllFF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dllFF - plugin: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dllFF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dllFF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dllFF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dllFF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dllFF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dllFF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dllFF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dllFF - plugin: C:\Windows\SysWOW64\npdeployJava1.dllFF - plugin: C:\Windows\SysWOW64\npmproxy.dllFF - ExtSQL: 2013-10-05 19:24; {DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}; C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext.============= SERVICES / DRIVERS ===============.R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2010-1-5 771536]R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2010-1-5 340216]R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-4-26 55952]R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648]R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-11-12 201304]R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-11-12 201304]R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-11-12 201304]R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-11-12 201304]R2 McShield;McAfee McShield;C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe [2010-12-9 241456]R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2010-12-9 218760]R2 mfevtp;McAfee Validation Trust Protection Service;C:\Program Files\Common Files\mcafee\systemcore\mfevtps.exe [2010-12-9 182752]R2 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-25 2823000]R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-8-14 39056]R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2010-12-9 1692480]R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2010-1-5 70112]R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-12-9 56344]R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-1-20 244736]R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2010-12-9 321064]R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2010-1-5 309840]R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2010-1-5 515968]R3 mferkdet;McAfee Inc. mferkdet;C:\Windows\System32\drivers\mferkdet.sys [2010-1-5 106552]R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-6-7 160944]S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-2-28 183560]S3 GoToAssist Remote Support Customer;GoToAssist Remote Support Customer;C:\Program Files (x86)\Citrix\GoToAssist Remote Support Customer\461\g2ax_service.exe [2012-12-14 610960]S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\drivers\HipShieldK.sys [2012-10-3 196440]S3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-12-9 158976]S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-2-5 235216]S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-8-16 19456]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-8-16 57856]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-12-24 1255736]S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]S4 McOobeSv;McAfee OOBE Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-11-12 201304]S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184].=============== Created Last 30 ================.2013-10-09 16:38:58 124112 ----a-w- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll2013-10-09 16:38:58 102608 ----a-w- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll2013-10-09 16:38:57 983488 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys2013-10-09 16:38:54 461312 ----a-w- C:\Windows\System32\scavengeui.dll2013-10-09 16:38:50 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys2013-10-09 16:38:50 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys2013-10-09 16:38:50 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys2013-10-09 16:38:50 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys2013-10-09 16:38:49 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys2013-10-09 16:38:49 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys2013-10-09 16:38:49 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys2013-10-06 02:26:45 -------- d-----w- C:\Users\Diana Britt\AppData\Roaming\RealNetworks2013-10-06 02:24:59 -------- d-----w- C:\Program Files (x86)\RealNetworks2013-10-06 02:24:58 -------- d-----w- C:\ProgramData\RealNetworks2013-10-06 02:24:24 -------- d-----w- C:\Program Files (x86)\Common Files\xing shared2013-10-01 01:01:47 262552 ----a-w- C:\Program Files (x86)\Mozilla Firefox\updated\browser\components\browsercomps.dll2013-10-01 01:01:46 74136 ----a-w- C:\Program Files (x86)\Mozilla Firefox\updated\breakpadinjector.dll2013-10-01 01:01:46 19352 ----a-w- C:\Program Files (x86)\Mozilla Firefox\updated\AccessibleMarshal.dll.==================== Find3M ====================.2013-10-13 06:35:22 952 --sha-w- C:\Windows\SysWow64\KGyGaAvL.sys2013-10-09 20:14:25 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2013-10-09 20:14:25 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2013-10-06 02:23:44 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll2013-10-06 02:23:44 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll2013-09-22 23:28:06 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll2013-09-22 23:27:49 2876928 ----a-w- C:\Windows\SysWow64\jscript9.dll2013-09-22 23:27:48 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll2013-09-22 23:27:48 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll2013-09-22 22:55:10 2241024 ----a-w- C:\Windows\System32\wininet.dll2013-09-22 22:54:51 3959296 ----a-w- C:\Windows\System32\jscript9.dll2013-09-22 22:54:50 67072 ----a-w- C:\Windows\System32\iesetup.dll2013-09-22 22:54:50 136704 ----a-w- C:\Windows\System32\iesysprep.dll2013-09-21 03:38:39 2706432 ----a-w- C:\Windows\System32\mshtml.tlb2013-09-21 03:30:24 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb2013-09-21 02:48:36 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe2013-09-21 02:39:47 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe2013-09-14 01:10:19 497152 ----a-w- C:\Windows\System32\drivers\afd.sys2013-09-08 02:30:37 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys2013-09-08 02:27:14 327168 ----a-w- C:\Windows\System32\mswsock.dll2013-09-08 02:03:58 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll2013-08-29 02:17:48 5549504 ----a-w- C:\Windows\System32\ntoskrnl.exe2013-08-29 02:16:35 1732032 ----a-w- C:\Windows\System32\ntdll.dll2013-08-29 02:16:28 243712 ----a-w- C:\Windows\System32\wow64.dll2013-08-29 02:16:14 859648 ----a-w- C:\Windows\System32\tdh.dll2013-08-29 02:13:28 878080 ----a-w- C:\Windows\System32\advapi32.dll2013-08-29 01:51:45 3969472 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe2013-08-29 01:51:45 3914176 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe2013-08-29 01:50:31 5120 ----a-w- C:\Windows\SysWow64\wow32.dll2013-08-29 01:50:30 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll2013-08-29 01:50:16 619520 ----a-w- C:\Windows\SysWow64\tdh.dll2013-08-29 01:48:17 640512 ----a-w- C:\Windows\SysWow64\advapi32.dll2013-08-29 01:48:15 44032 ----a-w- C:\Windows\apppatch\acwow64.dll2013-08-29 00:49:53 25600 ----a-w- C:\Windows\SysWow64\setup16.exe2013-08-29 00:49:52 7680 ----a-w- C:\Windows\SysWow64\instnm.exe2013-08-29 00:49:52 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll2013-08-29 00:49:49 2048 ----a-w- C:\Windows\SysWow64\user.exe2013-08-28 01:21:06 3155968 ----a-w- C:\Windows\System32\win32k.sys2013-08-05 02:25:45 155584 ----a-w- C:\Windows\System32\drivers\ataport.sys2013-08-02 02:14:57 215040 ----a-w- C:\Windows\System32\winsrv.dll2013-08-02 02:13:34 424448 ----a-w- C:\Windows\System32\KernelBase.dll2013-08-02 01:50:42 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll2013-08-02 01:09:17 338432 ----a-w- C:\Windows\System32\conhost.exe2013-08-02 00:59:09 112640 ----a-w- C:\Windows\System32\smss.exe2013-08-02 00:43:05 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll2013-08-02 00:43:05 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll2013-08-02 00:43:05 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll2013-08-02 00:43:05 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll2013-08-01 01:08:26 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll2013-08-01 01:08:25 867240 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll2013-08-01 01:08:25 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll2013-07-25 09:25:54 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL2013-07-25 08:57:27 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL2013-07-19 01:58:42 2048 ----a-w- C:\Windows\System32\tzres.dll2013-07-19 01:41:01 2048 ----a-w- C:\Windows\SysWow64\tzres.dll.============= FINISH: 22:11:03.08 =============== Link to post Share on other sites More sharing options...
ArtemisTwo Posted October 14, 2013 Author ID:741649 Share Posted October 14, 2013 Attach.txt says: .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 Home PremiumBoot Device: \Device\HarddiskVolume2Install Date: 12/22/2010 6:45:14 PMSystem Uptime: 10/12/2013 5:49:08 AM (41 hours ago).Motherboard: Dell Inc. | | 0C2KJTProcessor: Intel® Core i5 CPU 650 @ 3.20GHz | CPU 1 | 1184/133mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 919 GiB total, 816.732 GiB free.D: is CDROM ()E: is RemovableF: is RemovableG: is RemovableH: is Removable.==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP229: 9/25/2013 6:49:51 PM - Scheduled CheckpointRP230: 10/3/2013 4:28:45 PM - Scheduled CheckpointRP231: 10/9/2013 10:43:00 AM - Windows Update.==== Installed Programs ======================.Adobe Acrobat - Reader 6.0.2 UpdateAdobe Acrobat 6.0.1 ProfessionalAdobe Acrobat and Reader 6.0.3 UpdateAdobe Acrobat and Reader 6.0.4 UpdateAdobe Acrobat and Reader 6.0.5 UpdateAdobe Acrobat and Reader 6.0.6 UpdateAdobe AIRAdobe Creative SuiteAdobe Flash Player 11 ActiveXAdobe Flash Player 11 PluginAdobe Reader XI (11.0.03)Adobe SVG Viewer 3.0Bing BarBing Rewards Client InstallerCCleanerConsumer In-Home Service AgreementD3DX10Dell DataSafe Local BackupDell DataSafe Local Backup - Support SoftwareDell DataSafe OnlineDell DockDell Edoc ViewerDell Getting Started GuideEPSON ScanGoToAssist CorporateGoToAssist Customer 1.6.0.461Intel® Graphics Media Accelerator DriverInternet ExplorerJava 7 Update 25Jewelry Designer Manager DeluxeJunk Mail filter updateMalwarebytes Anti-Malware version 1.75.0.1300McAfee Security Scan PlusMcAfee SecurityCenterMcAfee Virtual TechnicianMesh RuntimeMessenger CompanionMicrosoft .NET Framework 4 Client ProfileMicrosoft Application Error ReportingMicrosoft Default ManagerMicrosoft Office 2010Microsoft Office Access 2003 RuntimeMicrosoft Office Click-to-Run 2010Microsoft Office Starter 2010 - EnglishMicrosoft PowerPoint ViewerMicrosoft SilverlightMicrosoft SQL Server 2005 Compact Edition [ENU]Microsoft SQL Server Compact 3.5 SP2 ENUMicrosoft SQL Server Compact 3.5 SP2 x64 ENUMicrosoft Sync Framework 2.0 Core Components (x86) ENUMicrosoft Sync Framework 2.0 Provider Services (x86) ENUMicrosoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2008 Redistributable - x86 9.0.30729Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319Mozilla Firefox 24.0 (x86 en-US)Mozilla Maintenance ServiceMozilla Thunderbird 24.0.1 (x86 en-US)MSVCRTMSVCRT_amd64MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)MSXML 4.0 SP2 Parser and SDKMultimedia Card ReaderMy DellPHOTOfunSTUDIO 9.2 AEQBFC3.0bQuickBooksQuickBooks Pro 2009QuickTimeRainlendar2 (remove only)RealDownloaderRealNetworks - Microsoft Visual C++ 2008 RuntimeRealNetworks - Microsoft Visual C++ 2010 RuntimeRealPlayerRealtek High Definition Audio DriverRealUpgrade 1.1Roxio BurnSecurity Update for Microsoft .NET Framework 4 Client Profile (KB2160841)Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)Shared C Run-time for x64Skype Click to CallSkype™ 5.10SocialSafeSupportSoft Assisted ServiceSyncToy 2.1 (x86)Update for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2473228)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft .NET Framework 4 Client Profile (KB2836939)Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)Windows Live Communications PlatformWindows Live EssentialsWindows Live ID Sign-in AssistantWindows Live InstallerWindows Live Language SelectorWindows Live MailWindows Live MeshWindows Live Mesh ActiveX Control for Remote ConnectionsWindows Live MessengerWindows Live Messenger Companion CoreWindows Live MIME IFilterWindows Live Movie MakerWindows Live Photo CommonWindows Live Photo GalleryWindows Live PIMT PlatformWindows Live Remote ClientWindows Live Remote Client ResourcesWindows Live Remote ServiceWindows Live Remote Service ResourcesWindows Live SOXEWindows Live SOXE DefinitionsWindows Live UX PlatformWindows Live UX Platform Language PackWindows Live WriterWindows Live Writer ResourcesWindows Media Player Firefox PluginWordPerfect Office X3 - Home Edition Software BundleWordPerfect Office X3 - Home Edition Task ManagerWordPerfect® Office X3 - Home Edition.==== Event Viewer Messages From Past Week ========.10/6/2013 5:11:13 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.10/13/2013 2:07:25 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service..==== End Of File =========================== Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted October 14, 2013 Root Admin ID:741684 Share Posted October 14, 2013 Don't see anything that seems too odd. If you hover your mouse over it does it say anything? What if you right click over it is there any options or menu shown? Is the computer behaving oddly aside from this icon? Link to post Share on other sites More sharing options...
CWB Posted October 14, 2013 ID:741691 Share Posted October 14, 2013 just to throw this in ...i have seen the icon in conjunction with those bogus "broken flash player" or "update your player" ... and other similar wordings . Link to post Share on other sites More sharing options...
ArtemisTwo Posted October 14, 2013 Author ID:741808 Share Posted October 14, 2013 Hovering over the icon doesn't reveal anything, and left-clicking over it yields the same menu you would get regarding the various toolbars you have available,so essentially it's just as if the icon weren't really there at all. The only odd behavior I've noticed since this began appearing is that sometimes the browser will stall momentarily and eventually a pop-up window will appear with a message that some script has stopped running and would I like to wait for it or cancel. I cancel and things go back to operating normally. If the icon appears in conjunction with bogus updates, wouldn't that seem to indicate that there's something resident on the computer that shouldn't be there? And thanks to both of you for your interest and willingness to help me with this baffling thing! Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted October 14, 2013 Root Admin ID:741822 Share Posted October 14, 2013 Well I would suggest then that you open a new topic and have someone look for any possible infection just to make sure the computer is safe. I would suggest following the advice from the topic here Available Assistance for Possibly Infected Computers and having one of the Experts assist you with looking into your issue.Thanks Link to post Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now