If a site won't allow the browser to close, does that mean there's a virus now on the computer

[smistr]

The pop-up was blocked, but I could still hear the audio from it. Another pop-up came when I tried to close the browser.

I clicked on the "x", and tried again, but same thing. I had to log off. Anti-virus or malwarebytes quick scan didn't detect anything, but I'm still not sure if it's infected. Does this sound like it put a virus on it?

Thanks.

[Elise]

Hello and

We need to see some information about what is happening in your machine. Please perform the following scan:

• Download DDS by sUBs from one of the following links. Save it to your desktop.
  • DDS.scr
    
  • DDS.pif
    

  [*]Double click on the DDS icon, allow it to run.

  [*]A small box will open, with an explaination about the tool. No input is needed, the scan is running.

  [*]Notepad will open with the results.

  [*]Follow the instructions that pop up for posting the results.

  [*]Close the program window, and delete the program from your desktop.

Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

[smistr]

.

DDS (Ver_2011-06-23.01) - NTFSx86

Internet Explorer: 7.0.6001.18000

Run by Fam at 18:10:10 on 2011-08-15

Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.2814.1215 [GMT -5:00]

.

AV: Norton Internet Security *Enabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}

SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Norton Internet Security *Enabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}

FW: Norton Internet Security *Enabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\WLANExt.exe

C:\Windows\System32\spoolsv.exe

c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\HP\QuickPlay\QPService.exe

C:\Program Files\Windows Defender\MSASCui.exe

c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\HP\HP Software Update\hpwuschd2.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\SMINST\BLService.exe

C:\Program Files\CyberLink\Shared Files\RichVideo.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Viewpoint\Common\ViewpointService.exe

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\DRIVERS\xaudio.exe

C:\Users\funluvs-chanx\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\iPod\bin\iPodService.exe

c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe

c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

C:\Windows\system32\wuauclt.exe

C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

C:\Users\funluvs-chanx\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\rundll32.exe

C:\Users\funluvs-chanx\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\funluvs-chanx\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\funluvs-chanx\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\funluvs-chanx\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\funluvs-chanx\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Pavilion&pf=cnnb

uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Pavilion&pf=cnnb

mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Pavilion&pf=cnnb

mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Pavilion&pf=cnnb

uInternet Settings,ProxyOverride = *.local

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: NCO 2.0 IE BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\common files\symantec shared\coshared\browser\2.5\coIEPlg.dll

BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\progra~1\common~1\symant~1\ids\IPSBHO.dll

BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_05\bin\ssv.dll

TB: Show Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\common files\symantec shared\coshared\browser\2.5\CoIEPlg.dll

uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun

uRun: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter

uRun: [LightScribe Control Panel] c:\program files\common files\lightscribe\LightScribeControlPanel.exe -hidden

uRun: [Google Update] "c:\users\fam\appdata\local\google\update\GoogleUpdate.exe" /c

uRun: [skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized

mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe

mRun: [uCam_Menu] "c:\program files\cyberlink\youcam\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\youcam" update "software\cyberlink\youcam\2.0"

mRun: [QPService] "c:\program files\hp\quickplay\QPService.exe"

mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"

mRun: [QlbCtrl.exe] c:\program files\hewlett-packard\hp quick launch buttons\QlbCtrl.exe /Start

mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"

mRun: [HP Health Check Scheduler] c:\program files\hewlett-packard\hp health check\HPHC_Scheduler.exe

mRun: [hpWirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe

mRun: [sunJavaUpdateSched] "c:\program files\java\jre1.6.0_05\bin\jusched.exe"

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe

mRun: [<NO NAME>]

mRunOnce: [AOLRebootNeeded] regsvr32.exe /s

mRunOnce: [WLuSetup] c:\program files\symantec\liveupdate\luupdate.exe -p wlumsp.msp

mRunOnce: [Norton Account Alert] "c:\progra~1\common~1\symant~1\symnac\SymNAC.exe" /ForkThenQuit

mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_05\bin\ssv.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab

TCP: DhcpNameServer = 192.168.1.254

TCP: Interfaces\{E3DC399E-45AF-4AD5-8860-8402A3C1FF02} : DhcpNameServer = 192.168.1.254

mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"

.

============= SERVICES / DRIVERS ===============

.

R1 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\symantec\defini~1\symcdata\ipsdefs\20110811.001\IDSvix86.sys [2011-8-12 287792]

R2 LiveUpdate Notice;LiveUpdate Notice;c:\program files\common files\symantec shared\CCSVCHST.EXE [2008-2-6 149352]

R2 Recovery Service for Windows;Recovery Service for Windows;c:\windows\sminst\BLService.exe [2008-8-4 361808]

R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2011-7-22 24652]

R3 Com4QLBEx;Com4QLBEx;c:\program files\hewlett-packard\hp quick launch buttons\Com4QLBEx.exe [2008-8-4 193840]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2011-7-29 105592]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2008-5-9 43040]

R3 Symantec Core LC;Symantec Core LC;c:\progra~1\common~1\symant~1\ccpd-lc\symlcsvc.exe [2008-8-4 1245064]

R3 SYMNDISV;SYMNDISV;c:\windows\system32\drivers\symndisv.sys [2009-2-19 41008]

S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [2008-1-12 23888]

.

=============== Created Last 30 ================

.

2011-08-10 04:03:02 7144817 ----a-w- c:\windows\Sailor Moon.scr

2011-08-08 03:09:57 -------- d-----w- c:\users\fam\appdata\roaming\Malwarebytes

2011-08-08 03:09:35 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-08-08 03:09:27 -------- d-----w- c:\programdata\Malwarebytes

2011-08-08 03:09:21 22712 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-08-08 03:09:21 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-08-03 01:36:23 -------- d-----w- c:\program files\Spotify

2011-07-30 15:55:16 -------- d-----w- c:\users\fam\appdata\roaming\HpUpdate

2011-07-30 15:55:11 -------- d-----w- c:\windows\Hewlett-Packard

2011-07-29 17:17:36 -------- d-----w- c:\program files\Foxit Software

2011-07-25 20:27:32 -------- d-----r- c:\program files\Skype

2011-07-25 20:16:35 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys

2011-07-25 20:16:35 107368 ----a-w- c:\windows\system32\GEARAspi.dll

2011-07-25 20:14:18 -------- d-----w- c:\program files\iPod

2011-07-25 20:14:15 -------- d-----w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

2011-07-25 20:14:15 -------- d-----w- c:\program files\iTunes

2011-07-25 20:13:13 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll

2011-07-25 20:13:13 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll

2011-07-25 20:13:13 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll

2011-07-25 20:13:13 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll

2011-07-25 20:13:13 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll

2011-07-25 20:13:13 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll

2011-07-25 20:13:13 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll

2011-07-25 20:11:19 -------- d-----w- c:\users\fam\appdata\local\Apple

2011-07-25 20:08:19 -------- d-----w- c:\program files\Bonjour

2011-07-23 03:44:28 97800 ----a-w- c:\windows\system32\infocardapi.dll

2011-07-23 03:44:28 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll

2011-07-23 03:44:27 622080 ----a-w- c:\windows\system32\icardagt.exe

2011-07-23 03:44:27 43544 ----a-w- c:\windows\system32\PresentationHostProxy.dll

2011-07-23 03:44:27 37384 ----a-w- c:\windows\system32\infocardcpl.cpl

2011-07-23 03:44:27 11264 ----a-w- c:\windows\system32\icardres.dll

2011-07-23 03:44:25 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll

2011-07-23 03:44:22 326160 ----a-w- c:\windows\system32\PresentationHost.exe

2011-07-23 03:28:37 96760 ----a-w- c:\windows\system32\dfshim.dll

2011-07-23 03:28:34 282112 ----a-w- c:\windows\system32\mscoree.dll

2011-07-23 03:28:33 41984 ----a-w- c:\windows\system32\netfxperf.dll

2011-07-23 03:28:12 158720 ----a-w- c:\windows\system32\mscorier.dll

2011-07-23 03:27:50 83968 ----a-w- c:\windows\system32\mscories.dll

2011-07-23 03:11:28 -------- d-----w- c:\program files\MSXML 4.0

2011-07-23 03:05:06 104960 ----a-w- c:\windows\system32\netiohlp.dll

2011-07-23 03:05:01 27136 ----a-w- c:\windows\system32\NETSTAT.EXE

2011-07-23 03:05:00 19968 ----a-w- c:\windows\system32\ARP.EXE

2011-07-23 03:04:58 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE

2011-07-23 03:04:56 10240 ----a-w- c:\windows\system32\finger.exe

2011-07-23 03:04:54 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE

2011-07-23 03:04:53 11264 ----a-w- c:\windows\system32\MRINFO.EXE

2011-07-23 03:04:52 17920 ----a-w- c:\windows\system32\ROUTE.EXE

2011-07-23 03:04:48 17920 ----a-w- c:\windows\system32\netevent.dll

2011-07-23 03:01:59 389632 ----a-w- c:\windows\system32\html.iec

2011-07-23 03:01:57 26624 ----a-w- c:\windows\system32\ieUnatt.exe

2011-07-23 03:01:55 78336 ----a-w- c:\windows\system32\ieencode.dll

2011-07-23 03:01:55 1383424 ----a-w- c:\windows\system32\mshtml.tlb

2011-07-23 03:00:51 168960 ----a-w- c:\program files\windows media player\wmplayer.exe

2011-07-23 03:00:44 8147456 ----a-w- c:\windows\system32\wmploc.DLL

2011-07-23 02:56:27 409600 ----a-w- c:\windows\system32\odbc32.dll

2011-07-23 02:56:25 708608 ----a-w- c:\program files\common files\system\ado\msado15.dll

2011-07-23 02:56:25 253952 ----a-w- c:\program files\common files\system\ado\msadox.dll

2011-07-23 02:56:24 57344 ----a-w- c:\program files\common files\system\msadc\msadcs.dll

2011-07-23 02:56:24 241664 ----a-w- c:\program files\common files\system\ado\msadomd.dll

2011-07-23 02:56:24 180224 ----a-w- c:\program files\common files\system\msadc\msadco.dll

2011-07-23 02:55:21 2868224 ----a-w- c:\windows\system32\mf.dll

2011-07-23 02:55:13 563200 ----a-w- c:\windows\system32\oleaut32.dll

2011-07-23 02:55:07 248832 ----a-w- c:\windows\system32\msshsq.dll

2011-07-23 02:55:01 304640 ----a-w- c:\windows\system32\drivers\srv.sys

2011-07-23 02:54:53 1616384 ----a-w- c:\program files\windows mail\msoe.dll

2011-07-23 02:54:42 2927104 ----a-w- c:\windows\explorer.exe

2011-07-23 02:52:44 72192 ----a-w- c:\windows\system32\drivers\pacer.sys

2011-07-23 02:52:44 15360 ----a-w- c:\windows\system32\pacerprf.dll

2011-07-23 02:52:33 293376 ----a-w- c:\windows\system32\wlanmsm.dll

2011-07-23 02:52:33 127488 ----a-w- c:\windows\system32\L2SecHC.dll

2011-07-23 02:52:32 513024 ----a-w- c:\windows\system32\wlansvc.dll

2011-07-23 02:52:32 302592 ----a-w- c:\windows\system32\wlansec.dll

2011-07-23 02:52:08 146432 ----a-w- c:\windows\system32\drivers\srv2.sys

2011-07-23 02:52:08 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys

2011-07-23 02:52:02 565248 ----a-w- c:\windows\system32\emdmgmt.dll

2011-07-23 02:52:01 625152 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys

2011-07-23 02:52:01 45056 ----a-w- c:\windows\system32\dataclen.dll

2011-07-23 02:52:01 36864 ----a-w- c:\windows\system32\cdd.dll

2011-07-23 02:52:01 148480 ----a-w- c:\windows\system32\drivers\nwifi.sys

2011-07-23 02:50:59 339968 ----a-w- c:\program files\windows nt\accessories\wordpad.exe

2011-07-23 02:49:56 66048 ----a-w- c:\program files\windows mail\wabmig.exe

2011-07-23 02:49:56 515584 ----a-w- c:\program files\windows mail\wab.exe

2011-07-23 02:49:55 33280 ----a-w- c:\program files\windows mail\wabfind.dll

2011-07-23 02:49:51 866816 ----a-w- c:\windows\system32\wmpmde.dll

2011-07-23 02:49:44 69632 ----a-w- c:\windows\system32\drivers\bowser.sys

2011-07-23 02:49:39 62464 ----a-w- c:\windows\system32\l3codeca.acm

2011-07-23 02:49:20 361984 ----a-w- c:\windows\system32\IPSECSVC.DLL

2011-07-23 02:44:25 3548048 ----a-w- c:\windows\system32\ntoskrnl.exe

2011-07-23 02:44:24 1205080 ----a-w- c:\windows\system32\ntdll.dll

2011-07-23 02:44:23 3600272 ----a-w- c:\windows\system32\ntkrnlpa.exe

2011-07-23 02:39:52 296960 ----a-w- c:\windows\system32\gdi32.dll

2011-07-23 02:39:46 86528 ----a-w- c:\windows\system32\dnsrslvr.dll

2011-07-23 02:39:46 25088 ----a-w- c:\windows\system32\dnscacheugc.exe

2011-07-23 02:39:39 2042368 ----a-w- c:\windows\system32\win32k.sys

2011-07-23 02:39:15 157184 ----a-w- c:\windows\system32\t2embed.dll

2011-07-23 02:38:47 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL

2011-07-23 02:37:42 954752 ----a-w- c:\windows\system32\mfc40.dll

2011-07-23 02:37:40 954288 ----a-w- c:\windows\system32\mfc40u.dll

2011-07-23 02:37:26 24064 ----a-w- c:\windows\system32\amxread.dll

2011-07-23 02:37:26 13824 ----a-w- c:\windows\system32\apilogen.dll

2011-07-23 02:37:19 1257472 ----a-w- c:\windows\system32\msxml3.dll

2011-07-23 02:34:20 1334272 ----a-w- c:\windows\system32\msxml6.dll

2011-07-23 02:34:14 898952 ----a-w- c:\windows\system32\drivers\tcpip.sys

2011-07-23 02:34:03 2067456 ----a-w- c:\windows\system32\mstscax.dll

2011-07-23 02:34:02 677888 ----a-w- c:\windows\system32\mstsc.exe

2011-07-23 02:33:53 784896 ----a-w- c:\windows\system32\rpcrt4.dll

2011-07-23 02:33:45 49152 ----a-w- c:\windows\system32\csrsrv.dll

2011-07-23 02:33:45 375808 ----a-w- c:\windows\system32\winsrv.dll

2011-07-23 02:33:40 61440 ----a-w- c:\windows\system32\msasn1.dll

2011-07-23 02:32:57 147456 ----a-w- c:\windows\system32\Faultrep.dll

2011-07-23 02:32:56 125952 ----a-w- c:\windows\system32\wersvc.dll

2011-07-23 02:32:49 281600 ----a-w- c:\windows\system32\raschap.dll

2011-07-23 02:32:49 244224 ----a-w- c:\windows\system32\rastls.dll

2011-07-23 02:32:36 531968 ----a-w- c:\windows\system32\comctl32.dll

2011-07-23 02:26:05 351232 ----a-w- c:\windows\system32\WSDApi.dll

2011-07-23 02:25:51 303616 ----a-w- c:\windows\system32\wmpeffects.dll

2011-07-23 02:25:36 636928 ----a-w- c:\windows\system32\localspl.dll

2011-07-23 01:58:06 31744 ----a-w- c:\windows\system32\msvidc32.dll

2011-07-23 01:58:05 13312 ----a-w- c:\windows\system32\msrle32.dll

2011-07-23 01:58:04 22528 ----a-w- c:\windows\system32\msyuv.dll

2011-07-23 01:58:03 50176 ----a-w- c:\windows\system32\iyuv_32.dll

2011-07-23 01:58:02 11776 ----a-w- c:\windows\system32\tsbyuv.dll

2011-07-23 01:58:01 91136 ----a-w- c:\windows\system32\avifil32.dll

2011-07-23 01:58:00 82944 ----a-w- c:\windows\system32\mciavi32.dll

2011-07-23 01:57:58 65024 ----a-w- c:\windows\system32\avicap32.dll

2011-07-23 01:57:56 123904 ----a-w- c:\windows\system32\msvfw32.dll

2011-07-23 01:55:48 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL

2011-07-23 01:49:23 -------- d-sh--w- C:\$RECYCLE.BIN

2011-07-23 01:42:00 276992 ----a-w- c:\windows\system32\schannel.dll

2011-07-23 01:37:45 6416928 ----a-w- c:\windows\system\DriveIcon.dll

2011-07-23 01:37:45 62464 ----a-w- c:\windows\system32\drivers\RTSTOR.sys

2011-07-23 01:37:17 -------- d-----w- c:\program files\NetWaiting

2011-07-23 01:36:42 -------- d-----w- c:\program files\CONEXANT

2011-07-23 01:34:06 -------- d-----w- c:\program files\Synaptics

2011-07-23 01:32:31 313888 ----a-w- c:\windows\system32\nvexpbar.dll

2011-07-23 01:32:31 1079840 ----a-w- c:\windows\system32\nvcpluir.dll

2011-07-23 01:27:49 3948 ----a-w- c:\windows\system32\drivers\nvphy.bin

2011-07-23 01:27:03 442368 ----a-w- c:\windows\system32\nvusmb.exe

2011-07-23 01:26:45 485920 ----a-w- c:\windows\system32\NVUNINST.EXE

2011-07-23 01:23:54 909824 ----a-w- c:\windows\system32\drivers\athr.sys

2011-07-23 01:23:53 53248 ----a-w- c:\windows\system32\athihvui.dll

2011-07-23 01:23:53 393216 ----a-w- c:\windows\system32\athihvs.dll

2011-07-23 01:23:53 376832 ----a-w- c:\windows\system32\S64CPA.exe

2011-07-23 01:23:53 -------- d-----w- c:\windows\system32\nn-NO

2011-07-23 01:23:27 -------- d-----w- c:\program files\Atheros

2011-07-23 01:23:25 -------- d-----w- c:\program files\Cisco

2011-07-23 01:23:17 -------- d-----w- c:\programdata\Atheros

2011-07-23 01:11:40 -------- d-----w- c:\users\fam\appdata\local\Google

2011-07-23 01:10:41 -------- d-----w- c:\users\fam\appdata\local\Apps

2011-07-23 01:10:40 -------- d-----w- c:\users\fam\appdata\local\Deployment

2011-07-23 00:44:50 171520 ----a-w- c:\windows\system32\wintrust.dll

2011-07-23 00:44:46 98304 ----a-w- c:\windows\system32\cabview.dll

2011-07-23 00:28:50 -------- d-----w- c:\users\fam\appdata\local\AOL

2011-07-23 00:27:02 2421760 ----a-w- c:\windows\system32\wucltux.dll

2011-07-23 00:26:31 87552 ----a-w- c:\windows\system32\wudriver.dll

2011-07-23 00:26:06 33792 ----a-w- c:\windows\system32\wuapp.exe

2011-07-23 00:26:06 171608 ----a-w- c:\windows\system32\wuwebv.dll

2011-07-23 00:23:57 -------- d-----w- c:\users\fam\appdata\local\Hewlett-Packard

2011-07-23 00:16:51 -------- d-----w- c:\users\fam\appdata\roaming\Symantec

2011-07-23 00:07:59 -------- d-----w- c:\users\fam\appdata\roaming\HP TCS

2011-07-23 00:07:12 -------- d-----w- c:\programdata\Viewpoint

2011-07-23 00:07:12 -------- d-----w- c:\program files\Viewpoint

2011-07-23 00:06:46 -------- d-----w- c:\program files\common files\AOL

.

==================== Find3M ====================

.

2011-07-23 01:50:54 124464 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS

2011-07-12 16:20:54 83816 ----a-w- c:\windows\system32\dns-sd.exe

2011-07-12 16:20:54 73064 ----a-w- c:\windows\system32\dnssd.dll

2011-07-12 16:20:54 50536 ----a-w- c:\windows\system32\jdns_sd.dll

2011-07-12 16:20:54 178536 ----a-w- c:\windows\system32\dnssdX.dll

.

============= FINISH: 18:10:48.13 ===============

[Elise]

Hi, first of all lets check for rootkits.

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!

• Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
  Vista/Windows 7 users right-click and select Run As Administrator.
  
• If TDSSKiller does not run, try renaming it.
  
• To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  
• Click the Start Scan button.
  
• Do not use the computer during the scan
  
• If the scan completes with nothing found, click Close to exit.
  
• If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  
• Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  
• A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  
• Copy and paste the contents of that file in your next reply.

[smistr]

I ran the rootkit scan, and it stated that there were no malware detected.

Thank you very much for the help. I appreciate it.

[Elise]

Hi, that is at least good news.

COMBOFIX

---------------

Please download ComboFix from one of these locations:

• 
  

Bleepingcomputer
ForoSpyware

• Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  
• Double click on Combofix.exe and follow the prompts.
  
• As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  
• Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
  

**Please note: If the Microsoft Windows Recovery Console is already installed, or if you are running Vista, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\Combofix.txt in your next reply.

[screen317]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!