Jump to content

I did a stupid thing. Am I infected?


Recommended Posts

I received an email for an item I was selling on CL. I stupidly was not paying attention to what the link looked like when I clicked, and when I did click it seemed as if I was redirected. But the site seemed legit to my eyes.

I have scanned on multiple url scanners online and nothing comes up bad. I have also scanned with Malwarebytes in quick mode and Norton Security in quick scan, as well as Kaspersky's TDSS Killer and all come up clean.

No noticeable behavior changes on my pc as of yet. However, I'm still paranoid about this. Can you help me please?

I have attached the two DDS files as instructed.

DDS.txt

Attach.txt

Link to post
Share on other sites

Here is an updated post with a questionable app uninstalled and 2 others disabled, and the logs posted directly instead of attached. I hope this can clear things up.

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_29

Run by Owner at 14:17:05 on 2011-11-02

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.1978.860 [GMT -5:00]

.

AV: Norton Security Suite *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

FW: Norton Security Suite *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Program Files (x86)\Seagate\DriveSettings\Sync\SeagateDriveSettingsService.exe

C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\ccSvcHst.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\Norton DNS\NortonDNSSvc.exe

C:\Windows\system32\Dwm.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\ccSvcHst.exe

C:\Windows\system32\taskhost.exe

C:\Windows\Explorer.EXE

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Users\Owner\Local Settings\Apps\F.lux\flux.exe

C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe

C:\Program Files (x86)\Norton DNS\NortonDNSTray.exe

C:\Program Files (x86)\Turtle Beach\AudioAdvantageMicro\TBAA.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.EXE

C:\Windows\system32\WUDFHost.exe

C:\Program Files\PeerBlock\peerblock.exe

C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uInternet Settings,ProxyOverride = *.local

mWinlogon: Userinit=userinit.exe

BHO: KeyScramblerBHO Class: {2b9f5787-88a5-4945-90e7-c4b18563bc5e} - C:\Program Files (x86)\KeyScrambler\KeyScramblerIE.dll

BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\coIEPlg.dll

BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\IPS\IPSBHO.DLL

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\coIEPlg.dll

uRun: [F.lux] "C:\Users\Owner\Local Settings\Apps\F.lux\flux.exe" /noshow

uRun: [Rainlendar2] C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe

mRun: [Turtle Beach Audio Advantage Micro] "C:\Program Files (x86)\Turtle Beach\AudioAdvantageMicro\TBAA.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\NORTON~1.LNK - C:\Program Files (x86)\Norton DNS\NortonDNSTray.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000

IE: Free YouTube to MP3 Converter - C:\Users\Owner\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

IE: {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - {B745F984-EF2E-40D6-A9AC-D8CED7230E61} - C:\Program Files (x86)\KeyScrambler\KeyScramblerIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{754D0D6E-2004-4561-B4D4-8A3EF556EF07} : NameServer = 198.153.192.1,198.153.194.1

TCP: Interfaces\{754D0D6E-2004-4561-B4D4-8A3EF556EF07} : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{754D0D6E-2004-4561-B4D4-8A3EF556EF07}\6505B4 : DhcpNameServer = 10.0.0.1

TCP: Interfaces\{754D0D6E-2004-4561-B4D4-8A3EF556EF07}\869602A392 : NameServer = 198.153.192.1,198.153.194.1

TCP: Interfaces\{754D0D6E-2004-4561-B4D4-8A3EF556EF07}\869602A392 : DhcpNameServer = 192.168.1.1

BHO-X64: KeyScramblerBHO Class: {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files (x86)\KeyScrambler\KeyScramblerIE.dll

BHO-X64: QFX Software KeyScrambler - No File

BHO-X64: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\coIEPlg.dll

BHO-X64: Symantec NCO BHO - No File

BHO-X64: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\IPS\IPSBHO.DLL

BHO-X64: Symantec Intrusion Prevention - No File

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\coIEPlg.dll

mRun-x64: [Turtle Beach Audio Advantage Micro] "C:\Program Files (x86)\Turtle Beach\AudioAdvantageMicro\TBAA.exe"

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\c0k6d7z3.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.startingpage.com/

FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

FF - plugin: C:\Users\Owner\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

.

============= SERVICES / DRIVERS ===============

.

R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\N360x64\0501000.01D\SYMDS64.SYS --> C:\Windows\system32\drivers\N360x64\0501000.01D\SYMDS64.SYS [?]

R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\N360x64\0501000.01D\SYMEFA64.SYS --> C:\Windows\system32\drivers\N360x64\0501000.01D\SYMEFA64.SYS [?]

R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20111027.001\BHDrvx64.sys [2011-11-1 1155704]

R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20111031.030\IDSviA64.sys [2011-11-2 488568]

R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\N360x64\0501000.01D\Ironx64.SYS --> C:\Windows\system32\drivers\N360x64\0501000.01D\Ironx64.SYS [?]

R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\system32\Drivers\N360x64\0501000.01D\SYMNETS.SYS --> C:\Windows\system32\Drivers\N360x64\0501000.01D\SYMNETS.SYS [?]

R2 FreeAgentGoFlex Service;Seagate Drive Settings Service;C:\Program Files (x86)\Seagate\DriveSettings\Sync\SeagateDriveSettingsService.exe [2011-2-10 91432]

R2 N360;Norton Security Suite;C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\ccsvchst.exe [2011-5-17 130008]

R2 Norton DNS;Norton DNS;C:\Program Files (x86)\Norton DNS\NortonDNSSvc.exe [2010-10-13 97664]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-8-3 136824]

R3 KeyScrambler;KeyScrambler;C:\Windows\system32\drivers\keyscrambler.sys --> C:\Windows\system32\drivers\keyscrambler.sys [?]

R3 pbfilter;pbfilter;C:\Program Files\PeerBlock\pbfilter.sys [2011-4-18 24176]

R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\Windows\system32\DRIVERS\rtl8192se.sys --> C:\Windows\system32\DRIVERS\rtl8192se.sys [?]

RUnknown DwProt;DwProt; [x]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?]

S3 PSI;PSI;C:\Windows\system32\DRIVERS\psi_mf.sys --> C:\Windows\system32\DRIVERS\psi_mf.sys [?]

S3 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2011-7-29 994360]

S3 tapoas;TAP-Win32 Adapter OAS;C:\Windows\system32\DRIVERS\tapoas.sys --> C:\Windows\system32\DRIVERS\tapoas.sys [?]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 USBAU;USB Audio Device Interface;C:\Windows\system32\drivers\CM10264.sys --> C:\Windows\system32\drivers\CM10264.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

.

=============== Created Last 30 ================

.

2011-10-26 02:43:57 -------- d-----w- C:\Program Files (x86)\NirSoft

2011-10-24 19:29:02 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx

2011-10-24 19:29:02 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts

2011-10-24 03:38:59 -------- d-----w- C:\Themes

2011-10-23 20:44:50 -------- d-----w- C:\Program Files (x86)\SlimDrivers

2011-10-21 05:35:13 476904 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

2011-10-21 05:30:47 525544 ----a-w- C:\Windows\System32\deployJava1.dll

2011-10-15 20:32:24 -------- d-----w- C:\Scrty

2011-10-15 19:16:30 -------- d-----w- C:\Users\Owner\DoctorWeb

2011-10-12 18:46:51 75776 ----a-w- C:\Windows\SysWow64\psisrndr.ax

2011-10-12 18:46:51 613888 ----a-w- C:\Windows\System32\psisdecd.dll

2011-10-12 18:46:51 465408 ----a-w- C:\Windows\SysWow64\psisdecd.dll

2011-10-12 18:46:50 108032 ----a-w- C:\Windows\System32\psisrndr.ax

2011-10-12 18:46:39 3138048 ----a-w- C:\Windows\System32\win32k.sys

2011-10-12 18:46:38 331776 ----a-w- C:\Windows\System32\oleacc.dll

2011-10-12 18:46:38 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll

2011-10-12 18:46:37 861696 ----a-w- C:\Windows\System32\oleaut32.dll

2011-10-12 18:46:37 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll

2011-10-12 18:16:57 -------- d-----w- C:\Program Files\iTunes

2011-10-12 18:16:57 -------- d-----w- C:\Program Files\iPod

2011-10-12 18:13:49 -------- d-----w- C:\Program Files\Bonjour

2011-10-12 18:13:49 -------- d-----w- C:\Program Files (x86)\Bonjour

.

==================== Find3M ====================

.

2011-10-21 05:35:03 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2011-10-05 04:33:00 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2011-09-14 13:58:46 274616 ----a-w- C:\Windows\System32\drivers\keyscrambler.sys

2011-09-01 05:24:07 2309120 ----a-w- C:\Windows\System32\jscript9.dll

2011-09-01 05:17:57 1389056 ----a-w- C:\Windows\System32\wininet.dll

2011-09-01 05:12:04 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2011-09-01 02:35:59 1798144 ----a-w- C:\Windows\SysWow64\jscript9.dll

2011-09-01 02:28:15 1126912 ----a-w- C:\Windows\SysWow64\wininet.dll

2011-09-01 02:22:54 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2011-08-31 22:00:50 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys

2011-08-31 04:05:32 96104 ----a-w- C:\Windows\System32\dns-sd.exe

2011-08-31 04:05:32 85864 ----a-w- C:\Windows\System32\dnssd.dll

2011-08-31 04:05:32 61288 ----a-w- C:\Windows\System32\jdns_sd.dll

2011-08-31 04:05:32 212840 ----a-w- C:\Windows\System32\dnssdX.dll

2011-08-31 04:05:04 83816 ----a-w- C:\Windows\SysWow64\dns-sd.exe

2011-08-31 04:05:04 73064 ----a-w- C:\Windows\SysWow64\dnssd.dll

2011-08-31 04:05:04 50536 ----a-w- C:\Windows\SysWow64\jdns_sd.dll

2011-08-31 04:05:04 178536 ----a-w- C:\Windows\SysWow64\dnssdX.dll

2011-08-19 06:46:06 30720 ----a-w- C:\Windows\System32\drivers\tapoas.sys

.

============= FINISH: 14:18:00.50 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 4/7/2011 10:56:27 PM

System Uptime: 10/31/2011 2:34:42 PM (23 hours ago)

.

Motherboard: eMachines | | eMachines E527

Processor: Intel® Celeron® CPU 900 @ 2.20GHz | uPGA-478 | 2194/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 149 GiB total, 85.345 GiB free.

D: is CDROM ()

E: is FIXED (NTFS) - 466 GiB total, 194.06 GiB free.

F: is Removable

G: is Removable

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: TAP-Win32 Adapter OAS

Device ID: ROOT\NET\0000

Manufacturer: TAP-Win32 Provider OAS

Name: TAP-Win32 Adapter OAS

PNP Device ID: ROOT\NET\0000

Service: tapoas

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: TAP-Win32 Adapter V9

Device ID: ROOT\NET\0001

Manufacturer: TAP-Win32 Provider V9

Name: TAP-Win32 Adapter V9

PNP Device ID: ROOT\NET\0001

Service: tap0901

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: Atheros AR8132 PCI-E Fast Ethernet Controller (NDIS 6.20)

Device ID: PCI\VEN_1969&DEV_1062&SUBSYS_04591025&REV_C0\4&3170ED28&0&00E2

Manufacturer: Atheros

Name: Atheros AR8132 PCI-E Fast Ethernet Controller (NDIS 6.20)

PNP Device ID: PCI\VEN_1969&DEV_1062&SUBSYS_04591025&REV_C0\4&3170ED28&0&00E2

Service: L1C

.

==== System Restore Points ===================

.

No restore point in system.

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

µTorrent

Apple Application Support

Apple Software Update

Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver

AudioAdvantageMicro

Auslogics Task Manager

Epson Event Manager

EPSON Scan

F.lux

Foxit Reader 5.0

Free YouTube to MP3 Converter version 3.9.40.602

Garmin USB Drivers

Garmin VoiceStudio v2.10

Garmin WebUpdater

GIMP 2.6.11

Glary Utilities 2.38.0.1288

Google Chrome

IrfanView (remove only)

Java Auto Updater

Java 6 Update 29

KeyScrambler

Last.fm 1.5.4.27091

Malwarebytes' Anti-Malware version 1.51.2.1300

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Home and Student 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Silverlight

Microsoft Visual C++ 2005 Redistributable

Mozilla Firefox 7.0.1 (x86 en-US)

Mullvad

NirSoft Wireless Network Watcher

Norton Bootable Recovery Tool Wizard

Norton DNS

Norton Security Suite

QuickTime

Rainlendar2 (remove only)

Realtek High Definition Audio Driver

Revo Uninstaller 1.93

Seagate Drive Settings Installer

SeaTools for Windows

Secunia PSI (2.0.0.4002)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

SlimDrivers

SoulSeek 157 NS 13e

Spotify

StreamTorrent 1.0

TagScanner 5.1.601

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

VLC media player 1.1.11

.

==== Event Viewer Messages From Past Week ========

.

11/1/2011 12:28:32 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.

10/31/2011 2:38:36 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.

10/31/2011 2:38:27 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the LanmanServer service.

10/31/2011 2:36:19 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: An instance of the service is already running.

10/31/2011 2:35:49 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

10/31/2011 2:35:49 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.

10/30/2011 7:05:04 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NlaSvc service.

10/30/2011 1:55:23 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SysMain service.

10/27/2011 5:50:45 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR6.

10/25/2011 12:52:05 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

.

==== End Of File ===========================

Link to post
Share on other sites

  • Staff

Hi and welcome to Malwarebytes.

Please update MBAM, run a Quick Scan, and post its log.

Next, please visit this webpage for instructions for running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

  • When the tool is finished, it will produce a report for you.
  • Please post the contents of C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.

Link to post
Share on other sites

  • 2 weeks later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.