Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Is There Anything Wrong? Please Help.....

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Is There Anything Wrong? Please Help.....

Unread postby lebanon95 » December 21st, 2011, 3:05 pm

Well a few days ago i was in teamviewer with a friend of mine abroad. Me and him fell out so while i was out he downloaded a unkown file Called ' RatControlPanel ' straight away i recognised it as keylogger/RAT Virus. Then my computer became very slow and laggy and i knew the RAT was causing this so i spoke to my ' Friend ' and he told me he would remove it so he did the icon on my desktop was gone and my computer went back to its orginal state. I am not convinvced that its perminantly gone because i know that son of bitch is sneaky and is going to try and keylog most of my accounts. so please guys help me out here :(

So much for friends over ******* pixcels........ :(


DDS:

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Kassim at 18:49:26 on 2011-12-21
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.8172.5269 [GMT 0:00]
.
AV: Norton 360 *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\SysWOW64\ezSharedSvcHost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\hauppauge\hcwD3dvb\DVBT\DVBService.exe
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\ccSvcHst.exe
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
C:\Program Files (x86)\PDF Complete\pdfsvc.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\ccSvcHst.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\ModLEDKey.exe
C:\Program Files\IDT\WDM\beats64.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\CNYHKEY.exe
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Windows\SysWOW64\PnkBstrB.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\taskmgr.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.co.uk/
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\IPS\IPSBHO.DLL
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\coIEPlg.dll
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [<NO NAME>]
mRun: [HP Remote Solution] %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
mRun: [BATINDICATOR] C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR.exe
mRun: [LaunchHPOSIAPP] C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\LaunchApp.exe
mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
mRun: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: EnableShellExecuteHooks = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{8BE3799F-53B0-4AB8-8EF7-35EEEC979C05} : DhcpNameServer = 192.168.1.1
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: EasyBits ShellExecute Hook: {e54729e8-bb3d-4270-9d49-7389ea579090} - C:\Windows\SysWow64\EZUPBH~1.DLL
BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO-X64: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\coIEPlg.dll
BHO-X64: Symantec NCO BHO - No File
BHO-X64: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\IPS\IPSBHO.DLL
BHO-X64: Symantec Intrusion Prevention - No File
BHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO-X64: Search Helper - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll
TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\coIEPlg.dll
mRun-x64: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun-x64: [(Default)]
mRun-x64: [HP Remote Solution] %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
mRun-x64: [BATINDICATOR] C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR.exe
mRun-x64: [LaunchHPOSIAPP] C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\LaunchApp.exe
mRun-x64: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun-x64: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
mRun-x64: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
mRun-x64: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
SEH-X64: EasyBits ShellExecute Hook: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWow64\EZUPBH~1.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\N360x64\0501000.01D\SYMDS64.SYS --> C:\Windows\system32\drivers\N360x64\0501000.01D\SYMDS64.SYS [?]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\N360x64\0501000.01D\SYMEFA64.SYS --> C:\Windows\system32\drivers\N360x64\0501000.01D\SYMEFA64.SYS [?]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.2.1\Definitions\BASHDefs\20111210.003\BHDrvx64.sys [2011-12-10 1156216]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.2.1\Definitions\IPSDefs\20111220.001\IDSviA64.sys [2011-12-21 488568]
R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\N360x64\0501000.01D\Ironx64.SYS --> C:\Windows\system32\drivers\N360x64\0501000.01D\Ironx64.SYS [?]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\system32\Drivers\N360x64\0501000.01D\SYMNETS.SYS --> C:\Windows\system32\Drivers\N360x64\0501000.01D\SYMNETS.SYS [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-8-25 89600]
R2 ezSharedSvc;Easybits Services for Windows;C:\Windows\System32\ezSharedSvcHost.exe [2011-8-25 514232]
R2 hcwD3bda_dvbt;Hauppauge MSi2500 DVBT Service;C:\Windows\system32\hauppauge\hcwD3dvb\DVBT\DVBService.exe --> C:\Windows\system32\hauppauge\hcwD3dvb\DVBT\DVBService.exe [?]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-6-21 85560]
R2 HPAuto;HP Auto;C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-2-17 682040]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-3-28 94264]
R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\ccsvchst.exe [2011-12-20 130008]
R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]
R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-8-25 1127448]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-3-30 378472]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-8-25 2656280]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-12-20 138360]
R3 hcwD3bda;Driver for WinTV DVB-T (Model 133xxx);C:\Windows\system32\DRIVERS\hcwD3bda64.sys --> C:\Windows\system32\DRIVERS\hcwD3bda64.sys [?]
R3 LVUSBS64;Logitech USB Monitor Filter;C:\Windows\system32\drivers\LVUSBS64.sys --> C:\Windows\system32\drivers\LVUSBS64.sys [?]
R3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\system32\drivers\HECIx64.sys --> C:\Windows\system32\drivers\HECIx64.sys [?]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\system32\DRIVERS\netr28x.sys --> C:\Windows\system32\DRIVERS\netr28x.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 tixhci;TI XHCI Service;C:\Windows\system32\DRIVERS\tixhci.sys --> C:\Windows\system32\DRIVERS\tixhci.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 CLKMSVC10_38F51D56;CyberLink Product - 2011/08/25 14:05:36;C:\Program Files (x86)\Cyberlink\PowerDVD10\NavFilter\kmsvc.exe [2011-1-25 241648]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 lvpepf64;Volume Adapter;C:\Windows\system32\DRIVERS\lv302a64.sys --> C:\Windows\system32\DRIVERS\lv302a64.sys [?]
S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\system32\DRIVERS\lvrs64.sys --> C:\Windows\system32\DRIVERS\lvrs64.sys [?]
S3 tihub3;TI USB3 Hub Service;C:\Windows\system32\DRIVERS\tihub3.sys --> C:\Windows\system32\DRIVERS\tihub3.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
.
=============== Created Last 30 ================
.
2011-12-21 13:55:08 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2011-12-21 13:55:08 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2011-12-21 13:27:19 -------- d-----w- C:\Users\Kassim\AppData\Roaming\WinUpdtr
2011-12-21 12:45:04 -------- d-----w- C:\Users\Kassim\AppData\Roaming\TeamViewer
2011-12-21 10:31:53 -------- d-----w- C:\Users\Kassim\AppData\Local\{37FA5130-EAF8-4847-825C-309E7723F69F}
2011-12-21 10:31:41 -------- d-----w- C:\Users\Kassim\AppData\Local\{C37A8BA5-F5DA-40BA-9403-4EFDF88B967D}
2011-12-20 14:58:41 -------- d-----w- C:\Users\Kassim\AppData\Local\{19642E04-94AA-457E-9DF8-FB7FB51F1E8A}
2011-12-20 14:58:30 -------- d-----w- C:\Users\Kassim\AppData\Local\{CD4EDD2A-DF04-48E6-A9E2-A16CF9F20FA0}
2011-12-20 14:46:08 -------- d-----w- C:\Users\Kassim\AppData\Local\{052EFACD-F259-4A2C-BDF8-DF3B94AC44DC}
2011-12-20 14:45:57 -------- d-----w- C:\Users\Kassim\AppData\Local\{290960D2-192B-45E4-B2D3-EC6EB392704B}
2011-12-20 00:59:17 912504 ----a-w- C:\Windows\System32\drivers\N360x64\0501000.01D\symefa64.sys
2011-12-20 00:59:17 744568 ----a-w- C:\Windows\System32\drivers\N360x64\0501000.01D\srtsp64.sys
2011-12-20 00:59:17 450680 ----a-w- C:\Windows\System32\drivers\N360x64\0501000.01D\symds64.sys
2011-12-20 00:59:17 40568 ----a-w- C:\Windows\System32\drivers\N360x64\0501000.01D\srtspx64.sys
2011-12-20 00:59:17 386168 ----a-w- C:\Windows\System32\drivers\N360x64\0501000.01D\symnets.sys
2011-12-20 00:59:17 171128 ----a-r- C:\Windows\System32\drivers\N360x64\0501000.01D\ironx64.sys
2011-12-20 00:58:58 -------- d-----w- C:\Windows\System32\drivers\N360x64\0501000.01D
2011-12-19 18:08:13 -------- d-----w- C:\Program Files\iTunes
2011-12-19 17:56:51 34288 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
2011-12-19 17:56:50 174200 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2011-12-19 17:56:50 -------- d-----w- C:\Program Files\Symantec
2011-12-19 17:56:50 -------- d-----w- C:\Program Files\Common Files\Symantec Shared
2011-12-19 17:56:07 -------- d-----w- C:\Windows\System32\drivers\N360x64
2011-12-19 17:56:00 -------- d-----w- C:\Program Files (x86)\Norton 360
2011-12-19 17:51:40 -------- d-----w- C:\ProgramData\PCSettings
2011-12-19 17:49:13 -------- d-----w- C:\Users\Kassim\AppData\Local\{FA4B6423-9D57-413B-AC4C-73CB8E3076B7}
2011-12-19 17:49:02 -------- d-----w- C:\Users\Kassim\AppData\Local\{C90CCDB5-DE55-411A-A51C-2E544FD37A4B}
2011-12-17 12:20:56 -------- d-----w- C:\Users\Kassim\AppData\Local\{64DAAE92-D470-42F9-B577-8C6720B9C75F}
2011-12-16 09:19:24 8199504 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2011-12-16 09:19:18 8822856 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{20F10093-536E-4A1F-BAE0-FFB0169E8BA6}\mpengine.dll
2011-12-16 09:18:38 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2011-12-16 09:18:37 3145216 ----a-w- C:\Windows\System32\win32k.sys
2011-12-16 09:18:36 723456 ----a-w- C:\Windows\System32\EncDec.dll
2011-12-16 09:18:36 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll
2011-12-16 09:18:32 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2011-12-16 09:18:32 2048 ----a-w- C:\Windows\System32\tzres.dll
2011-12-16 09:10:58 -------- d-----w- C:\Users\Kassim\AppData\Local\{6271B079-B206-4FE1-B2DB-DFA9409B0AE9}
2011-12-16 09:10:46 -------- d-----w- C:\Users\Kassim\AppData\Local\{04A35C48-779B-4559-BA75-CDF05AA897EB}
2011-12-14 17:26:59 -------- d-----w- C:\Users\Kassim\AppData\Local\{51A47DCF-D26D-40B2-93AF-A9CDB7483342}
2011-12-13 18:49:21 -------- d-----w- C:\Users\Kassim\AppData\Local\{F4B11B9E-CC8D-47D1-BD29-BAE0300F39D7}
2011-12-13 18:49:10 -------- d-----w- C:\Users\Kassim\AppData\Local\{D10FD78A-5A6F-47EB-8B85-4A7189C69DDE}
2011-12-11 12:33:32 -------- d-----w- C:\Users\Kassim\AppData\Local\{DE9304D9-1AE3-4EEE-AE54-EB5F42CE1C1D}
2011-12-11 12:33:20 -------- d-----w- C:\Users\Kassim\AppData\Local\{5196F786-9101-4CEF-A8C5-73863E4C7CF3}
2011-12-10 20:23:47 -------- d-----w- C:\Users\Kassim\AppData\Local\{0B701724-4E8C-4E60-9123-D9DD89EEF80F}
2011-12-10 20:23:36 -------- d-----w- C:\Users\Kassim\AppData\Local\{22353A06-D6ED-45F2-B3DB-895EE311FD7E}
2011-12-10 15:22:43 -------- d-----w- C:\.soulsplit
2011-12-10 14:45:41 -------- d-----w- C:\Users\Kassim\Rev1XHD
2011-12-10 12:17:46 -------- d-----w- C:\Users\Kassim\AppData\Local\{93C2350C-8334-4C8C-8379-9038820B61FF}
2011-12-09 16:25:25 -------- d-----w- C:\Users\Kassim\AppData\Local\{0FECBFA0-FFEB-4764-AF0D-327622282D60}
2011-12-09 16:25:11 -------- d-----w- C:\Users\Kassim\AppData\Local\{70C3B6AC-909C-403E-B0D4-7E3D591F9BFD}
2011-12-08 16:56:42 -------- d-----w- C:\Users\Kassim\AppData\Local\{D7129648-190A-4615-A4F8-05422854E39B}
2011-12-08 16:56:31 -------- d-----w- C:\Users\Kassim\AppData\Local\{92476CAD-89ED-4E56-8D11-F11220908DDB}
2011-12-07 15:21:41 -------- d-----w- C:\Users\Kassim\AppData\Local\{71FC5772-2D6C-4038-A21F-B8403E0D964E}
2011-12-07 15:21:30 -------- d-----w- C:\Users\Kassim\AppData\Local\{3542BCA8-1831-4A74-B2CB-B8A5A955F382}
2011-12-06 17:50:19 -------- d-----w- C:\Users\Kassim\AppData\Local\{B21DDD7D-40FD-49DF-9DBA-67A73720D3ED}
2011-12-05 18:20:15 -------- d-----w- C:\Users\Kassim\AppData\Local\{41D8772C-4307-4FB2-B59E-67EADCA070B6}
2011-12-05 18:20:03 -------- d-----w- C:\Users\Kassim\AppData\Local\{FA004185-ECB0-4839-B699-16E6C7418D09}
2011-12-04 19:42:27 -------- d-----w- C:\Users\Kassim\AppData\Local\WinZip
2011-12-04 12:08:50 -------- d-----w- C:\Users\Kassim\AppData\Local\{463C5A7C-4B5A-494F-9428-320F23713412}
2011-12-04 12:08:37 -------- d-----w- C:\Users\Kassim\AppData\Local\{B12D3C24-81DF-4940-AC94-12A56F616D5B}
2011-12-03 23:50:26 -------- d-----w- C:\Users\Kassim\AppData\Local\{037DF189-0725-45D7-8803-6B8587B6332C}
2011-12-03 23:50:15 -------- d-----w- C:\Users\Kassim\AppData\Local\{BF75DFC8-E86B-4D5A-82D0-0DBDCCCD942B}
2011-12-03 21:36:38 -------- d-----w- C:\Users\Kassim\runecore
2011-12-03 11:49:48 -------- d-----w- C:\Users\Kassim\AppData\Local\{AC7F9903-E843-47B0-AC31-E89474CB28C1}
2011-12-03 11:49:37 -------- d-----w- C:\Users\Kassim\AppData\Local\{CDCBB616-5ACC-4B9E-BDB6-2BB8EF3FF72F}
2011-12-02 15:53:37 -------- d-----w- C:\Users\Kassim\AppData\Local\{4A0DD7B8-2B5B-4F0B-A29C-2DE10D164B74}
2011-12-02 15:53:26 -------- d-----w- C:\Users\Kassim\AppData\Local\{A7CEA750-3D11-4D10-86E0-95126C00A8CF}
2011-12-01 18:02:03 -------- d-----w- C:\Users\Kassim\AppData\Local\{CB8A00FF-3E9B-4C3C-B089-74A74C27C9FA}
2011-12-01 18:01:52 -------- d-----w- C:\Users\Kassim\AppData\Local\{6E1A70D4-1405-4585-B2CB-7B36140A4CC9}
2011-11-29 23:25:49 -------- d-----w- C:\Users\Kassim\AppData\Local\{826125E7-490A-47BC-82EB-9F2AEA98AF59}
2011-11-29 23:25:38 -------- d-----w- C:\Users\Kassim\AppData\Local\{EEBD1C05-B905-4ACF-BAD1-3D0806976683}
2011-11-28 16:59:24 -------- d-----w- C:\Users\Kassim\AppData\Local\{427B70AA-DD3A-4E32-B2AF-0295DDAE89FB}
2011-11-28 16:59:13 -------- d-----w- C:\Users\Kassim\AppData\Local\{24A45B4D-8028-45D3-BC21-C5D686602AD0}
2011-11-27 10:49:58 -------- d-----w- C:\Users\Kassim\AppData\Local\{09A38F8F-DBCA-4932-B90B-51E431F3E2DB}
2011-11-27 10:49:46 -------- d-----w- C:\Users\Kassim\AppData\Local\{A4BDE69A-6628-4935-AD31-C5E2E56E33C3}
2011-11-26 21:59:13 -------- d-----w- C:\Users\Kassim\AppData\Local\{A2136791-79E7-42E7-8C06-C469FF2DD0D0}
2011-11-26 09:58:49 -------- d-----w- C:\Users\Kassim\AppData\Local\{C397A85D-2EC1-43BE-957A-77652A6FBC6A}
2011-11-26 09:58:38 -------- d-----w- C:\Users\Kassim\AppData\Local\{F19D9576-C1B0-40F5-A0B6-C748388008AE}
2011-11-25 21:00:26 -------- d-----w- C:\Users\Kassim\AppData\Local\{C4CA12CB-44CE-4386-9757-529457D431C0}
2011-11-25 21:00:14 -------- d-----w- C:\Users\Kassim\AppData\Local\{720C7555-ECF1-4F67-A656-67A647DE86D6}
2011-11-25 11:14:39 125872 ----a-w- C:\Windows\System32\GEARAspi64.dll
2011-11-25 11:14:39 106928 ----a-w- C:\Windows\SysWow64\GEARAspi.dll
2011-11-25 08:59:45 -------- d-----w- C:\Users\Kassim\AppData\Local\{3027992E-8D12-43DE-8231-5A4A53049B90}
2011-11-25 08:59:34 -------- d-----w- C:\Users\Kassim\AppData\Local\{9E6DD0EC-7580-4F02-A357-CCD1302AF6C8}
2011-11-25 08:54:40 -------- d-----w- C:\Users\Kassim\AppData\Local\{18156DEF-472E-4465-9A4C-F0F795A0A1DD}
2011-11-25 08:54:29 -------- d-----w- C:\Users\Kassim\AppData\Local\{1CF7D547-376A-414A-A24E-BF5BABF5EFA7}
2011-11-24 19:24:09 -------- d-----w- C:\Users\Kassim\AppData\Local\{BC706A5A-695E-45C3-8A25-0FD91C4F0CAA}
2011-11-24 19:23:57 -------- d-----w- C:\Users\Kassim\AppData\Local\{7CF477A5-D2B3-4A08-8193-31B8B94DC92C}
2011-11-23 16:58:53 -------- d-----w- C:\Users\Kassim\AppData\Local\{1E0EB41F-4AE5-4A92-9652-44911C6925CA}
2011-11-23 16:58:42 -------- d-----w- C:\Users\Kassim\AppData\Local\{990B2EC2-B7AB-4BF5-8D3F-C0F9ADBBBD2B}
2011-11-22 17:54:08 -------- d-----w- C:\Users\Kassim\AppData\Local\{66411C19-AB3B-4BE5-8FC3-E2201EC92277}
2011-11-22 17:53:56 -------- d-----w- C:\Users\Kassim\AppData\Local\{8C5F90DE-0EE6-4F4B-99C5-AC964A567E6D}
.
==================== Find3M ====================
.
2011-12-21 15:39:25 280736 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2011-12-21 15:39:25 280736 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2011-12-21 15:38:14 215128 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2011-11-15 14:29:56 270720 ------w- C:\Windows\System32\MpSigStub.exe
2011-11-13 17:12:32 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-11-04 01:53:39 2309120 ----a-w- C:\Windows\System32\jscript9.dll
2011-11-04 01:44:47 1390080 ----a-w- C:\Windows\System32\wininet.dll
2011-11-04 01:44:21 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
2011-11-04 01:34:43 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2011-11-03 22:47:42 1798144 ----a-w- C:\Windows\SysWow64\jscript9.dll
2011-11-03 22:40:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2011-11-03 22:39:47 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-11-03 22:31:57 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-10-16 14:20:20 75136 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2011-10-16 13:21:17 2434856 ----a-w- C:\Windows\SysWow64\pbsvc_bc2.exe
2011-10-03 04:06:03 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2011-09-29 16:29:28 1923952 ----a-w- C:\Windows\System32\drivers\tcpip.sys
.
============= FINISH: 18:49:49.76 ===============





Here is The Attach Log:




.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 15/10/2011 21:03:03
System Uptime: 21/12/2011 13:39:49 (5 hours ago)
.
Motherboard: PEGATRON CORPORATION | | 2AB5
Processor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz | CPU 1 | 3401/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 1851 GiB total, 1787.272 GiB free.
D: is FIXED (NTFS) - 11 GiB total, 1.381 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {36fc9e60-c465-11cf-8056-444553540000}
Description: USB Root Hub
Device ID: USB\VID_040E&PID_0100&TIUSBD_HUB\5&6890C63&0&0
Manufacturer: (Standard USB Host Controller)
Name: USB Root Hub
PNP Device ID: USB\VID_040E&PID_0100&TIUSBD_HUB\5&6890C63&0&0
Service: tihub3
.
==== System Restore Points ===================
.
RP33: 09/11/2011 21:05:48 - Windows Update
RP34: 10/11/2011 19:50:45 - Windows Update
RP35: 15/11/2011 19:04:26 - Installed iTunes
RP36: 26/11/2011 19:01:24 - Scheduled Checkpoint
RP37: 04/12/2011 19:37:48 - Installed WinZip 16.0
RP38: 12/12/2011 17:44:46 - Scheduled Checkpoint
RP39: 16/12/2011 09:18:32 - Windows Update
RP40: 16/12/2011 11:38:22 - Windows Update
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Adobe AIR
Agatha Christie - Peril at End House
Apple Application Support
Apple Software Update
Battlefield: Bad Company 2
Bejeweled 2 Deluxe
Big Rig Europe
Bing Bar
Bing Bar Platform
Bing Rewards Client Installer
Blasterball 3
Bounce Symphony
Cake Mania
CamStudio OSS Desktop Recorder
Chuzzle Deluxe
Counter-Strike
Crazy Chicken Kart 2
CyberLink PowerDVD 10
D3DX10
Diner Dash 2 Restaurant Rescue
Farm Frenzy
FATE
Fishdom
Hewlett-Packard ACLM.NET v1.1.1.0
HP Customer Experience Enhancements
HP Games
HP Keyboard
HP LinkUp
HP Odometer
HP Remote Solution
HP Setup
HP Setup Manager
HP Support Assistant
HP Support Information
HP Update
IDT Audio
Intel(R) Management Engine Components
Java Auto Updater
Java(TM) 6 Update 29
Jewel Quest Solitaire
Junk Mail filter update
Kobo
LabelPrint
Magic Desktop
Mah Jong Medley
Mesh Runtime
Microsoft Default Manager
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2010
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
MSVCRT
MSVCRT_amd64
MusicStation
Mystery P.I. - The London Caper
Namco All-Stars PAC-MAN
NavyFIELD NorthAmerica
Norton 360
Norton Online Backup
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
PDF Complete Special Edition
Penguins!
Plants vs. Zombies - Game of the Year
Polar Bowler
Power2Go
PressReader
PunkBuster Services
Recovery Manager
Remote Graphics Receiver
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Skype™ 5.5
Slingo Deluxe
Spybot - Search & Destroy
Steam
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update Installer for WildTangent Games App
Virtual Villagers - The Secret City
Wedding Dash
WildTangent Games App (HP Games)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Zinio Reader 4
Zuma Deluxe
.
==== Event Viewer Messages From Past Week ========
.
21/12/2011 10:40:52, Error: bowser [8003] - The master browser has received a server announcement from the computer NORASARA-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{8BE3799F-53B0-4AB8-8EF7-35EEEC979C05}. The master browser is stopping or an election is being forced.
20/12/2011 17:27:26, Error: Microsoft-Windows-Directory-Services-SAM [12291] - SAM failed to start the TCP/IP or SPX/IPX listening thread
.
==== End Of File ===========================

Edit: profanity deleted - deltalima
lebanon95
Active Member
 
Posts: 1
Joined: December 21st, 2011, 2:57 pm
Advertisement
Register to Remove

Re: Is There Anything Wrong? Please Help.....

Unread postby deltalima » December 22nd, 2011, 5:04 pm

Checking your log - back soon.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Is There Anything Wrong? Please Help.....

Unread postby deltalima » December 22nd, 2011, 5:08 pm

Hi lebanon95,

Please refrain from swearing in the forums.

Welcome to the forum.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Please note the following:
  • I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The fixes are specific to your problem and should only be used for this issue on this machine.
  • Please do not run any scans or make any changes to the system unless I ask you too.
  • Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
  • If after 3 days you have not responded to this topic, it will be closed, and you will need to start a new one.
  • It's often worth reading through these instructions and printing them for ease of reference.
  • If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
  • Please reply to this thread. Do not start a new topic.

Please Note:
The programs I ask you to run need to be run in Administrator Mode by... Right clicking the program file and selecting: Run as Administrator.
Additionally, the built-in User Account Control (UAC) utility, if enabled, may prompt you for permission to run the program.
When prompted, please select: Allow. Reference: User Account Control (UAC) and Running as Administrator

Download and run OTL
Download OTL by Old Timer and save it to your Desktop.
  • Right click on OTL.exe and select: Run as Administrator.
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened
    • Extras.txt <-- Will be minimized
  • Please post the contents of these 2 Notepad files in your next reply.

Malwarebytes Anti-Malware

Please download Malwarebytes' Anti-Malware to your desktop.

  • Double-click mbam-setup.exe and select then follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. Please post that log in your next reply.
The log can also be found here:
  1. Launch Malwarebytes' Anti-Malware
  2. Click on the Logs radio tab.

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Is There Anything Wrong? Please Help.....

Unread postby deltalima » December 25th, 2011, 3:38 pm

Due to a lack of response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 89 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware