Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

new dds logs...

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

new dds logs...

Unread postby reefscapes » May 4th, 2012, 11:26 am

I have removed all cracked programs and starting over from scratch. I will not edit any log. I had reposted logs in the past not realizing that they still had the old information. Please help...

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 9/21/2008 12:56:08 PM
System Uptime: 5/4/2012 9:05:55 AM (0 hours ago)
.
Motherboard: FOXCONN | | Napa
Processor: Intel(R) Pentium(R) Dual CPU E2220 @ 2.40GHz | Socket 775 | 2400/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 455 GiB total, 273.274 GiB free.
D: is FIXED (NTFS) - 11 GiB total, 9.415 GiB free.
E: is CDROM ()
F: is FIXED (NTFS) - 466 GiB total, 232.396 GiB free.
G: is Removable
H: is Removable
I: is Removable
J: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
AccuRIP 01.01.044 - Fawkes Engineering
Ad-Aware Browsing Protection
Add or Remove Adobe Creative Suite 3 Design Premium
Adobe Acrobat 8 Professional
Adobe Acrobat 8.3.1 - CPSID_83708
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe BridgeTalk Plugin CS3
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Creative Suite 3 Design Premium
Adobe Default Language CS3
Adobe Device Central CS3
Adobe ExtendScript Toolkit 2
Adobe Extension Manager CS3
Adobe Flash CS3
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Flash Video Encoder
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Illustrator CS3
Adobe InDesign CS3
Adobe InDesign CS3 Icon Handler
Adobe Linguistics CS3
Adobe MotionPicture Color Files
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Setup
Adobe SING CS3
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe Version Cue CS3 Server {ko_KR}
Adobe WAS CS3
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
AHV content for Acrobat and Flash
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ARO 2012
Bonjour
Canon FAXPHONE L75
Carbonite
CCC
D3DX10
Driver Manager
Enhanced Multimedia Keyboard Solution
ESET Online Scanner v3
FILE RECOVERY for Windows
FormsComponent
FOSS
Google Earth
Google Update Helper
GX e3300N User Guide
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Advisor
HP MediaSmart DVD
HP Picasso Media Center Add-In
HP Product Detection
HP Update
ICCHelp
InterLok Driver Kit
Java Auto Updater
Java(TM) 7 Update 4
Junk Mail filter update
Maxtor Manager
MemTurbo 4
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Live Add-in 1.5
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Backward compatibility
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2005 Express Edition (UPSWSDBSERVER)
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft Visual C Runtime
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Mozilla Firefox 12.0 (x86 en-US)
Mozilla Maintenance Service
MSIChecker
MSVCRT
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NA1Messenger
Norton Security Suite
NRF
NVIDIA Control Panel 296.10
NVIDIA Display Control Panel
NVIDIA Drivers
NVIDIA ForceWare Network Access Manager
NVIDIA Graphics Driver 296.10
NVIDIA Install Application
NVIDIA Update 1.7.11
NVIDIA Update Components
OGA Notifier 2.0.0048.0
PCIe Soft Data Fax Modem with SmartCP
PDF Settings
PDF Settings CS4
PolicyManager
QuickBooks Premier: Mfg and Whsle Edition 2004
QuickTime
Realtek High Definition Audio Driver
Reconciler
ReportServer
Revo Uninstaller 1.88
SeaTools for Windows
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Segoe UI
sp44626
Spelling Dictionaries Support For Adobe Reader 9
Spotify
SupportUtility
System
UnifiedPrinting
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2598306) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
UPS Hundredweight Service Uninstall
UPS WorldShip
UPSDB
UPSICC
UPSlinkHTTP
UPSVCMM
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
WebHelp
Windows Driver Package - Intel System (11/07/2008 7.0.1.1011)
Windows Driver Package - NVIDIA (nvlddmkm) Display (10/08/2010 8.17.12.6089)
Windows Driver Package - Realtek Semiconductor Corp. HD Audio Driver (07/06/2010 6.0.1.6151)
Windows Installer Clean Up
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WorldShip
.
==== Event Viewer Messages From Past Week ========
.
5/4/2012 9:14:11 AM, Error: Service Control Manager [7022] - The KtmRm for Distributed Transaction Coordinator service hung on starting.
5/4/2012 9:09:33 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SBRE TfFsMon TfSysMon
5/4/2012 9:09:33 AM, Error: Service Control Manager [7000] - The adfs service failed to start due to the following error: The system cannot find the file specified.
5/4/2012 7:55:30 AM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.2.4 for the Network Card with network address 001FE2019543 has been denied by the DHCP server 192.168.2.1 (The DHCP Server sent a DHCPNACK message).
5/3/2012 8:57:50 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
5/3/2012 8:52:08 PM, Error: Service Control Manager [7022] - The Windows Font Cache Service service hung on starting.
5/3/2012 10:06:04 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the RipCore service to connect.
5/3/2012 10:06:04 PM, Error: Service Control Manager [7000] - The RipCore service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
5/2/2012 3:31:02 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: TfFsMon TfSysMon
5/2/2012 3:10:15 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
5/1/2012 4:30:19 AM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.2.5 for the Network Card with network address 001FE2019543 has been denied by the DHCP server 192.168.2.1 (The DHCP Server sent a DHCPNACK message).
5/1/2012 10:19:34 PM, Error: Service Control Manager [7030] - The ForceWare Intelligent Application Manager (IAM) service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
5/1/2012 10:19:27 PM, Error: Service Control Manager [7030] - The ForceWare IP service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
5/1/2012 10:03:29 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\C:\Users\storm\AppData\Local\Microsoft\Windows\UsrClass.dat' was corrupted and it has been recovered. Some data might have been lost.
4/30/2012 12:01:27 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service SBAMSvc with arguments "" in order to run the server: {FE7E09CE-BBF4-4698-8BC1-37C9002DAA43}
4/30/2012 12:01:25 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Ad-Aware service to connect.
4/30/2012 12:01:25 PM, Error: Service Control Manager [7000] - The Ad-Aware service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/30/2012 11:54:24 AM, Error: EventLog [6008] - The previous system shutdown at 2:19:42 AM on 4/29/2012 was unexpected.
4/30/2012 1:52:43 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.2.3 for the Network Card with network address 001FE2019543 has been denied by the DHCP server 192.168.2.1 (The DHCP Server sent a DHCPNACK message).
4/30/2012 1:01:04 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the service.
4/30/2012 1:00:34 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the CarboniteService service.
.
==== End Of File ===========================


.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.4.0
Run by storm at 9:19:47 on 2012-05-04
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3196.1630 [GMT -6:00]
.
AV: Norton Security Suite *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Security Suite *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
C:\Program Files\Maxtor\Sync\SyncServices.exe
c:\UPS\WSTD\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files\Norton Security Suite\Engine\5.2.1.3\ccSvcHst.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Fawkes Engineering\AccuRIP\RipCore.exe
C:\Program Files\Maxtor\OneTouch Status\MaxMenuMgr.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
C:\UPS\WSTD\UPSNA1Msgr.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Driver Manager\Driver Manager\DriverManager.exe
C:\UPS\WSTD\WSTDMessaging.exe
C:\Program Files\MemTurbo 4\MemTurbo.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Norton Security Suite\Engine\5.2.1.3\ccSvcHst.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\vssvc.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page =
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton security suite\engine\5.2.1.3\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton security suite\engine\5.2.1.3\ips\IPSBHO.DLL
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: {07B18EA9-A523-4961-B6BB-170DE4475CCA} - No File
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton security suite\engine\5.2.1.3\coIEPlg.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [Driver Manager] c:\program files\driver manager\driver manager\DriverManager.exe /applicationMode:systemTray /showWelcome:false
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [mxomssmenu] "c:\program files\maxtor\onetouch status\maxmenumgr.exe"
mRun: [Adobe_ID0EYTHM] c:\progra~1\common~1\adobe\adobev~1\server\bin\VERSIO~2.EXE
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 8.0\acrobat\Acrotray.exe"
mRun: [NA1Messenger] c:\ups\wstd\UPSNA1Msgr.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [Carbonite Backup] c:\program files\carbonite\carbonite backup\CarboniteUI.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
StartupFolder: c:\users\storm\appdata\roaming\micros~1\windows\startm~1\programs\startup\memturbo.lnk - c:\program files\memturbo 4\MemTurbo.exe
StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\quickb~1.lnk - c:\program files\common files\intuit\quickbooks\qbupdate\qbupdate.exe
StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\upswor~2.lnk - c:\ups\wstd\WSTDMessaging.exe
StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\upswor~1.lnk - c:\ups\wstd\wstdPldReminder.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: SoftwareSASGeneration = 1 (0x1)
IE: &Search - http://edits.mywebsearch.com/toolbaredi ... xdm080YYUS
IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Lookup on Merriam Webster - file://c:\program files\iespell\Merriam Webster.HTM
IE: Lookup on Wikipedia - file://c:\program files\iespell\wikipedia.HTM
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/fl ... rashim.cab
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{0FB840BF-3584-46D5-A03C-B7BD426055DD} : DhcpNameServer = 192.168.2.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\storm\appdata\roaming\mozilla\firefox\profiles\xhj5oaco.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_233.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
FF - plugin: c:\windows\system32\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2010-6-3 64288]
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\0502010.003\symds.sys [2012-4-23 340088]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\0502010.003\symefa.sys [2012-4-23 744568]
R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.0.0.125\definitions\bashdefs\20120413.001\BHDrvx86.sys [2012-4-19 821880]
R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.0.0.125\definitions\ipsdefs\20120503.001\IDSvix86.sys [2012-5-3 368248]
R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [2012-4-27 221784]
R1 SbTis;SbTis;c:\windows\system32\drivers\sbtis.sys [2012-4-27 78936]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\0502010.003\ironx86.sys [2012-4-23 136312]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\system32\drivers\n360\0502010.003\symtdiv.sys [2012-4-23 331384]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-9-23 21504]
R2 MSSQL$UPSWSDBSERVER;SQL Server (UPSWSDBSERVER);c:\ups\wstd\mssql.1\mssql\binn\sqlservr.exe -supswsdbserver --> c:\ups\wstd\mssql.1\mssql\binn\sqlservr.exe -sUPSWSDBSERVER [?]
R2 N360;Norton Security Suite;c:\program files\norton security suite\engine\5.2.1.3\ccsvchst.exe [2012-4-23 130008]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia update core\daemonu.exe [2012-5-1 2348352]
R2 RipCore;RipCore;c:\program files\fawkes engineering\accurip\RipCore.exe [2008-12-4 1839104]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-5-4 106104]
R3 HSXHWBS3;HSXHWBS3;c:\windows\system32\drivers\HSXHWBS3.sys [2008-2-12 207360]
R3 SBFWIMCLMP;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [2012-4-27 69208]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-5-19 136176]
S3 A3AB;D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB);c:\windows\system32\drivers\A3ABv.sys [2009-1-12 738304]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-12 253088]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2010-10-21 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-5-19 136176]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-4-26 129976]
S3 rcmirror;rcmirror;c:\windows\system32\drivers\rcmirror.sys [2007-12-14 5120]
S3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Service;c:\windows\system32\drivers\SbFwIm.sys [2012-4-27 69208]
S3 sbhips;sbhips;c:\windows\system32\drivers\sbhips.sys [2012-4-27 94040]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]
.
=============== File Associations ===============
.
.txt=
.
=============== Created Last 30 ================
.
2012-05-03 15:21:08 772552 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-05-03 15:21:08 687560 ----a-w- c:\windows\system32\deployJava1.dll
2012-05-02 21:57:33 -------- d-----w- C:\perflogs
2012-05-02 04:38:19 -------- d-----w- c:\program files\ATI Technologies
2012-05-02 04:38:15 -------- d-----w- c:\program files\ATI
2012-05-02 04:37:15 -------- d-----w- C:\swsetup
2012-05-02 04:14:05 758784 ----a-w- c:\windows\system32\cohelper.dll
2012-05-02 03:51:44 48760 ----a-w- c:\windows\system32\RUNCLOSE.OCX
2012-05-02 03:45:50 881984 ----a-w- c:\windows\system32\nvgenco32.dll
2012-05-02 03:45:50 1000256 ----a-w- c:\windows\system32\nvdispco32.dll
2012-05-02 03:35:55 -------- d-----w- c:\programdata\UAB
2012-05-02 03:35:29 -------- d-----w- c:\users\storm\appdata\local\PC_Drivers_Headquarters
2012-05-02 03:35:23 -------- d-----w- c:\programdata\Driver Manager
2012-05-02 03:33:20 -------- d-----w- c:\program files\Driver Manager
2012-05-01 23:42:22 -------- d-----w- c:\program files\ARO 2012
2012-05-01 03:53:17 -------- d-----w- c:\program files\ESET
2012-04-30 19:03:49 -------- d-----w- c:\programdata\Carbonite
2012-04-30 19:03:49 -------- d-----w- c:\program files\Carbonite
2012-04-27 21:13:51 94040 ----a-w- c:\windows\system32\drivers\sbhips.sys
2012-04-27 21:13:41 78936 ----a-w- c:\windows\system32\drivers\sbtis.sys
2012-04-27 21:12:21 69208 ----a-w- c:\windows\system32\drivers\SbFwIm.sys
2012-04-27 21:12:20 221784 ----a-w- c:\windows\system32\drivers\SbFw.sys
2012-04-27 21:12:18 -------- d-----w- c:\program files\Ad-Aware Antivirus
2012-04-27 21:11:33 -------- d-----w- c:\users\storm\appdata\local\adawarebp
2012-04-26 21:16:09 -------- d-----w- c:\program files\Mozilla Maintenance Service
2012-04-26 21:15:58 157352 ----a-w- c:\program files\mozilla firefox\maintenanceservice_installer.exe
2012-04-26 21:15:58 129976 ----a-w- c:\program files\mozilla firefox\maintenanceservice.exe
2012-04-24 02:51:48 331384 ----a-w- c:\windows\system32\drivers\n360\0502010.003\symtdiv.sys
2012-04-24 02:51:48 299640 ----a-w- c:\windows\system32\drivers\n360\0502010.003\symnets.sys
2012-04-24 02:51:47 744568 ----a-w- c:\windows\system32\drivers\n360\0502010.003\symefa.sys
2012-04-24 02:51:47 516216 ----a-w- c:\windows\system32\drivers\n360\0502010.003\srtsp.sys
2012-04-24 02:51:47 50168 ----a-w- c:\windows\system32\drivers\n360\0502010.003\srtspx.sys
2012-04-24 02:51:47 340088 ----a-w- c:\windows\system32\drivers\n360\0502010.003\symds.sys
2012-04-24 02:51:47 136312 ----a-r- c:\windows\system32\drivers\n360\0502010.003\ironx86.sys
2012-04-24 02:51:32 -------- d-----w- c:\windows\system32\drivers\n360\0502010.003
2012-04-21 19:36:46 -------- d-----w- c:\users\storm\appdata\local\{764190CB-9BF0-4FD2-98EC-5B94027B63E4}
2012-04-21 19:36:30 -------- d-----w- c:\users\storm\appdata\local\{8B91168B-57EE-47C5-AFFD-EA04D1D9D064}
2012-04-12 18:24:20 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-04-12 09:10:54 5120 ----a-w- c:\windows\system32\wmi.dll
2012-04-12 09:10:54 172032 ----a-w- c:\windows\system32\wintrust.dll
2012-04-12 09:10:54 157696 ----a-w- c:\windows\system32\imagehlp.dll
2012-04-12 09:10:53 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-04-12 09:09:27 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-04-12 09:09:27 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-11 16:19:58 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
.
==================== Find3M ====================
.
2012-04-30 18:00:51 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-29 20:53:46 62272 ----a-w- c:\windows\system32\nvshext.dll
2012-02-28 01:18:55 1799168 ----a-w- c:\windows\system32\jscript9.dll
2012-02-28 01:11:21 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2012-02-28 01:11:07 1127424 ----a-w- c:\windows\system32\wininet.dll
2012-02-28 01:03:16 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-02-14 15:45:30 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-02-14 15:45:30 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2012-02-13 14:12:08 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2012-02-13 13:47:57 683008 ----a-w- c:\windows\system32\d2d1.dll
2012-02-13 13:44:40 1068544 ----a-w- c:\windows\system32\DWrite.dll
2012-02-07 17:02:40 1070352 ----a-w- c:\windows\system32\MSCOMCTL.OCX
.
============= FINISH: 9:20:56.73 ===============
reefscapes
Member+
 
Posts: 14
Joined: April 27th, 2012, 7:13 pm
Advertisement
Register to Remove

Re: new dds logs...

Unread postby NonSuch » May 10th, 2012, 5:48 pm

This is not the first time you have posted for help on our forum. Your topic is being closed for one (or more) of the following reasons:

  1. Repeated use of P2P software, despite warnings of their use and requests for removal.
  2. Repeated or continuing use of cracked, illegal or pirated software.
  3. Use of outdated or unpatched versions of Windows, after previously agreeing to update as a condition for receiving help on our forum.
  4. Returning for help with no anti-virus software installed, despite being advised to install.
  5. Posting for help for many different computers, repair tech.
  6. Continuing to post in multiple malware removal forums for the same computer issue.
  7. Repeatedly failing to reply to your topic within the requisite time frames.

This topic is now closed.
User avatar
NonSuch
Administrator
Administrator
 
Posts: 28747
Joined: February 23rd, 2005, 7:08 am
Location: California


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 290 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware