Page 3 of 3 FirstFirst 123
Results 21 to 24 of 24

Thread: Claro Search redirect problem

  1. 2012-12-07, 18:28 #21
    jpc763
    jpc763 is offline
    Member
    Join Date
    Apr 2009
    Location
    Fort Collins, CO
    Posts
    32

    Default

    Here is the new DDS log

    DDS (Ver_2012-11-20.01) - NTFS_x86
    Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 10.3.1
    Run by JohnC at 10:24:17 on 2012-12-07
    Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3262.1797 [GMT -7:00]
    .
    AV: Symantec Endpoint Protection.cloud *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
    SP: Symantec Endpoint Protection.cloud *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
    FW: Symantec Endpoint Protection.cloud *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
    .
    ============== Running Processes ================
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Program Files\IDT\WDM\STacSV.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\WUDFHost.exe
    C:\Windows\system32\WLANExt.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\System32\spoolsv.exe
    C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
    C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
    C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
    C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files\IDT\WDM\aestsrv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
    C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    C:\Program Files\STMicroelectronics\AccelerometerP11\InstallFilterService.exe
    C:\Program Files\Druva\inSync\inSyncCPHwnet.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
    C:\Program Files\Druva\inSync\inSync.exe
    C:\Windows\system32\conhost.exe
    C:\Program Files\Symantec.cloud\EndpointProtectionAgent\Engine\20.1.0.24\ccSvcHst.exe
    C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
    C:\Program Files\Symantec.cloud\PlatformAgent\ccSvcHst.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    c:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe
    c:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe
    C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
    C:\Program Files\Symantec.cloud\AntiVirus\AVAgent.exe
    c:\program files\symantec.cloud\antivirus\ssDVAgent.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\Symantec.cloud\EndpointProtectionAgent\Engine\20.1.0.24\ccSvcHst.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Symantec.cloud\EndpointProtectionAgent\Engine\20.1.0.24\ccSvcHst.exe
    C:\Program Files\DellTPad\Apoint.exe
    C:\Program Files\IDT\WDM\sttray.exe
    C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe
    C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe
    C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe
    C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Program Files\RightFax\FaxCtrl.exe
    C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    C:\Program Files\DellTPad\ApMsgFwd.exe
    C:\Program Files\DellTPad\HidFind.exe
    C:\Program Files\DellTPad\Apntex.exe
    C:\Windows\system32\conhost.exe
    C:\Program Files\Symantec.cloud\PlatformAgent\PAUI.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Druva\inSync\inSyncGUI.exe
    C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe
    C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmNotify.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Tiger Technologies\Holiday Lights\Holiday Lights.exe
    C:\Program Files\Common Files\Java\Java Update\jucheck.exe
    C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
    C:\Program Files\Druva\inSync\inSyncUSyncer.exe
    C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
    C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
    C:\Windows\system32\vssvc.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\System32\svchost.exe -k NetworkService
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\system32\svchost.exe -k bthsvcs
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k swprv
    C:\Windows\system32\svchost.exe -k NetworkService
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://my.yahoo.com/;_ylc=X3oDMTB1bTdjdnNyBF9TAzI3MTk0ODEEbG5rA215BHRpZANUcnZsU21wbA--
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\program files\symantec.cloud\endpointprotectionagent\engine\20.1.0.24\CoIEPlg.dll
    BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\symantec.cloud\endpointprotectionagent\engine\20.1.0.24\ips\IPSBHO.dll
    BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.7529.1424\swg.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\oracle\javafx 2.0 runtime\bin\jp2ssv.dll
    TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\symantec.cloud\endpointprotectionagent\engine\20.1.0.24\CoIEPlg.dll
    uRun: [Google Update] "c:\users\johnc\appdata\local\google\update\GoogleUpdate.exe" /c
    uRun: [GoogleRdrNotify] "c:\program files\yonizaf\grain google reader notifier\GoogleReaderNotifier.exe"
    uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
    uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
    mRun: [Apoint] c:\program files\delltpad\Apoint.exe
    mRun: [SysTrayApp] c:\program files\idt\wdm\sttray.exe
    mRun: [IAStorIcon] c:\program files\intel\intel(r) rapid storage technology\IAStorIcon.exe
    mRun: [IMSS] "c:\program files\intel\intel(r) management engine components\imss\PIconStartup.exe"
    mRun: [DellControlPoint] "c:\program files\dell\dell controlpoint\Dell.ControlPoint.exe"
    mRun: [WavXMgr] c:\program files\wave systems corp\services manager\docmgr\bin\WavXDocMgr.exe
    mRun: [USCService] c:\program files\dell\dell controlpoint\security manager\BcmDeviceAndTaskStatusService.exe
    mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"
    mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
    mRun: [RightFAX Print-to-Fax Driver] c:\program files\rightfax\FaxCtrl.exe
    mRun: [CaddieSyncConduit] c:\program files\skygolf\caddiesync express\CaddieSyncExpress.exe
    mRun: [AT&T Communication Manager] "c:\program files\at&t\communication manager\ATTCM.exe" -a
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [Persistence] c:\windows\system32\igfxpers.exe
    mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
    mRun: [NVHotkey] rundll32.exe c:\windows\system32\nvHotkey.dll,Start
    mRun: [SymantecPaui] "c:\program files\symantec.cloud\platformagent\PAUI.exe"
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    mRun: [Druva inSync] c:\program files\druva\insync\inSyncGUI.exe -l en
    mRun: [SDTray] "c:\program files\spybot - search & destroy 2\SDTray.exe"
    StartupFolder: c:\users\johnc\appdata\roaming\micros~1\windows\startm~1\programs\startup\holida~1.lnk - c:\program files\tiger technologies\holiday lights\Holiday Lights.exe
    StartupFolder: c:\users\johnc\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
    StartupFolder: c:\users\johnc\appdata\roaming\micros~1\windows\startm~1\programs\startup\yahoo!~1.lnk - c:\program files\yahoo!\widgets\YahooWidgets.exe
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\dellco~1.lnk - c:\program files\dell\dell controlpoint\system manager\DCPSysMgr.exe
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\tdmnot~1.lnk - c:\program files\wave systems corp\trusted drive manager\TdmNotify.exe
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableLUA = dword:0
    mPolicies-System: EnableUIADesktopToggle = dword:0
    mPolicies-System: PromptOnSecureDesktop = dword:0
    IE: E&xport to Microsoft Excel - c:\progra~1\mif5ba~1\office12\EXCEL.EXE/3000
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/4.0.3.0/GarminAxControl_32.CAB
    DPF: {01614D85-E2FC-40AC-BAB5-24CE29E94DB4} - hxxp://jpcfishcam.dyndns.org:1024/img/Viewer.cab
    DPF: {174793AA-EAE2-4188-AFA5-064BE26901B1} - hxxp://www.digitalgsp.com/xvr/CXRMS_1,1,0,1.cab
    DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://isecure.spectralogic.com/dana-cached/sc/JuniperSetupClient.cab
    TCP: NameServer = 192.168.1.1
    TCP: Interfaces\{8735282F-B28C-4E68-A87B-0934AB3765E6} : DHCPNameServer = 192.168.200.70 192.168.200.71
    TCP: Interfaces\{D08F5DBC-3172-41D1-81C8-54C76756A629} : DHCPNameServer = 192.168.200.70 192.168.200.71
    TCP: Interfaces\{D08F5DBC-3172-41D1-81C8-54C76756A629}\3427F677C656976416D696C697 : DHCPNameServer = 75.75.76.76 75.75.75.75
    TCP: Interfaces\{D1EA2FC0-4CD4-4335-9279-27AA7301D965} : DHCPNameServer = 192.168.1.1
    Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
    Notify: igfxcui - igfxdev.dll
    Notify: SDWinLogon - SDWinLogon.dll
    AppInit_DLLs= c:\progra~2\browse~1\25911~1.18\{c16c1~1\mngr.dll
    SSODL: WebCheck - <orphaned>
    SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
    LSA: Authentication Packages = msv1_0 wvauth
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 stdflt;Disk Filter Driver for Accelerometer;c:\windows\system32\drivers\stdfltn.sys [2010-9-30 17072]
    R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nis\1401000.018\SymDS.sys [2012-10-15 368288]
    R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1401000.018\SymEFA.sys [2012-10-15 926880]
    R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_20.1.0.24\definitions\bashdefs\20121130.005\BHDrvx86.sys [2012-12-3 995488]
    R1 ccSet_Cloud;CC Standalone Settings Manager;c:\windows\system32\drivers\symantec.cloud\ccSetx86.sys [2012-8-31 132768]
    R1 ccSet_NIS;Endpoint Protection.cloud Settings Manager;c:\windows\system32\drivers\nis\1401000.018\ccSetx86.sys [2012-10-15 134304]
    R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_20.1.0.24\definitions\ipsdefs\20121205.001\IDSvix86.sys [2012-12-6 386720]
    R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nis\1401000.018\Ironx86.sys [2012-10-15 175264]
    R1 SymNetS;Symantec Network Security WFP Driver;c:\windows\system32\drivers\nis\1401000.018\symnets.sys [2012-10-15 338592]
    R2 AESTFilters;Andrea ST Filters Service;c:\program files\idt\wdm\AEstSrv.exe [2010-9-30 81920]
    R2 buttonsvc32;Dell ControlPoint Button Service;c:\program files\dell\dell controlpoint\DCPButtonSvc.exe [2009-11-20 278304]
    R2 Credential Vault Host Control Service;Credential Vault Host Control Service;c:\program files\broadcom corporation\broadcom ush host components\cv\bin\HostControlService.exe [2010-3-23 812448]
    R2 Credential Vault Host Storage;Credential Vault Host Storage;c:\program files\broadcom corporation\broadcom ush host components\cv\bin\HostStorageService.exe [2010-3-23 27040]
    R2 dcpsysmgrsvc;Dell ControlPoint System Manager;c:\program files\dell\dell controlpoint\system manager\DCPSysMgrSvc.exe [2010-2-8 386928]
    R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\intel\intel(r) rapid storage technology\IAStorDataMgrSvc.exe [2010-9-30 13336]
    R2 InstallFilterService;FF Install Filter Service;c:\program files\stmicroelectronics\accelerometerp11\InstallFilterService.exe [2010-9-30 60928]
    R2 inSyncCPHService;Druva inSync Client Service;c:\program files\druva\insync\inSyncCPHwnet.exe [2012-9-14 171008]
    R2 NIS;Endpoint Protection.cloud;c:\program files\symantec.cloud\endpointprotectionagent\engine\20.1.0.24\ccSvcHst.exe [2012-10-15 143928]
    R2 risdpcie;risdpcie;c:\windows\system32\drivers\risdpe86.sys [2010-8-25 59904]
    R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\spybot - search & destroy 2\SDFSSvc.exe [2012-11-26 1103392]
    R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\spybot - search & destroy 2\SDUpdSvc.exe [2012-11-26 1369624]
    R2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\spybot - search & destroy 2\SDWSCSvc.exe [2012-11-26 168384]
    R2 SsPaAdm;Symantec.cloud Cloud Agent;c:\program files\symantec.cloud\platformagent\ccSvcHst.exe [2012-8-31 138272]
    R2 ssSpnAv;Symantec.cloud Endpoint Protection;c:\program files\symantec.cloud\antivirus\AVAgent.exe [2012-10-15 409040]
    R2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files\intel\intel(r) management engine components\uns\UNS.exe [2010-9-30 2533400]
    R3 Acceler;Accelerometer Service;c:\windows\system32\drivers\Accelern.sys [2010-9-30 42672]
    R3 cvusbdrv;Dell ControlVault;c:\windows\system32\drivers\cvusbdrv.sys [2010-8-25 33832]
    R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\drivers\e1k6232.sys [2010-8-25 224424]
    R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-8-10 106656]
    R3 NETw5s32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\drivers\NETw5s32.sys [2009-9-15 6114816]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S3 ATTRcAppSvc;AT&T RcAppSvc;c:\program files\at&t\communication manager\RcAppSvc.exe [2008-11-20 113152]
    S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
    S3 CAATT;AT&T Con App Svc;c:\program files\at&t\communication manager\ConAppsSvc.exe [2008-11-20 125440]
    S3 GT72NDISIPXP;GT 72 IP NDIS;c:\windows\system32\drivers\Gt51Ip.sys [2008-2-18 106624]
    S3 GT72UBUS;GT 72 U BUS;c:\windows\system32\drivers\gt72ubus.sys [2008-2-8 59648]
    S3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2011-12-28 132480]
    S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\drivers\IntcDAud.sys [2011-12-28 269824]
    S3 rimspci;rimspci;c:\windows\system32\drivers\rimspe86.sys [2010-8-25 48640]
    S3 rixdpcie;rixdpcie;c:\windows\system32\drivers\rixdpe86.sys [2010-8-25 38912]
    S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
    S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-4-20 52224]
    S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-10-12 1343400]
    S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]
    .
    =============== Created Last 30 ================
    .
    2012-12-04 19:26:22 -------- d-----w- c:\users\johnc\appdata\roaming\Malwarebytes
    2012-12-04 19:25:48 -------- d-----w- c:\programdata\Malwarebytes
    2012-12-04 19:25:46 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
    2012-12-04 19:25:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2012-12-03 15:16:24 -------- d-----w- c:\windows\ERUNT
    2012-12-03 15:16:09 -------- d-----w- C:\JRT
    2012-11-26 22:38:10 -------- d-----w- c:\programdata\Spybot - Search & Destroy
    2012-11-26 22:37:54 15224 ----a-w- c:\windows\system32\sdnclean.exe
    2012-11-26 22:37:50 -------- d-----w- c:\program files\Spybot - Search & Destroy 2
    2012-11-26 22:36:43 -------- d-----w- c:\users\johnc\appdata\local\Programs
    2012-11-26 19:01:45 37888 ----a-w- c:\windows\system32\Holiday Lights.scr
    2012-11-26 19:01:37 -------- d-----w- c:\program files\Tiger Technologies
    2012-11-26 19:01:32 -------- d-----w- c:\windows\system32\searchplugins
    2012-11-26 19:01:32 -------- d-----w- c:\windows\system32\Extensions
    2012-11-26 19:01:28 -------- d-----w- c:\programdata\Browser Manager
    2012-11-15 10:49:20 -------- d-----w- c:\users\johnc\inSync Share
    2012-11-14 14:53:15 78336 ----a-w- c:\windows\system32\synceng.dll
    2012-11-14 14:53:14 2345984 ----a-w- c:\windows\system32\win32k.sys
    2012-11-07 18:00:16 -------- d-----w- C:\inSync4
    2012-11-07 18:00:13 -------- d-----w- c:\program files\Druva
    .
    ==================== Find3M ====================
    .
    2012-11-15 14:43:03 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2012-11-15 14:43:03 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2012-10-15 14:17:33 142496 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
    2012-09-14 18:28:53 2048 ----a-w- c:\windows\system32\tzres.dll
    .
    ============= FINISH: 10:25:03.91 ===============
  2. 2012-12-07, 23:44 #22
    shelf life
    shelf life is offline
    Emeritus
    Join Date
    Nov 2005
    Location
    @localhost
    Posts
    6,066

    Default

    Sorry its the aswmbr log I wanted to see again not DDS like I asked.

    Please download aswMBR.exe to your desktop.

    Double click the aswMBR.exe to run it. Vista W7 right click and run as admin
    For the question: Would you like to download latest Avast! virus definitions?" Click YES to download the additional files..then
    Click the "Scan" button to start scan.
    Once the scan is done click the"Save log", save it to your desktop and post it in your next reply.
    How Can I Reduce My Risk?
  3. 2012-12-08, 01:00 #23
    jpc763
    jpc763 is offline
    Member
    Join Date
    Apr 2009
    Location
    Fort Collins, CO
    Posts
    32

    Default

    aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
    Run date: 2012-12-07 16:30:37
    -----------------------------
    16:30:37.093 OS Version: Windows 6.1.7601 Service Pack 1
    16:30:37.093 Number of processors: 8 586 0x1E05
    16:30:37.093 ComputerName: JOHNCROWLEY1 UserName: JohnC
    16:30:39.948 Initialize success
    16:30:46.282 AVAST engine defs: 12120700
    16:30:49.932 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
    16:30:49.948 Disk 0 Vendor: TOSHIBA_ LH00 Size: 476940MB BusType: 8
    16:30:50.026 Disk 0 MBR read successfully
    16:30:50.041 Disk 0 MBR scan
    16:30:50.057 Disk 0 Windows VISTA default MBR code
    16:30:50.073 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
    16:30:50.088 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 30021 MB offset 81920
    16:30:50.119 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 446870 MB offset 61577145
    16:30:50.119 Disk 0 scanning sectors +976768065
    16:30:50.213 Disk 0 scanning C:\Windows\system32\drivers
    16:31:01.336 Service scanning
    16:31:31.116 Modules scanning
    16:31:40.336 Disk 0 trace - called modules:
    16:31:40.367 ntkrnlpa.exe CLASSPNP.SYS disk.sys stdfltn.sys ACPI.sys halmacpi.dll iaStor.sys
    16:31:40.383 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x89220030]
    16:31:40.383 3 CLASSPNP.SYS[8d5a759e] -> nt!IofCallDriver -> [0x8921f780]
    16:31:40.398 5 stdfltn.sys[8d7fc70c] -> nt!IofCallDriver -> [0x872c0c08]
    16:31:40.414 7 ACPI.sys[8ccb23d4] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x872c4028]
    16:31:42.738 AVAST engine scan C:\Windows
    16:31:47.605 AVAST engine scan C:\Windows\system32
    16:34:57.941 AVAST engine scan C:\Windows\system32\drivers
    16:35:20.717 AVAST engine scan C:\Users\johnc
    16:55:07.795 AVAST engine scan C:\ProgramData
    16:56:37.744 Scan finished successfully
    16:57:17.899 Disk 0 MBR has been saved successfully to "C:\Users\johnc\Desktop\MBR.dat"
    16:57:17.930 The log file has been saved successfully to "C:\Users\johnc\Desktop\aswMBR.txt"
  4. 2012-12-08, 02:29 #24
    shelf life
    shelf life is offline
    Emeritus
    Join Date
    Nov 2005
    Location
    @localhost
    Posts
    6,066

    Default

    Ok. Your good. You can delete the tdsskiller icon, adwcleaner, aswMBR and JRT icons and logs. The free version of Malwarebytes keep and note that it must be updated manually and a scan started manually. It dosnt run in the background.
    If all is good some tips;

    No software can think for you. Help yourself. In no special order:

    1) It is essential to keep your operating system (Windows) browser (IE, FireFox, Chrome, Opera) and other software up to date to "patch" vulnerabilities that could be exploited. Visit Windows Update frequently or use the Windows auto-update feature. Staying updated is also essential for other web based applications like Java, Adobe Flash/Reader, iTunes etc. More and more third party applications are being targeted. Use the auto-update features available in most software. Not sure if you are using the latest version of software? Check their version status and get the updates here.

    2) Know what you are installing to your computer. Alot of software can come bundled with unwanted add-ons, like adware, toolbars and malware. More and more legitimate software is installing useless toolbars if not unchecked first. Do not install any files from ads, popups or random links. Do not fall for fake warnings about virus and trojans being found on your computer and you are then prompted to install software to remedy this.

    3) Install and keep updated: one antivirus and two or three anti-malware applications. If not updated they will soon be worthless. If either of these frequently find malware then its time to *review your computer habits*.

    4) Refrain from clicking on links or attachments via E-Mail, IM, IRC, Chat Rooms, Blogs or Social Networking Sites, no matter how tempting or legitimate the message may seem. See also E-mail phishing tricks.

    5) Do not click on ads/pop ups or offers from websites requesting that you need to install software to your computer--*for any reason*. Use the Alt+F4 keys to close the window.

    6) Don't click on offers to "scan" your computer. Install ActiveX Objects with care. Do you trust the website to install components?

    7) Consider the use of limited (non-privileged) accounts for everyday use, rather than administrator accounts. Limited accounts can help prevent *malware from installing and lessen its potential impact.* This is exactly what user account control (UAC) in Windows Vista, Windows 7 and Windows 8 attempts to address.

    8) Install and understand the *limitations* of a software firewall.

    9) Your browser risks: The why and how to secure your browser for safer surfing. For added protection disable Java in your browser.

    10) Warez, cracks, keygens etc are very popular for carrying malware payloads. If you look for these you will encounter malware. If you download/install files via p2p networks you will encounter malware. Do you really trust the source of the file?
    More info/tips with pictures, links below

    Happy Safe Surfing.
    How Can I Reduce My Risk?
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules