-
Here is the new DDS log
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 10.3.1
Run by JohnC at 10:24:17 on 2012-12-07
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3262.1797 [GMT -7:00]
.
AV: Symantec Endpoint Protection.cloud *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Symantec Endpoint Protection.cloud *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Symantec Endpoint Protection.cloud *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\IDT\WDM\STacSV.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\IDT\WDM\aestsrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\STMicroelectronics\AccelerometerP11\InstallFilterService.exe
C:\Program Files\Druva\inSync\inSyncCPHwnet.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Druva\inSync\inSync.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Symantec.cloud\EndpointProtectionAgent\Engine\20.1.0.24\ccSvcHst.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files\Symantec.cloud\PlatformAgent\ccSvcHst.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe
c:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe
C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files\Symantec.cloud\AntiVirus\AVAgent.exe
c:\program files\symantec.cloud\antivirus\ssDVAgent.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Symantec.cloud\EndpointProtectionAgent\Engine\20.1.0.24\ccSvcHst.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Symantec.cloud\EndpointProtectionAgent\Engine\20.1.0.24\ccSvcHst.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe
C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe
C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\RightFax\FaxCtrl.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Symantec.cloud\PlatformAgent\PAUI.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Druva\inSync\inSyncGUI.exe
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe
C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmNotify.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Tiger Technologies\Holiday Lights\Holiday Lights.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\Druva\inSync\inSyncUSyncer.exe
C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Windows\system32\vssvc.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\svchost.exe -k NetworkService
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://my.yahoo.com/;_ylc=X3oDMTB1bTdjdnNyBF9TAzI3MTk0ODEEbG5rA215BHRpZANUcnZsU21wbA--
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\program files\symantec.cloud\endpointprotectionagent\engine\20.1.0.24\CoIEPlg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\symantec.cloud\endpointprotectionagent\engine\20.1.0.24\ips\IPSBHO.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.7529.1424\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\oracle\javafx 2.0 runtime\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\symantec.cloud\endpointprotectionagent\engine\20.1.0.24\CoIEPlg.dll
uRun: [Google Update] "c:\users\johnc\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [GoogleRdrNotify] "c:\program files\yonizaf\grain google reader notifier\GoogleReaderNotifier.exe"
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
mRun: [Apoint] c:\program files\delltpad\Apoint.exe
mRun: [SysTrayApp] c:\program files\idt\wdm\sttray.exe
mRun: [IAStorIcon] c:\program files\intel\intel(r) rapid storage technology\IAStorIcon.exe
mRun: [IMSS] "c:\program files\intel\intel(r) management engine components\imss\PIconStartup.exe"
mRun: [DellControlPoint] "c:\program files\dell\dell controlpoint\Dell.ControlPoint.exe"
mRun: [WavXMgr] c:\program files\wave systems corp\services manager\docmgr\bin\WavXDocMgr.exe
mRun: [USCService] c:\program files\dell\dell controlpoint\security manager\BcmDeviceAndTaskStatusService.exe
mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [RightFAX Print-to-Fax Driver] c:\program files\rightfax\FaxCtrl.exe
mRun: [CaddieSyncConduit] c:\program files\skygolf\caddiesync express\CaddieSyncExpress.exe
mRun: [AT&T Communication Manager] "c:\program files\at&t\communication manager\ATTCM.exe" -a
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
mRun: [NVHotkey] rundll32.exe c:\windows\system32\nvHotkey.dll,Start
mRun: [SymantecPaui] "c:\program files\symantec.cloud\platformagent\PAUI.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Druva inSync] c:\program files\druva\insync\inSyncGUI.exe -l en
mRun: [SDTray] "c:\program files\spybot - search & destroy 2\SDTray.exe"
StartupFolder: c:\users\johnc\appdata\roaming\micros~1\windows\startm~1\programs\startup\holida~1.lnk - c:\program files\tiger technologies\holiday lights\Holiday Lights.exe
StartupFolder: c:\users\johnc\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\users\johnc\appdata\roaming\micros~1\windows\startm~1\programs\startup\yahoo!~1.lnk - c:\program files\yahoo!\widgets\YahooWidgets.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\dellco~1.lnk - c:\program files\dell\dell controlpoint\system manager\DCPSysMgr.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\tdmnot~1.lnk - c:\program files\wave systems corp\trusted drive manager\TdmNotify.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\mif5ba~1\office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/4.0.3.0/GarminAxControl_32.CAB
DPF: {01614D85-E2FC-40AC-BAB5-24CE29E94DB4} - hxxp://jpcfishcam.dyndns.org:1024/img/Viewer.cab
DPF: {174793AA-EAE2-4188-AFA5-064BE26901B1} - hxxp://www.digitalgsp.com/xvr/CXRMS_1,1,0,1.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://isecure.spectralogic.com/dana-cached/sc/JuniperSetupClient.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{8735282F-B28C-4E68-A87B-0934AB3765E6} : DHCPNameServer = 192.168.200.70 192.168.200.71
TCP: Interfaces\{D08F5DBC-3172-41D1-81C8-54C76756A629} : DHCPNameServer = 192.168.200.70 192.168.200.71
TCP: Interfaces\{D08F5DBC-3172-41D1-81C8-54C76756A629}\3427F677C656976416D696C697 : DHCPNameServer = 75.75.76.76 75.75.75.75
TCP: Interfaces\{D1EA2FC0-4CD4-4335-9279-27AA7301D965} : DHCPNameServer = 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: igfxcui - igfxdev.dll
Notify: SDWinLogon - SDWinLogon.dll
AppInit_DLLs= c:\progra~2\browse~1\25911~1.18\{c16c1~1\mngr.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
LSA: Authentication Packages = msv1_0 wvauth
.
============= SERVICES / DRIVERS ===============
.
R0 stdflt;Disk Filter Driver for Accelerometer;c:\windows\system32\drivers\stdfltn.sys [2010-9-30 17072]
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nis\1401000.018\SymDS.sys [2012-10-15 368288]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1401000.018\SymEFA.sys [2012-10-15 926880]
R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_20.1.0.24\definitions\bashdefs\20121130.005\BHDrvx86.sys [2012-12-3 995488]
R1 ccSet_Cloud;CC Standalone Settings Manager;c:\windows\system32\drivers\symantec.cloud\ccSetx86.sys [2012-8-31 132768]
R1 ccSet_NIS;Endpoint Protection.cloud Settings Manager;c:\windows\system32\drivers\nis\1401000.018\ccSetx86.sys [2012-10-15 134304]
R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_20.1.0.24\definitions\ipsdefs\20121205.001\IDSvix86.sys [2012-12-6 386720]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nis\1401000.018\Ironx86.sys [2012-10-15 175264]
R1 SymNetS;Symantec Network Security WFP Driver;c:\windows\system32\drivers\nis\1401000.018\symnets.sys [2012-10-15 338592]
R2 AESTFilters;Andrea ST Filters Service;c:\program files\idt\wdm\AEstSrv.exe [2010-9-30 81920]
R2 buttonsvc32;Dell ControlPoint Button Service;c:\program files\dell\dell controlpoint\DCPButtonSvc.exe [2009-11-20 278304]
R2 Credential Vault Host Control Service;Credential Vault Host Control Service;c:\program files\broadcom corporation\broadcom ush host components\cv\bin\HostControlService.exe [2010-3-23 812448]
R2 Credential Vault Host Storage;Credential Vault Host Storage;c:\program files\broadcom corporation\broadcom ush host components\cv\bin\HostStorageService.exe [2010-3-23 27040]
R2 dcpsysmgrsvc;Dell ControlPoint System Manager;c:\program files\dell\dell controlpoint\system manager\DCPSysMgrSvc.exe [2010-2-8 386928]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\intel\intel(r) rapid storage technology\IAStorDataMgrSvc.exe [2010-9-30 13336]
R2 InstallFilterService;FF Install Filter Service;c:\program files\stmicroelectronics\accelerometerp11\InstallFilterService.exe [2010-9-30 60928]
R2 inSyncCPHService;Druva inSync Client Service;c:\program files\druva\insync\inSyncCPHwnet.exe [2012-9-14 171008]
R2 NIS;Endpoint Protection.cloud;c:\program files\symantec.cloud\endpointprotectionagent\engine\20.1.0.24\ccSvcHst.exe [2012-10-15 143928]
R2 risdpcie;risdpcie;c:\windows\system32\drivers\risdpe86.sys [2010-8-25 59904]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\spybot - search & destroy 2\SDFSSvc.exe [2012-11-26 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\spybot - search & destroy 2\SDUpdSvc.exe [2012-11-26 1369624]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\spybot - search & destroy 2\SDWSCSvc.exe [2012-11-26 168384]
R2 SsPaAdm;Symantec.cloud Cloud Agent;c:\program files\symantec.cloud\platformagent\ccSvcHst.exe [2012-8-31 138272]
R2 ssSpnAv;Symantec.cloud Endpoint Protection;c:\program files\symantec.cloud\antivirus\AVAgent.exe [2012-10-15 409040]
R2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files\intel\intel(r) management engine components\uns\UNS.exe [2010-9-30 2533400]
R3 Acceler;Accelerometer Service;c:\windows\system32\drivers\Accelern.sys [2010-9-30 42672]
R3 cvusbdrv;Dell ControlVault;c:\windows\system32\drivers\cvusbdrv.sys [2010-8-25 33832]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\drivers\e1k6232.sys [2010-8-25 224424]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-8-10 106656]
R3 NETw5s32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\drivers\NETw5s32.sys [2009-9-15 6114816]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 ATTRcAppSvc;AT&T RcAppSvc;c:\program files\at&t\communication manager\RcAppSvc.exe [2008-11-20 113152]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 CAATT;AT&T Con App Svc;c:\program files\at&t\communication manager\ConAppsSvc.exe [2008-11-20 125440]
S3 GT72NDISIPXP;GT 72 IP NDIS;c:\windows\system32\drivers\Gt51Ip.sys [2008-2-18 106624]
S3 GT72UBUS;GT 72 U BUS;c:\windows\system32\drivers\gt72ubus.sys [2008-2-8 59648]
S3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2011-12-28 132480]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\drivers\IntcDAud.sys [2011-12-28 269824]
S3 rimspci;rimspci;c:\windows\system32\drivers\rimspe86.sys [2010-8-25 48640]
S3 rixdpcie;rixdpcie;c:\windows\system32\drivers\rixdpe86.sys [2010-8-25 38912]
S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-4-20 52224]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-10-12 1343400]
S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]
.
=============== Created Last 30 ================
.
2012-12-04 19:26:22 -------- d-----w- c:\users\johnc\appdata\roaming\Malwarebytes
2012-12-04 19:25:48 -------- d-----w- c:\programdata\Malwarebytes
2012-12-04 19:25:46 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-12-04 19:25:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-12-03 15:16:24 -------- d-----w- c:\windows\ERUNT
2012-12-03 15:16:09 -------- d-----w- C:\JRT
2012-11-26 22:38:10 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2012-11-26 22:37:54 15224 ----a-w- c:\windows\system32\sdnclean.exe
2012-11-26 22:37:50 -------- d-----w- c:\program files\Spybot - Search & Destroy 2
2012-11-26 22:36:43 -------- d-----w- c:\users\johnc\appdata\local\Programs
2012-11-26 19:01:45 37888 ----a-w- c:\windows\system32\Holiday Lights.scr
2012-11-26 19:01:37 -------- d-----w- c:\program files\Tiger Technologies
2012-11-26 19:01:32 -------- d-----w- c:\windows\system32\searchplugins
2012-11-26 19:01:32 -------- d-----w- c:\windows\system32\Extensions
2012-11-26 19:01:28 -------- d-----w- c:\programdata\Browser Manager
2012-11-15 10:49:20 -------- d-----w- c:\users\johnc\inSync Share
2012-11-14 14:53:15 78336 ----a-w- c:\windows\system32\synceng.dll
2012-11-14 14:53:14 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-11-07 18:00:16 -------- d-----w- C:\inSync4
2012-11-07 18:00:13 -------- d-----w- c:\program files\Druva
.
==================== Find3M ====================
.
2012-11-15 14:43:03 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-11-15 14:43:03 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-10-15 14:17:33 142496 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2012-09-14 18:28:53 2048 ----a-w- c:\windows\system32\tzres.dll
.
============= FINISH: 10:25:03.91 ===============
-
Sorry its the aswmbr log I wanted to see again not DDS like I asked.
Please download aswMBR.exe to your desktop.
Double click the aswMBR.exe to run it. Vista W7 right click and run as admin
For the question: Would you like to download latest Avast! virus definitions?" Click YES to download the additional files..then
Click the "Scan" button to start scan.
Once the scan is done click the"Save log", save it to your desktop and post it in your next reply.
-
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-12-07 16:30:37
-----------------------------
16:30:37.093 OS Version: Windows 6.1.7601 Service Pack 1
16:30:37.093 Number of processors: 8 586 0x1E05
16:30:37.093 ComputerName: JOHNCROWLEY1 UserName: JohnC
16:30:39.948 Initialize success
16:30:46.282 AVAST engine defs: 12120700
16:30:49.932 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
16:30:49.948 Disk 0 Vendor: TOSHIBA_ LH00 Size: 476940MB BusType: 8
16:30:50.026 Disk 0 MBR read successfully
16:30:50.041 Disk 0 MBR scan
16:30:50.057 Disk 0 Windows VISTA default MBR code
16:30:50.073 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
16:30:50.088 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 30021 MB offset 81920
16:30:50.119 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 446870 MB offset 61577145
16:30:50.119 Disk 0 scanning sectors +976768065
16:30:50.213 Disk 0 scanning C:\Windows\system32\drivers
16:31:01.336 Service scanning
16:31:31.116 Modules scanning
16:31:40.336 Disk 0 trace - called modules:
16:31:40.367 ntkrnlpa.exe CLASSPNP.SYS disk.sys stdfltn.sys ACPI.sys halmacpi.dll iaStor.sys
16:31:40.383 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x89220030]
16:31:40.383 3 CLASSPNP.SYS[8d5a759e] -> nt!IofCallDriver -> [0x8921f780]
16:31:40.398 5 stdfltn.sys[8d7fc70c] -> nt!IofCallDriver -> [0x872c0c08]
16:31:40.414 7 ACPI.sys[8ccb23d4] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x872c4028]
16:31:42.738 AVAST engine scan C:\Windows
16:31:47.605 AVAST engine scan C:\Windows\system32
16:34:57.941 AVAST engine scan C:\Windows\system32\drivers
16:35:20.717 AVAST engine scan C:\Users\johnc
16:55:07.795 AVAST engine scan C:\ProgramData
16:56:37.744 Scan finished successfully
16:57:17.899 Disk 0 MBR has been saved successfully to "C:\Users\johnc\Desktop\MBR.dat"
16:57:17.930 The log file has been saved successfully to "C:\Users\johnc\Desktop\aswMBR.txt"
-
Ok. Your good. You can delete the tdsskiller icon, adwcleaner, aswMBR and JRT icons and logs. The free version of Malwarebytes keep and note that it must be updated manually and a scan started manually. It dosnt run in the background.
If all is good some tips;
No software can think for you. Help yourself. In no special order:
1) It is essential to keep your operating system (Windows) browser (IE, FireFox, Chrome, Opera) and other software up to date to "patch" vulnerabilities that could be exploited. Visit Windows Update frequently or use the Windows auto-update feature. Staying updated is also essential for other web based applications like Java, Adobe Flash/Reader, iTunes etc. More and more third party applications are being targeted. Use the auto-update features available in most software. Not sure if you are using the latest version of software? Check their version status and get the updates here.
2) Know what you are installing to your computer. Alot of software can come bundled with unwanted add-ons, like adware, toolbars and malware. More and more legitimate software is installing useless toolbars if not unchecked first. Do not install any files from ads, popups or random links. Do not fall for fake warnings about virus and trojans being found on your computer and you are then prompted to install software to remedy this.
3) Install and keep updated: one antivirus and two or three anti-malware applications. If not updated they will soon be worthless. If either of these frequently find malware then its time to *review your computer habits*.
4) Refrain from clicking on links or attachments via E-Mail, IM, IRC, Chat Rooms, Blogs or Social Networking Sites, no matter how tempting or legitimate the message may seem. See also E-mail phishing tricks.
5) Do not click on ads/pop ups or offers from websites requesting that you need to install software to your computer--*for any reason*. Use the Alt+F4 keys to close the window.
6) Don't click on offers to "scan" your computer. Install ActiveX Objects with care. Do you trust the website to install components?
7) Consider the use of limited (non-privileged) accounts for everyday use, rather than administrator accounts. Limited accounts can help prevent *malware from installing and lessen its potential impact.* This is exactly what user account control (UAC) in Windows Vista, Windows 7 and Windows 8 attempts to address.
8) Install and understand the *limitations* of a software firewall.
9) Your browser risks: The why and how to secure your browser for safer surfing. For added protection disable Java in your browser.
10) Warez, cracks, keygens etc are very popular for carrying malware payloads. If you look for these you will encounter malware. If you download/install files via p2p networks you will encounter malware. Do you really trust the source of the file?
More info/tips with pictures, links below
Happy Safe Surfing.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules