PDA

View Full Version : browser pauses before pulling up web page



jason_MC
2011-02-19, 17:45
Here is my DDS file.


DDS (Ver_10-12-12.02) - NTFS_AMD64
Run by jason-n-jasmine at 10:28:51.10 on Sat 02/19/2011
Internet Explorer: 8.0.6001.19019 BrowserJavaVersion: 1.6.0_17
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.4024.948 [GMT -5:00]

AV: Norton 360 *Enabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton 360 *Enabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
FW: Norton 360 *Enabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files (x86)\Stardock\Object Desktop\MyColors\VistaSrv.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Users\jason-n-jasmine\AppData\Local\CrossLoop\CrossLoopService.exe
C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Windows\system32\svchost.exe -k HsfXAudioService
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Norton 360\Engine\4.3.0.5\ccSvcHst.exe
C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Macrium\Reflect\ReflectService.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio64.exe
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Stardock\Object Desktop\MyColors\WBVista.exe
C:\Program Files (x86)\Norton 360\Engine\4.3.0.5\ccSvcHst.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\CONEXANT\SmartAudio\SmAudio.exe
C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\ehome\ehmsas.exe
C:\Users\jason-n-jasmine\AppData\Local\Google\Update\1.2.183.39\GoogleCrashHandler.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\Vuze\Azureus.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\explorer.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Trend Micro\RUBotted\RUBotSrv.exe
C:\Program Files (x86)\Trend Micro\RUBotted\RUBottedGUI.exe
C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe
C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\jason-n-jasmine\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://g.live.com/1rewlive4startup/home
uWindow Title = Jason
mStart Page = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=2&o=vp64&d=0908&m=m-7315u
uURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuz1.dll
mURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuz1.dll
mWinlogon: Userinit=C:\Windows\SysWOW64\userinit.exe,
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton 360\Engine\4.3.0.5\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton 360\Engine\4.3.0.5\IPSBHO.DLL
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuz1.dll
BHO: HttpWatch Basic: {f1f69322-008f-4895-b2bf-ad194219825a} - C:\Program Files (x86)\HttpWatch\httpwatchsc.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files (x86)\google\googletoolbar2.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll
TB: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuz1.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton 360\Engine\4.3.0.5\coIEPlg.dll
TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
EB: HttpWatch Basic: {2b4c4770-27fd-4a09-b17d-33ca580965fb} - C:\Program Files (x86)\HttpWatch\httpwatch.dll
uRun: [ehTray.exe] C:\Windows\ehome\ehTray.exe
uRun: [SmAudio] C:\Program Files\Conexant\SmartAudio\SmAudio.exe -c
uRun: [YSearchProtection] C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe
uRun: [Search Protection] C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe
uRun: [Google Update] "C:\Users\jason-n-jasmine\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
mRun: [eRecoveryService]
mRun: [Trigger New Acer AlaunchX] c:\Acer\Preload\Command\AlaunchX\AppInRun.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Trend Micro RUBotted V2.0 Beta] "C:\Program Files (x86)\Trend Micro\RUBotted\RUBottedGUI.exe"
mRunOnce: [New Acer AlaunchX] c:\Acer\Preload\Command\AlaunchX\LaunchAlaunchX.exe
StartupFolder: C:\Users\JASON-~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BigFix.lnk - C:\Program Files\BigFix\bigfix.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
IE: {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files (x86)\Paltalk Messenger\Paltalk.exe
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
IE: {D103E85B-5D67-42c1-8C83-F01079DBAB26} - {2B4C4770-27FD-4A09-B17D-33CA580965FB} - C:\Program Files (x86)\HttpWatch\httpwatch.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
DPF: {00000130-9980-0010-8000-00AA00389B71} - hxxp://codecs.microsoft.com/codecs/i386/ACELPACM.CAB
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files (x86)\Yahoo!\Common\Yinsthelper200711281.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - hxxp://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?39990.6314583333
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} - hxxp://utilities.pcpitstop.com/Optimize3/pcpitstop2.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
TB-X64: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB-X64: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB-X64: {3041D03E-FD4B-44E0-B742-2D9B88305F98} - No File
TB-X64: {BA14329E-9550-4989-B3F2-9732E92D17CC} - No File
TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
EB-X64: {2B4C4770-27FD-4A09-B17D-33CA580965FB} - No File
mRun-x64: [IAAnotif] "C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe"
mRun-x64: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
mRun-x64: [IgfxTray] C:\Windows\system32\igfxtray.exe
mRun-x64: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
mRun-x64: [Persistence] C:\Windows\system32\igfxpers.exe
mRun-x64: [LogMeIn GUI] "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Hosts: 127.0.0.1 www.spywareinfo.com (http://www.spywareinfo.com)

================= FIREFOX ===================

FF - ProfilePath - C:\Users\JASON-~1\AppData\Roaming\Mozilla\Firefox\Profiles\ma2cnvr3.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://support.gateway.com/support/drivers/mydl.asp?tab=MY&os=Windows%207%20(64-bit)
FF - prefs.js: keyword.URL - hxxp://www.ask.com/web?&o=15527&l=dis&q=
FF - component: C:\Program Files (x86)\HttpWatch\Firefox\components\httpwatchff.dll
FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\coFFPlgn\components\coFFPlgn.dll
FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\IPSFFPlgn\components\IPSFFPl.dll
FF - component: C:\Users\jason-n-jasmine\AppData\Roaming\Mozilla\Firefox\Profiles\ma2cnvr3.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components\FFExternalAlert.dll
FF - component: C:\Users\jason-n-jasmine\AppData\Roaming\Mozilla\Firefox\Profiles\ma2cnvr3.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components\RadioWMPCore.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\NPTURNMED.dll
FF - plugin: C:\Program Files (x86)\MpcStar\Codecs\Real\browser\plugins\nppl3260.dll
FF - plugin: C:\Program Files (x86)\MpcStar\Codecs\Real\browser\plugins\nprpjplug.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\jason-n-jasmine\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: C:\Users\jason-n-jasmine\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll
FF - plugin: C:\Users\jason-n-jasmine\AppData\Roaming\Mozilla\Firefox\Profiles\ma2cnvr3.default\extensions\LogMeInClient@logmein.com\plugins\npRACtrl.dll
FF - plugin: C:\Users\jason-n-jasmine\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\jason-n-jasmine\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Fast Dial: http://forums.spybot.info/misc.php?do=email_dev&email=ZmFzdGRpYWxAdGVsZWdhLnBocG5ldC51cw== - %profile%\extensions\fastdial@telega.phpnet.us
FF - Ext: Zotero: http://forums.spybot.info/misc.php?do=email_dev&email=em90ZXJvQGNobm0uZ211LmVkdQ== - %profile%\extensions\zotero@chnm.gmu.edu
FF - Ext: ColorfulTabs: {0545b830-f0aa-4d7e-8820-50a4629a56fe} - %profile%\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - Ext: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - %profile%\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
FF - Ext: Clipmarks: {e1170235-2845-420c-acc3-42261a29dd46} - %profile%\extensions\{e1170235-2845-420c-acc3-42261a29dd46}
FF - Ext: FoxTab: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a} - %profile%\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
FF - Ext: LogMeIn, Inc. Remote Access Plugin: http://forums.spybot.info/misc.php?do=email_dev&email=TG9nTWVJbkNsaWVudEBsb2dtZWluLmNvbQ== - %profile%\extensions\LogMeInClient@logmein.com
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: HttpWatch Basic Edition: {1E2593B2-E106-4697-BCE7-A9D30DE05D73} - C:\Program Files (x86)\HttpWatch\Firefox
FF - Ext: Norton IPS: {BBDA0591-3099-440a-AA10-41764D9DB4DB} - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\IPSFFPlgn
FF - Ext: Norton Toolbar: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62} - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\coFFPlgn

---- FIREFOX POLICIES ----

============= SERVICES / DRIVERS ===============

R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\0403000.005\symds64.sys [2011-1-20 433200]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\0403000.005\symefa64.sys [2011-1-20 221232]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\BASHDefs\20110211.003\BHDrvx64.sys [2011-2-10 1124472]
R1 ccHP;Symantec Hash Provider;C:\Windows\System32\drivers\N360x64\0403000.005\cchpx64.sys [2011-1-20 615040]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\IPSDefs\20110218.003\IDSviA64.sys [2011-2-18 476792]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\0403000.005\ironx64.sys [2011-1-20 150064]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver;C:\Windows\System32\drivers\N360x64\0403000.005\symtdiv.sys [2011-1-20 451120]
R1 VBoxDrv;VirtualBox Service;C:\Windows\System32\drivers\VBoxDrv.sys [2010-9-28 202960]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver;C:\Windows\System32\drivers\VBoxUSBMon.sys [2010-9-28 53968]
R2 CrossLoopService;CrossLoop Service;C:\Users\jason-n-jasmine\AppData\Local\CrossLoop\CrossLoopService.exe [2011-1-19 560848]
R2 ETService;Empowering Technology Service;C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe [2008-9-18 24576]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2010-12-6 2101640]
R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2010-9-17 15928]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\Windows\System32\drivers\LMIRfsDriver.sys [2011-2-12 72216]
R2 npf;NetGroup Packet Filter Driver;C:\Windows\System32\drivers\npf.sys [2011-2-11 35344]
R3 CAXHWAZL;CAXHWAZL;C:\Windows\System32\drivers\CAXHWAZL.sys [2008-10-15 292864]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-1-19 132656]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;C:\Windows\System32\drivers\IntcHdmi.sys [2008-8-19 126976]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2010-1-4 24152]
R3 O2MDRDR;O2MDRDR;C:\Windows\System32\drivers\o2mdx64.sys [2008-5-12 62424]
R3 O2SDRDR;O2SDRDR;C:\Windows\System32\drivers\o2sdx64.sys [2008-6-11 51800]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;C:\Windows\System32\drivers\VBoxNetAdp.sys [2010-8-5 144720]
R3 VBoxNetFlt;VBoxNetFlt Service;C:\Windows\System32\drivers\VBoxNetFlt.sys [2010-8-5 164240]
R3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk60x64.sys [2008-2-21 393728]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-5-8 136176]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2008-8-19 33584]
S3 fssfltr;FssFltr;C:\Windows\System32\drivers\fssfltr.sys [2010-10-20 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-22 1493352]
S3 PSMounter;Macrium Reflect Image Explorer Service;C:\Windows\System32\drivers\psmounter.sys [2010-3-17 39904]
S3 rt70x64;Linksys Home Wireless-G USB Adaptor Driver;C:\Windows\System32\drivers\netr7064.sys [2009-2-26 380928]
S3 VBoxUSB;VirtualBox USB;C:\Windows\System32\drivers\VBoxUSB.sys [2010-8-5 43728]
S4 ASKService;ASKService;C:\Program Files (x86)\AskBarDis\bar\bin\AskService.exe [2009-9-14 464264]
S4 ASKUpgrade;ASKUpgrade;C:\Program Files (x86)\AskBarDis\bar\bin\ASKUpgrade.exe [2009-9-14 234888]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-2-24 93184]

=============== File Associations ===============

JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*

=============== Created Last 30 ================

2011-02-19 14:38:19 -------- d-----w- C:\Program Files (x86)\ESET
2011-02-18 22:39:13 -------- d-----w- C:\Program Files (x86)\Trend Micro
2011-02-16 18:10:35 -------- d-----w- C:\Users\jason-n-jasmine\.zenmap
2011-02-16 18:09:39 -------- d-----w- C:\Program Files\WinPcap
2011-02-16 18:09:15 -------- d-----w- C:\Program Files (x86)\Nmap
2011-02-16 01:38:37 -------- d-----w- C:\PROGRA~3\LogMeInBackup
2011-02-16 01:38:15 -------- d-----w- C:\Program Files (x86)\LogMeIn Backup
2011-02-12 21:45:35 -------- d-----w- C:\Users\JASON-~1\AppData\Local\LogMeIn
2011-02-12 21:45:22 87456 ----a-w- C:\Windows\System32\LMIRfsClientNP.dll
2011-02-12 21:45:22 72216 ----a-w- C:\Windows\System32\drivers\LMIRfsDriver.sys
2011-02-12 21:45:22 60800 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\LMIproc.dll
2011-02-12 21:45:22 33152 ----a-w- C:\Windows\System32\LMIport.dll
2011-02-12 21:45:18 80768 ----a-w- C:\Windows\System32\LMIinit.dll
2011-02-12 21:45:11 -------- d-----w- C:\PROGRA~3\LogMeIn
2011-02-12 21:44:50 -------- d-----w- C:\Program Files (x86)\LogMeIn
2011-02-12 21:18:23 -------- d-----w- C:\Users\JASON-~1\AppData\Local\LogMeIn Hamachi
2011-02-12 20:36:46 33856 ---ha-w- C:\Windows\System32\hamachi.sys
2011-02-12 20:36:40 -------- d-----w- C:\Program Files (x86)\LogMeIn Hamachi
2011-02-12 19:36:16 -------- d-----w- C:\Users\JASON-~1\AppData\Roaming\UltraVNC
2011-02-11 21:23:34 96784 ----a-w- C:\Windows\SysWow64\Packet.dll
2011-02-11 21:23:34 53299 ----a-w- C:\Windows\SysWow64\pthreadVC.dll
2011-02-11 21:23:34 369168 ----a-w- C:\Windows\System32\wpcap.dll
2011-02-11 21:23:34 35344 ----a-w- C:\Windows\System32\drivers\npf.sys
2011-02-11 21:23:34 281104 ----a-w- C:\Windows\SysWow64\wpcap.dll
2011-02-11 21:23:34 106000 ----a-w- C:\Windows\System32\Packet.dll
2011-02-09 12:01:59 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%
2011-02-09 04:22:51 2755584 ----a-w- C:\Windows\System32\win32k.sys
2011-02-09 04:22:19 4692368 ----a-w- C:\Windows\System32\ntoskrnl.exe
2011-02-09 04:22:18 1560960 ----a-w- C:\Windows\System32\ntdll.dll
2011-02-09 04:22:18 1167488 ----a-w- C:\Windows\SysWow64\ntdll.dll
2011-02-09 04:20:56 48128 ----a-w- C:\Windows\System32\atmlib.dll
2011-02-09 04:20:56 367104 ----a-w- C:\Windows\System32\atmfd.dll
2011-02-09 04:20:56 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2011-02-09 04:20:56 292352 ----a-w- C:\Windows\SysWow64\atmfd.dll
2011-02-04 18:17:48 53808 ----a-r- C:\Windows\System32\drivers\SymIMV.sys
2011-02-01 15:26:56 -------- d-----w- C:\Users\JASON-~1\AppData\Local\Deployment
2011-01-30 19:57:00 103864 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2011-01-30 19:57:00 103864 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
2011-01-29 14:10:13 -------- d-----w- C:\Users\JASON-~1\AppData\Roaming\TeamViewer
2011-01-29 14:02:22 -------- d-----w- C:\Program Files (x86)\Microsoft Easy Assist
2011-01-28 03:18:07 -------- d-----w- C:\Windows\Downloaded Installations
2011-01-27 03:30:17 108 ----a-w- C:\Users\jason-n-jasmine\Messenger.bat
2011-01-26 16:30:16 -------- d-----w- C:\Program Files (x86)\Safer Networking
2011-01-25 18:34:45 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2011-01-25 18:34:45 -------- d-----w- C:\PROGRA~3\Spybot - Search & Destroy
2011-01-22 18:49:16 -------- d-----w- C:\Windows\System32\catroot2
2011-01-22 18:18:57 -------- d-----w- C:\PROGRA~3\Applications
2011-01-22 02:17:17 -------- d-----w- C:\8c6408cf747ab2aeedb291576b
2011-01-22 00:27:43 -------- d-----w- C:\Windows\System32\CatRoot2_2011122133954
2011-01-20 21:59:24 -------- d-----w- C:\Windows\CheckSur
2011-01-20 16:48:52 451120 ----a-w- C:\Windows\System32\drivers\N360x64\0403000.005\symtdiv.sys
2011-01-20 16:48:52 221232 ----a-w- C:\Windows\System32\drivers\N360x64\0403000.005\symefa64.sys
2011-01-20 16:48:51 615040 ----a-w- C:\Windows\System32\drivers\N360x64\0403000.005\cchpx64.sys
2011-01-20 16:48:51 505392 ----a-w- C:\Windows\System32\drivers\N360x64\0403000.005\srtsp64.sys
2011-01-20 16:48:51 433200 ----a-r- C:\Windows\System32\drivers\N360x64\0403000.005\symds64.sys
2011-01-20 16:48:51 32304 ----a-w- C:\Windows\System32\drivers\N360x64\0403000.005\srtspx64.sys
2011-01-20 16:48:51 150064 ----a-w- C:\Windows\System32\drivers\N360x64\0403000.005\ironx64.sys
2011-01-20 16:48:33 -------- d-----w- C:\Windows\System32\drivers\N360x64\0403000.005
2011-01-20 16:20:08 -------- d-----w- C:\bc3cdc69e30bc3b674381ee74d
2011-01-20 16:17:59 1570816 ----a-w- C:\Windows\System32\quartz.dll
2011-01-20 16:17:59 1314816 ----a-w- C:\Windows\SysWow64\quartz.dll

==================== Find3M ====================

2011-01-19 23:07:49 173104 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2010-12-30 15:49:27 286720 ------w- C:\Windows\Setup1.exe
2010-12-30 15:49:26 73216 ----a-w- C:\Windows\ST6UNST.EXE
2010-12-28 15:26:13 462848 ----a-w- C:\Windows\System32\odbc32.dll
2010-12-28 14:57:35 409600 ----a-w- C:\Windows\SysWow64\odbc32.dll
2010-12-20 23:08:40 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2010-12-18 06:55:17 1147904 ----a-w- C:\Windows\System32\wininet.dll
2010-12-18 06:50:55 56832 ----a-w- C:\Windows\System32\licmgr10.dll
2010-12-18 06:50:36 1538560 ----a-w- C:\Windows\System32\inetcpl.cpl
2010-12-18 06:50:16 77312 ----a-w- C:\Windows\System32\iesetup.dll
2010-12-18 06:50:16 132096 ----a-w- C:\Windows\System32\iesysprep.dll
2010-12-18 06:27:04 916480 ----a-w- C:\Windows\SysWow64\wininet.dll
2010-12-18 06:22:41 43520 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2010-12-18 06:22:27 1469440 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2010-12-18 06:22:11 71680 ----a-w- C:\Windows\SysWow64\iesetup.dll
2010-12-18 06:22:11 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2010-12-18 05:57:45 479232 ----a-w- C:\Windows\System32\html.iec
2010-12-18 05:25:26 385024 ----a-w- C:\Windows\SysWow64\html.iec
2010-12-18 05:16:59 162816 ----a-w- C:\Windows\System32\ieUnatt.exe
2010-12-18 05:15:40 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2010-12-18 04:48:39 133632 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2010-12-18 04:47:11 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2010-12-14 16:20:18 1251840 ----a-w- C:\Windows\System32\sdclt.exe

============= FINISH: 10:31:46.26 ===============

http://forums.spybot.info/showthread.php?t=61656

Blade81
2011-02-21, 11:18
Hi,


IMPORTANT I notice there are signs of one or more P2P (Peer to Peer) File Sharing Programs on your computer.

Vuze
Vuze Remote Toolbar
Vuze Toolbar


I'd like you to read this thread (http://forums.spybot.info/showthread.php?t=282).

Please go and uninstall the programs listed above (in red).


After that post fresh dds logs and let me know if the issue happens with all those browsers you have installed there.

Blade81
2011-02-27, 11:41
Due to inactivity, this thread will now be closed.

Note:If it has been three days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh DDS log and a link to your previous thread. Please do not add any logs that might have been requested in the closed topic, you would be starting fresh.

If it has been less than three days since your last response and you need the thread re-opened, please send me or other MOD a private message (pm). A valid, working link to the closed topic is required.