My new laptop was fine for awhile. Then it started acting really funny. Mouse jumping around, files missing and rearranging. Somehow I may have slowed it down, but at the cost of crashing. :confused:Spybot beta says I have seven clients. Is this a file sharing problem, a virus or what? I don't feel secure, and I don't know anything about networking and remote desktop, but Windows seems to be quite network friendly these days along with all the lastest versions of adobe products and such. Not sure whats going on but its annoying causing me to restore to factory every few days or so. Anyhoo, anyone give me a hand? Hoping to gain a good method of detecting, removing and preventing further infection or remote control. Thank you much in advance. Your assistence will be appreciated.

Have an outstanding day!
.
DDS (Ver_11-05-19.01) - NTFSx86
Internet Explorer: 8.0.7600.16385
Run by msBhavin at 8:08:22 on 2011-05-27
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.2807.1623 [GMT -7:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k apphost
C:\Windows\system32\CISVC.EXE
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Windows\system32\lxblcoms.exe
C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFWSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
C:\Windows\system32\svchost.exe -k iissvcs
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDMonSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\msBhavin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\03DEXAUW\dds[1].scr
C:\Windows\SysWOW64\WSCRIPT.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uSearch Bar = Preserve
uStart Page = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=nv55c&r=27360511m455l04g4z155a4762j29o
uDefault_Page_URL = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=nv55c&r=27360511m455l04g4z155a4762j29o
mDefault_Page_URL = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=nv55c&r=27360511m455l04g4z155a4762j29o
mStart Page = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=nv55c&r=27360511m455l04g4z155a4762j29o
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
StartupFolder: C:\Users\msBhavin\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
Notify: SDWinLogon - SDWinLogon.dll
mRun-x64: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
Hosts: 127.0.0.1 www.spywareinfo.com (http://www.spywareinfo.com)
.
============= SERVICES / DRIVERS ===============
.
R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-7-23 321104]
R2 ePowerSvc;Acer ePower Service;C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe [2011-5-24 868896]
R2 GREGService;GREGService;C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe [2010-1-8 23584]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-7-22 13336]
R2 lxbl_device;lxbl_device;C:\Windows\system32\lxblcoms.exe -service --> C:\Windows\system32\lxblcoms.exe -service [?]
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe [2010-5-24 255744]
R2 SDFirewallService;Spybot-S&D 2 Firewall Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFWSvc.exe [2011-5-24 3585696]
R2 SDMonitorService;Spybot-S&D 2 Monitoring Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDMonSvc.exe [2011-5-24 3834456]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2011-5-24 3515656]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2011-5-24 3769048]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2011-5-24 167040]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-7-22 2320920]
R2 Updater Service;Updater Service;C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe [2010-7-22 243232]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\system32\DRIVERS\ETD.sys --> C:\Windows\system32\DRIVERS\ETD.sys [?]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys --> C:\Windows\system32\DRIVERS\MpNWMon.sys [?]
R3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 NIS;Norton Internet Security;"C:\Program Files (x86)\Norton Internet Security\Engine\18.0.0.128\ccSvcHst.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\18.0.0.128\diMaster.dll" /prefetch:1 --> C:\Program Files (x86)\Norton Internet Security\Engine\18.0.0.128\ccSvcHst.exe [?]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?]
S3 netr28ux;RT2870 USB Wireless LAN Card Driver for Vista;C:\Windows\system32\DRIVERS\netr28ux.sys --> C:\Windows\system32\DRIVERS\netr28ux.sys [?]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2011-05-27 14:55:02 737072 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll
2011-05-27 14:54:12 4283672 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2011-05-27 14:53:02 42776 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2011-05-27 14:52:50 539968 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2011-05-27 14:31:05 8718160 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{57877142-8D7E-4644-8284-FF11A4653D42}\mpengine.dll
2011-05-27 13:59:04 601424 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C5821D84-C11F-4086-BA34-5DAA6C501364}\gapaengine.dll
2011-05-26 21:41:52 -------- d-----w- C:\Program Files (x86)\Crazy Browser
2011-05-26 00:27:03 -------- d-----w- C:\Users\msBhavin\AppData\Local\Cyberlink
2011-05-25 13:57:50 99176 ----a-w- C:\Windows\SysWow64\PresentationHostProxy.dll
2011-05-25 13:57:50 49472 ----a-w- C:\Windows\SysWow64\netfxperf.dll
2011-05-25 13:57:50 48960 ----a-w- C:\Windows\System32\netfxperf.dll
2011-05-25 13:57:50 444752 ----a-w- C:\Windows\System32\mscoree.dll
2011-05-25 13:57:50 320352 ----a-w- C:\Windows\System32\PresentationHost.exe
2011-05-25 13:57:50 297808 ----a-w- C:\Windows\SysWow64\mscoree.dll
2011-05-25 13:57:50 295264 ----a-w- C:\Windows\SysWow64\PresentationHost.exe
2011-05-25 13:57:50 1130824 ----a-w- C:\Windows\SysWow64\dfshim.dll
2011-05-25 13:57:50 109912 ----a-w- C:\Windows\System32\PresentationHostProxy.dll
2011-05-25 13:57:49 1942856 ----a-w- C:\Windows\System32\dfshim.dll
2011-05-25 13:57:34 -------- d-----w- C:\Windows\SysWow64\Wat
2011-05-25 13:57:33 -------- d-----w- C:\Windows\System32\Wat
2011-05-25 13:15:28 -------- d-----w- C:\Windows\SysWow64\BestPractices
2011-05-25 13:15:27 -------- d-----w- C:\Windows\System32\BestPractices
2011-05-25 13:15:25 -------- d-----w- C:\inetpub
2011-05-25 12:57:54 8718160 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{08CB25E3-8514-4863-BFD9-06B71F48BA4E}\mpengine.dll
2011-05-25 11:41:57 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2011-05-25 11:41:47 -------- d-----w- C:\Program Files\Microsoft Security Client
2011-05-25 11:41:36 374664 ----a-w- C:\Windows\System32\drivers\netio.sys
2011-05-25 04:13:57 -------- d-----w- C:\Users\msBhavin\AppData\Local\Microsoft Corporation
2011-05-25 04:13:24 -------- d-----w- C:\Program Files (x86)\Microsoft Windows 7 Upgrade Advisor
2011-05-25 03:49:56 737072 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
2011-05-25 03:49:29 4283672 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2011-05-25 03:48:23 42776 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2011-05-25 03:48:19 539968 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-05-25 02:43:15 -------- d-----w- C:\Users\msBhavin\drivers
2011-05-25 00:52:25 -------- d-----w- C:\Users\msBhavin\AppData\Local\Adobe
2011-05-25 00:01:05 145408 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\lxblpp6c.dll
2011-05-24 23:59:17 -------- d-----w- C:\drivers
2011-05-24 21:23:36 -------- d-----w- C:\Windows\pss
2011-05-24 20:07:49 -------- d-----w- C:\ProcAlyzer Dumps
2011-05-24 19:53:01 17272 ----a-w- C:\Windows\System32\sdnclean64.exe
2011-05-24 19:52:47 770384 ----a-w- C:\Windows\SysWow64\msvcr100.dll
2011-05-24 19:52:47 421200 ----a-w- C:\Windows\SysWow64\msvcp100.dll
2011-05-24 19:52:06 -------- d-----w- C:\Program Files (x86)\Common Files\xing shared
2011-05-24 19:27:46 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2011-05-24 18:52:41 -------- dc----w- C:\Users\msBhavin\AppData\Local\MigWiz
2011-05-24 18:48:19 -------- d-----w- C:\Users\msBhavin\AppData\Local\Diagnostics
2011-05-24 18:44:55 8718160 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4D62A873-823C-44F0-8743-F5DF1FDDBDEE}\mpengine.dll
2011-05-24 18:44:53 270720 ------w- C:\Windows\System32\MpSigStub.exe
2011-05-24 18:30:38 -------- d-----w- C:\Users\msBhavin\AppData\Local\ElevatedDiagnostics
2011-05-24 18:16:12 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2011-05-24 18:15:49 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
2011-05-24 16:57:01 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2011-05-24 16:57:01 2048 ----a-w- C:\Windows\System32\tzres.dll
2011-05-24 16:33:19 714752 ----a-w- C:\Windows\System32\kerberos.dll
2011-05-24 16:33:19 541184 ----a-w- C:\Windows\SysWow64\kerberos.dll
2011-05-24 16:32:33 961024 ----a-w- C:\Windows\System32\CPFilters.dll
2011-05-24 16:32:33 723968 ----a-w- C:\Windows\System32\EncDec.dll
2011-05-24 16:32:32 850432 ----a-w- C:\Windows\SysWow64\sbe.dll
2011-05-24 16:32:32 642048 ----a-w- C:\Windows\SysWow64\CPFilters.dll
2011-05-24 16:32:32 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll
2011-05-24 16:32:32 259072 ----a-w- C:\Windows\System32\mpg2splt.ax
2011-05-24 16:32:32 199680 ----a-w- C:\Windows\SysWow64\mpg2splt.ax
2011-05-24 16:32:32 1118720 ----a-w- C:\Windows\System32\sbe.dll
2011-05-24 16:20:11 142336 ----a-w- C:\Windows\System32\poqexec.exe
2011-05-24 16:20:11 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe
2011-05-24 15:53:45 401920 ----a-w- C:\Windows\System32\drivers\srv2.sys
2011-05-24 15:53:44 461312 ----a-w- C:\Windows\System32\drivers\srv.sys
2011-05-24 15:53:44 161792 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2011-05-24 15:50:27 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
2011-05-24 15:50:27 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2011-05-24 15:50:26 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
2011-05-24 15:50:26 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2011-05-24 15:34:24 148992 ----a-w- C:\Windows\System32\t2embed.dll
2011-05-24 15:34:24 109056 ----a-w- C:\Windows\SysWow64\t2embed.dll
2011-05-24 15:24:19 483840 ----a-w- C:\Windows\System32\StructuredQuery.dll
2011-05-24 15:24:19 363520 ----a-w- C:\Windows\SysWow64\StructuredQuery.dll
2011-05-24 15:09:16 2080256 ----a-w- C:\Program Files\Windows Mail\msoe.dll
2011-05-24 15:09:16 1619968 ----a-w- C:\Program Files (x86)\Windows Mail\msoe.dll
2011-05-24 15:03:01 1896832 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2011-05-24 14:49:07 1359872 ----a-w- C:\Windows\System32\mfc42u.dll
2011-05-24 14:49:06 1395712 ----a-w- C:\Windows\System32\mfc42.dll
2011-05-24 14:49:06 1164288 ----a-w- C:\Windows\SysWow64\mfc42u.dll
2011-05-24 14:49:06 1137664 ----a-w- C:\Windows\SysWow64\mfc42.dll
2011-05-24 14:22:56 30208 ----a-w- C:\Windows\System32\dnscacheugc.exe
2011-05-24 14:22:56 28672 ----a-w- C:\Windows\SysWow64\dnscacheugc.exe
2011-05-24 14:22:56 182272 ----a-w- C:\Windows\System32\dnsrslvr.dll
2011-05-24 14:13:40 976896 ----a-w- C:\Windows\System32\inetcomm.dll
2011-05-24 14:13:40 740864 ----a-w- C:\Windows\SysWow64\inetcomm.dll
2011-05-24 13:54:57 9728 ----a-w- C:\Windows\SysWow64\sscore.dll
2011-05-24 13:54:57 236032 ----a-w- C:\Windows\System32\srvsvc.dll
2011-05-24 13:49:23 5509504 ----a-w- C:\Windows\System32\ntoskrnl.exe
2011-05-24 13:49:22 3957632 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2011-05-24 13:49:22 3901824 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2011-05-24 13:46:47 340992 ----a-w- C:\Windows\System32\schannel.dll
2011-05-24 13:46:47 224256 ----a-w- C:\Windows\SysWow64\schannel.dll
2011-05-24 13:46:41 633856 ----a-w- C:\Windows\System32\comctl32.dll
2011-05-24 13:46:41 530432 ----a-w- C:\Windows\SysWow64\comctl32.dll
2011-05-24 13:46:37 612352 ----a-w- C:\Windows\System32\vbscript.dll
2011-05-24 13:46:37 428032 ----a-w- C:\Windows\SysWow64\vbscript.dll
2011-05-24 13:40:34 3133440 ----a-w- C:\Windows\System32\win32k.sys
2011-05-24 13:35:05 52224 ----a-w- C:\Windows\System32\rtutils.dll
2011-05-24 13:35:05 37376 ----a-w- C:\Windows\SysWow64\rtutils.dll
2011-05-24 13:29:44 558592 ----a-w- C:\Windows\System32\spoolsv.exe
2011-05-24 13:29:41 46080 ----a-w- C:\Windows\System32\atmlib.dll
2011-05-24 13:29:41 367104 ----a-w- C:\Windows\System32\atmfd.dll
2011-05-24 13:29:41 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2011-05-24 13:29:41 294912 ----a-w- C:\Windows\SysWow64\atmfd.dll
2011-05-24 13:25:37 395776 ----a-w- C:\Windows\System32\webio.dll
2011-05-24 13:25:37 314368 ----a-w- C:\Windows\SysWow64\webio.dll
2011-05-24 13:25:36 82944 ----a-w- C:\Windows\SysWow64\iccvid.dll
2011-05-24 13:25:25 144384 ----a-w- C:\Windows\System32\cdd.dll
2011-05-24 13:25:10 738816 ----a-w- C:\Windows\SysWow64\wmpmde.dll
2011-05-24 13:25:10 1024512 ----a-w- C:\Windows\System32\wmpmde.dll
2011-05-24 13:25:08 1739176 ----a-w- C:\Windows\System32\ntdll.dll
2011-05-24 13:25:07 1293120 ----a-w- C:\Windows\SysWow64\ntdll.dll
2011-05-24 13:22:28 516096 ----a-w- C:\Program Files\Windows Mail\wab.exe
2011-05-24 13:22:28 516096 ----a-w- C:\Program Files (x86)\Windows Mail\wab.exe
2011-05-24 13:22:28 35328 ----a-w- C:\Program Files\Windows Mail\wabfind.dll
2011-05-24 13:22:26 1877504 ----a-w- C:\Windows\System32\msxml3.dll
2011-05-24 13:22:26 1233920 ----a-w- C:\Windows\SysWow64\msxml3.dll
2011-05-24 13:22:22 640896 ----a-w- C:\Windows\System32\winload.efi
2011-05-24 13:22:22 603976 ----a-w- C:\Windows\System32\winload.exe
2011-05-24 13:22:22 556928 ----a-w- C:\Windows\System32\winresume.efi
2011-05-24 13:22:22 518160 ----a-w- C:\Windows\System32\winresume.exe
2011-05-24 13:22:22 20352 ----a-w- C:\Windows\System32\kdusb.dll
2011-05-24 13:22:22 19328 ----a-w- C:\Windows\System32\kd1394.dll
2011-05-24 13:22:22 17792 ----a-w- C:\Windows\System32\kdcom.dll
2011-05-24 13:21:58 954752 ----a-w- C:\Windows\SysWow64\mfc40.dll
2011-05-24 13:21:58 954288 ----a-w- C:\Windows\SysWow64\mfc40u.dll
2011-05-24 13:15:12 3138048 ----a-w- C:\Windows\System32\mstscax.dll
2011-05-24 13:15:12 2690560 ----a-w- C:\Windows\SysWow64\mstscax.dll
2011-05-24 13:15:12 1097216 ----a-w- C:\Windows\System32\mstsc.exe
2011-05-24 13:15:12 1034240 ----a-w- C:\Windows\SysWow64\mstsc.exe
2011-05-24 11:16:35 -------- d-----w- C:\Windows\NAPP_Dism_Log
2011-05-24 10:59:23 -------- d-----w- C:\Users\msBhavin\AppData\Roaming\Intel Corporation
2011-05-24 10:59:10 -------- d-----w- C:\Users\msBhavin\AppData\Local\Apps
2011-05-24 10:59:07 -------- d-----w- C:\Users\msBhavin\AppData\Local\Deployment
2011-05-24 10:58:36 -------- d-----w- C:\Users\msBhavin\AppData\Local\VirtualStore
2011-05-24 10:44:52 -------- d-----w- C:\ProgramData\Best Buy pc app
2011-05-24 10:44:51 -------- dc-h--w- C:\ProgramData\{FBF3739B-717D-4429-BCEB-98D514E65F29}
2011-05-24 10:44:00 4398360 ----a-w- C:\Windows\System32\d3dx9_32.dll
2011-05-24 10:44:00 3426072 ----a-w- C:\Windows\SysWow64\d3dx9_32.dll
2011-05-24 10:43:58 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2011-05-24 10:43:21 -------- d-----w- C:\Program Files (x86)\Microsoft
2011-05-24 10:43:07 -------- d-----w- C:\Program Files (x86)\Windows Live SkyDrive
2011-05-24 10:42:43 -------- d-----w- C:\Windows\PCHEALTH
2011-05-24 10:42:32 74520 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\497535851cc19ff\DSETUP.dll
2011-05-24 10:42:32 484632 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\497535851cc19ff\DXSETUP.exe
2011-05-24 10:42:32 1670936 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\497535851cc19ff\dsetup32.dll
2011-05-24 10:42:09 141402440 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\wlc7879.tmp
2011-05-24 10:42:03 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live
2011-05-24 10:40:03 -------- d-----w- C:\ProgramData\OEM
2011-05-24 10:39:42 -------- d-----w- C:\Program Files (x86)\Common Files\CyberLink
2011-05-24 10:38:58 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2011-05-24 10:38:58 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2011-05-24 10:38:58 29480 ----a-w- C:\Windows\SysWow64\msxml3a.dll
2011-05-24 10:36:39 -------- d-----w- C:\Program Files\Elantech
2011-05-24 10:34:36 -------- d-----w- C:\Program Files (x86)\Launch Manager
2011-05-24 10:33:40 -------- d-----w- C:\Program Files (x86)\Video Web Camera
2011-05-24 10:30:16 3 ----a-w- C:\Windows\System32\PLD_Framework.cmd
2011-05-24 10:28:46 -------- d-----w- C:\Program Files\Common Files\Intel
2011-05-24 10:28:45 -------- d-----w- C:\Program Files (x86)\Common Files\Intel
.
==================== Find3M ====================
.
.
============= FINISH: 8:09:09.03 ===============

7906

http://forums.spybot.info/showthread.php?t=62780

hi hibfree,

As another check for possible malware you can download and run the free version of Malwarebytes. (http://www.malwarebytes.org/products/malwarebytes_free)

During the install process it will update. Do a full system scan. When its done it will produce a log automatically which you copy/paste in your reply.

ThankYou, ThankYou, ThankYou!



:beerbeerb:Let's get to it then!
I apoligize for any delays. I have connectivity issues from time to time and time and time again. Weird today, I spent half the day trying to get online because my machine says either I'm not connected or I have limited connectivity. Eventually I launched IE anyway, and lo and behold, I am connected. The icon shows I'm not connected at all but when I open the window it says I have limited connection. Normally when it says limited connection I cannot use the internet at all. I am attempting to use an external network adapter in addition to my internal one. They both worked all day yesterday, I thought I had it licked. NOT! Also, my troubleshooting doesn't work as of today. Windows update may have been the culprit. TTYL!

FReeMOnger!



What are the most precious gifts you can give? They are the only two things you can take with you when you go to meet your maker. These are your gifts to the Creator, who has given you the gift of life with free will but no memory or proof (or knowledge) of his existence. Choosing Him is something entirely created and nourished by you! What else could you possibly give the Creator? He's already made everything in the universe! Love and KNowledge are the ultimate gifts! You ARE the Beloved, you are the gift to Life. Peace and freedom be unto YOU!
:angel:

Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org (http://www.malwarebytes.org)
Database version: 6796
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
6/7/2011 4:37:12 AM
mbam-log-2011-06-07 (04-37-12).txt
Scan type: Full scan (C:\|D:\|E:\|)
Objects scanned: 248499
Time elapsed: 15 minute(s), 25 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)

hi,

Yes its been awhile but no problem. The malwarebytes log cant look any better.
If you use a router, a reboot of that may help your connection issues.

I am happy to hear all looks good. Any other advice or possible areas of concern would be appreciated. I'm a bit skeptical that all is well with my machine. Reassurance is what I'm looking for, or remedy please.Thank you for your time and have an outstanding day!

:coffee::scratch:

Hi,

We can see if combofix can dig up anything. There is a guide to read first, read through the guide then apply the directions on your own machine.

Guide to using Combofix (http://www.bleepingcomputer.com/combofix/how-to-use-combofix)

:laugh:I guess I'm kinda at a loss because every few days I restore my laptop to factory and right now it's kinda fresh. it just gets so I can't stand it anymore and so i just start fresh. i know this probably can't be good on the computer, but I'm not sure what to do. i suppose i will stop procrastinating and take a trip down to the library and get some books on computers and just bury myself in them and study the forums here also. i still say thank you, this isn't over yet. LOL. Truth is, when I get prying through my OS like I do I can do a number on my laptop, but that is how I've learned the stuff I do know today, by trial and error. So once when i was doing this I found somewhere in one of the files, can't say I even remember which file, a website was clearly mentioned somewhere in one of the text files, maybe even a setup program, and now I can't remember the name of the site but it was an automated website checking site, membership is free and this bot site will check up to 50 websites at a time every five minutes Pinging me every 5 minutes? I think this might have something to do with my issues. take care, and thanks again.

Have you heard of it?

www.uptimerobot.com :police:

No i have never heard of that web site but see no reason why you would need it. Commercial computers can come with all kinds of useless bloatware installed, they arent worth the cpu cycles they use.

Why do you reset back to the factory defaults? How do you know your being pinged? If this software (website pinger) is installed you can remove it via the add/remove programs panel. A factory reset isnt going to remove any malware if you think you have malware.

I can look at your install list and can suggest software that you can remove if you want.

you ask why i would need that website? well fact is i never installed it and it was never in my programs and features. I had printed out a copy of what turned up awhile back when I went into the command prompt and typed in

netstat /f.

I found these instructions somewhere on the web and but problem was more prominent at the time, maybe i whooped it, who knows, maybe I'm my computers worst enemy, lol. the screen it revealed looked like this:

Active Connections

Proto Local Address Foreign Address State
TCP 192.168.1.104:52310 67.228.72.211-static.reverse.softlayer.com:http
ESTABLISHED
TCP 192.168.1.104:52383 www.uptimerobot.com:http ESTABLISHED
TCP 192.168.1.104:52507 67.228.72.211-static.reverse.softlayer.com:http
ESTABLISHED

and so that's how I found the website and couldn't imagine why, I never saw it, and had never been there. considering the type of site it was (offering free membership to check 50 websites every 5 minutes) I was suspicious it was a hacker. whatever I had, I've considerably slowed it down, but , not entirely sure if it is completely irradicated, so far so good, usually at first sign of it my files and folders in explorer start moving around and just weird stuff like that. thanks for listening. ;)

Theres no hacking going on. When you view a website, much of the content on the web page like photos, ads, video, flash etc can be pulled from other servers. The content isnt all local. I dont think you have anything to worry about.

For example heres a screenshot when I had this forum open and MSN going in another tab.
It will look a little different than Windows because I was using linux at the time.