DDS log here, need help with google redirect and any other problems seen [Archive]

View Full Version : DDS log here, need help with google redirect and any other problems seen

austinlandis332

2011-11-24, 05:14

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.19019
Run by Administrator at 21:59:41 on 2011-11-23
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.1789.622 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
C:\Windows\system32\taskeng.exe
C:\Acer\Empowering Technology\eNet\eNet Service.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Acer\Mobility Center\MobilityService.exe
C:\Program Files\O2Micro Oz128 Driver\o2flash.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\System32\alg.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\Users\ADMINI~1\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\System32\ping.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://en.us.acer.yahoo.com
mDefault_Page_URL = hxxp://en.us.acer.yahoo.com
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
BHO: ShowBarObj Class: {83a2f9b1-01a2-4aa5-87d1-45b6b8505e96} - c:\windows\system32\ActiveToolBand.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.7018.1622\swg.dll
TB: Acer eDataSecurity Management: {5cbe3b7c-1e47-477e-a7dd-396db0476e29} - c:\windows\system32\eDStoolbar.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
mRun: [Acer Tour]
mRun: [eRecoveryService]
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [SynTPStart] c:\program files\synaptics\syntp\SynTPStart.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
StartupFolder: c:\users\admini~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
StartupFolder: c:\users\admini~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 2.3\program\quickstart.exe
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\progra~1\java\jre16~2.0_0\bin\ssv.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
LSP: mswsock.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {BEA7310D-06C4-4339-A784-DC3804819809} - hxxp://www.cvsphoto.com/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{3E5B9C94-12F5-4FC4-A823-46A8015A334F} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{FF156EB3-15D9-472D-814E-B31BE09F1453} : DhcpNameServer = 192.168.1.254
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Hosts: 127.0.0.1 www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R0 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [2007-4-3 39680]
R0 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [2007-4-2 35712]
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648]
R1 MpKsl8d2dfac4;MpKsl8d2dfac4;c:\programdata\microsoft\microsoft antimalware\definition updates\{54921a35-bf4f-4f46-a018-ac18d409fec0}\MpKsl8d2dfac4.sys [2011-11-23 28752]
R1 MpKslddbd3c39;MpKslddbd3c39;c:\programdata\microsoft\microsoft antimalware\definition updates\{54921a35-bf4f-4f46-a018-ac18d409fec0}\MpKslddbd3c39.sys [2011-11-23 28752]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2010-6-17 136360]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2010-6-17 269480]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-6-17 66616]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-9-26 366152]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2010-6-17 1153368]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-6-17 22216]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-3 135664]
S3 CASprint;Sprint Con App Svc;c:\program files\sprint\sprint smartview\ConAppsSvc.exe [2008-10-15 124160]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-2-3 135664]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2011-4-18 43392]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2011-11-24 00:11:59 28752 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{54921a35-bf4f-4f46-a018-ac18d409fec0}\MpKslddbd3c39.sys
2011-11-24 00:00:07 28752 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{54921a35-bf4f-4f46-a018-ac18d409fec0}\MpKsl8d2dfac4.sys
2011-11-23 23:59:22 56200 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{54921a35-bf4f-4f46-a018-ac18d409fec0}\offreg.dll
2011-11-23 23:59:03 6668624 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{54921a35-bf4f-4f46-a018-ac18d409fec0}\mpengine.dll
2011-11-23 23:12:59 256000 ----a-w- c:\program files\internet explorer\ieinstal.exe
2011-11-23 18:26:25 0 ----a-w- c:\programdata\17u8eMP.exe
2011-11-23 18:26:24 0 ----a-w- c:\windows\system32\17u8eMP.com
2011-11-22 23:16:32 231936 ----a-w- c:\windows\system32\msshsq.dll
2011-11-20 17:19:47 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2011-11-20 17:19:44 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2011-11-20 15:42:59 80896 ----a-w- c:\windows\system32\MSNP.ax
2011-11-20 15:42:51 293376 ----a-w- c:\windows\system32\psisdecd.dll
2011-11-20 15:42:48 217088 ----a-w- c:\windows\system32\psisrndr.ax
2011-11-19 15:37:40 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-11-19 15:37:39 49472 ----a-w- c:\windows\system32\netfxperf.dll
2011-11-19 15:37:39 297808 ----a-w- c:\windows\system32\mscoree.dll
2011-11-19 15:37:39 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2011-11-19 15:37:38 1130824 ----a-w- c:\windows\system32\dfshim.dll
2011-11-18 21:15:45 2048 ----a-w- c:\windows\system32\winrsmgr.dll
2011-11-18 21:15:14 40448 ----a-w- c:\windows\system32\winrs.exe
2011-11-18 21:15:14 20480 ----a-w- c:\windows\system32\winrshost.exe
2011-11-18 21:15:14 12800 ----a-w- c:\windows\system32\wsmprovhost.exe
2011-11-18 21:15:08 10240 ----a-w- c:\windows\system32\wsmplpxy.dll
2011-11-18 21:15:08 10240 ----a-w- c:\windows\system32\winrssrv.dll
2011-11-17 00:00:20 125952 ----a-w- c:\windows\system32\srvsvc.dll
2011-11-17 00:00:18 17920 ----a-w- c:\windows\system32\netevent.dll
2011-11-16 23:59:38 168960 ----a-w- c:\program files\windows media player\wmplayer.exe
2011-11-16 23:59:34 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2011-11-16 23:59:07 898952 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-11-16 23:59:01 501760 ----a-w- c:\windows\system32\usp10.dll
2011-11-16 23:58:57 66048 ----a-w- c:\program files\windows mail\wabmig.exe
2011-11-16 23:58:57 515584 ----a-w- c:\program files\windows mail\wab.exe
2011-11-16 23:58:56 33280 ----a-w- c:\program files\windows mail\wabfind.dll
2011-11-16 23:58:49 292864 ----a-w- c:\windows\system32\atmfd.dll
2011-11-16 23:58:48 72704 ----a-w- c:\windows\system32\fontsub.dll
2011-11-16 23:58:48 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-11-16 23:58:44 409600 ----a-w- c:\windows\system32\odbc32.dll
2011-11-16 23:58:43 708608 ----a-w- c:\program files\common files\system\ado\msado15.dll
2011-11-16 23:58:42 57344 ----a-w- c:\program files\common files\system\msadc\msadcs.dll
2011-11-16 23:58:42 253952 ----a-w- c:\program files\common files\system\ado\msadox.dll
2011-11-16 23:58:42 241664 ----a-w- c:\program files\common files\system\ado\msadomd.dll
2011-11-16 23:58:42 180224 ----a-w- c:\program files\common files\system\msadc\msadco.dll
2011-11-16 23:57:06 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
2011-11-16 23:57:00 3548048 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-11-16 23:55:30 1169408 ----a-w- c:\windows\system32\sdclt.exe
2011-11-16 23:55:21 10926592 ----a-w- c:\program files\movie maker\MOVIEMK.dll
2011-11-16 23:55:19 150016 ----a-w- c:\program files\movie maker\MOVIEMK.exe
2011-11-16 23:55:15 146432 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-11-16 23:55:15 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-11-16 23:54:17 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL
2011-11-16 23:54:09 563200 ----a-w- c:\windows\system32\oleaut32.dll
2011-11-16 23:54:05 954752 ----a-w- c:\windows\system32\mfc40.dll
2011-11-16 23:54:05 954288 ----a-w- c:\windows\system32\mfc40u.dll
2011-11-16 23:54:01 36352 ----a-w- c:\windows\system32\rtutils.dll
2011-11-16 23:52:26 738816 ----a-w- c:\windows\system32\inetcomm.dll
2011-11-16 23:52:23 81920 ----a-w- c:\windows\system32\consent.exe
2011-11-16 23:50:25 1257472 ----a-w- c:\windows\system32\msxml3.dll
2011-11-16 23:50:21 147456 ----a-w- c:\windows\system32\Faultrep.dll
2011-11-16 23:50:21 125952 ----a-w- c:\windows\system32\wersvc.dll
2011-11-16 23:50:17 531968 ----a-w- c:\windows\system32\comctl32.dll
2011-11-16 23:48:55 625152 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2011-11-16 23:48:55 565248 ----a-w- c:\windows\system32\emdmgmt.dll
2011-11-16 23:48:54 45056 ----a-w- c:\windows\system32\dataclen.dll
2011-11-16 23:48:54 36864 ----a-w- c:\windows\system32\cdd.dll
2011-11-16 23:48:54 148480 ----a-w- c:\windows\system32\drivers\nwifi.sys
2011-11-16 23:48:45 2048 ----a-w- c:\windows\system32\tzres.dll
2011-11-16 23:47:42 135168 ----a-w- c:\windows\system32\wshom.ocx
2011-11-16 23:47:41 90112 ----a-w- c:\windows\system32\wshext.dll
2011-11-16 23:47:41 180224 ----a-w- c:\windows\system32\scrobj.dll
2011-11-16 23:47:41 155648 ----a-w- c:\windows\system32\wscript.exe
2011-11-16 23:47:41 135168 ----a-w- c:\windows\system32\cscript.exe
2011-11-16 23:47:40 172032 ----a-w- c:\windows\system32\scrrun.dll
2011-11-16 23:47:33 375808 ----a-w- c:\windows\system32\winsrv.dll
2011-11-16 23:47:32 49152 ----a-w- c:\windows\system32\csrsrv.dll
2011-11-16 23:47:27 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-11-16 23:47:25 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-11-16 22:51:54 276992 ----a-w- c:\windows\system32\schannel.dll
2011-11-15 22:20:48 -------- d-----w- C:\PerfLogs
2011-11-14 23:33:20 6668624 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2011-11-12 08:38:59 46080 ----a-w- c:\windows\system32\NAPCRYPT.DLL
2011-11-12 08:37:59 5780480 ----a-w- c:\program files\common files\microsoft shared\ink\mshwnld.dll
2011-11-12 08:36:59 38400 ----a-w- c:\windows\system32\runonce.exe
2011-11-12 08:35:59 485376 ----a-w- c:\windows\system32\mspaint.exe
2011-11-12 08:34:58 686592 ----a-w- c:\windows\system32\colorui.dll
2011-11-12 08:33:59 97792 ----a-w- c:\windows\system32\cryptnet.dll
2011-11-11 21:37:15 703824 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{f99bcca5-eae0-4c2a-bacb-62c45b6bb68b}\gapaengine.dll
2011-11-11 21:24:51 -------- d-----w- c:\users\administrator\appdata\roaming\SUPERAntiSpyware.com
2011-11-11 21:24:51 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2011-11-11 21:24:43 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-11-11 21:23:54 -------- d-----w- c:\program files\Microsoft Security Client
2011-11-11 18:55:59 6668624 ------w- c:\programdata\microsoft\windows defender\definition updates\{557bf082-1083-4637-b2d9-a0ab0c06e8dd}\mpengine.dll
2011-11-11 18:38:50 -------- d-----w- C:\from_old_computer
2011-11-11 18:38:32 -------- d-----w- c:\users\administrator\appdata\local\MigWiz
2011-11-11 18:27:19 -------- d-----w- c:\windows\pss
2011-11-07 01:19:06 -------- d-----w- C:\bef74c1d479a509ca1acdf8ff5c97b
.
==================== Find3M ====================
.
2011-11-15 21:48:51 101888 ----a-w- c:\windows\system32\ifxcardm.dll
2011-11-15 21:48:42 82432 ----a-w- c:\windows\system32\axaltocm.dll
2011-08-31 21:00:50 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-31 03:05:04 83816 ----a-w- c:\windows\system32\dns-sd.exe
2011-08-31 03:05:04 73064 ----a-w- c:\windows\system32\dnssd.dll
2011-08-31 03:05:04 50536 ----a-w- c:\windows\system32\jdns_sd.dll
2011-08-31 03:05:04 178536 ----a-w- c:\windows\system32\dnssdX.dll
.
============= FINISH: 22:02:08.30 ===============

Blade81

2011-11-24, 08:02

Hi,

IMPORTANT I notice there are signs of one or more P2P (Peer to Peer) File Sharing Programs on your computer.

FrostWire
LimeWire

I'd like you to read this thread (http://forums.spybot.info/showthread.php?t=282).

Uninstall the programs listed above (in red). When done, post fresh dds logs.

austinlandis332

2011-11-24, 08:17

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.19019
Run by Administrator at 1:12:13 on 2011-11-24
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.1789.872 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
C:\Acer\Empowering Technology\eNet\eNet Service.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Acer\Mobility Center\MobilityService.exe
C:\Program Files\O2Micro Oz128 Driver\o2flash.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\System32\alg.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\wuauclt.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\Users\ADMINI~1\AppData\Local\Temp\RtkBtMnt.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://en.us.acer.yahoo.com
mDefault_Page_URL = hxxp://en.us.acer.yahoo.com
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
BHO: ShowBarObj Class: {83a2f9b1-01a2-4aa5-87d1-45b6b8505e96} - c:\windows\system32\ActiveToolBand.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.7018.1622\swg.dll
TB: Acer eDataSecurity Management: {5cbe3b7c-1e47-477e-a7dd-396db0476e29} - c:\windows\system32\eDStoolbar.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
mRun: [Acer Tour]
mRun: [eRecoveryService]
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [SynTPStart] c:\program files\synaptics\syntp\SynTPStart.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
StartupFolder: c:\users\admini~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
StartupFolder: c:\users\admini~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 2.3\program\quickstart.exe
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\progra~1\java\jre16~2.0_0\bin\ssv.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
LSP: mswsock.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {BEA7310D-06C4-4339-A784-DC3804819809} - hxxp://www.cvsphoto.com/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{3E5B9C94-12F5-4FC4-A823-46A8015A334F} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{FF156EB3-15D9-472D-814E-B31BE09F1453} : DhcpNameServer = 192.168.1.254
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Hosts: 127.0.0.1 www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R0 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [2007-4-3 39680]
R0 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [2007-4-2 35712]
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648]
R1 MpKsl07fab00b;MpKsl07fab00b;c:\programdata\microsoft\microsoft antimalware\definition updates\{54921a35-bf4f-4f46-a018-ac18d409fec0}\MpKsl07fab00b.sys [2011-11-23 28752]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2010-6-17 136360]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2010-6-17 269480]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-6-17 66616]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-9-26 366152]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2010-6-17 1153368]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-6-17 22216]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-3 135664]
S3 CASprint;Sprint Con App Svc;c:\program files\sprint\sprint smartview\ConAppsSvc.exe [2008-10-15 124160]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-2-3 135664]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2011-4-18 43392]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2011-11-24 04:42:55 28752 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{54921a35-bf4f-4f46-a018-ac18d409fec0}\MpKsl07fab00b.sys
2011-11-24 04:42:52 56200 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{54921a35-bf4f-4f46-a018-ac18d409fec0}\offreg.dll
2011-11-23 23:59:03 6668624 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{54921a35-bf4f-4f46-a018-ac18d409fec0}\mpengine.dll
2011-11-23 23:54:01 420352 ----a-w- c:\windows\system32\vbscript.dll
2011-11-23 23:12:59 256000 ----a-w- c:\program files\internet explorer\ieinstal.exe
2011-11-23 18:26:25 0 ----a-w- c:\programdata\17u8eMP.exe
2011-11-23 18:26:24 0 ----a-w- c:\windows\system32\17u8eMP.com
2011-11-22 23:16:32 231936 ----a-w- c:\windows\system32\msshsq.dll
2011-11-20 17:19:47 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2011-11-20 17:19:44 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2011-11-20 15:42:59 80896 ----a-w- c:\windows\system32\MSNP.ax
2011-11-20 15:42:51 293376 ----a-w- c:\windows\system32\psisdecd.dll
2011-11-20 15:42:48 217088 ----a-w- c:\windows\system32\psisrndr.ax
2011-11-19 15:37:40 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-11-19 15:37:39 49472 ----a-w- c:\windows\system32\netfxperf.dll
2011-11-19 15:37:39 297808 ----a-w- c:\windows\system32\mscoree.dll
2011-11-19 15:37:39 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2011-11-19 15:37:38 1130824 ----a-w- c:\windows\system32\dfshim.dll
2011-11-18 21:15:45 2048 ----a-w- c:\windows\system32\winrsmgr.dll
2011-11-18 21:15:14 40448 ----a-w- c:\windows\system32\winrs.exe
2011-11-18 21:15:14 20480 ----a-w- c:\windows\system32\winrshost.exe
2011-11-18 21:15:14 12800 ----a-w- c:\windows\system32\wsmprovhost.exe
2011-11-18 21:15:08 10240 ----a-w- c:\windows\system32\wsmplpxy.dll
2011-11-18 21:15:08 10240 ----a-w- c:\windows\system32\winrssrv.dll
2011-11-17 00:00:20 125952 ----a-w- c:\windows\system32\srvsvc.dll
2011-11-17 00:00:18 17920 ----a-w- c:\windows\system32\netevent.dll
2011-11-16 23:59:38 168960 ----a-w- c:\program files\windows media player\wmplayer.exe
2011-11-16 23:59:34 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2011-11-16 23:59:07 898952 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-11-16 23:59:01 501760 ----a-w- c:\windows\system32\usp10.dll
2011-11-16 23:58:57 66048 ----a-w- c:\program files\windows mail\wabmig.exe
2011-11-16 23:58:57 515584 ----a-w- c:\program files\windows mail\wab.exe
2011-11-16 23:58:56 33280 ----a-w- c:\program files\windows mail\wabfind.dll
2011-11-16 23:58:49 292864 ----a-w- c:\windows\system32\atmfd.dll
2011-11-16 23:58:48 72704 ----a-w- c:\windows\system32\fontsub.dll
2011-11-16 23:58:48 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-11-16 23:58:44 409600 ----a-w- c:\windows\system32\odbc32.dll
2011-11-16 23:58:43 708608 ----a-w- c:\program files\common files\system\ado\msado15.dll
2011-11-16 23:58:42 57344 ----a-w- c:\program files\common files\system\msadc\msadcs.dll
2011-11-16 23:58:42 253952 ----a-w- c:\program files\common files\system\ado\msadox.dll
2011-11-16 23:58:42 241664 ----a-w- c:\program files\common files\system\ado\msadomd.dll
2011-11-16 23:58:42 180224 ----a-w- c:\program files\common files\system\msadc\msadco.dll
2011-11-16 23:57:06 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
2011-11-16 23:57:00 3548048 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-11-16 23:55:30 1169408 ----a-w- c:\windows\system32\sdclt.exe
2011-11-16 23:55:21 10926592 ----a-w- c:\program files\movie maker\MOVIEMK.dll
2011-11-16 23:55:19 150016 ----a-w- c:\program files\movie maker\MOVIEMK.exe
2011-11-16 23:55:15 146432 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-11-16 23:55:15 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-11-16 23:54:17 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL
2011-11-16 23:54:09 563200 ----a-w- c:\windows\system32\oleaut32.dll
2011-11-16 23:54:05 954752 ----a-w- c:\windows\system32\mfc40.dll
2011-11-16 23:54:05 954288 ----a-w- c:\windows\system32\mfc40u.dll
2011-11-16 23:54:01 36352 ----a-w- c:\windows\system32\rtutils.dll
2011-11-16 23:52:26 738816 ----a-w- c:\windows\system32\inetcomm.dll
2011-11-16 23:52:23 81920 ----a-w- c:\windows\system32\consent.exe
2011-11-16 23:50:25 1257472 ----a-w- c:\windows\system32\msxml3.dll
2011-11-16 23:50:21 147456 ----a-w- c:\windows\system32\Faultrep.dll
2011-11-16 23:50:21 125952 ----a-w- c:\windows\system32\wersvc.dll
2011-11-16 23:50:17 531968 ----a-w- c:\windows\system32\comctl32.dll
2011-11-16 23:48:55 625152 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2011-11-16 23:48:55 565248 ----a-w- c:\windows\system32\emdmgmt.dll
2011-11-16 23:48:54 45056 ----a-w- c:\windows\system32\dataclen.dll
2011-11-16 23:48:54 36864 ----a-w- c:\windows\system32\cdd.dll
2011-11-16 23:48:54 148480 ----a-w- c:\windows\system32\drivers\nwifi.sys
2011-11-16 23:48:45 2048 ----a-w- c:\windows\system32\tzres.dll
2011-11-16 23:47:42 135168 ----a-w- c:\windows\system32\wshom.ocx
2011-11-16 23:47:41 90112 ----a-w- c:\windows\system32\wshext.dll
2011-11-16 23:47:41 180224 ----a-w- c:\windows\system32\scrobj.dll
2011-11-16 23:47:41 155648 ----a-w- c:\windows\system32\wscript.exe
2011-11-16 23:47:41 135168 ----a-w- c:\windows\system32\cscript.exe
2011-11-16 23:47:40 172032 ----a-w- c:\windows\system32\scrrun.dll
2011-11-16 23:47:33 375808 ----a-w- c:\windows\system32\winsrv.dll
2011-11-16 23:47:32 49152 ----a-w- c:\windows\system32\csrsrv.dll
2011-11-16 23:47:27 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-11-16 23:47:25 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-11-16 22:51:54 276992 ----a-w- c:\windows\system32\schannel.dll
2011-11-15 22:20:48 -------- d-----w- C:\PerfLogs
2011-11-14 23:33:20 6668624 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2011-11-12 08:38:59 46080 ----a-w- c:\windows\system32\NAPCRYPT.DLL
2011-11-12 08:37:59 5780480 ----a-w- c:\program files\common files\microsoft shared\ink\mshwnld.dll
2011-11-12 08:36:59 38400 ----a-w- c:\windows\system32\runonce.exe
2011-11-12 08:35:59 485376 ----a-w- c:\windows\system32\mspaint.exe
2011-11-12 08:34:58 686592 ----a-w- c:\windows\system32\colorui.dll
2011-11-12 08:33:59 97792 ----a-w- c:\windows\system32\cryptnet.dll
2011-11-11 21:37:15 703824 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{f99bcca5-eae0-4c2a-bacb-62c45b6bb68b}\gapaengine.dll
2011-11-11 21:24:51 -------- d-----w- c:\users\administrator\appdata\roaming\SUPERAntiSpyware.com
2011-11-11 21:24:51 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2011-11-11 21:24:43 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-11-11 21:23:54 -------- d-----w- c:\program files\Microsoft Security Client
2011-11-11 18:55:59 6668624 ------w- c:\programdata\microsoft\windows defender\definition updates\{557bf082-1083-4637-b2d9-a0ab0c06e8dd}\mpengine.dll
2011-11-11 18:38:50 -------- d-----w- C:\from_old_computer
2011-11-11 18:38:32 -------- d-----w- c:\users\administrator\appdata\local\MigWiz
2011-11-11 18:27:19 -------- d-----w- c:\windows\pss
2011-11-07 01:19:06 -------- d-----w- C:\bef74c1d479a509ca1acdf8ff5c97b
.
==================== Find3M ====================
.
2011-11-15 21:48:51 101888 ----a-w- c:\windows\system32\ifxcardm.dll
2011-11-15 21:48:42 82432 ----a-w- c:\windows\system32\axaltocm.dll
2011-08-31 21:00:50 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-31 03:05:04 83816 ----a-w- c:\windows\system32\dns-sd.exe
2011-08-31 03:05:04 73064 ----a-w- c:\windows\system32\dnssd.dll
2011-08-31 03:05:04 50536 ----a-w- c:\windows\system32\jdns_sd.dll
2011-08-31 03:05:04 178536 ----a-w- c:\windows\system32\dnssdX.dll
.
============= FINISH: 1:14:13.33 ===============

Blade81

2011-11-24, 09:26

Hi,

1. Download TDSSKiller (http://support.kaspersky.com/downloads/utils/tdsskiller.zip) and extract its contents into a folder in desired location (i.e. c:\tdsskiller).
2. Execute the file TDSSKiller.exe.
3. Click Start Scan. If threats are found, select skip and click Continue (tool may prompt for a reboot).
4. Post back contents of log file in c: drive root (name should be in UtilityName.Version_Date_Time_log.txt format)

austinlandis332

2011-11-25, 02:22

Says no threats are found.

Blade81

2011-11-25, 08:36

Hi

Please visit this webpage for download links, and instructions for running ComboFix tool:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Please ensure you read this guide carefully first.

Please continue as follows:

Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix, link (http://www.bleepingcomputer.com/forums/topic114351.html)
Remember to re-enable them afterwards.

Click Yes to allow ComboFix to continue scanning for malware.

When the tool is finished, it will produce a report for you.

Please include the following reports for further review, and so we may continue cleansing the system:

C:\ComboFix.txt
New dds log.

A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix. This tool is not a toy and not for everyday use.

Blade81

2011-12-02, 18:57

Due to inactivity, this thread will now be closed.

Note:If it has been three days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh DDS log and a link to your previous thread. Please do not add any logs that might have been requested in the closed topic, you would be starting fresh.

If it has been less than three days since your last response and you need the thread re-opened, please send me or other MOD a private message (pm). A valid, working link to the closed topic is required.