PDA

View Full Version : Still cannot remove snapdo


flamenco
2012-06-05, 18:00
Hello

I have followed the advice already given but cannot remove snapdo from firefox.

snapdo is not listed in the program list in control panel.

I am running Vista on my Dell PC

I will attempt to add the files requested:

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31
Run by Dave at 16:32:18 on 2012-06-05
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.2008.468 [GMT 1:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\STacSV.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\WLTRYSVC.EXE
C:\Windows\System32\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\aestsrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\ProgramData\IBUpdaterService\ibsvc.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\Program Files\AVG\AVG2012\avgemcx.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Windows\system32\RUNDLL32.EXE
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
C:\Windows\Explorer.EXE
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\WLTRAY.EXE
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Windows\vVX1000.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Users\Dave\AppData\Local\Smartbar\Application\Smartbar.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\wscript.exe
C:\Windows\system32\SearchFilterHost.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page = hxxp://www.google.com/
uStart Page = hxxp://www.google.com/
uWindow Title = Internet Explorer provided by Dell
uSearch Bar = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/
mURLSearchHooks: H - No File
mURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn2\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn2\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - c:\program files\avg\avg2012\avgdtiex.dll
BHO: Community SmartbarEngine: {31ad400d-1b06-4e33-a59a-90c2c140cba0} - mscoree.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: SpecialSavings: {74f475fa-6c75-43bd-aab9-ecda6184f600} - c:\program files\specialsavings\SpecialSavingsSinged.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\11.0.0.9\AVG Secure Search_toolbar.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.2.4204.1700\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn2\YTSingleInstance.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn2\yt.dll
TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\11.0.0.9\AVG Secure Search_toolbar.dll
TB: Community Smartbar: {ae07101b-46d4-4a98-af68-0333ea26e113} - mscoree.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [Messenger (Yahoo!)] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet
uRun: [Google Update] "c:\users\dave\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [MobileDocuments] c:\program files\common files\apple\internet services\ubd.exe
uRun: [KiesHelper] c:\program files\samsung\kies\KiesHelper.exe /s
uRun: [KiesPDLR] c:\program files\samsung\kies\external\firmwareupdate\KiesPDLR.exe
uRun: [iCloudServices] c:\program files\common files\apple\internet services\iCloudServices.exe
uRun: [ApplePhotoStreams] c:\program files\common files\apple\internet services\ApplePhotoStreams.exe
uRun: [Browser Infrastructure Helper] c:\users\dave\appdata\local\smartbar\application\Smartbar.exe startup
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [Apoint] c:\program files\delltpad\Apoint.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [QuickSet] c:\program files\dell\quickset\QuickSet.exe
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [Dell DataSafe Online] "c:\program files\dell datasafe online\DataSafeOnline.exe" /m
mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"
mRun: [dellsupportcenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P dellsupportcenter
mRun: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
mRun: [LifeCam] "c:\program files\microsoft lifecam\LifeExp.exe"
mRun: [VX1000] c:\windows\vVX1000.exe
mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
mRun: [<NO NAME>]
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [vProt] "c:\program files\avg secure search\vprot.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [LWS] c:\program files\logitech\lws\webcam software\LWS.exe -hide
mRun: [ROC_roc_dec12] "c:\program files\avg secure search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [KiesTrayAgent] c:\program files\samsung\kies\KiesTrayAgent.exe
StartupFolder: c:\users\dave\appdata\roaming\micros~1\windows\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\2.0.181\SSScheduler.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - c:\program files\avg\avg2012\avgdtiex.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
IE: {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - c:\program files\specialsavings\SpecialSavingsSinged.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: DhcpNameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{2D776FD6-C9C1-4130-A338-231950BB3556} : DhcpNameServer = 192.168.25.1
TCP: Interfaces\{D5A2759A-64D1-4E08-B231-1D3E5B1D0D8F} : DhcpNameServer = 194.168.4.100 194.168.8.100
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\11.0.2\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll
Notify: igfxcui - igfxdev.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\dave\appdata\roaming\mozilla\firefox\profiles\ddznbwq7.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.google.co.uk
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B5066ac98-0185-4687-90bd-caa05cca3ce4%7D&mid=fc93ba4c3f33802dbe343a75c94015b4-2a695a8cdf899503f25ee52b61a0081e2e7817ad&ds=AVG&v=11.0.0.9&lang=en&pr=fr&d=2012-05-06%2019%3A33%3A52&sap=ku&q=
FF - component: c:\program files\avg\avg10\firefox\components\avgssff.dll
FF - component: c:\program files\avg\avg10\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\avg\avg10\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\avg\avg10\toolbar\firefox\avg@igeared\components\xpavgtbapi.dll
FF - component: c:\program files\common files\spigot\wtxpcom\components\WidgiToolbarFF.dll
FF - component: c:\program files\mozilla firefox\extensions\{ab2ce124-6272-4b12-94a9-7303c7397bd1}\components\SkypeFfComponent.dll
FF - component: c:\users\dave\appdata\roaming\mozilla\firefox\profiles\ddznbwq7.default\extensions\toolbar@alot.com\components\AlotXpcom.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\11.0.2\npsitesafety.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\google updater\2.4.2432.1652\npCIDetect14.dll
FF - plugin: c:\program files\google\update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\dave\appdata\local\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\users\dave\appdata\local\yahoo!\browserplus\2.9.8\plugins\npybrowserplus_2.9.8.dll
FF - plugin: c:\users\dave\appdata\roaming\facebook\npfbplugin_1_0_3.dll
FF - plugin: c:\users\dave\appdata\roaming\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\users\dave\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_235.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 24896]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-1-31 31952]
R0 RapportKELL;RapportKELL;c:\windows\system32\drivers\RapportKELL.sys [2012-5-21 65720]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-2-22 235216]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-12-23 41040]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-3-19 301248]
R1 RapportCerberus_34302;RapportCerberus_34302;c:\programdata\trusteer\rapport\store\exts\rapportcerberus\34302\RapportCerberus32_34302.sys [2011-12-20 228208]
R1 RapportEI;RapportEI;c:\program files\trusteer\rapport\bin\RapportEI.sys [2012-5-21 71480]
R1 RapportPG;RapportPG;c:\program files\trusteer\rapport\bin\RapportPG.sys [2012-5-21 166840]
R2 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10;c:\program files\adobe\elements 10 organizer\PhotoshopElementsFileAgent.exe [2011-9-1 169624]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-1-3 63928]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\driverstore\filerepository\stwrt.inf_ae0b52e0\AEstSrv.exe [2009-3-23 81920]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\avgidsagent.exe [2012-4-30 5106744]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2012-2-14 193288]
R2 DockLoginService;Dock Login Service;c:\program files\dell\delldock\DockLogin.exe [2008-9-24 155648]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]
R2 IBUpdaterService;Updater Service;c:\programdata\ibupdaterservice\ibsvc.exe [2012-4-3 397848]
R2 RapportMgmtService;Rapport Management Service;c:\program files\trusteer\rapport\bin\RapportMgmtService.exe [2012-5-21 976728]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2012-6-5 1153368]
R2 vToolbarUpdater11.0.2;vToolbarUpdater11.0.2;c:\program files\common files\avg secure search\vtoolbarupdater\11.0.2\ToolbarUpdater.exe [2012-4-29 932736]
R2 yksvc;Marvell Yukon Service;RUNDLL32.EXE ykx32coinst,serviceStartProc --> RUNDLL32.EXE ykx32coinst,serviceStartProc [?]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 139856]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [2011-12-23 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 17232]
R3 RapportIaso;RapportIaso;c:\programdata\trusteer\rapport\store\exts\rapportms\39624\RapportIaso.sys [2012-5-28 21520]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S2 Application Updater;Application Updater;"c:\program files\application updater\applicationupdater.exe" --> c:\program files\application updater\ApplicationUpdater.exe [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate1c9b4ffc623e880;Google Update Service (gupdate1c9b4ffc623e880);c:\program files\google\update\GoogleUpdate.exe [2009-4-4 133104]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-9 257696]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg10\toolbar\ToolbarBroker.exe [2011-5-12 1025352]
S3 CompFilter;UVCCompositeFilter;c:\windows\system32\drivers\lvbusflt.sys [2010-5-14 20704]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-4-4 133104]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-4-29 129976]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [2012-4-3 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [2012-4-3 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [2012-4-3 136808]
.
=============== Created Last 30 ================
.
2012-06-05 15:22:23 -------- d-----w- c:\users\dave\appdata\local\{CB58F377-F1EA-4719-9BD7-7EB54C413A65}
2012-06-05 15:22:03 -------- d-----w- c:\users\dave\appdata\local\{1D263BCF-EDB7-40BF-8FFC-CF4829C3375A}
2012-06-05 12:45:38 -------- d-----w- c:\users\dave\appdata\local\{9819196D-4371-4500-A805-82119B292EE6}
2012-06-05 12:45:27 -------- d-----w- c:\users\dave\appdata\local\{CE69DFC4-6C23-4E1D-A1C2-8017ADA19C83}
2012-06-05 10:49:44 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2012-06-05 10:49:44 -------- d-----w- c:\program files\Spybot - Search & Destroy
2012-05-24 15:23:08 -------- d-----w- c:\users\dave\appdata\local\{424899D5-E11D-45C8-8B49-C1E02845EA60}
2012-05-24 15:21:53 -------- d-----w- c:\users\dave\appdata\local\{06764A3E-DCBC-4A39-B352-01016075A8D5}
2012-05-21 06:19:14 65720 ----a-w- c:\windows\system32\drivers\RapportKELL.sys
2012-05-18 10:52:18 -------- d-----w- c:\users\dave\appdata\local\{79E7997E-DE04-41C7-A7E8-E19B6D5C8E9C}
2012-05-13 16:34:07 -------- d-----w- c:\users\dave\appdata\local\{D1FD09C7-EEB1-4053-82F2-E681A3635D50}
2012-05-13 16:33:57 -------- d-----w- c:\users\dave\appdata\local\{1DBE1EC9-6327-43D7-B90B-EC9AAC201651}
2012-05-13 11:59:29 -------- d-----w- c:\users\dave\appdata\local\{A41E323C-2149-4251-A2F4-67B6AB64FB44}
2012-05-13 11:59:12 -------- d-----w- c:\users\dave\appdata\local\{85E922FB-4339-499E-BC48-13E72EE110A7}
2012-05-13 02:25:34 1218048 ----a-w- c:\program files\windows journal\NBDoc.DLL
2012-05-13 02:25:30 1404928 ----a-w- c:\program files\common files\microsoft shared\ink\InkObj.dll
2012-05-13 02:25:27 964608 ----a-w- c:\program files\windows journal\JNWDRV.dll
2012-05-13 02:24:49 983040 ----a-w- c:\program files\windows journal\JNTFiltr.dll
2012-05-13 02:24:22 936960 ----a-w- c:\program files\common files\microsoft shared\ink\journal.dll
2012-05-13 02:23:55 47104 ----a-w- c:\program files\windows journal\PDIALOG.exe
2012-05-13 02:13:35 53120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-05-13 02:12:42 905600 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-05-13 02:11:36 1069056 ----a-w- c:\windows\system32\DWrite.dll
2012-05-13 02:11:34 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-05-13 02:11:30 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2012-05-13 02:11:29 683008 ----a-w- c:\windows\system32\d2d1.dll
2012-05-13 02:11:27 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2012-05-13 02:09:53 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-13 02:09:51 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-05-13 02:09:48 2044928 ----a-w- c:\windows\system32\win32k.sys
2012-05-07 19:08:01 -------- d-----w- c:\users\dave\appdata\roaming\FreeFileViewer
2012-05-07 02:19:23 -------- d-----w- c:\users\dave\appdata\local\FileTypeAssistant
2012-05-06 19:09:04 -------- d-----w- c:\program files\File Type Assistant
2012-05-06 19:08:39 -------- d-----w- c:\program files\FreeFileViewer
2012-05-06 19:08:02 -------- d-----w- c:\users\dave\appdata\local\Smartbar
2012-05-06 19:07:27 -------- d-----w- c:\program files\Free Offers from Freeze.com
.
==================== Find3M ====================
.
2012-05-05 04:24:12 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-05-05 04:24:12 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-04-19 03:50:26 24896 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2012-03-19 04:17:28 301248 ----a-w- c:\windows\system32\drivers\avgtdix.sys
.
============= FINISH: 16:34:07.15 ===============
maxi
2012-06-11, 13:52
Welcome to Safer Networking. I am maxi, and I will be helping you out with your malware problems.

Before we go further, there are a few things that I would like to make clear so that we are share the same understanding.


Please observe and follow these Forum Rules (http://forums.spybot.info/showthread.php?t=288).
Any advice is for your computer only and is taken at your own risk. Fixes sometimes will cause unexpected results, but I will do my best to assist you.
Please read the instructions carefully and follow them closely, in the order they are presented to you.
If you have any doubts or problems during the fix, please stop and ask.
All the tools that I will ask you to download and use are safe. Please allow if prompted by any of your security softwares.
Do not use or run any malware cleaning tools without supervision as they may cause more harm if improperly used.
Refrain from installing any new programs except those that I request during the fix to prevent interference to my diagnosis of the problem.
Lack of malware symptoms does not mean your computer is clean. Stick to this topic until I give the All Clear.
If you do not reply within 3 days, this topic will be closed.

If you are agreeable to the above, then everything should go smoothly

Note:
As I am currently still in training, everything that I post to you must be first checked by my teacher. This may add a tiny delay between replies so please be patient :)

While you are waiting Could you please back-up your registry and disable Teatimer. You can find instructions on both on the following link.
http://forums.spybot.info/showthread.php?t=288

Regards maxi :)
maxi
2012-06-13, 00:39
Hi flamenco,

Your first problem to sort out is the lack of free space on your C:\drive. 15% is the recommended minimum amount, so we will try to achieve this. If you can make any space by removing any files or programs you dont use any more it would help.



Step 1
Uninstall programs
Click on Start.
All programs.
Accessories.
Run.
In the open text box copy/paste appwiz.cpl Then click Ok.
Uninstall the following if present.

McAfee Security Scan Plus
Rapport Trusteer (You can reinstall this when we are finished with the fix as this has been known to interfere with our work.)


Step2
Temp File Cleaner

Please download TFC (http://oldtimer.geekstogo.com/TFC.exe) and save it to your desktop.
Save any unsaved work. TFC will close all open application windows.
Right click on TFC.exe and select "Run As Administrator" to run it. If Windows UAC prompts you, please allow it.
If prompted, click Yes to reboot.
NOTE: Save your work.TFC will automatically close any open programs, let it run uninterrupted. It shouldn't take longer than a couple of minutes, and may only take a few seconds. Only if needed will you be prompted to reboot.


Step 3
Remove all but the last system restore points.
Next click Start >> in the Search Programs and Files search box type cleanmgr and press OK
Select the C: drive and click OK.
Ensure the following boxes are checked; Recycle Bin Temporary Files Temporary Internet Files
Select the Clean Up System Files button.
Select the C: drive again and select OK.
Select the More Options tab and under System Restore and Shadow Copies click the Clean up button.
Select Delete, Press OK and Delete Files to confirm



In your next reply please include:
How much free space is on your C:\drive. (You can do this by clicking on the Windows orb, Computer, Right click on "Windows C" and select properties. You should then see how much free space there is)


Regards maxi :)
maxi
2012-06-15, 14:24
Are you still with us ?