PDA

View Full Version : please help



terimccurdy
2013-06-23, 15:52
I have a dell laptop running windows xp I hope that I have all the things that I need

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.21.2
Run by someone at 4:17:22 on 2013-06-23
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2038.768 [GMT -7:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
AV: avast! Internet Security *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Internet Security *Enabled*
.
============== Running Processes ================
.
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Documents and Settings\someone\Local Settings\Application Data\NexGenMediaPlayer\NexGenMediaPlayerApp.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\explorer.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Spybot - Search & Destroy 2\SDWelcome.exe
C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe
C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\WINDOWS\system32\svchost.exe -k HPService
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k LocalService
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10045&barid={26384871-DA39-11E2-AD9B-001F3B5D9E1B}
uSearch Page = hxxp://www.google.com/hws/sb/dell-usuk/en/side.html?channel=us
uDefault_Page_URL = hxxp://www.msn.com
mStart Page = hxxp://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10045&barid={26384871-DA39-11E2-AD9B-001F3B5D9E1B}
uProxyServer = localhost:21320
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Sing Along: {6492E171-2427-4932-B414-33574A089F5E} -
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: {9AF6908B-E23C-4652-A634-8A2BC0CD7B16} - <orphaned>
BHO: TopArcadeHits Games: {A7A9D7E7-E0C0-4202-9F13-6A06BD073CDA} - c:\documents and settings\someone\local settings\application data\toparcadehits\Toparcadehits.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Spybot-S&D Cleaning] "c:\program files\spybot - search & destroy 2\SDCleaner.exe" /autoclean
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [OEM02Mon.exe] c:\windows\OEM02Mon.exe
mRun: [PCMService] "c:\program files\dell\mediadirect\PCMService.exe"
mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [UserFaultCheck] c:\windows\system32\dumprep 0 -u
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [systray] c:\program files\dell\dell mobile broadband\systray.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [SDTray] "c:\program files\spybot - search & destroy 2\SDTray.exe"
StartupFolder: c:\docume~1\someone\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
StartupFolder: c:\documents and settings\someone\start menu\programs\startup\MyPC Backup.lnk.disabled
StartupFolder: c:\documents and settings\someone\start menu\programs\startup\NexGen Media Player.lnk.disabled
StartupFolder: c:\documents and settings\all users\start menu\programs\startup\HotSync Manager.lnk.disabled
StartupFolder: c:\documents and settings\all users\start menu\programs\startup\HP Digital Imaging Monitor.lnk.disabled
StartupFolder: c:\documents and settings\all users\start menu\programs\startup\Windows Search.lnk.disabled
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1344092149437
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1359279835796
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 97.64.183.164 97.64.209.37
TCP: Interfaces\{E6DE3FAB-CE65-4BDD-A808-4FF305A83659} : DHCPNameServer = 97.64.183.164 97.64.209.37
Notify: igfxcui - igfxdev.dll
Notify: SDWinLogon - SDWinLogon.dll
AppInit_DLLs= c:\progra~1\common~1\jaksta~1\audioc~1\jaudcap.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\27.0.1453.116\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
Hosts: 127.0.0.1 www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\drivers\aswNdis.sys [2013-6-17 12112]
R0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys [2013-6-17 204784]
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2013-6-6 49376]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2013-6-6 174664]
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-1-20 195296]
R1 aswFW;avast! TDI Firewall Driver;c:\windows\system32\drivers\aswFW.sys [2013-6-17 104752]
R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2013-6-17 21576]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2013-6-6 765736]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2013-6-6 368944]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2013-6-6 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-6-6 66336]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2013-6-6 46808]
R2 avast! Firewall;avast! Firewall;c:\program files\avast software\avast\afwServ.exe [2013-6-17 137960]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-6-8 418376]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-6-8 701512]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\spybot - search & destroy 2\SDFSSvc.exe [2013-6-14 1817560]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\spybot - search & destroy 2\SDUpdSvc.exe [2013-6-14 1033688]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-6-8 22856]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 CltMngSvc;Search Protect by Conduit Updater;c:\program files\searchprotect\bin\cltmngsvc.exe --> c:\program files\searchprotect\bin\CltMngSvc.exe [?]
S2 DefaultTabUpdate;DefaultTabUpdate;"c:\documents and settings\teri\application data\defaulttab\defaulttab\dtupdate.exe" --> c:\documents and settings\teri\application data\defaulttab\defaulttab\DTUpdate.exe [?]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\spybot - search & destroy 2\SDWSCSvc.exe [2013-6-14 171928]
S3 PCDSRVC{5B8A2B68-04D6B966-06020200}_0;PCDSRVC{5B8A2B68-04D6B966-06020200}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\my dell\pcdsrvc.pkms [2013-5-3 22640]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
SUnknown IBUpdaterService;IBUpdaterService; [x]
.
=============== Created Last 30 ================
.
2013-06-23 08:39:51 -------- d-----w- c:\program files\Solid Savings
2013-06-23 02:02:00 60872 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{36d2aa14-33c4-4efd-a158-99b2b0e2d3d4}\offreg.dll
2013-06-23 02:01:14 7068072 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{36d2aa14-33c4-4efd-a158-99b2b0e2d3d4}\mpengine.dll
2013-06-23 01:37:24 7068072 ------w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2013-06-21 08:41:31 -------- d-----w- c:\documents and settings\someone\local settings\application data\NGMP
2013-06-21 06:26:05 -------- d-----w- c:\documents and settings\someone\local settings\application data\NexGenMediaPlayer
2013-06-21 06:26:00 -------- d-----w- c:\program files\NexGen Media Player
2013-06-21 06:17:29 417792 ----a-w- c:\windows\system32\FLVSplitter.ax
2013-06-21 06:10:40 -------- d-----w- c:\program files\Haali
2013-06-21 06:10:19 -------- d-----w- c:\program files\AviSynth 2.5
2013-06-21 06:10:17 632656 ----a-w- c:\windows\system32\msvcr80.dll
2013-06-21 06:10:17 554832 ----a-w- c:\windows\system32\msvcp80.dll
2013-06-21 06:10:16 479232 ----a-w- c:\windows\system32\msvcm80.dll
2013-06-21 06:09:29 290816 ----a-w- c:\windows\system32\stFLVSource.ax
2013-06-21 06:09:26 1184984 ----a-w- c:\windows\system32\wvc1dmod.dll
2013-06-21 06:09:26 -------- d-----w- c:\program files\common files\SourceTec
2013-06-21 06:09:25 70656 ----a-w- c:\windows\system32\RLAPEDec.ax
2013-06-21 06:09:25 217088 ----a-w- c:\windows\system32\CoreFLACDecoder.ax
2013-06-21 06:09:24 -------- d-----w- c:\program files\Sothink Movie DVD Maker
2013-06-21 05:58:37 -------- d-----w- c:\documents and settings\someone\local settings\application data\WMTools Downloaded Files
2013-06-19 05:29:17 -------- d-----w- c:\documents and settings\someone\application data\Dell
2013-06-19 05:28:34 -------- d-----w- c:\documents and settings\all users\application data\PCDr
2013-06-19 05:26:29 -------- d-----w- c:\program files\My Dell
2013-06-19 05:17:14 -------- d-----w- c:\documents and settings\someone\application data\PCDr
2013-06-17 22:11:04 204784 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2013-06-17 22:11:03 104752 ----a-w- c:\windows\system32\drivers\aswFW.sys
2013-06-17 22:11:01 21576 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2013-06-17 22:09:58 12112 ----a-w- c:\windows\system32\drivers\aswNdis.sys
2013-06-16 05:51:40 -------- d-----w- c:\documents and settings\someone\application data\FLV and Media Player
2013-06-16 05:43:46 -------- d-----w- c:\documents and settings\someone\application data\Replay Media Catcher 5
2013-06-16 05:43:45 -------- d-----w- c:\documents and settings\someone\local settings\application data\Replay Media Catcher 5
2013-06-16 05:43:42 -------- d-----w- c:\documents and settings\someone\local settings\application data\Jaksta_Technologies_Pty_L
2013-06-16 05:42:47 -------- d-----w- c:\program files\common files\Jaksta Technologies
2013-06-16 05:42:32 -------- d-----w- c:\program files\Applian Technologies
2013-06-16 05:06:36 119568 ----a-w- c:\windows\system32\VB6FR.DLL
2013-06-16 05:06:36 101888 ----a-w- c:\windows\system32\VB6STKIT.DLL
2013-06-16 05:06:35 32768 ----a-w- c:\windows\system32\CMDLGFR.DLL
2013-06-16 05:06:35 141312 ----a-w- c:\windows\system32\MSCMCFR.DLL
2013-06-16 05:06:34 -------- d-----w- c:\documents and settings\someone\application data\TFP
2013-06-16 05:01:17 -------- d-----w- c:\program files\BearShare Applications
2013-06-15 04:59:17 -------- d-----w- c:\program files\AdSpyDeleter
2013-06-15 04:49:47 -------- d-----w- c:\documents and settings\all users\application data\Spybot - Search & Destroy
2013-06-15 04:49:21 15224 ----a-w- c:\windows\system32\sdnclean.exe
2013-06-15 04:48:59 -------- d-----w- c:\program files\Spybot - Search & Destroy 2
2013-06-14 19:16:34 -------- d-----w- c:\program files\Conduit
2013-06-14 19:16:18 -------- d-----w- c:\documents and settings\someone\local settings\application data\Temp
2013-06-14 19:14:20 -------- d-----w- c:\documents and settings\someone\local settings\application data\CRE
2013-06-13 08:23:02 -------- d-----w- c:\documents and settings\someone\local settings\application data\TopArcadeHits
2013-06-13 08:09:36 -------- d-----w- c:\documents and settings\someone\local settings\application data\AskToolbar
2013-06-13 04:45:34 -------- d-----w- c:\windows\system32\XPToolsLicenseComponent
2013-06-12 23:59:37 -------- d-----w- c:\documents and settings\someone\local settings\application data\Koox System Optimizer
2013-06-12 23:59:00 81920 ----a-w- c:\windows\eSellerateControl350.dll
2013-06-12 23:59:00 356352 ----a-w- c:\windows\eSellerateEngine.dll
2013-06-09 21:20:30 -------- d-----w- c:\documents and settings\someone\local settings\application data\Deployment
2013-06-09 20:39:07 -------- d-----w- c:\documents and settings\someone\application data\Auslogics
2013-06-09 20:06:10 -------- d-----w- c:\documents and settings\someone\local settings\application data\SlimWare Utilities Inc
2013-06-09 19:33:40 4167680 ----a-w- c:\program files\GUT57.tmp
2013-06-09 19:33:40 -------- d-----w- c:\program files\GUM56.tmp
2013-06-08 23:28:52 -------- d-----w- c:\documents and settings\someone\local settings\application data\Powercinema
2013-06-08 23:17:14 -------- d-----w- c:\documents and settings\someone\application data\SwvUpdater
2013-06-08 19:07:23 -------- d-----w- c:\documents and settings\someone\application data\Malwarebytes
2013-06-08 19:06:56 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-06-08 19:06:56 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-06-08 18:38:59 8020086 ----a-w- c:\documents and settings\someone\QuickShare1.exe
2013-06-07 01:22:15 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-06-07 01:22:14 174664 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-06-07 01:22:13 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-06-07 01:22:13 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-06-07 01:20:41 41664 ----a-w- c:\windows\avastSS.scr
2013-06-06 11:21:56 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-06-06 11:19:13 -------- d-----w- c:\program files\Microsoft Security Client
2013-06-06 11:08:22 -------- d-----w- C:\f683c15af54cd3563f9a012c85070a
2013-06-06 10:07:53 -------- d-----w- C:\11e5f4d67f912950c66e
2013-06-05 22:19:26 33958 ----a-w- c:\documents and settings\all users\application data\uninstaller.exe
2013-05-28 18:16:19 -------- d-----w- c:\documents and settings\someone\application data\IObit
2013-05-27 07:02:11 -------- d-----w- c:\program files\AppFiles
2013-05-27 06:42:07 -------- d-----w- c:\program files\SearchProtect
2013-05-25 08:20:42 -------- d-----w- c:\program files\Uninstaller
2013-05-25 08:08:44 -------- d-sh--w- c:\windows\system32\AI_RecycleBin
2013-05-25 08:08:06 -------- d-sh--w- C:\AI_RecycleBin
.
==================== Find3M ====================
.
2013-05-22 15:21:06 4325376 ----a-w- c:\documents and settings\all users\application data\ReadOnlyInstaller.msi
2013-05-15 19:43:25 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-05-15 19:43:24 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-09 09:39:48 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-05-09 09:39:46 866720 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-05-09 09:39:46 788896 -c--a-w- c:\windows\system32\deployJava1.dll
2013-05-09 09:39:46 144896 ----a-w- c:\windows\system32\javacpl.cpl
2013-05-08 06:10:12 770384 ----a-w- c:\windows\system32\msvcr100.dll
2013-05-08 06:10:12 421200 ----a-w- c:\windows\system32\msvcp100.dll
2013-05-07 22:30:06 920064 ----a-w- c:\windows\system32\wininet.dll
2013-05-07 22:30:05 43520 ------w- c:\windows\system32\licmgr10.dll
2013-05-07 22:30:05 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-05-07 21:53:29 385024 ------w- c:\windows\system32\html.iec
2013-05-03 01:30:20 2149888 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-05-03 00:38:17 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-04-10 01:31:19 1876352 ----a-w- c:\windows\system32\win32k.sys
.
============= FINISH: 4:19:43.42 ===============
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-06-23 04:31:18
-----------------------------
04:31:18.750 OS Version: Windows 5.1.2600 Service Pack 3
04:31:18.750 Number of processors: 2 586 0xF0D
04:31:18.750 ComputerName: TERI UserName:
04:31:19.828 Initialze error C000010E - driver not loaded
04:31:20.031 AVAST engine defs: 13062301
04:31:21.453 Service scanning
04:31:34.968 Service MpKsld05bfba3 c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{36D2AA14-33C4-4EFD-A158-99B2B0E2D3D4}\MpKsld05bfba3.sys **LOCKED** 32
04:31:48.640 Modules scanning
04:31:48.640 Disk 0 trace - called modules:
04:31:48.640
04:31:49.656 AVAST engine scan C:\WINDOWS
04:31:57.171 AVAST engine scan C:\WINDOWS\system32
04:34:50.078 AVAST engine scan C:\WINDOWS\system32\drivers
04:35:05.250 AVAST engine scan C:\Documents and Settings\someone
04:40:19.359 AVAST engine scan C:\Documents and Settings\All Users
04:42:48.312 Scan finished successfully
04:49:16.546 The log file has been saved successfully to "C:\Documents and Settings\someone\Desktop\aswMBR.txt"

fbfbfb
2013-06-25, 22:47
Hello, terimccurdy. Welcome to Safer-Networking Forums.

My name is fbfbfb. I will gladly assist you with your concerns.

Please be advised, as I am still in training, all my replies to you will be checked for accuracy by one of our experts to ensure that I am giving you the best possible advice. This may cause a delay, but I will do my best to keep it as short as possible.

I am checking over your DDS and aswMBR logs now, and I will post back shortly with instructions.

While working to resolve the issues with your machine, please follow these guidelines:
Please be patient. Logs are lengthy and can take time to analyze.
Read and follow my directions carefully, in the sequence they are posted. If you are unsure about anything, please ask for clarification before continuing.
Use only those tools that you have been directed to use.
Do not install or uninstall any applications or run any other scans without being directed to do so.
Copy and Paste the log files inside your post. Do not send them as attachments unless otherwise instructed.
Stay with me until your machine has been deemed all clear.
Please reply within 3 days of each posting to avoid closing this topic. If you need more time to complete tasks, or if you will be away, please let me know in advance.

fbfbfb
2013-06-26, 04:20
Hello, terimccurdy.

Thank you for including your DDS and aswMBR logs. DDS should have produced a second log named attach.txt and saved it to your desk top. If it is there, please submit this log to me. If you are unable to locate this report, please rerun DDS and submit both reports.

Please run the following scans

1. Security Check

Please download Security Check from HERE (http://screen317.spywareinfoforum.org/SecurityCheck.exe) or HERE (http://screen317.changelog.fr/SecurityCheck.exe). Save it to your Desktop. Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box. A Notepad document should open automatically called checkup.txt. This may take a few minutes.
Please copy and paste the contents of that document into your next reply.

2. ComboFix

Note: Before you begin, please read through these instructions completely, noting all important messages and warnings.

Please download ComboFix from HERE (http://www.bleepingcomputer.com/download/combofix/dl/12/) or HERE (http://www.infospyware.net/antimalware/combofix/).
Very Important! Save ComboFix.exe to to your Desktop.

Close all browsers.
Disable your AntiVirus and AntiSpyware applications as they can interfere with running ComboFix. To disable any security programs:

Right click on the System Tray icon, or
Refer to this link HERE (http://forums.whatthetech.com/index.php?showtopic=96260&pid=494216#entry494216) for further assistance.
Double click on ComboFix.exe and follow the prompts. ComboFix will automatically check to see if the Microsoft Windows Recovery Console is installed.

Note: If Combofix asks you to install the Microsoft Windows Recovery Console, please allow it.
If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.



http://www.bleepstatic.com/combofix/en/recovery-console-prompt.jpg

When prompted, agree to the End-User License Agreement to begin installation.
If ComboFix asks you to update the program, please do so.
Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:



http://www.bleepstatic.com/combofix/en/recovery-console-installed.jpg

Click on Yes, to continue scanning for malware.
When finished, ComboFix will produce a log for you. Please include the C:\ComboFix.txt in your next reply.
Warnings:

Do not mouse-click on ComboFix's window while it is running. This may cause it to stall.
Do not re-run ComboFix. If problems occur with the installation or running of ComboFix, please reply back for further instructions.
Do not attempt to surf the internet while ComboFix is scanning.
Note: If there is no internet connection after running ComboFix, reboot your computer to restore the connection.

Very Important! Make sure you re-enable your security programs when ComboFix is finished.

SUMMARY: In your next reply, please post the following:

attach.txt
Security Check report
ComboFix log

fbfbfb
2013-06-28, 18:30
Hello, terimccurdy.

Are you there? Do you still need help?