Page 6 of 7 FirstFirst ... 234567 LastLast
Results 51 to 60 of 64

Thread: smitfraud-c.generic

  1. #51
    Member
    Join Date
    Feb 2013
    Location
    Valencia
    Posts
    46

    Default

    After I used the tfc I could not get the pc to boot up properly. You mentioned it could be a problem, so the first time I waited 20 minutes, and then did a hard shut down. It did the same thing again and so I did the shut down and put it into safe mode. Seems better now.

  2. #52
    Senior Member
    Join Date
    Apr 2010
    Posts
    463

    Default

    Hello diane7

    After I used the tfc I could not get the pc to boot up properly.
    Thats very odd. A slight delay can sometimes happen but 20 minutes is a little long....

    Are you able to boot the machine normally now? Is it still taking a long time to boot?
    Proud Graduate of the WTT Classroom

  3. #53
    Member
    Join Date
    Feb 2013
    Location
    Valencia
    Posts
    46

    Default

    It is normal now!

  4. #54
    Senior Member
    Join Date
    Apr 2010
    Posts
    463

    Default

    Hello diane7

    Thats good

    Please re-scan your machine with DDS as requested and post the new logs for me to review.
    Proud Graduate of the WTT Classroom

  5. #55
    Member
    Join Date
    Feb 2013
    Location
    Valencia
    Posts
    46

    Default

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume1
    Install Date: 12/11/2009 11:32:52 AM
    System Uptime: 3/16/2013 3:42:13 PM (0 hours ago)
    .
    Motherboard: PEGATRON CORPORATION | | Benicia
    Processor: Pentium(R) Dual-Core CPU E5300 @ 2.60GHz | CPU 1 | 2600/800mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 454 GiB total, 396.428 GiB free.
    D: is FIXED (NTFS) - 12 GiB total, 2.165 GiB free.
    E: is CDROM ()
    F: is Removable
    G: is Removable
    H: is Removable
    I: is Removable
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {eec5ad98-8080-425f-922a-dabf3de3f69a}
    Description: Compact Flash
    Device ID: WPDBUSENUMROOT\UMB\2&37C186B&1&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_GENERIC-&PROD_COMPACT_FLASH&REV_1.01#058F63626476&1#
    Manufacturer: Generic-
    Name: G:\
    PNP Device ID: WPDBUSENUMROOT\UMB\2&37C186B&1&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_GENERIC-&PROD_COMPACT_FLASH&REV_1.01#058F63626476&1#
    Service: WUDFRd
    .
    Class GUID: {eec5ad98-8080-425f-922a-dabf3de3f69a}
    Description: MS/MS-Pro
    Device ID: WPDBUSENUMROOT\UMB\2&37C186B&1&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_GENERIC-&PROD_MS#MS-PRO&REV_1.03#058F63626476&3#
    Manufacturer: Generic-
    Name: I:\
    PNP Device ID: WPDBUSENUMROOT\UMB\2&37C186B&1&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_GENERIC-&PROD_MS#MS-PRO&REV_1.03#058F63626476&3#
    Service: WUDFRd
    .
    Class GUID: {eec5ad98-8080-425f-922a-dabf3de3f69a}
    Description: SD/MMC
    Device ID: WPDBUSENUMROOT\UMB\2&37C186B&1&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_GENERIC-&PROD_SD#MMC&REV_1.00#058F63626476&0#
    Manufacturer: Generic-
    Name: F:\
    PNP Device ID: WPDBUSENUMROOT\UMB\2&37C186B&1&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_GENERIC-&PROD_SD#MMC&REV_1.00#058F63626476&0#
    Service: WUDFRd
    .
    Class GUID: {eec5ad98-8080-425f-922a-dabf3de3f69a}
    Description: SM/xD-Picture
    Device ID: WPDBUSENUMROOT\UMB\2&37C186B&1&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_GENERIC-&PROD_SM#XD-PICTURE&REV_1.02#058F63626476&2#
    Manufacturer: Generic-
    Name: H:\
    PNP Device ID: WPDBUSENUMROOT\UMB\2&37C186B&1&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_GENERIC-&PROD_SM#XD-PICTURE&REV_1.02#058F63626476&2#
    Service: WUDFRd
    .
    ==== System Restore Points ===================
    .
    RP498: 2/23/2013 3:18:11 AM - Scheduled Checkpoint
    RP499: 2/26/2013 10:04:12 PM - Windows Update
    RP500: 3/2/2013 12:33:17 PM - ComboFix created restore point
    RP501: 3/9/2013 7:45:35 PM - Scheduled Checkpoint
    RP502: 3/13/2013 3:00:13 AM - Windows Update
    RP503: 3/14/2013 12:26:07 AM - Windows Update
    .
    ==== Installed Programs ======================
    .
    3Dice Casino
    Acrobat.com
    Activate Norton Online Backup
    Adobe AIR
    Adobe Flash Player 11 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Reader 9.5.2
    Adobe Shockwave Player 11.5
    Bejeweled 2 Deluxe
    Bejeweled 3
    Belkin Setup and Router Monitor
    Belkin USB Print and Storage Center
    Best of Slots II
    Big Fish Games: Game Manager
    CCleaner
    Compatibility Pack for the 2007 Office system
    Coupon Printer for Windows
    CyberLink DVD Suite Deluxe
    DirectX for Managed Code Update (Summer 2004)
    eGames GameButler
    eGames Toolbar
    ERUNT 1.1j
    Facebook Video Calling 1.2.0.159
    FreeCell Wonderland
    Google Chrome
    Google Toolbar for Internet Explorer
    Google Update Helper
    Hallmark Card Studio 2
    Hardware Diagnostic Tools
    Hewlett-Packard ACLM.NET v1.2.1.1
    Homepage Protection
    HP Advisor
    HP Customer Experience Enhancements
    HP Games
    HP MAINSTREAM KEYBOARD
    HP MediaSmart Demo
    HP MediaSmart DVD
    HP MediaSmart Movie Themes
    HP MediaSmart Music/Photo/Video
    HP MediaSmart SmartMenu
    HP Odometer
    HP Officejet 4620 series Basic Device Software
    HP Officejet 4620 series Help
    HP Officejet 4620 series Product Improvement Study
    HP Photo Creations
    HP Product Detection
    HP Remote Solution
    HP Setup
    HP Support Assistant
    HP Support Information
    HP Update
    I.R.I.S. OCR
    Intel(R) Graphics Media Accelerator Driver
    Intel(R) Rapid Storage Technology
    Internet Explorer (Enable DEP)
    iSEEK AnswerWorks English Runtime
    J2SE Runtime Environment 5.0
    Java Auto Updater
    Java(TM) 6 Update 32
    LabelPrint
    LightScribe System Software
    Mahjong Escape (TM) - Ancient Japan
    Mahjong Escape: Ancient China 1.0.0.5
    Mahjongg Dimensions
    Mahjongg Dimensions Deluxe (tb) (remove only)
    Mahjongg Master Egyptian Edition
    Malwarebytes Anti-Malware version 1.70.0.1100
    Masque Slots
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 4 Client Profile
    Microsoft Office File Validation Add-In
    Microsoft Office Home and Student 60 day trial
    Microsoft Office PowerPoint Viewer 2007 (English)
    Microsoft Office Professional Edition 2003
    Microsoft Silverlight
    Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2005 Redistributable (x64)
    Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Works
    Mozilla Firefox 13.0.1 (x86 en-US)
    Mozilla Maintenance Service
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    NETGEAR WG111v3 wireless USB 2.0 adapter
    Norton 360
    Pando Media Booster
    PC Matic 1.1.0.36
    PictureMover
    Playalot Games
    Power2Go
    PowerDirector
    PowerRecover
    Quicken 2001 Deluxe
    Realtek High Definition Audio Driver
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
    Sierra Utilities
    Skype Click to Call
    Skype™ 5.10
    Slots from Bally Gaming
    SnapShot
    Solitaire Master 4
    Spybot - Search & Destroy
    System Checkup 3.1
    System Requirements Lab for Intel
    The Weather Channel Desktop 6
    TurboTax 2009
    TurboTax 2009 wcaiper
    TurboTax 2009 WinPerFedFormset
    TurboTax 2009 WinPerReleaseEngine
    TurboTax 2009 WinPerTaxSupport
    TurboTax 2009 wrapper
    TurboTax 2010
    TurboTax 2010 wcaiper
    TurboTax 2010 WinPerFedFormset
    TurboTax 2010 WinPerReleaseEngine
    TurboTax 2010 WinPerTaxSupport
    TurboTax 2010 wrapper
    TurboTax 2011
    TurboTax 2011 wcaiper
    TurboTax 2011 WinPerFedFormset
    TurboTax 2011 WinPerReleaseEngine
    TurboTax 2011 WinPerTaxSupport
    TurboTax 2011 wrapper
    TurboTax 2012
    TurboTax 2012 wcaiper
    TurboTax 2012 WinPerFedFormset
    TurboTax 2012 WinPerReleaseEngine
    TurboTax 2012 WinPerTaxSupport
    TurboTax 2012 wrapper
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
    Video Mover
    Web Publishing Wizard
    .
    ==== Event Viewer Messages From Past Week ========
    .
    3/16/2013 3:42:42 PM, Error: Service Control Manager [7000] - The mrtRate service failed to start due to the following error: This driver has been blocked from loading
    3/16/2013 3:42:42 PM, Error: Application Popup [1060] - \SystemRoot\SysWow64\Drivers\mrtRate.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
    3/14/2013 4:17:55 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
    3/14/2013 4:15:54 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
    3/14/2013 4:15:54 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
    3/14/2013 4:15:52 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
    3/14/2013 4:15:46 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
    3/14/2013 4:15:41 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: BHDrvx64 ccSet_N360 discache eeCtrl IDSVia64 spldr SRTSP SRTSPX SymIRON SymNetS Wanarpv6
    3/14/2013 4:13:25 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.
    3/14/2013 4:13:06 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Spooler service.
    3/14/2013 4:12:37 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
    3/14/2013 4:12:37 PM, Error: Service Control Manager [7000] - The Spybot-S&D 2 Scanner Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    3/14/2013 4:12:36 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MBAMService service.
    3/14/2013 4:11:05 PM, Error: Service Control Manager [7034] - The AffinegyService service terminated unexpectedly. It has done this 1 time(s).
    .
    ==== End Of File ===========================

  6. #56
    Member
    Join Date
    Feb 2013
    Location
    Valencia
    Posts
    46

    Default

    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 9.0.8112.16470 BrowserJavaVersion: 1.6.0_32
    Run by member at 15:47:22 on 2013-03-16
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5110.3293 [GMT -7:00]
    .
    AV: Norton 360 *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
    SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
    FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
    C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
    C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\taskhost.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Windows\system32\msiexec.exe
    C:\Windows\system32\Dwm.exe
    C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe
    C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\ccSvcHst.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe
    C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\ccSvcHst.exe
    C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe
    C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
    C:\Program Files\Belkin\Belkin USB Print and Storage Center\connect.exe
    C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
    C:\Program Files (x86)\Belkin\Router Setup and Monitor\dlnaPlugin.exe
    C:\Windows\system32\taskeng.exe
    c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
    c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
    C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
    C:\Windows\system32\sppsvc.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    \\?\C:\Windows\system32\wbem\WMIADAP.EXE
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.com/
    uLocal Page = www.google.com
    mStart Page = hxxp://www.google.com/
    mLocal Page = hxxp://www.google.com/
    mSearch Page = hxxp://www.google.com/
    mDefault_Page_URL = hxxp://www.google.com/
    mDefault_Search_URL = hxxp://www.google.com/
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: eGames Toolbar: {4E7BD74F-2B8D-469E-85B2-BC27FE9AAE2E} -
    BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
    BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\coieplg.dll
    BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\ips\ipsbho.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
    TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\coieplg.dll
    TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\coieplg.dll
    uRun: [HP Officejet 4620 series (NET)] "C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN29R210JY05RT:NW" -scfn "HP Officejet 4620 series (NET)" -AutoStart 1
    mRun: [UpdatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"
    mRun: [BATINDICATOR] C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe
    mRun: [InstaLAN] "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup
    mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
    StartupFolder: C:\Users\member\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\Windows\Speech\ERUNTcorrectone\AUTOBACK.EXE
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    uPolicies-Explorer: NoDrives = dword:0
    mPolicies-Explorer: NoDrives = dword:0
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
    IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe
    IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
    .
    INFO: HKCU has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    .
    INFO: HKLM has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect119b.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
    DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
    TCP: NameServer = 192.168.2.1
    TCP: Interfaces\{EA537523-3F90-44BF-960A-440561B31138} : DHCPNameServer = 192.168.2.1
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
    Notify: SDWinLogon - SDWinLogon.dll
    SSODL: WebCheck - <orphaned>
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    x64-mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cndt
    x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
    x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
    x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
    x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
    .
    INFO: x64-HKLM has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    x64-Notify: igfxcui - igfxdev.dll
    x64-SSODL: WebCheck - <orphaned>
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\member\AppData\Roaming\Mozilla\Firefox\Profiles\p8ye63aw.default\
    FF - ExtSQL: 2013-02-25 15:20; {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\coFFPlgn
    FF - ExtSQL: 2013-02-25 18:43; {BBDA0591-3099-440a-AA10-41764D9DB4DB}; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\IPSFFPlgn
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 SMR311;Symantec SMR Utility Service 3.1.1;C:\Windows\System32\drivers\SMR311.SYS [2013-2-22 95392]
    R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\1403000.024\symds64.sys [2013-3-4 493656]
    R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\1403000.024\symefa64.sys [2013-3-4 1139800]
    R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\BASHDefs\20130301.001\BHDrvx64.sys [2013-3-5 1388120]
    R1 ccSet_N360;Norton 360 Settings Manager;C:\Windows\System32\drivers\N360x64\1403000.024\ccsetx64.sys [2013-3-4 168096]
    R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\IPSDefs\20130313.001\IDSviA64.sys [2013-3-14 513184]
    R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\1403000.024\ironx64.sys [2013-3-4 224416]
    R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\N360x64\1403000.024\symnets.sys [2013-3-4 432800]
    R2 Belkin Local Backup Service;Belkin Local Backup Service;C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [2012-5-6 181760]
    R2 Belkin Network USB Helper;Belkin Network USB Helper;C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [2012-5-6 55296]
    R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]
    R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-6-17 13336]
    R2 IntuitUpdateServiceV4;Intuit Update Service v4;C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2012-8-23 13672]
    R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-3-14 398184]
    R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-3-14 682344]
    R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\ccsvchst.exe [2013-3-4 144520]
    R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-3-1 1103392]
    R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-3-1 1369624]
    R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-3-1 168384]
    R2 sxuptp;SXUPTP Driver;C:\Windows\System32\drivers\sxuptp.sys [2012-5-6 291352]
    R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-2-23 138912]
    R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-3-14 24176]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-9-9 233472]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S3 PCPitstop Scheduling;PCPitstop Scheduling;C:\Program Files (x86)\PCPitstop\PCPitstopScheduleService.exe [2011-4-5 91304]
    S3 rcmirror;rcmirror;C:\Windows\System32\drivers\rcmirror.sys [2010-1-18 4608]
    S3 RTL8187B;NETGEAR WG111v3 Wireless-G USB Adapter Win7 Driver;C:\Windows\System32\drivers\wg111v3.sys [2010-5-16 446976]
    S3 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-1-31 3289208]
    S3 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-7-1 59392]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-4-6 1255736]
    .
    =============== Created Last 30 ================
    .
    2013-03-14 22:44:56 -------- d-----w- C:\Users\member\AppData\Roaming\Malwarebytes
    2013-03-14 22:44:48 -------- d-----w- C:\ProgramData\Malwarebytes
    2013-03-14 22:44:47 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2013-03-14 22:44:47 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2013-03-14 03:25:28 -------- d-----w- C:\Windows\ERUNT
    2013-03-14 03:25:05 -------- d-----w- C:\JRT
    2013-03-05 00:37:39 796248 ----a-w- C:\Windows\System32\drivers\N360x64\1403000.024\srtsp64.sys
    2013-03-05 00:37:39 493656 ----a-w- C:\Windows\System32\drivers\N360x64\1403000.024\symds64.sys
    2013-03-05 00:37:39 432800 ----a-w- C:\Windows\System32\drivers\N360x64\1403000.024\symnets.sys
    2013-03-05 00:37:39 36952 ----a-w- C:\Windows\System32\drivers\N360x64\1403000.024\srtspx64.sys
    2013-03-05 00:37:39 23448 ----a-r- C:\Windows\System32\drivers\N360x64\1403000.024\symelam.sys
    2013-03-05 00:37:39 224416 ----a-w- C:\Windows\System32\drivers\N360x64\1403000.024\ironx64.sys
    2013-03-05 00:37:39 168096 ----a-w- C:\Windows\System32\drivers\N360x64\1403000.024\ccsetx64.sys
    2013-03-05 00:37:39 1139800 ----a-w- C:\Windows\System32\drivers\N360x64\1403000.024\symefa64.sys
    2013-03-05 00:37:24 -------- d-----w- C:\Windows\System32\drivers\N360x64\1403000.024
    2013-03-03 20:32:47 -------- d-----w- C:\$RECYCLE.BIN
    2013-03-02 20:33:11 98816 ----a-w- C:\Windows\sed.exe
    2013-03-02 20:33:11 256000 ----a-w- C:\Windows\PEV.exe
    2013-03-02 20:33:11 208896 ----a-w- C:\Windows\MBR.exe
    2013-03-01 07:25:04 17272 ----a-w- C:\Windows\System32\sdnclean64.exe
    2013-03-01 07:25:00 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
    2013-03-01 07:23:53 -------- d-----w- C:\Users\member\AppData\Local\Programs
    2013-02-28 03:57:11 -------- d-----w- C:\TDSSKiller_Quarantine
    2013-02-23 04:16:04 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared
    2013-02-23 02:57:45 177312 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
    2013-02-23 02:57:45 -------- d-----w- C:\Program Files\Symantec
    2013-02-23 02:57:45 -------- d-----w- C:\Program Files\Common Files\Symantec Shared
    2013-02-23 02:56:52 -------- d-----w- C:\Program Files (x86)\Norton 360
    2013-02-23 02:56:46 -------- d-----w- C:\Program Files (x86)\NortonInstaller
    2013-02-23 01:46:47 95392 ----a-w- C:\Windows\System32\drivers\SMR311.SYS
    .
    ==================== Find3M ====================
    .
    2013-03-13 07:55:18 73432 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2013-03-13 07:55:18 693976 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2013-02-12 05:45:24 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
    2013-02-12 05:45:22 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
    2013-02-12 05:45:22 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
    2013-02-12 05:45:22 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
    2013-02-12 04:48:31 474112 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
    2013-02-12 04:48:26 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
    2013-02-02 06:57:02 2312704 ----a-w- C:\Windows\System32\jscript9.dll
    2013-02-02 06:47:24 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
    2013-02-02 06:47:19 1392128 ----a-w- C:\Windows\System32\wininet.dll
    2013-02-02 06:42:18 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
    2013-02-02 06:41:51 599040 ----a-w- C:\Windows\System32\vbscript.dll
    2013-02-02 06:38:01 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
    2013-02-02 03:38:35 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2013-02-02 03:30:32 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2013-02-02 03:30:21 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
    2013-02-02 03:26:47 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
    2013-02-02 03:26:21 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
    2013-02-02 03:23:28 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2013-01-13 21:17:03 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
    2013-01-13 21:17:02 2560 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
    2013-01-13 21:16:42 10752 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
    2013-01-13 21:12:46 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
    2013-01-13 21:11:21 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
    2013-01-13 21:11:08 5632 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
    2013-01-13 21:11:07 5632 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
    2013-01-13 21:11:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
    2013-01-13 21:11:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
    2013-01-13 20:35:31 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
    2013-01-13 20:35:31 2560 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
    2013-01-13 20:35:18 10752 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
    2013-01-13 20:32:07 3584 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
    2013-01-13 20:31:48 4096 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
    2013-01-13 20:31:41 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
    2013-01-13 20:31:40 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
    2013-01-13 20:31:40 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
    2013-01-13 20:31:40 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
    2013-01-13 20:31:00 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll
    2013-01-13 20:22:22 1988096 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
    2013-01-13 20:20:31 293376 ----a-w- C:\Windows\SysWow64\dxgi.dll
    2013-01-13 20:09:00 249856 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll
    2013-01-13 20:08:43 220160 ----a-w- C:\Windows\SysWow64\d3d10core.dll
    2013-01-13 20:08:35 1504768 ----a-w- C:\Windows\SysWow64\d3d11.dll
    2013-01-13 19:59:04 1643520 ----a-w- C:\Windows\System32\DWrite.dll
    2013-01-13 19:58:28 1175552 ----a-w- C:\Windows\System32\FntCache.dll
    2013-01-13 19:54:01 604160 ----a-w- C:\Windows\SysWow64\d3d10level9.dll
    2013-01-13 19:53:58 207872 ----a-w- C:\Windows\SysWow64\WindowsCodecsExt.dll
    2013-01-13 19:53:14 187392 ----a-w- C:\Windows\SysWow64\UIAnimation.dll
    2013-01-13 19:51:30 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
    2013-01-13 19:49:17 363008 ----a-w- C:\Windows\System32\dxgi.dll
    2013-01-13 19:48:47 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll
    2013-01-13 19:46:25 1080832 ----a-w- C:\Windows\SysWow64\d3d10.dll
    2013-01-13 19:43:21 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
    2013-01-13 19:38:39 333312 ----a-w- C:\Windows\System32\d3d10_1core.dll
    2013-01-13 19:38:32 1887232 ----a-w- C:\Windows\System32\d3d11.dll
    2013-01-13 19:38:21 296960 ----a-w- C:\Windows\System32\d3d10core.dll
    2013-01-13 19:37:57 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll
    2013-01-13 19:25:04 245248 ----a-w- C:\Windows\System32\WindowsCodecsExt.dll
    2013-01-13 19:24:33 648192 ----a-w- C:\Windows\System32\d3d10level9.dll
    2013-01-13 19:24:30 221184 ----a-w- C:\Windows\System32\UIAnimation.dll
    2013-01-13 19:20:42 194560 ----a-w- C:\Windows\System32\d3d10_1.dll
    2013-01-13 19:20:04 1238528 ----a-w- C:\Windows\System32\d3d10.dll
    2013-01-13 19:15:40 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
    2013-01-13 19:10:36 3928064 ----a-w- C:\Windows\System32\d2d1.dll
    2013-01-13 19:02:06 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
    2013-01-13 18:34:58 364544 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
    2013-01-13 18:32:43 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
    2013-01-13 18:09:52 522752 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
    2013-01-13 17:26:42 1158144 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
    2013-01-13 17:05:09 1682432 ----a-w- C:\Windows\System32\XpsPrint.dll
    2013-01-05 05:53:43 5553512 ----a-w- C:\Windows\System32\ntoskrnl.exe
    2013-01-05 05:00:15 3967848 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
    2013-01-05 05:00:11 3913064 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
    2013-01-04 06:11:21 2284544 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll
    2013-01-04 06:11:13 2776576 ----a-w- C:\Windows\System32\msmpeg2vdec.dll
    2013-01-04 05:46:09 215040 ----a-w- C:\Windows\System32\winsrv.dll
    2013-01-04 04:51:16 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
    2013-01-04 04:43:21 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
    2013-01-04 03:26:48 3153408 ----a-w- C:\Windows\System32\win32k.sys
    2013-01-04 02:47:35 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
    2013-01-04 02:47:34 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
    2013-01-04 02:47:34 2048 ----a-w- C:\Windows\SysWow64\user.exe
    2013-01-04 02:47:33 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
    2013-01-03 06:00:54 1913192 ----a-w- C:\Windows\System32\drivers\tcpip.sys
    2013-01-03 06:00:42 288088 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
    2012-02-04 18:18:40 689552 ----a-w- C:\Program Files (x86)\2pUninstall Coupon Alert.dll
    2012-02-04 18:18:40 161720 ----a-w- C:\Program Files (x86)\2pres.dll
    2011-03-19 22:50:01 684032 ----a-w- C:\Program Files (x86)\Uninstall Coupon Alert.dll
    .
    ============= FINISH: 15:48:28.34 ===============

  7. #57
    Senior Member
    Join Date
    Apr 2010
    Posts
    463

    Default

    Hello diane7

    Thank you for the logs.

    Lets remove your outdated Java. Once we have taken care of that we will run an online scan to check for anything that may have been missed.

    1. Please un-install your outdated Java


      • Click on "Start" then on "Control Panel" and then on the "Programs and Features" tab.
      • Find the "J2SE Runtime Environment 5.0" program, click on it once and then click on the "uninstall" button.
      • If you are prompted to re-boot your computer to complete the uninstall please do so.


    2. Please run the following scan


      • Note: You will need to use Internet Explorer for this scan.
      • Note for Vista/Windows 7 Users: ESET is compatible but Internet Explorer must be run as Administrator. To do this, right-click on your Internet Explorer icon and select "Run as Administrator".
      • Please disable your real time security programs before performing the scan.



      • Scan your system with Eset Online Scanner
      • Place a check mark in the box YES, I accept the Terms Of Use.
      • Click the button.
      • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps).
      • Click on to download the ESET Smart Installer. Save it to your desktop.
      • Double click on the icon on your desktop.



      • Check
      • Click the button.
      • Accept any security warnings from your browser.
      • Check
      • Make sure that the option to "Remove Found Threats" is UN checked.
      • Push the "Start" button.
      • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
      • When the scan completes, push
      • Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
      • Push the button.
      • Push


      Please post the ESET log in your next reply.
    Proud Graduate of the WTT Classroom

  8. #58
    Member
    Join Date
    Feb 2013
    Location
    Valencia
    Posts
    46

    Default

    C:\ProgramData\Spybot - Search & Destroy\Recovery\SmitfraudCgeneric.zip Win32/Bagle.gen.zip worm
    C:\Qoobox\Quarantine\C\ProgramData\Microsoft\Windows\DRM\2E17.tmp.vir Win64/Olmarik.AR trojan
    C:\Qoobox\Quarantine\C\ProgramData\Microsoft\Windows\DRM\2E27.tmp.vir Win64/Olmarik.AR trojan
    C:\TDSSKiller_Quarantine\02.03.2013_12.26.42\tdlfs0000\tsk0002.dta Win32/Olmarik.AWO trojan
    C:\TDSSKiller_Quarantine\27.02.2013_19.55.16\mbr0000\tdlfs0000\tsk0002.dta Win32/Olmarik.AWO trojan
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\SmitfraudCgeneric.zip Win32/Bagle.gen.zip worm

    Hope I did everything right? Thanks!

  9. #59
    Senior Member
    Join Date
    Apr 2010
    Posts
    463

    Default

    Hello diane7

    Hope I did everything right?
    You certainly did

    All of those detections are for things that have been quarantined by various applications. They cannot harm your machine from their present location.

    Having said that, it would be better if they were not present at all, so lets take care of that now:

    1. Please empty your Spybot Recovery Folder


      • Some of the infections detected by the ESET Online Scan are located in your Spybot Recovery Folder.
      • To empty this folder, please do the following:
      • Open Spybot Search & Destroy, click on "Recovery", select "SmitfraudCgeneric.zip", then click on "purge selected items".
      • Close Spybot.


    2. Please search for and delete the following folder


      • Right-click your "Start" button and select "Explore".
      • Navigate to and delete the following folder in bold.



      • C:\TDSSKiller_Quarantine <== Delete this folder


      Once deleted, Empty your Recycle Bin.

      Your latest DDS logs appear to be malware free, so providing you are no longer having any problems we can remove our tools in the steps below:

    3. Please Uninstall Combofix


      • Hold down the Windows key (has the Windows symbol on it) and press the "R" key.
      • A Run box will open.
      • Type combofix /uninstall in the run box and click "OK". Please note the space between the "x" and the "/Uninstall", it needs to be there.


    4. Removal of Tools


      • You no longer need DDS, aswMBR or TDSSKiller.
      • Please delete them from your machine.



      Once you have completed the above steps you should be good to go! If you have any further questions, please feel free to ask.

    5. Finally, please take the time to read through the information provided below:

      Enhance your System Security

      • For an excellent list of free anti virus software, free online virus scanners, free spyware detection/removal and free firewalls, click here.


      • IMPORTANT! Please make sure you only have ONE firewall and ONE real-time antivirus installed on your system. When using "on demand" scanners, first update the detection signature files, then disconnect from the internet and disable your resident security program before running the scan.
      • Once complete, remember to re-engage your resident security before going online.


      Web Browsers and Browser Security

      Firefox
      • Firefox is generally considered to have greater browsing security in comparison to other popular programs. You can download Firefox 3.0 from here.


      No-Script
      • If you use Firefox as your default browser, No-Script can provide additional security by preventing malicious scripts from being executed on your system.
      • You can download No-Script by clicking here.


      Internet Explorer
      • The newest version of Internet Explorer is available from here.


      SpywareBlaster
      • If you use Internet Explorer as your default browser, SpywareBlaster would be a valuable addition to your online security.
      • SpywareBlaster prevents malicious ActiveX objects from being downloaded onto your system.
      • You can download SpywareBlaster by clicking here.


      Web of Trust
      • When using search engines, Web of Trust provides you with an easy way of telling the good sites from the bad and is compatible with both Firefox and Internet Explorer.
      • Coloured symbols are displayed next to search results, giving you more confidence in the links you choose to click on: Green (To go), Yellow (Caution) and Red (Stop).
      • You can download Web of Trust by clicking here.


      Keep your Software Updated
      • Outdated software can sometimes have vulnerabilities that are exploitable by malware.
      • Check if there are available updates for your installed software with Secunia's Online Software Inspector by clicking here.


      Passwords
      • Learn how to create strong passwords by clicking here and test the strength of the passwords you already use by clicking here.


      General Reading


      Learn How To Combat Malware
      • Would you like to learn how to fight back against malware and help others? Enroll at the What The Tech (Formerly Tom Coyotes) Malware Classroom by clicking here.
    Proud Graduate of the WTT Classroom

  10. #60
    Member
    Join Date
    Feb 2013
    Location
    Valencia
    Posts
    46

    Default

    I will follow your last instructions and want to thank you so very much for your time and patience. You are a godsend! I do have one question if you dont mind? System restore? I know I have seen this computer mention somewhere that there is to much room allocated for it...hence lots of restore points. Isnt that where trojans and malware like to hide? Thank you!!!!!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •