Little things here and there, family computer, not own.

[Phosforic]

So recently having been in and out and not using my own pc, I ran across a few things on the family computer. Idk if they're malware related, and sbsd isn't finding anything but i did see other posts with conduit being a culprit as it was on this computer. Aside from that, I am not able to run SBSD in admin mode to remove 'logs' it shows in it's scan, the internet tells me "you're not currently connected to any networks", but that could be a fault on my part of setting up the router, but it also is almost always showing activity animation even when nothing, that i can see, is using internet access. I've uninstalled conduit as best as i could, and there was another program that i'm guessing was the cause for conduit that i also probably shabbily removed, but i can't recall the name kids game program or other. I've uninstalled and reinstalled SBSD and aren't able to run it in admin mode still, and it had suggested running an automatic scan at startup which becomes unresponsive when scanning the last file. I keep getting errors for Microsoft Essentials telling me i'm not able to complete updates due to no connection, and when i reinstalled essentials i wasn't able to reboot correctly, and haven't been able to since. It'll tell me shutting down, configuring updates, then 'shutting off' and the tower will be running silently, but the screen stays black. Here are results from SBSD of the two logs that can't be removed, if it's any help. Also, a few minutes after windows logs on I receive some errors for 'parsing' from CCC something or other, will post the exact information after I turn off teatimer. Best regards, Jonas. Also, do you think it's malware related or just computer ineptness?


From 'Log' 2 entries, only did a usage track check since those are the only things that come up as an issue, and didn't feel the need to run a full scan again, if necessary will gladly.

DoubleClick: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


Log: Activity: ntbtlog.txt (Backup file, nothing done)
C:\Windows\ntbtlog.txt

Log: Shutdown: System32\wbem\logs\wmiprov.log (Backup file, nothing done)
C:\Windows\System32\wbem\logs\wmiprov.log

Internet Explorer: [SBI $1E8157BE] Typed URL list (1 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1070394170-13485805-302000740-1000\Software\Microsoft\Internet Explorer\TypedURLs

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, nothing done)
C:\Users\Lynn\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Q6SA6PXM\as1.suitesmart.com\6thElement.sol
Properties.size=152
Properties.md5=C754231A78F162F6103B86CFBF97C549
Properties.filedate=1389802072
Properties.filedatetext=2014-01-15 11:07:51

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, nothing done)
C:\Users\Lynn\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Q6SA6PXM\cfiles.5min.com\5minSessionTracker_www.huffingtonpost.com.sol
Properties.size=132
Properties.md5=6235BE4F5A6D1E5E1E0EE0B06666A7BF
Properties.filedate=1389711206
Properties.filedatetext=2014-01-14 09:53:26

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, nothing done)
C:\Users\Lynn\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Q6SA6PXM\cfiles.5min.com\Storage5minCookie.sol
Properties.size=62
Properties.md5=A9A44F54291EB6CD7F30AE31BAE5277C
Properties.filedate=1389711194
Properties.filedatetext=2014-01-14 09:53:14

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, nothing done)
C:\Users\Lynn\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Q6SA6PXM\login.yahoo.com\loginCache.sol
Properties.size=79
Properties.md5=33F3DD906BD3CE5E825C965FCCF82579
Properties.filedate=1389681203
Properties.filedatetext=2014-01-14 01:33:22

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, nothing done)
C:\Users\Lynn\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Q6SA6PXM\s.ytimg.com\soundData.sol
Properties.size=49
Properties.md5=A0EA46CFB3941C1821293B2149ECAA7B
Properties.filedate=1389766953
Properties.filedatetext=2014-01-15 01:22:32

Adobe FlashPlayer Cookies: [SBI $E17C7B50] Text file () (File, nothing done)
C:\Users\Lynn\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Q6SA6PXM\skype.com\#ui\preferences.sol
Properties.size=234
Properties.md5=EA4972C43485884F3668321F0879F7BB
Properties.filedate=1389757814
Properties.filedatetext=2014-01-14 22:50:13

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, nothing done)
C:\Users\Lynn\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Q6SA6PXM\cc1.midasplayer.com\swf\CCMain.swf\giveLifeX.sol
Properties.size=262
Properties.md5=E01C44424BFB168B169DE8648B7F20F9
Properties.filedate=1389788379
Properties.filedatetext=2014-01-15 07:19:38

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, nothing done)
C:\Users\Lynn\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Q6SA6PXM\cc1.midasplayer.com\swf\CCMain.swf\invite_friends.sol
Properties.size=78
Properties.md5=28D2FCBE992E218CAC98193941616114
Properties.filedate=1389791304
Properties.filedatetext=2014-01-15 08:08:24

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, nothing done)
C:\Users\Lynn\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Q6SA6PXM\cc1.midasplayer.com\swf\CCMain.swf\pwf_giveHelp.sol
Properties.size=166
Properties.md5=0A4A204FBC0ECD5892D9D147B4CBF8E0
Properties.filedate=1389740396
Properties.filedatetext=2014-01-14 17:59:55

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, nothing done)
C:\Users\Lynn\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Q6SA6PXM\cc1.midasplayer.com\swf\CCMain.swf\pwf_livesPop.sol
Properties.size=76
Properties.md5=0E34B9797810F954FE17773F308C8E5D
Properties.filedate=1389788369
Properties.filedatetext=2014-01-15 07:19:28

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, nothing done)
C:\Users\Lynn\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Q6SA6PXM\cc1.midasplayer.com\swf\CCMain.swf\pwf_movesPop.sol
Properties.size=76
Properties.md5=D4147F09AC599F363251706260092650
Properties.filedate=1389789639
Properties.filedatetext=2014-01-15 07:40:38

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, nothing done)
C:\Users\Lynn\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Q6SA6PXM\cc1.midasplayer.com\swf\CCMain.swf\receivedBoosterGifts.sol
Properties.size=322
Properties.md5=C03FD213EAB12B4A0CE96CB6601AEB7F
Properties.filedate=1389740371
Properties.filedatetext=2014-01-14 17:59:30

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, nothing done)
C:\Users\Lynn\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Q6SA6PXM\www.omegle.com\static\omegle.swf\omegle.sol
Properties.size=52
Properties.md5=4B6610C93794FA4A3A45CA0BE2543177
Properties.filedate=1389703986
Properties.filedatetext=2014-01-14 07:53:06

MS Direct3D: [SBI $C2A44980] Most recent application (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1070394170-13485805-302000740-1000\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name

Windows Explorer: [SBI $2026AFB6] User Assistant history IE (1 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1070394170-13485805-302000740-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count

Windows Explorer: [SBI $6107D172] User Assistant history files (18 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1070394170-13485805-302000740-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count

Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1070394170-13485805-302000740-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs

Cookie: [SBI $49804B54] Cookie (6) (Cookie, nothing done)


Cache: [SBI $49804B54] Cache (347) (Cache, nothing done)


History: [SBI $49804B54] History (101) (History, nothing done)


Cookie: [SBI $49804B54] Cookie (35) (Cookie, nothing done)


History: [SBI $49804B54] History (41) (History, nothing done)



--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---

2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDShred.exe (1.0.2.5)
2009-01-26 SDUpdate.exe (1.6.0.12)
2009-01-26 SDWinSec.exe (1.0.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-03-05 TeaTimer.exe (1.6.6.32)
2013-12-28 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-11-04 advcheck.dll (1.6.5.20)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2009-01-26 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-26 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2014-01-08 Includes\Adware-000.sbi
2014-01-08 Includes\Adware-001.sbi
2014-01-08 Includes\Adware-C.sbi
2014-01-08 Includes\Adware.sbi
2014-01-03 Includes\AdwareC.sbi
2010-08-13 Includes\Cookies.sbi
2014-01-08 Includes\Dialer-000.sbi
2014-01-08 Includes\Dialer-001.sbi
2014-01-08 Includes\Dialer-C.sbi
2014-01-08 Includes\Dialer.sbi
2013-04-11 Includes\DialerC.sbi
2013-04-11 Includes\HeavyDuty.sbi
2014-01-08 Includes\Hijackers-000.sbi
2014-01-08 Includes\Hijackers-001.sbi
2014-01-08 Includes\Hijackers-C.sbi
2014-01-08 Includes\Hijackers.sbi
2013-04-11 Includes\HijackersC.sbi
2014-01-08 Includes\iPhone-000.sbi
2014-01-08 Includes\iPhone.sbi
2014-01-08 Includes\Keyloggers-000.sbi
2014-01-08 Includes\Keyloggers-C.sbi
2014-01-08 Includes\Keyloggers.sbi
2013-10-30 Includes\KeyloggersC.sbi
2004-11-29 Includes\LSP.sbi
2013-05-29 Includes\Malware.sbi
2014-01-06 Includes\MalwareC.sbi
2012-11-14 Includes\PUPS.sbi
2014-01-07 Includes\PUPSC.sbi
2010-01-25 Includes\Revision.sbi
2014-01-08 Includes\Security-000.sbi
2014-01-08 Includes\Security-C.sbi
2014-01-08 Includes\Security.sbi
2013-10-30 Includes\SecurityC.sbi
2008-06-03 Includes\Spybots.sbi
2008-06-03 Includes\SpybotsC.sbi
2014-01-08 Includes\Spyware-000.sbi
2014-01-08 Includes\Spyware-001.sbi
2014-01-08 Includes\Spyware-C.sbi
2014-01-08 Includes\Spyware.sbi
2013-08-06 Includes\SpywareC.sbi
2012-11-19 Includes\Tracks.uti (*)
2013-01-16 Includes\Trojans.sbi
2013-12-11 Includes\TrojansC-02.sbi
2013-12-10 Includes\TrojansC-03.sbi
2014-01-07 Includes\TrojansC-04.sbi
2013-06-13 Includes\TrojansC-05.sbi
2013-08-06 Includes\TrojansC.sbi
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll



DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16526
Run by Lynn at 23:12:20 on 2014-01-15
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uWindow Title = Internet Explorer, optimized for Bing and MSN
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: {6C8DB2EC-499B-4897-A784-0E3186C97E9D} - <orphaned>
uRun: [DW7] "c:\program files\the weather channel\the weather channel app\TWCApp.exe"
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil32_11_9_900_170_Plugin.exe -update plugin
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
dRunOnce: [SpUninstallDeleteDir] rmdir /s /q "\SearchProtect"
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{547EBCD8-F443-46FF-ACC6-753E28572E1F} : DHCPNameServer = 192.168.1.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\31.0.1650.63\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\lynn\appdata\roaming\mozilla\firefox\profiles\tlx9jl26.default\
FF - prefs.js: browser.startup.homepage - Google.com
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_9_900_170.dll
.
============= SERVICES / DRIVERS ===============
.
.
=============== Created Last 30 ================
.
2014-01-15 08:42:13 7760024 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{82603fc8-35d4-4790-8127-4a5c611053d0}\mpengine.dll
2014-01-14 05:06:17 719224 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{f543d1ea-95b1-43b7-9088-7c59f9f49c73}\gapaengine.dll
2014-01-14 05:05:03 7760024 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2014-01-14 04:34:52 -------- d-----w- c:\program files\Microsoft Security Client
2014-01-14 04:34:10 221568 ----a-w- c:\windows\system32\drivers\netio.sys
2014-01-04 03:45:11 -------- d--h--w- c:\windows\msdownld.tmp
2014-01-04 03:44:58 -------- d-----w- c:\program files\Microsoft
2014-01-04 03:44:19 -------- d--h--w- c:\programdata\Common Files
2014-01-04 03:44:18 -------- d-----w- c:\users\lynn\appdata\local\MFAData
2014-01-04 03:44:18 -------- d-----w- c:\users\lynn\appdata\local\Avg2014
2014-01-04 03:44:18 -------- d-----w- c:\programdata\MFAData
2014-01-04 02:59:06 7760024 ------w- c:\programdata\microsoft\windows defender\definition updates\{f2046fb7-8e4d-4cd5-a893-f7376af4360f}\mpengine.dll
2014-01-04 02:29:36 -------- d-----w- c:\windows\system32\appmgmt
2013-12-31 07:15:54 -------- d-----w- c:\users\lynn\appdata\local\Macromedia
2013-12-30 18:15:54 -------- d-----w- c:\users\lynn\appdata\local\Mozilla
2013-12-30 18:15:12 -------- d-----w- c:\program files\Mozilla Maintenance Service
2013-12-28 03:58:12 -------- d-----w- c:\windows\Migration
2013-12-24 12:51:07 -------- d-----w- c:\windows\system32\SearchProtect
.
==================== Find3M ====================
.
2013-12-31 06:56:51 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-12-31 06:56:50 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-11-19 09:32:04 230048 ------w- c:\windows\system32\MpSigStub.exe
2013-11-14 22:50:50 1806848 ----a-w- c:\windows\system32\jscript9.dll
2013-11-14 22:42:41 1129472 ----a-w- c:\windows\system32\wininet.dll
2013-11-14 22:42:32 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2013-11-14 22:38:54 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2013-11-14 22:38:16 420864 ----a-w- c:\windows\system32\vbscript.dll
2013-11-14 22:35:52 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-10-30 02:13:01 1304064 ----a-w- c:\windows\system32\WMALFXGFXDSP.dll
2013-10-30 02:12:54 335360 ----a-w- c:\windows\system32\SysFxUI.dll
2013-10-30 01:43:04 130048 ----a-w- c:\windows\system32\drivers\drmk.sys
2013-10-30 00:43:06 167936 ----a-w- c:\windows\system32\drivers\portcls.sys
2013-10-30 00:35:24 2050560 ----a-w- c:\windows\system32\win32k.sys
2013-10-22 07:19:59 158208 ----a-w- c:\windows\system32\imagehlp.dll
.
============= FINISH: 23:13:02.32 ===============











aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2014-01-15 23:13:46
-----------------------------
23:13:46.479 OS Version: Windows 6.0.6002 Service Pack 2
23:13:46.480 Number of processors: 1 586 0x5F02
23:13:46.481 ComputerName: COLLECTIVE UserName: Lynn
23:13:48.021 Initialize success
23:34:05.720 AVAST engine defs: 14011401
23:34:33.150 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000050
23:34:33.168 Disk 0 Vendor: WDC_WD16 05.0 Size: 152627MB BusType: 6
23:34:33.657 Disk 0 MBR read successfully
23:34:33.667 Disk 0 MBR scan
23:34:34.684 Disk 0 Windows VISTA default MBR code
23:34:34.707 Disk 0 Partition 1 00 06 FAT16 9800 MB offset 2048
23:34:35.141 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 142825 MB offset 20072448
23:34:35.396 Disk 0 scanning sectors +312578048
23:34:35.787 Disk 0 scanning C:\Windows\system32\drivers
23:35:14.890 Service scanning
23:35:36.061 Service MpKsl4db7864d c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{82603FC8-35D4-4790-8127-4A5C611053D0}\MpKsl4db7864d.sys **LOCKED** 32
23:36:01.232 Modules scanning
23:36:16.615 Disk 0 trace - called modules:
23:36:16.642 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll storport.sys nvstor32.sys
23:36:16.659 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x84f8f1b0]
23:36:16.703 3 CLASSPNP.SYS[861a28b3] -> nt!IofCallDriver -> [0x83974c20]
23:36:16.704 5 acpi.sys[8060a6bc] -> nt!IofCallDriver -> \Device\00000050[0x83974788]
23:36:20.444 AVAST engine scan C:\Windows
23:36:23.661 AVAST engine scan C:\Windows\system32
23:42:10.367 AVAST engine scan C:\Windows\system32\drivers
23:42:33.517 AVAST engine scan C:\Users\Lynn
23:43:10.013 Disk 0 MBR has been saved successfully to "C:\Users\Lynn\Documents\MBR.dat"
23:43:10.151 The log file has been saved successfully to "C:\Users\Lynn\Documents\aswMBR.txt"
23:56:40.609 AVAST engine scan C:\ProgramData
23:57:25.358 Scan finished successfully
00:02:35.280 Disk 0 MBR has been saved successfully to "C:\Users\Lynn\Documents\MBR.dat"
00:02:35.316 The log file has been saved successfully to "C:\Users\Lynn\Documents\aswMBR.txt"

I almost feel like those scans aren't long enough, and some stuff seems a bit unnerving, but the error parsing is from
MOM.exe - Configuration parser error
C:\Windows\Microsoft.NET\Framework\v2.0.50727\config\machine.config
Parser returned error 0xC00CE509

I have the option of OK only then it proceeds to show;

CCC.exe - Configuration parser error
Error Parsing
C:\Windows\Microsoft.NET\Framework\v2.0.50727\config\machine.config
Parser returned error 0xC00E509

But they're just AMD Catalyst conflicts with Windows?

What catches my attention is;
Server = 192.168.1.1
TCP: Interfaces\{547EBCD8-F443-46FF-ACC6-753E28572E1F} : DHCPNameServer = 192.168.1.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\31.0.1650.63\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
Hosts: 127.0.0.1 www.spywareinfo.com

Am I way off?

[ken545]

You do have a bit going on. Have you re-installed your router and got it going ?

Please download AdwCleaner by Xplode and save to your Desktop.

• Double click on AdwCleaner.exe to run the tool.
  Vista/Windows 7/8 users right-click and select Run As Administrator.
• Click on the Scan button.
• AdwCleaner will begin...be patient as the scan may take some time to complete.
• After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
• The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
• Copy and paste the contents of that logfile in your next reply.
• A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

[ken545]

Still need help ?

[ken545]

Due to inactivity, this thread will now be closed.

If it has been three days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a new DDS log with a link to your previous thread. Please do not add any logs that might have been requested in the closed topic, you would be starting fresh.


------------------------------------
New topic:
http://forums.spybot.info/showthread...391#post449391