Jump to content

Browsers running really slowly along with other issues


Tashigamea
 Share

Recommended Posts

Recently about a couple weeks ago, someone was talking to me on my computer. So I instantly reset to factory settings. After logging into something called funmoods was on my computer. After running scans with norton and malwarebytes, and manually uninstalling funmoods it seemed the problem was fixed. Now today, my computer blue screened and when startup repair ran after "fixing errors with the disk". I log back on and my internet browsers have been running extremely slow. I'm sure my computer is still compromised but I have no idea waht to do.

 

I was told to post these dds logs so here they are.

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 9.0.8112.16455 BrowserJavaVersion: 10.9.2

Run by Dominique at 19:43:34 on 2012-12-10

Microsoft Windows 7 Home Premium 6.1.7601.1.932.81.1033.18.16332.13282 [GMT -5:00]

.

AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Program Files\IDT\WDM\STacSV64.exe

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\IDT\WDM\AESTSr64.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccSvcHst.exe

C:\Program Files (x86)\AlienRespawn\sftservice.EXE

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\SysWOW64\vmnat.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskhost.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe

C:\Windows\SysWOW64\vmnetdhcp.exe

C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe

C:\Program Files (x86)\AlienRespawn\TOASTER.EXE

C:\Program Files (x86)\AlienRespawn\COMPONENTS\SCHEDULER\STSERVICE.EXE

C:\Program Files (x86)\AlienRespawn\Components\DSUpdate\DSUpd.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\WINDOWS\System32\igfxtray.exe

C:\WINDOWS\System32\hkcmd.exe

C:\WINDOWS\System32\igfxpers.exe

C:\Program Files\Alienware\Command Center\AWCCServiceController.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe

C:\Program Files\Bigfoot Networks\Killer Network Manager\KillerNetManager.exe

C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe

C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccSvcHst.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe

C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe

C:\Program Files\Alienware\Command Center\AlienFusionService.exe

C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

C:\Program Files\Alienware\Command Center\AlienFusionController.exe

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Program Files (x86)\Nero\Update\NASvc.exe

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

C:\Windows\system32\svchost.exe -k SDRSVC

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Dominique\Music\Dj Dicks\putty.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Windows\system32\vssvc.exe

C:\Windows\System32\svchost.exe -k swprv

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uDefault_Page_URL = hxxp://AlienwareArena.com

mStart Page = hxxp://searchfunmoods.com/?f=1&a=download&chnl=download&cd=2XzuyEtN2Y1L1Qzu0DyE0B0E0DzytC0FyB0A0FyEzy0AtDtDtN0D0Tzu0CtAtBzytN1L2XzutBtFtBtFtDtFtAyEyE&cr=1509484442

BHO: Coupon Companion: {11111111-1111-1111-1111-110011441193} - C:\Program Files (x86)\Coupon Companion\Coupon Companion.dll

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\CoIEPlg.dll

BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\IPS\IPSBHO.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\CoIEPlg.dll

TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\CoIEPlg.dll

mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun: [AlienwareOn-ScreenDisplay] C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun: [integrated Webcam Live! Central] "C:\Program Files (x86)\Integrated Webcam\Live! Central\WebcamInt.exe" /mode2

mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BIGFOO~1.LNK - C:\Program Files\Bigfoot Networks\Killer Network Manager\KillerNetManager.exe

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

LSP: %SYSTEMROOT%\system32\BfLLR.dll

LSP: %windir%\system32\vsocklib.dll

TCP: NameServer = 75.75.75.75 75.75.76.76 192.168.1.1

TCP: Interfaces\{943465B7-34AB-4AE2-97F8-62756B960D6D} : DHCPNameServer = 75.75.75.75 75.75.76.76 192.168.1.1

TCP: Interfaces\{AE342B8E-E009-4172-9D6A-36018ECD9FF5} : DHCPNameServer = 75.75.75.75 75.75.76.76 192.168.1.1

TCP: Interfaces\{AE342B8E-E009-4172-9D6A-36018ECD9FF5}\2656C6B696E6534376 : DHCPNameServer = 192.168.2.1

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

AppInit_DLLs= C:\WINDOWS\SysWOW64\nvinit.dll

SSODL: WebCheck - <orphaned>

x64-mStart Page = hxxp://searchfunmoods.com/?f=1&a=download&chnl=download&cd=2XzuyEtN2Y1L1Qzu0DyE0B0E0DzytC0FyB0A0FyEzy0AtDtDtN0D0Tzu0CtAtBzytN1L2XzutBtFtBtFtDtFtAyEyE&cr=1509484442

x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe

x64-Run: [Command Center Controllers] "C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe"

x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe

x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe

x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab

x64-DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab

x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

.

============= SERVICES / DRIVERS ===============

.

R0 EMSC;COMPAL Embedded System Control;C:\Windows\System32\drivers\EMSC.sys [2009-6-26 16752]

R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2012-10-8 30056]

R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-3-21 55856]

R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\System32\drivers\stdcfltn.sys [2012-3-21 21616]

R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NISx64\1402000.013\SymDS64.sys [2012-11-23 493216]

R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NISx64\1402000.013\SymEFA64.sys [2012-11-23 1133216]

R0 vsock;vSockets Driver;C:\Windows\System32\drivers\vsock.sys [2012-11-24 70296]

R1 BfLwf;Bigfoot Networks Bandwidth Control;C:\Windows\System32\drivers\bflwfx64.sys [2011-11-7 69224]

R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\BASHDefs\20121130.005\BHDrvx64.sys [2012-12-3 1384608]

R1 ccSet_NIS;Norton Internet Security Settings Manager;C:\Windows\System32\drivers\NISx64\1402000.013\ccSetx64.sys [2012-11-23 168096]

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-11-25 283200]

R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\IPSDefs\20121205.001\IDSviA64.sys [2012-12-6 513184]

R1 nvkflt;nvkflt;C:\Windows\System32\drivers\nvkflt.sys [2012-10-8 284008]

R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NISx64\1402000.013\Ironx64.sys [2012-11-23 224416]

R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\NISx64\1402000.013\symnets.sys [2012-11-23 432800]

R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2012-3-21 89600]

R2 AlienFusionService;Alienware Fusion Service;C:\Program Files\Alienware\Command Center\AlienFusionService.exe [2011-3-22 15296]

R2 Bigfoot Networks Killer Service;Bigfoot Networks Killer Service;C:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe [2011-11-7 467456]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-2-7 822624]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-3-21 13336]

R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-5-4 503080]

R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccSvcHst.exe [2012-11-23 143928]

R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]

R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\AlienRespawn\SftService.exe [2012-3-21 1695040]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-2 382824]

R2 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2012-10-11 918680]

R3 Acceler;Accelerometer Service;C:\Windows\System32\drivers\Accelern.sys [2012-3-21 27760]

R3 Ak27x64;Killer Wireless-N 1102 device driver;C:\Windows\System32\drivers\Ak27x64.sys [2011-11-7 2740328]

R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2012-3-21 176096]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-11-23 138912]

R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-3-21 317440]

R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2012-3-21 76912]

R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2012-3-21 82432]

R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2012-3-21 181760]

R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2012-3-21 337512]

R3 rzudd;Razer Mouse Driver;C:\Windows\System32\drivers\rzudd.sys [2012-10-24 113664]

R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfswin7.sys [2011-10-1 765288]

R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaywin7.sys [2011-10-1 268648]

R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirwin7.sys [2011-10-1 25960]

R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvolwin7.sys [2011-10-1 22376]

R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]

S2 CLKMSVC10_9EC60124;CyberLink Product - 2012/03/21 03:21:20;C:\Program Files (x86)\Cyberlink\PowerDVD9\NavFilter\kmsvc.exe [2011-8-11 248304]

S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944]

S3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\System32\drivers\btwampfl.sys [2012-3-21 344616]

S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;C:\Program Files (x86)\Steam\SteamApps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [2012-11-25 25832]

S3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2012-3-21 158976]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-12-7 19456]

S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-12-7 57856]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-12-7 30208]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-9-28 53760]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-11-23 1255736]

.

=============== Created Last 30 ================

.

2012-12-11 00:09:26 -------- d-----w- C:\$RECYCLE.BIN

2012-12-11 00:00:31 98816 ----a-w- C:\Windows\sed.exe

2012-12-11 00:00:31 256000 ----a-w- C:\Windows\PEV.exe

2012-12-11 00:00:31 208896 ----a-w- C:\Windows\MBR.exe

2012-12-11 00:00:28 -------- d-s---w- C:\ComboFix

2012-12-10 14:47:00 -------- d-----w- C:\found.000

2012-12-07 06:45:11 458712 ----a-w- C:\Windows\System32\drivers\cng.sys

2012-12-07 06:45:11 340992 ----a-w- C:\Windows\System32\schannel.dll

2012-12-07 06:45:11 307200 ----a-w- C:\Windows\System32\ncrypt.dll

2012-12-07 06:45:11 247808 ----a-w- C:\Windows\SysWow64\schannel.dll

2012-12-07 06:45:11 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll

2012-12-07 06:45:11 154480 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys

2012-12-07 06:45:11 1448448 ----a-w- C:\Windows\System32\lsasrv.dll

2012-12-07 06:45:10 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll

2012-12-07 06:45:10 22016 ----a-w- C:\Windows\SysWow64\secur32.dll

2012-12-07 06:45:09 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll

2012-12-07 06:45:09 366592 ----a-w- C:\Windows\System32\qdvd.dll

2012-12-04 02:07:02 -------- d-----w- C:\Users\Dominique\AppData\Roaming\SUPERAntiSpyware.com

2012-12-04 02:06:57 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com

2012-12-04 01:55:44 -------- d-----w- C:\Users\Dominique\AppData\Roaming\Malwarebytes

2012-12-04 01:55:32 -------- d-----w- C:\ProgramData\Malwarebytes

2012-12-04 01:55:31 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-12-04 01:55:31 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-12-04 00:45:36 -------- d-----w- C:\Windows\SysWow64\Adobe

2012-12-03 01:33:23 -------- d-----w- C:\Users\Dominique\.idlerc

2012-12-03 01:04:25 -------- d-----w- C:\Python24

2012-11-30 16:35:09 -------- d-----w- C:\Program Files\iPod

2012-11-30 16:35:08 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2012-11-30 16:35:08 -------- d-----w- C:\Program Files\iTunes

2012-11-30 16:35:08 -------- d-----w- C:\Program Files (x86)\iTunes

2012-11-26 06:30:10 -------- d-----w- C:\Users\Dominique\AppData\Local\CrashDumps

2012-11-26 05:36:17 -------- d-----w- C:\ProgramData\BioWare

2012-11-26 05:35:48 -------- d-----w- C:\Users\Dominique\AppData\Roaming\NVIDIA

2012-11-26 00:20:49 -------- d-----r- C:\Program Files (x86)\Skype

2012-11-25 18:33:06 -------- d-----w- C:\Users\Dominique\AppData\Local\Chromium

2012-11-25 17:49:26 -------- d-----w- C:\ProgramData\PC-Doctor for Windows

2012-11-25 17:48:59 -------- d-----w- C:\Program Files\AlienAutopsy

2012-11-25 09:51:15 -------- d-----w- C:\Program Files (x86)\Rockstar Games

2012-11-25 09:51:13 9575864 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe

2012-11-25 07:46:36 283200 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys

2012-11-25 07:46:34 -------- d-----w- C:\Users\Dominique\AppData\Roaming\DAEMON Tools Lite

2012-11-25 07:46:33 -------- d-----w- C:\Program Files (x86)\DAEMON Tools Lite

2012-11-25 07:46:02 -------- d-----w- C:\ProgramData\DAEMON Tools Lite

2012-11-25 07:45:24 -------- d-----w- C:\Users\Dominique\AppData\Local\Coupon Companion

2012-11-25 07:45:23 -------- d-----w- C:\Program Files (x86)\Coupon Companion

2012-11-24 19:39:49 -------- d-----w- C:\Users\Dominique\AppData\Local\VMware

2012-11-24 19:39:31 70296 ----a-w- C:\Windows\System32\drivers\vsock.sys

2012-11-24 19:39:31 67224 ----a-w- C:\Windows\System32\vsocklib.dll

2012-11-24 19:39:31 63128 ----a-w- C:\Windows\SysWow64\vsocklib.dll

2012-11-24 19:39:29 67224 ----a-w- C:\Windows\System32\drivers\vmx86.sys

2012-11-24 19:39:29 32920 ----a-w- C:\Windows\System32\drivers\VMkbd.sys

2012-11-24 19:39:04 357016 ----a-w- C:\Windows\SysWow64\vmnetdhcp.exe

2012-11-24 19:39:01 435864 ----a-w- C:\Windows\SysWow64\vmnat.exe

2012-11-24 19:39:01 30360 ----a-w- C:\Windows\System32\drivers\vmnetuserif.sys

2012-11-24 19:38:59 933528 ----a-w- C:\Windows\System32\vnetlib64.dll

2012-11-24 19:38:57 52376 ----a-w- C:\Windows\System32\drivers\hcmon.sys

2012-11-24 19:38:48 -------- d-----w- C:\Program Files\Common Files\VMware

2012-11-24 19:38:45 -------- d-----w- C:\Program Files (x86)\VMware

2012-11-24 19:38:45 -------- d-----w- C:\Program Files (x86)\Common Files\VMware

2012-11-24 18:54:37 -------- d-----w- C:\Users\Dominique\AppData\Roaming\PCDr

2012-11-24 18:52:40 -------- d-----w- C:\ProgramData\PCDr

2012-11-24 09:35:30 -------- d-----w- C:\Users\Dominique\AppData\Local\Adobe

2012-11-24 03:10:17 -------- d-----w- C:\ProgramData\VirtualizedApplications

2012-11-24 00:59:53 -------- d-----w- C:\Users\Dominique\AppData\Roaming\SoftGrid Client

2012-11-24 00:59:53 -------- d-----w- C:\Users\Dominique\AppData\Local\SoftGrid Client

2012-11-24 00:59:07 -------- d-----w- C:\Windows\PCHEALTH

2012-11-24 00:59:07 -------- d-----w- C:\Program Files (x86)\Microsoft Application Virtualization Client

2012-11-24 00:58:19 -------- d-----w- C:\Users\Dominique\AppData\Roaming\TP

2012-11-23 18:57:37 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared

2012-11-23 18:28:34 -------- d-----w- C:\ProgramData\Norton

2012-11-23 18:28:17 -------- d-----w- C:\ProgramData\NortonInstaller

2012-11-23 18:23:53 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

2012-11-23 18:23:49 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2012-11-23 18:22:22 -------- d-----w- C:\Program Files (x86)\MSXML 4.0

2012-11-23 18:09:43 -------- d-----w- C:\Windows\SysWow64\Wat

2012-11-23 18:09:43 -------- d-----w- C:\Windows\System32\Wat

2012-11-23 18:07:34 -------- d-----w- C:\Users\Dominique\AppData\Local\ElevatedDiagnostics

2012-11-23 17:52:22 9728 ----a-w- C:\Windows\System32\Wdfres.dll

2012-11-23 17:52:22 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys

2012-11-23 17:52:22 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys

2012-11-23 17:52:22 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui

2012-11-23 17:36:31 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys

2012-11-23 17:36:31 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys

2012-11-23 17:36:30 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll

2012-11-23 17:36:30 744448 ----a-w- C:\Windows\System32\WUDFx.dll

2012-11-23 17:36:30 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll

2012-11-23 17:36:30 229888 ----a-w- C:\Windows\System32\WUDFHost.exe

2012-11-23 17:36:30 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll

2012-11-23 17:36:05 81408 ----a-w- C:\Windows\System32\imagehlp.dll

2012-11-23 17:36:05 5120 ----a-w- C:\Windows\SysWow64\wmi.dll

2012-11-23 17:36:05 5120 ----a-w- C:\Windows\System32\wmi.dll

2012-11-23 17:36:05 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys

2012-11-23 17:36:05 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll

2012-11-23 17:29:36 -------- d-----w- C:\Users\Dominique\AppData\Local\Apple Computer

2012-11-23 10:33:33 -------- d-----w- C:\Windows\SMINST

2012-11-23 08:58:23 -------- d-----w- C:\Users\Dominique\AppData\Roaming\IDT

2012-11-23 08:56:14 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys

2012-11-23 08:55:36 -------- d-----w- C:\Users\Dominique\AppData\Local\Apple

2012-11-23 08:54:23 -------- d-----w- C:\Program Files\Bonjour

2012-11-23 08:54:23 -------- d-----w- C:\Program Files (x86)\Bonjour

2012-11-23 08:52:47 -------- d-----w- C:\Users\Dominique\AppData\Local\Razer

2012-11-23 08:42:39 -------- d-----w- C:\Users\Dominique\AppData\Local\Google

2012-11-23 08:42:11 -------- d-----w- C:\Users\Dominique\AppData\Local\Deployment

2012-11-23 08:42:11 -------- d-----w- C:\Users\Dominique\AppData\Local\Apps

2012-11-23 08:23:11 1659760 ----a-w- C:\Windows\System32\drivers\ntfs.sys

2012-11-23 08:23:04 1544704 ----a-w- C:\Windows\System32\DWrite.dll

2012-11-23 08:23:03 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll

2012-11-23 08:23:00 886784 ----a-w- C:\Program Files\Common Files\System\wab32.dll

2012-11-23 08:23:00 708608 ----a-w- C:\Program Files (x86)\Common Files\System\wab32.dll

2012-11-23 08:21:46 209920 ----a-w- C:\Windows\System32\profsvc.dll

2012-11-23 08:21:45 220160 ----a-w- C:\Windows\System32\wintrust.dll

2012-11-23 08:21:45 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll

2012-11-23 08:21:42 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

2012-11-23 08:21:42 2048 ----a-w- C:\Windows\System32\tzres.dll

2012-11-23 08:21:29 245760 ----a-w- C:\Windows\System32\OxpsConverter.exe

2012-11-23 08:20:22 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys

2012-11-23 08:18:58 956928 ----a-w- C:\Windows\System32\localspl.dll

2012-11-23 08:08:27 -------- d-----w- C:\Users\Dominique\AppData\Roaming\Roxio Burn

2012-11-23 08:01:21 8199504 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll

2012-11-23 08:01:17 9125352 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{61A0360C-B729-4650-BDD1-B07314AEC174}\mpengine.dll

2012-11-23 07:55:51 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll

2012-11-23 07:55:51 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys

2012-11-23 07:55:51 1031680 ----a-w- C:\Windows\System32\rdpcore.dll

2012-11-23 07:55:42 -------- d-----w- C:\Users\Dominique\AppData\Local\Dell

2012-11-23 07:55:08 -------- d-----w- C:\Users\Dominique\AppData\Roaming\Dell

2012-11-23 07:55:02 -------- d-----w- C:\Users\Dominique\AppData\Roaming\Fingertapps

2012-11-23 07:54:55 -------- d-----w- C:\Users\Dominique\AppData\Roaming\Intel Corporation

2012-11-23 07:54:32 -------- d-----w- C:\Users\Dominique\AppData\Local\VirtualStore

2012-11-23 06:52:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll

2012-11-23 06:52:26 99840 ----a-w- C:\Windows\System32\wudriver.dll

2012-11-23 06:52:08 36864 ----a-w- C:\Windows\System32\wuapp.exe

2012-11-23 06:52:08 186752 ----a-w- C:\Windows\System32\wuwebv.dll

.

==================== Find3M ====================

.

2012-12-07 17:33:27 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-12-07 17:33:27 697272 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2012-11-23 18:56:41 177312 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS

2012-11-23 18:23:47 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2012-11-01 07:34:10 62104 ----a-w- C:\Windows\System32\vmnetbridge.dll

2012-11-01 07:34:10 45720 ----a-w- C:\Windows\System32\drivers\vmnetbridge.sys

2012-11-01 07:34:08 48792 ----a-w- C:\Windows\System32\vnetinst.dll

2012-11-01 07:34:08 24216 ----a-w- C:\Windows\System32\drivers\vmnet.sys

2012-11-01 07:34:08 20120 ----a-w- C:\Windows\System32\drivers\vmnetadapter.sys

2012-11-01 06:02:08 353280 ----a-w- C:\Windows\SysWow64\vmnc.dll

2012-10-29 02:19:02 148480 ----a-w- C:\Windows\SysWow64\rztouchdll.dll

2012-10-29 02:18:58 617472 ----a-w- C:\Windows\SysWow64\rzdevicedll.dll

2012-10-29 02:18:56 165888 ----a-w- C:\Windows\SysWow64\rzaudiodll.dll

2012-10-25 02:18:26 113664 ----a-w- C:\Windows\System32\drivers\rzudd.sys

2012-10-24 19:17:10 85104 ----a-w- C:\Windows\System32\drivers\vmci.sys

2012-10-18 18:25:58 3149824 ----a-w- C:\Windows\System32\win32k.sys

2012-10-16 08:38:37 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll

2012-10-16 08:38:34 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll

2012-10-16 07:39:52 561664 ----a-w- C:\Windows\apppatch\AcLayers.dll

2012-10-11 22:15:06 37680 ----a-w- C:\Windows\System32\drivers\vmusb.sys

2012-10-09 18:17:13 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll

2012-10-09 18:17:13 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll

2012-10-09 17:40:31 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll

2012-10-09 17:40:31 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll

2012-10-09 01:00:02 776864 ----a-r- C:\Windows\System32\drivers\NISx64\1402000.013\srtsp64.sys

2012-10-08 11:31:03 2312704 ----a-w- C:\Windows\System32\jscript9.dll

2012-10-08 11:23:52 1392128 ----a-w- C:\Windows\System32\wininet.dll

2012-10-08 11:22:55 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2012-10-08 11:18:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2012-10-08 11:17:35 599040 ----a-w- C:\Windows\System32\vbscript.dll

2012-10-08 11:13:33 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2012-10-08 07:56:24 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll

2012-10-08 07:48:03 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-10-08 07:47:44 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2012-10-08 07:44:05 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2012-10-08 07:43:21 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll

2012-10-08 07:40:56 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2012-10-04 01:40:35 1133216 ----a-r- C:\Windows\System32\drivers\NISx64\1402000.013\SymEFA64.sys

2012-10-04 01:40:20 493216 ----a-r- C:\Windows\System32\drivers\NISx64\1402000.013\SymDS64.sys

2012-10-04 01:19:14 168096 ----a-r- C:\Windows\System32\drivers\NISx64\1402000.013\ccSetx64.sys

2012-10-03 17:56:54 1914248 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2012-10-03 17:44:21 70656 ----a-w- C:\Windows\System32\nlaapi.dll

2012-10-03 17:44:21 303104 ----a-w- C:\Windows\System32\nlasvc.dll

2012-10-03 17:44:17 246272 ----a-w- C:\Windows\System32\netcorehc.dll

2012-10-03 17:44:17 18944 ----a-w- C:\Windows\System32\netevent.dll

2012-10-03 17:44:16 216576 ----a-w- C:\Windows\System32\ncsi.dll

2012-10-03 17:42:16 569344 ----a-w- C:\Windows\System32\iphlpsvc.dll

2012-10-03 16:42:24 18944 ----a-w- C:\Windows\SysWow64\netevent.dll

2012-10-03 16:42:24 175104 ----a-w- C:\Windows\SysWow64\netcorehc.dll

2012-10-03 16:42:23 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll

2012-10-03 16:07:26 45568 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys

2012-10-02 19:51:15 3536817 ----a-w- C:\Windows\System32\nvcoproc.bin

2012-10-02 19:51:11 3293544 ----a-w- C:\Windows\System32\nvsvc64.dll

2012-10-02 19:51:04 6200680 ----a-w- C:\Windows\System32\nvcpl.dll

2012-10-02 19:50:57 891240 ----a-w- C:\Windows\System32\nvvsvc.exe

2012-10-02 19:50:57 866664 ----a-w- C:\Windows\System32\nv3dappshext.dll

2012-10-02 19:50:57 63336 ----a-w- C:\Windows\System32\nvshext.dll

2012-10-02 19:50:57 55144 ----a-w- C:\Windows\System32\nv3dappshextr.dll

2012-10-02 19:50:57 2557800 ----a-w- C:\Windows\System32\nvsvcr.dll

2012-10-02 19:50:57 118120 ----a-w- C:\Windows\System32\nvmctray.dll

2012-10-02 18:15:52 430952 ----a-w- C:\Windows\SysWow64\nvStreaming.exe

2012-09-28 15:32:56 5989776 ----a-w- C:\Windows\System32\usbaaplrc.dll

2012-09-28 15:32:56 53760 ----a-w- C:\Windows\System32\drivers\usbaapl64.sys

2012-09-25 22:47:43 78336 ----a-w- C:\Windows\SysWow64\synceng.dll

2012-09-25 22:46:17 95744 ----a-w- C:\Windows\System32\synceng.dll

.

============= FINISH: 19:43:42.07 ===============

Link to comment
Share on other sites

Delete Combofix!

 

Next, download AdWareCleaner http://www.bleepingcomputer.com/download/adwcleaner/ to your desktop

 

1.Right-click on adwcleaner.exe and select Run As Administrator to launch the application.

2.Click on Delete button.

3.Confirm each time with OK.

4.Your computer will be rebooted automatically. A text file will open after the restart. Please post the content of that logfile in your reply.

 

Note: You can find the logfile at C:AdwCleaner[sn].txt as well - n is the order number.

 

Posted Image

Link to comment
Share on other sites

# AdwCleaner v2.101 - Logfile created 12/16/2012 at 20:29:46

# Updated 16/12/2012 by Xplode

# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)

# User : Dominique - DOMINIQUE-PC

# Boot Mode : Normal

# Running from : C:UsersDominiqueDesktopAdwCleaner.exe

# Option [Delete]

 

 

***** [services] *****

 

 

***** [Files / Folders] *****

 

File Deleted : C:UsersDominiqueAppDataLocalfunmoods-speeddial_sf.crx

 

***** [Registry] *****

 

Key Deleted : HKCUSoftwareAppDataLowSoftwareCrossrider

Key Deleted : HKCUSoftwareCr_Installer

Key Deleted : HKCUSoftwareGoogleChromeExtensionscjpglkicenollcignonpgiafdgfeehoj

Key Deleted : HKCUSoftwareInstalledBrowserExtensions

Key Deleted : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}

Key Deleted : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}

Key Deleted : HKLMSOFTWAREClassesAppID{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}

Key Deleted : HKLMSOFTWAREClassesAppID{EA28B360-05E0-4F93-8150-02891F1D8D3C}

Key Deleted : HKLMSOFTWAREClassesAppIDesrv.EXE

Key Deleted : HKLMSOFTWAREClassesCrossriderApp0004493.BHO

Key Deleted : HKLMSOFTWAREClassesCrossriderApp0004493.BHO.1

Key Deleted : HKLMSOFTWAREClassesCrossriderApp0004493.Sandbox

Key Deleted : HKLMSOFTWAREClassesCrossriderApp0004493.Sandbox.1

Key Deleted : HKLMSOFTWAREWow6432NodeGoogleChromeExtensionscjpglkicenollcignonpgiafdgfeehoj

Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerSearchScopes{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}

Key Deleted : HKLMSOFTWAREGoogleChromeExtensionsbbjciahceamgodcoidkjpchnokgfpphh

Key Deleted : HKLMSOFTWAREGoogleChromeExtensionscjpglkicenollcignonpgiafdgfeehoj

Key Deleted : HKLMSOFTWAREMicrosoftInternet ExplorerSearchScopes{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}

 

***** [internet Browsers] *****

 

- Internet Explorer v9.0.8112.16457

 

Replaced : [HKLMSOFTWAREMicrosoftInternet ExplorerAboutURls - Tabs] = hxxp://searchfunmoods.com/?f=2&a=download&chnl=download&cd=2XzuyEtN2Y1L1Qzu0DyE0B0E0DzytC0FyB0A0FyEzy0AtDtDtN0D0Tzu0CtAtBzytN1L2XzutBtFtBtFtDtFtAyEyE&cr=1509484442 --> hxxp://www.google.com

Replaced : [HKLMSOFTWAREMicrosoftInternet ExplorerMain - Start Page] = hxxp://searchfunmoods.com/?f=1&a=download&chnl=download&cd=2XzuyEtN2Y1L1Qzu0DyE0B0E0DzytC0FyB0A0FyEzy0AtDtDtN0D0Tzu0CtAtBzytN1L2XzutBtFtBtFtDtFtAyEyE&cr=1509484442 --> hxxp://www.google.com

 

- Google Chrome v23.0.1271.97

 

File : C:UsersDominiqueAppDataLocalGoogleChromeUser DataDefaultPreferences

 

[OK] File is clean.

 

*************************

 

AdwCleaner[s1].txt - [2707 octets] - [16/12/2012 20:29:46]

 

########## EOF - C:AdwCleaner[s1].txt - [2767 octets] ##########

Link to comment
Share on other sites

The browsers run a lot faster now but the computer is really slow on start up.

 

Edit. I'm getting this error screen. appupdater.exe - Application Error, and also c:UsersDominqueDownloads ... the disk structure is corrupted and unreadable. Is this just software related, or is it a different issue?

Edited by Tashigamea
Link to comment
Share on other sites

You have an application that is causing the error message. Totally un-install Google-Chrome ... reboot, then re-install it. Don't choose to download all the add-on extensions that we just cleaned up!

 

(instructions for chrome):

Click 3 horizontal lines in the right corner icon on browser toolbar

Select Settings

Select Basics ->Manage Search engines

Remove unnecessary search engines from list

Go back to settings. On Startup choose open blank page ( you can remove undesired pages from the set pages link too).

Link to comment
Share on other sites

 Share

×
×
  • Create New...