Jump to content

Jjude

Members
  • Posts

    13
  • Joined

  • Last visited

Reputation

0 Neutral

About Jjude

  • Birthday 09/10/1955
  1. Ive found a bios update on dell for this laptop, but its not something ive ever done, will think about it for a bit. Thank you for all your help, you have been a wonder, hero in my book thank you xx
  2. ive attached a png screen shot of what i see in device manager, the only ref to anything is the usb mouse.
  3. Thanks, Ive just checked that and I can see nothing for either, and Dell are about as useful as a chocolate fire guard.
  4. results of the second scan . no unfortunately i didn't sort kb/mouse , downloaded touchpad driver but it didn't work .still using usb mouse and onboard keyboard . thank you for this help your star. and your 90 min break will give me time to tidy round and get in half hour practice on the piano. ComboFix 12-06-06.02 - Darren 06/06/2012 20:06:04.3.2 - x86 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.44.1033.18.3032.2208 [GMT 1:00] Running from: c:\users\Darren\Desktop\ComboFix.exe Command switches used :: c:\users\Darren\Desktop\CFScript.txt AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((( Files Created from 2012-05-06 to 2012-06-06 ))))))))))))))))))))))))))))))) . . 2012-06-06 19:12 . 2012-06-06 19:12 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-06-06 18:16 . 2012-05-08 16:40 6737808 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{49028A88-32E3-4D99-BFEB-5FA153427D13}\mpengine.dll 2012-06-06 17:57 . 2012-06-06 19:13 -------- d-----w- c:\users\Darren\AppData\Local\temp 2012-06-04 20:17 . 2010-01-10 17:40 118784 ----a-w- c:\windows\system32\MSSTDFMT.DLL 2012-06-04 20:17 . 2010-01-10 17:40 1071088 ----a-w- c:\windows\system32\MSCOMCTL.OCX 2012-06-04 20:17 . 2012-06-04 20:18 -------- d-----w- c:\program files\SpywareBlaster 2012-06-04 20:01 . 2012-06-06 13:44 -------- d-----w- c:\programdata\AVAST Software 2012-06-04 20:01 . 2012-06-04 20:01 -------- d-----w- c:\program files\AVAST Software 2012-06-04 19:15 . 2012-06-04 19:15 -------- d-----w- c:\users\Darren\AppData\Roaming\SUPERAntiSpyware.com 2012-06-04 19:14 . 2012-06-04 19:15 -------- d-----w- c:\program files\SUPERAntiSpyware 2012-06-04 19:14 . 2012-06-04 19:14 -------- d-----w- c:\programdata\SUPERAntiSpyware.com 2012-06-04 18:33 . 2012-05-08 16:40 6737808 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-06-04 13:29 . 2012-06-04 13:29 -------- d-----w- c:\users\Darren\AppData\Roaming\Malwarebytes 2012-06-04 13:28 . 2012-06-04 13:28 -------- d-----w- c:\programdata\Malwarebytes 2012-06-04 13:28 . 2012-04-04 14:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-06-04 13:28 . 2012-06-04 13:28 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-05-13 10:25 . 2012-05-13 10:25 -------- d-sh--w- c:\programdata\BAAQYZS 2012-05-13 10:25 . 2012-05-13 10:25 -------- d-sh--w- c:\programdata\c795ae 2012-05-12 21:49 . 2012-05-12 21:49 -------- d-----w- c:\users\Darren\AppData\Local\AVG Secure Search 2012-05-12 21:49 . 2012-05-12 21:49 -------- d-----w- c:\programdata\AVG Secure Search 2012-05-12 21:49 . 2012-05-12 21:49 -------- d-----w- c:\program files\Common Files\AVG Secure Search 2012-05-12 21:49 . 2012-05-12 21:49 -------- d-----w- c:\program files\AVG Secure Search 2012-05-12 21:46 . 2012-05-12 21:46 -------- d-----w- c:\program files\MSN Toolbar 2012-05-12 21:46 . 2012-05-12 21:46 -------- d-----w- c:\program files\MSN Messenger 2012-05-12 21:45 . 2012-05-12 21:45 -------- d--h--w- c:\programdata\Common Files 2012-05-12 21:42 . 2012-05-12 21:42 -------- d-----w- c:\program files\Microsoft 2012-05-12 21:41 . 2009-09-04 16:44 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll 2012-05-12 21:41 . 2009-09-04 16:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll 2012-05-12 21:41 . 2009-09-04 16:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll 2012-05-12 21:41 . 2006-11-29 12:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll 2012-05-12 21:40 . 2012-06-06 13:39 -------- d-----w- c:\program files\Microsoft Silverlight 2012-05-12 21:39 . 2012-05-12 21:39 7450888 ----a-w- c:\program files\Common Files\Windows Live\.cache\c190166c1cd308703\bingbarsetup.exe 2012-05-12 21:39 . 2012-05-12 21:39 15712 ----a-w- c:\program files\Common Files\Windows Live\.cache\bb38abf11cd308702\MeshBetaRemover.exe 2012-05-12 21:39 . 2012-05-12 21:39 537432 ----a-w- c:\program files\Common Files\Windows Live\.cache\b6d5226f1cd308701\DXSETUP.exe 2012-05-12 21:39 . 2012-05-12 21:39 1801048 ----a-w- c:\program files\Common Files\Windows Live\.cache\b6d5226f1cd308701\dsetup32.dll 2012-05-12 21:39 . 2012-05-12 21:39 89944 ----a-w- c:\program files\Common Files\Windows Live\.cache\b6d5226f1cd308701\DSETUP.dll 2012-05-12 21:38 . 2012-06-04 21:52 -------- d-----w- c:\program files\DealPly 2012-05-09 11:46 . 2012-03-30 10:23 1291632 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-05-09 11:46 . 2012-03-31 04:29 936960 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll 2012-05-09 11:46 . 2012-03-31 04:30 1221632 ----a-w- c:\program files\Windows Journal\NBDoc.DLL 2012-05-09 11:46 . 2012-03-31 04:29 989184 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll 2012-05-09 11:46 . 2012-03-31 04:29 969216 ----a-w- c:\program files\Windows Journal\JNWDRV.dll 2012-05-09 11:46 . 2012-03-31 04:39 3913072 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-09 11:46 . 2012-03-31 04:39 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-05-09 11:46 . 2012-03-31 02:36 2343424 ----a-w- c:\windows\system32\win32k.sys 2012-05-09 11:45 . 2012-03-17 07:27 56176 ----a-w- c:\windows\system32\drivers\partmgr.sys 2012-05-09 11:45 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\system32\DWrite.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-03-20 19:44 . 2011-04-27 14:25 74112 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys 2012-03-20 19:44 . 2011-04-18 12:18 171064 ----a-w- c:\windows\system32\drivers\MpFilter.sys 2012-04-21 01:19 . 2012-06-04 19:09 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{f5046a39-68f3-4732-995f-eb2ea26d93fb}"= "c:\program files\MapNeto_1.1\prxtbMap2.dll" [2011-05-09 176936] . [HKEY_CLASSES_ROOT\clsid\{f5046a39-68f3-4732-995f-eb2ea26d93fb}] . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 2012-05-12 21:49 2067328 ----a-w- c:\program files\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{f5046a39-68f3-4732-995f-eb2ea26d93fb}] 2011-05-09 09:49 176936 ----a-w- c:\program files\MapNeto_1.1\prxtbMap2.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{f5046a39-68f3-4732-995f-eb2ea26d93fb}"= "c:\program files\MapNeto_1.1\prxtbMap2.dll" [2011-05-09 176936] "{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll" [2012-05-12 2067328] . [HKEY_CLASSES_ROOT\clsid\{f5046a39-68f3-4732-995f-eb2ea26d93fb}] . [HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj] . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{F5046A39-68F3-4732-995F-EB2EA26D93FB}"= "c:\program files\MapNeto_1.1\prxtbMap2.dll" [2011-05-09 176936] . [HKEY_CLASSES_ROOT\clsid\{f5046a39-68f3-4732-995f-eb2ea26d93fb}] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-10-26 39408] "Software Informer"="c:\program files\Software Informer\softinfo.exe" [2009-11-25 2011205] "Facebook Update"="c:\users\Darren\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-02-28 137536] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-12-08 421736] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200] "vProt"="c:\program files\AVG Secure Search\vprot.exe" [2012-05-12 1116544] . c:\users\Darren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ BBC iPlayer Desktop.lnk - c:\program files\BBC iPlayer Desktop\BBC iPlayer Desktop.exe [N/A] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . R0 is3srv;is3srv;c:\windows\system32\drivers\is3srv.sys [x] R0 szkg5;szkg5;c:\windows\system32\DRIVERS\szkg.sys [x] R0 szkgfs;szkgfs;c:\windows\system32\drivers\szkgfs.sys [x] R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-10-26 136176] R3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [2011-04-01 183560] R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-10-26 136176] R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2009-09-07 7168] R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-21 129976] R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl.sys [2011-08-02 18432] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-20 74112] R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 214952] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-07-08 1343400] S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880] S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128] S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2011-08-11 116608] S2 BecHelperService;BecHelperService;c:\program files\3 Mobile Broadband\3Connect\BecHelperService.exe [2010-01-28 1737464] S2 vToolbarUpdater11.0.2;vToolbarUpdater11.0.2;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe [2012-05-12 932736] S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2011-05-10 47360] S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-07-13 311296] . . Contents of the 'Scheduled Tasks' folder . 2012-06-04 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2379781473-1076266429-366681059-1000Core.job - c:\users\Darren\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-02-28 21:26] . 2012-06-06 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2379781473-1076266429-366681059-1000UA.job - c:\users\Darren\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-02-28 21:26] . 2012-06-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-10-26 17:34] . 2012-06-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-10-26 17:34] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.msn.co.uk/ uInternet Settings,ProxyOverride = *.local TCP: DhcpNameServer = 192.168.2.1 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\11.0.2\ViProtocol.dll FF - ProfilePath - c:\users\Darren\AppData\Roaming\Mozilla\Firefox\Profiles\oovn7040.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/ . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-2379781473-1076266429-366681059-1000\Software\AppDataLow\Software\Conduit\Community Alerts\Settings\Locales\e*n**.ù̳gS] @Allowed: (Read) (RestrictedCode) @SACL=(02 0001) "LP_LastUpdateTime"="0" "LP_LastCheckTime"=dword:4ed9fea2 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files\Microsoft Security Client\MsMpEng.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\windows\system32\taskhost.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Microsoft\BingBar\SeaPort.EXE c:\windows\system32\conhost.exe c:\program files\iPod\bin\iPodService.exe c:\windows\system32\sppsvc.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\\?\c:\windows\system32\wbem\WMIADAP.EXE . ************************************************************************** . Completion time: 2012-06-06 20:17:35 - machine was rebooted ComboFix-quarantined-files.txt 2012-06-06 19:17 ComboFix2.txt 2012-06-06 18:42 ComboFix3.txt 2012-06-06 17:56 . Pre-Run: 131,732,955,136 bytes free Post-Run: 131,668,398,080 bytes free . - - End Of File - - 57457D9ED7E0333B13C70A4043900DFA
  5. that worked, do you want the log from the first instruction, or should I just go ahead and do the second then post the log.
  6. sorry, already done before I saw your last post, now i cant open IE Firefox or chrome.
  7. i do apologize for keeping you waiting i popped out for a while. ive run cf , here's the log computer seems to be fine thanks ComboFix 12-06-06.02 - Darren 06/06/2012 18:48:10.1.2 - x86 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.44.1033.18.3032.2219 [GMT 1:00] Running from: c:\users\Darren\Desktop\ComboFix.exe AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files\alotappbar c:\program files\alotappbar\alotUninst.exe c:\program files\alotappbar\bin\alotappbar.dll c:\program files\alotappbar\bin\alothelper.dll c:\program files\alotappbar\bin\ALOTSettings.exe c:\program files\alotappbar\bin\alotwidgets.exe c:\program files\alotappbar\bin\BHO\ALOTHelperBHO.dll c:\program files\FilmFanatic c:\program files\FilmFanatic\bar\IE9Mesg\COMMON.T8S c:\program files\FilmFanatic\bar\Message\COMMON.T8S c:\program files\FilmFanatic\bar\Settings\s_pid.dat c:\program files\FilmFanaticEI c:\program files\FilmFanaticEI\Installr\1.bin\NPpaEISb.dll c:\program files\FilmFanaticEI\Installr\1.bin\paEIPlug.dll c:\program files\FilmFanaticEI\Installr\1.bin\paEZSETP.dll c:\program files\TelevisionFanaticEI c:\users\Darren\AppData\Roaming\inst.exe c:\users\Darren\AppData\Roaming\Microsoft\Windows\Recent\ANTIGEN.tmp c:\users\Darren\AppData\Roaming\Microsoft\Windows\Recent\CLSV.exe c:\users\Darren\AppData\Roaming\Microsoft\Windows\Recent\delfile.dll c:\users\Darren\AppData\Roaming\Microsoft\Windows\Recent\dudl.tmp c:\users\Darren\AppData\Roaming\Microsoft\Windows\Recent\energy.drv c:\users\Darren\AppData\Roaming\Microsoft\Windows\Recent\energy.exe c:\users\Darren\AppData\Roaming\Microsoft\Windows\Recent\exec.exe c:\users\Darren\AppData\Roaming\Microsoft\Windows\Recent\FW.dll c:\users\Darren\AppData\Roaming\Microsoft\Windows\Recent\grid.tmp c:\users\Darren\AppData\Roaming\Microsoft\Windows\Recent\hymt.sys c:\users\Darren\AppData\Roaming\Microsoft\Windows\Recent\pal.exe c:\users\Darren\AppData\Roaming\Microsoft\Windows\Recent\pal.sys c:\users\Darren\AppData\Roaming\Microsoft\Windows\Recent\PE.dll c:\users\Darren\AppData\Roaming\Microsoft\Windows\Recent\PE.tmp c:\users\Darren\AppData\Roaming\Microsoft\Windows\Recent\runddl.tmp c:\users\Darren\AppData\Roaming\Microsoft\Windows\Recent\SICKBOY.drv c:\users\Darren\AppData\Roaming\Microsoft\Windows\Recent\sld.dll c:\users\Darren\AppData\Roaming\Microsoft\Windows\Recent\std.tmp c:\users\Darren\AppData\Roaming\Microsoft\Windows\Recent\tjd.drv c:\users\Darren\AppData\Roaming\vso_ts_preview.xml c:\windows\Downloaded Program Files\f3initialsetup1.0.1.1.inf . . ((((((((((((((((((((((((( Files Created from 2012-05-06 to 2012-06-06 ))))))))))))))))))))))))))))))) . . 2012-06-06 17:44 . 2012-06-06 17:44 56200 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{07D36730-7719-453E-9C25-E0CC43AAFF7C}\offreg.dll 2012-06-06 13:48 . 2012-05-08 16:40 6737808 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{07D36730-7719-453E-9C25-E0CC43AAFF7C}\mpengine.dll 2012-06-04 20:17 . 2010-01-10 17:40 118784 ----a-w- c:\windows\system32\MSSTDFMT.DLL 2012-06-04 20:17 . 2010-01-10 17:40 1071088 ----a-w- c:\windows\system32\MSCOMCTL.OCX 2012-06-04 20:17 . 2012-06-04 20:18 -------- d-----w- c:\program files\SpywareBlaster 2012-06-04 20:01 . 2012-06-06 13:44 -------- d-----w- c:\programdata\AVAST Software 2012-06-04 20:01 . 2012-06-04 20:01 -------- d-----w- c:\program files\AVAST Software 2012-06-04 19:15 . 2012-06-04 19:15 -------- d-----w- c:\users\Darren\AppData\Roaming\SUPERAntiSpyware.com 2012-06-04 19:14 . 2012-06-04 19:15 -------- d-----w- c:\program files\SUPERAntiSpyware 2012-06-04 19:14 . 2012-06-04 19:14 -------- d-----w- c:\programdata\SUPERAntiSpyware.com 2012-06-04 18:33 . 2012-05-08 16:40 6737808 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-06-04 13:29 . 2012-06-04 13:29 -------- d-----w- c:\users\Darren\AppData\Roaming\Malwarebytes 2012-06-04 13:28 . 2012-06-04 13:28 -------- d-----w- c:\programdata\Malwarebytes 2012-06-04 13:28 . 2012-04-04 14:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-06-04 13:28 . 2012-06-04 13:28 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-05-13 10:25 . 2012-05-13 10:25 -------- d-sh--w- c:\programdata\BAAQYZS 2012-05-13 10:25 . 2012-05-13 10:25 -------- d-sh--w- c:\programdata\c795ae 2012-05-12 21:49 . 2012-05-12 21:49 -------- d-----w- c:\users\Darren\AppData\Local\AVG Secure Search 2012-05-12 21:49 . 2012-05-12 21:49 -------- d-----w- c:\programdata\AVG Secure Search 2012-05-12 21:49 . 2012-05-12 21:49 -------- d-----w- c:\program files\Common Files\AVG Secure Search 2012-05-12 21:49 . 2012-05-12 21:49 -------- d-----w- c:\program files\AVG Secure Search 2012-05-12 21:46 . 2012-05-12 21:46 -------- d-----w- c:\program files\MSN Toolbar 2012-05-12 21:46 . 2012-05-12 21:46 -------- d-----w- c:\program files\MSN Messenger 2012-05-12 21:45 . 2012-05-12 21:45 -------- d--h--w- c:\programdata\Common Files 2012-05-12 21:42 . 2012-05-12 21:42 -------- d-----w- c:\program files\Microsoft 2012-05-12 21:41 . 2009-09-04 16:44 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll 2012-05-12 21:41 . 2009-09-04 16:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll 2012-05-12 21:41 . 2009-09-04 16:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll 2012-05-12 21:41 . 2006-11-29 12:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll 2012-05-12 21:40 . 2012-06-06 13:39 -------- d-----w- c:\program files\Microsoft Silverlight 2012-05-12 21:39 . 2012-05-12 21:39 7450888 ----a-w- c:\program files\Common Files\Windows Live\.cache\c190166c1cd308703\bingbarsetup.exe 2012-05-12 21:39 . 2012-05-12 21:39 15712 ----a-w- c:\program files\Common Files\Windows Live\.cache\bb38abf11cd308702\MeshBetaRemover.exe 2012-05-12 21:39 . 2012-05-12 21:39 537432 ----a-w- c:\program files\Common Files\Windows Live\.cache\b6d5226f1cd308701\DXSETUP.exe 2012-05-12 21:39 . 2012-05-12 21:39 1801048 ----a-w- c:\program files\Common Files\Windows Live\.cache\b6d5226f1cd308701\dsetup32.dll 2012-05-12 21:39 . 2012-05-12 21:39 89944 ----a-w- c:\program files\Common Files\Windows Live\.cache\b6d5226f1cd308701\DSETUP.dll 2012-05-12 21:38 . 2012-06-04 21:52 -------- d-----w- c:\program files\DealPly 2012-05-09 11:46 . 2012-03-30 10:23 1291632 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-05-09 11:46 . 2012-03-31 04:29 936960 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll 2012-05-09 11:46 . 2012-03-31 04:30 1221632 ----a-w- c:\program files\Windows Journal\NBDoc.DLL 2012-05-09 11:46 . 2012-03-31 04:29 989184 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll 2012-05-09 11:46 . 2012-03-31 04:29 969216 ----a-w- c:\program files\Windows Journal\JNWDRV.dll 2012-05-09 11:46 . 2012-03-31 04:39 3913072 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-09 11:46 . 2012-03-31 04:39 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-05-09 11:46 . 2012-03-31 02:36 2343424 ----a-w- c:\windows\system32\win32k.sys 2012-05-09 11:45 . 2012-03-17 07:27 56176 ----a-w- c:\windows\system32\drivers\partmgr.sys 2012-05-09 11:45 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\system32\DWrite.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-03-20 19:44 . 2011-04-27 14:25 74112 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys 2012-03-20 19:44 . 2011-04-18 12:18 171064 ----a-w- c:\windows\system32\drivers\MpFilter.sys 2012-04-21 01:19 . 2012-06-04 19:09 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{f5046a39-68f3-4732-995f-eb2ea26d93fb}"= "c:\program files\MapNeto_1.1\prxtbMap2.dll" [2011-05-09 176936] . [HKEY_CLASSES_ROOT\clsid\{f5046a39-68f3-4732-995f-eb2ea26d93fb}] . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 2012-05-12 21:49 2067328 ----a-w- c:\program files\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{f5046a39-68f3-4732-995f-eb2ea26d93fb}] 2011-05-09 09:49 176936 ----a-w- c:\program files\MapNeto_1.1\prxtbMap2.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{f5046a39-68f3-4732-995f-eb2ea26d93fb}"= "c:\program files\MapNeto_1.1\prxtbMap2.dll" [2011-05-09 176936] "{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll" [2012-05-12 2067328] . [HKEY_CLASSES_ROOT\clsid\{f5046a39-68f3-4732-995f-eb2ea26d93fb}] . [HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj] . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{F5046A39-68F3-4732-995F-EB2EA26D93FB}"= "c:\program files\MapNeto_1.1\prxtbMap2.dll" [2011-05-09 176936] . [HKEY_CLASSES_ROOT\clsid\{f5046a39-68f3-4732-995f-eb2ea26d93fb}] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-10-26 39408] "Software Informer"="c:\program files\Software Informer\softinfo.exe" [2009-11-25 2011205] "Facebook Update"="c:\users\Darren\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-02-28 137536] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-12-08 421736] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200] "vProt"="c:\program files\AVG Secure Search\vprot.exe" [2012-05-12 1116544] . c:\users\Darren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ BBC iPlayer Desktop.lnk - c:\program files\BBC iPlayer Desktop\BBC iPlayer Desktop.exe [N/A] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . R0 is3srv;is3srv;c:\windows\system32\drivers\is3srv.sys [x] R0 szkg5;szkg5;c:\windows\system32\DRIVERS\szkg.sys [x] R0 szkgfs;szkgfs;c:\windows\system32\drivers\szkgfs.sys [x] R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-10-26 136176] R3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [2011-04-01 183560] R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-10-26 136176] R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2009-09-07 7168] R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-21 129976] R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl.sys [2011-08-02 18432] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-20 74112] R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 214952] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-07-08 1343400] S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880] S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128] S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2011-08-11 116608] S2 BecHelperService;BecHelperService;c:\program files\3 Mobile Broadband\3Connect\BecHelperService.exe [2010-01-28 1737464] S2 vToolbarUpdater11.0.2;vToolbarUpdater11.0.2;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe [2012-05-12 932736] S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2011-05-10 47360] S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-07-13 311296] . . Contents of the 'Scheduled Tasks' folder . 2012-06-04 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2379781473-1076266429-366681059-1000Core.job - c:\users\Darren\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-02-28 21:26] . 2012-06-06 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2379781473-1076266429-366681059-1000UA.job - c:\users\Darren\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-02-28 21:26] . 2012-06-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-10-26 17:34] . 2012-06-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-10-26 17:34] . . ------- Supplementary Scan ------- . uInternet Settings,ProxyOverride = *.local TCP: DhcpNameServer = 192.168.2.1 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\11.0.2\ViProtocol.dll FF - ProfilePath - c:\users\Darren\AppData\Roaming\Mozilla\Firefox\Profiles\oovn7040.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/ FF - user.js: extensions.funmoods_i.hmpg - true FF - user.js: extensions.funmoods_i.hmpgUrl - hxxp://start.funmoods.com/?f=1&a=fmacs FF - user.js: extensions.funmoods_i.dfltSrch - true FF - user.js: extensions.funmoods_i.srchPrvdr - Search FF - user.js: extensions.funmoods_i.dnsErr - true FF - user.js: extensions.funmoods_i.newTab - true FF - user.js: extensions.funmoods_i.newTabUrl - hxxp://start.funmoods.com/?f=2&a=fmacs FF - user.js: extensions.funmoods_i.tlbrSrchUrl - hxxp://start.funmoods.com/results.php?f=3&a=fmacs&q= FF - user.js: extensions.funmoods_i.id - 007eed7b00000000000000225fa43919 FF - user.js: extensions.funmoods_i.instlDay - 15440 FF - user.js: extensions.funmoods_i.vrsn - 1.5.12.2 FF - user.js: extensions.funmoods_i.vrsni - 1.5.12.2 FF - user.js: extensions.funmoods_i.vrsnTs - 1.5.12.220:08 FF - user.js: extensions.funmoods_i.prtnrId - funmoods FF - user.js: extensions.funmoods_i.prdct - funmoods FF - user.js: extensions.funmoods_i.aflt - fmacs FF - user.js: extensions.funmoods_i.smplGrp - none FF - user.js: extensions.funmoods_i.tlbrId - base FF - user.js: extensions.funmoods_i.instlRef - FF - user.js: extensions.funmoods_i.dfltLng - FF - user.js: extensions.funmoods_i.excTlbr - false . - - - - ORPHANS REMOVED - - - - . BHO-{85F5CF95-EC8F-49fc-BB3F-38C79455CBA2} - c:\program files\alotappbar\bin\BHO\ALOTHelperBHO.dll Toolbar-{A531D99C-5A22-449b-83DA-872725C6D0ED} - c:\program files\alotappbar\bin\ALOTHelper.dll WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file) WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file) HKCU-Run-fsm - (no file) AddRemove-alotAppbar - c:\program files\alotappbar\alotUninst.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-2379781473-1076266429-366681059-1000\Software\AppDataLow\Software\Conduit\Community Alerts\Settings\Locales\e*n**.ù̳gS] @Allowed: (Read) (RestrictedCode) @SACL=(02 0001) "LP_LastUpdateTime"="0" "LP_LastCheckTime"=dword:4ed9fea2 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2012-06-06 18:56:58 ComboFix-quarantined-files.txt 2012-06-06 17:56 . Pre-Run: 130,808,455,168 bytes free Post-Run: 131,667,365,888 bytes free . - - End Of File - - 334E6164065B4F14B93FDF8C22AABF44
  8. Hi Thanks again for the help, unfortunately being a dell product things arent always where they should be. the device manager had a number of yellow triangles with an exclamation mark in, not one refering to touchpad or keyboard. there isnt any entry refering to either so thank you for your help and I will refer to dell Much appreciated. Jjude x
  9. Hi, and thank you for looking at my problem. When the laptop was passed to me to see if i could help, I thought it would be beyond my expertise. It is really, but when you get your teeth into something seems the challenge has been took and you want to face it till the end. I do believe I have gotten rid of most the problems, though that was through the programs like Malwarebytes and Superantispyware etc, rather than what I could do. I have now removed Avast, which I put on myself not realising microsoft security was also an AV program (as its not something Ive ever used or saw being used. That is one for my notebook.) When I got the laptop, it had babylon search on chrome which was a pain at first, but hopefull i got rid successfully, mywebsearch was also a problem, and in micro sec, ive just noticed it had quarrentines 2 trojans and a worm, i will remove unless you need the names. The laptop now seems to be working fine, apart from the touchpad mouse and the keyboard. At the moment Im using a USB mouse, and onboard keyboard, which can be a pain if I need to type from that laptop, fortunately I can use my own laptop for that.
  10. Thank you, I have done what you asked, but this morning Im wondering if I should have copied and pasted the results of the scans. I dont want to do it now as I dont want to bump the post.
  11. hi and thank you for any help you can give. i have been using malwarebytes for a very long time and always recomend to newcomers. a friend has a dell inspiron win7 and it was riddled with all sorts, i had to use a usb mouse and onboard keyboard to get this far. mbam cant find anything now nor can superantispyware, avast is clear too. this entry worries me though Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 191318 Time elapsed: 7 minute(s), 47 second(s) my main concern right now is to get mouse and keyboard working is it possible anyone can help? thanks in advance Jjude iwas advisedto run dds and attach these two files thanks in advance . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 9.0.8112.16421 Run by Darren at 22:51:35 on 2012-06-04 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.44.1033.18.3032.2024 [GMT 1:00] . AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\SUPERAntiSpyware\SASCORE.EXE C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\3 Mobile Broadband\3Connect\BecHelperService.exe C:\Windows\system32\taskhost.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Microsoft\BingBar\SeaPort.EXE C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\AVG Secure Search\vprot.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files\Software Informer\softinfo.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\ctfmon.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\System32\osk.exe C:\Windows\system32\conhost.exe . ============== Pseudo HJT Report =============== . uInternet Settings,ProxyOverride = *.local uURLSearchHooks: MapNeto 1.1 Toolbar: {f5046a39-68f3-4732-995f-eb2ea26d93fb} - c:\program files\mapneto_1.1\prxtbMap2.dll mURLSearchHooks: MapNeto 1.1 Toolbar: {f5046a39-68f3-4732-995f-eb2ea26d93fb} - c:\program files\mapneto_1.1\prxtbMap2.dll BHO: ALOT Appbar Helper: {85f5cf95-ec8f-49fc-bb3f-38c79455cba2} - c:\program files\alotappbar\bin\bho\ALOTHelperBHO.dll BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\11.0.0.9\AVG Secure Search_toolbar.dll BHO: DealPly: {a6174f27-1fff-e1d6-a93f-ba48ad5dd448} - c:\program files\dealply\DealPlyIE.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "c:\program files\microsoft\bingbar\BingExt.dll" BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: MapNeto 1.1 Toolbar: {f5046a39-68f3-4732-995f-eb2ea26d93fb} - c:\program files\mapneto_1.1\prxtbMap2.dll TB: MapNeto 1.1 Toolbar: {f5046a39-68f3-4732-995f-eb2ea26d93fb} - c:\program files\mapneto_1.1\prxtbMap2.dll TB: ALOT Appbar: {a531d99c-5a22-449b-83da-872725c6d0ed} - c:\program files\alotappbar\bin\ALOTHelper.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar\BingExt.dll" TB: MSN Toolbar: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\msn toolbar\01.01.2607.0\en-us\msntb.dll TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\11.0.0.9\AVG Secure Search_toolbar.dll TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll TB: {30F9B915-B755-4826-820B-08FBA6BD249D} - No File {e7df6bff-55a5-4eb7-a673-4ed3e9456d39} uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" uRun: [software Informer] "c:\program files\software informer\softinfo.exe" -autorun uRun: [fsm] uRun: [Facebook Update] "c:\users\darren\appdata\local\facebook\update\FacebookUpdate.exe" /c /nocrashserver uRun: [MsnMsgr] "c:\program files\msn messenger\MsnMsgr.Exe" /background mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe" mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey mRun: [vProt] "c:\program files\avg secure search\vprot.exe" mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui StartupFolder: c:\users\darren\appdata\roaming\micros~1\windows\startm~1\programs\startup\bbcipl~1.lnk - c:\program files\bbc iplayer desktop\BBC iPlayer Desktop.exe mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: DhcpNameServer = 192.168.2.1 TCP: Interfaces\{7551D652-7A92-46E1-AB92-1F30EF4A3B8A} : DhcpNameServer = 192.168.2.1 TCP: Interfaces\{8BF824F1-8589-422F-BB39-5FE72C44B99D} : DhcpNameServer = 192.168.2.1 TCP: Interfaces\{8BF824F1-8589-422F-BB39-5FE72C44B99D}\244564F4E4 : DhcpNameServer = 192.168.22.22 192.168.22.23 TCP: Interfaces\{8BF824F1-8589-422F-BB39-5FE72C44B99D}\2445F40756E6A7F6E656D284 : DhcpNameServer = 192.168.22.22 192.168.22.23 TCP: Interfaces\{AF935794-92FD-4F62-B29C-EC67C4B17158} : DhcpNameServer = 82.132.254.2 82.132.254.3 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\11.0.2\ViProtocol.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\users\darren\appdata\roaming\mozilla\firefox\profiles\oovn7040.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/ FF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\11.0.2\npsitesafety.dll FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll FF - plugin: c:\program files\microsoft silverlight\4.0.50401.0\npctrlui.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll FF - plugin: c:\users\darren\appdata\local\facebook\video\skype\npFacebookVideoCalling.dll FF - plugin: c:\users\darren\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll . ---- FIREFOX POLICIES ---- FF - user.js: extensions.funmoods_i.hmpg - true FF - user.js: extensions.funmoods_i.hmpgUrl - hxxp://start.funmoods.com/?f=1&a=fmacs FF - user.js: extensions.funmoods_i.dfltSrch - true FF - user.js: extensions.funmoods_i.srchPrvdr - Search FF - user.js: extensions.funmoods_i.dnsErr - true FF - user.js: extensions.funmoods_i.newTab - true FF - user.js: extensions.funmoods_i.newTabUrl - hxxp://start.funmoods.com/?f=2&a=fmacs FF - user.js: extensions.funmoods_i.tlbrSrchUrl - hxxp://start.funmoods.com/results.php?f=3&a=fmacs&q= FF - user.js: extensions.funmoods_i.id - 007eed7b00000000000000225fa43919 FF - user.js: extensions.funmoods_i.instlDay - 15440 FF - user.js: extensions.funmoods_i.vrsn - 1.5.12.2 FF - user.js: extensions.funmoods_i.vrsni - 1.5.12.2 FF - user.js: extensions.funmoods_i.vrsnTs - 1.5.12.220:08:38 FF - user.js: extensions.funmoods_i.prtnrId - funmoods FF - user.js: extensions.funmoods_i.prdct - funmoods FF - user.js: extensions.funmoods_i.aflt - fmacs FF - user.js: extensions.funmoods_i.smplGrp - none FF - user.js: extensions.funmoods_i.tlbrId - base FF - user.js: extensions.funmoods_i.instlRef - FF - user.js: extensions.funmoods_i.dfltLng - FF - user.js: extensions.funmoods_i.excTlbr - false . ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 171064] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-6-4 612184] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-6-4 337880] R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880] R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664] R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128] R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-12 116608] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-6-4 20696] R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-6-4 57688] R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-6-4 44768] R2 BecHelperService;BecHelperService;c:\program files\3 mobile broadband\3connect\BecHelperService.exe [2011-10-28 1737464] R2 vToolbarUpdater11.0.2;vToolbarUpdater11.0.2;c:\program files\common files\avg secure search\vtoolbarupdater\11.0.2\ToolbarUpdater.exe [2012-5-12 932736] R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-7-13 311296] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-10-26 136176] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888] S3 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-4-1 183560] S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-10-26 136176] S3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2009-9-7 7168] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-6-4 129976] S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [2011-8-2 18432] S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 74112] S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2012-3-26 214952] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2011-5-25 15872] S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-5-25 52224] S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-7-8 1343400] . =============== Created Last 30 ================ . 2012-06-04 20:17:55 118784 ----a-w- c:\windows\system32\MSSTDFMT.DLL 2012-06-04 20:17:55 1071088 ----a-w- c:\windows\system32\MSCOMCTL.OCX 2012-06-04 20:17:20 -------- d-----w- c:\program files\SpywareBlaster 2012-06-04 20:03:06 44376 ----a-w- c:\windows\system32\drivers\aswRdr2.sys 2012-06-04 20:03:04 612184 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-06-04 20:03:00 57688 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2012-06-04 20:01:41 41184 ----a-w- c:\windows\avastSS.scr 2012-06-04 20:01:20 -------- d-----w- c:\programdata\AVAST Software 2012-06-04 20:01:20 -------- d-----w- c:\program files\AVAST Software 2012-06-04 19:15:10 -------- d-----w- c:\users\darren\appdata\roaming\SUPERAntiSpyware.com 2012-06-04 19:14:43 -------- d-----w- c:\programdata\SUPERAntiSpyware.com 2012-06-04 19:14:43 -------- d-----w- c:\program files\SUPERAntiSpyware 2012-06-04 18:33:17 6737808 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{ee4f3722-b18e-4c86-ac16-8bd3f6a91ec6}\mpengine.dll 2012-06-04 13:29:50 -------- d-----w- c:\users\darren\appdata\roaming\Malwarebytes 2012-06-04 13:28:34 -------- d-----w- c:\programdata\Malwarebytes 2012-06-04 13:28:32 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-06-04 13:28:31 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-05-13 10:25:36 -------- d-sh--w- c:\programdata\BAAQYZS 2012-05-13 10:25:20 -------- d-sh--w- c:\programdata\c795ae 2012-05-13 10:05:02 6734704 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll 2012-05-12 21:49:26 -------- d-----w- c:\users\darren\appdata\local\AVG Secure Search 2012-05-12 21:49:09 -------- d-----w- c:\programdata\AVG Secure Search 2012-05-12 21:49:06 -------- d-----w- c:\program files\common files\AVG Secure Search 2012-05-12 21:49:05 -------- d-----w- c:\program files\AVG Secure Search 2012-05-12 21:46:48 -------- d-----w- c:\program files\MSN Toolbar 2012-05-12 21:46:16 -------- d-----w- c:\program files\MSN Messenger 2012-05-12 21:45:22 -------- d--h--w- c:\programdata\Common Files 2012-05-12 21:42:00 -------- d-----w- c:\program files\Microsoft 2012-05-12 21:41:51 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll 2012-05-12 21:41:51 515416 ----a-w- c:\windows\system32\XAudio2_5.dll 2012-05-12 21:41:51 453456 ----a-w- c:\windows\system32\d3dx10_42.dll 2012-05-12 21:41:18 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll 2012-05-12 21:39:51 7450888 ----a-w- c:\program files\common files\windows live\.cache\c190166c1cd308703\bingbarsetup.exe 2012-05-12 21:39:39 15712 ----a-w- c:\program files\common files\windows live\.cache\bb38abf11cd308702\MeshBetaRemover.exe 2012-05-12 21:39:32 537432 ----a-w- c:\program files\common files\windows live\.cache\b6d5226f1cd308701\DXSETUP.exe 2012-05-12 21:39:31 89944 ----a-w- c:\program files\common files\windows live\.cache\b6d5226f1cd308701\DSETUP.dll 2012-05-12 21:39:31 1801048 ----a-w- c:\program files\common files\windows live\.cache\b6d5226f1cd308701\dsetup32.dll 2012-05-12 21:38:10 -------- d-----w- c:\program files\DealPly 2012-05-09 11:46:14 1291632 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-05-09 11:46:12 936960 ----a-w- c:\program files\common files\microsoft shared\ink\journal.dll 2012-05-09 11:46:11 1221632 ----a-w- c:\program files\windows journal\NBDoc.DLL 2012-05-09 11:46:10 989184 ----a-w- c:\program files\windows journal\JNTFiltr.dll 2012-05-09 11:46:10 969216 ----a-w- c:\program files\windows journal\JNWDRV.dll 2012-05-09 11:46:04 3913072 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-09 11:46:03 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-05-09 11:46:02 2343424 ----a-w- c:\windows\system32\win32k.sys 2012-05-09 11:45:55 56176 ----a-w- c:\windows\system32\drivers\partmgr.sys 2012-05-09 11:45:54 1077248 ----a-w- c:\windows\system32\DWrite.dll . ==================== Find3M ==================== . 2012-03-20 19:44:12 74112 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys 2012-03-20 19:44:12 171064 ----a-w- c:\windows\system32\drivers\MpFilter.sys . ============= FINISH: 22:52:31.20 =============== DDS.txt Attach.txt
  12. hi and thank you for any help you can give. i have been using malwarebytes for a very long time and always recomend to newcomers. a friend has a dell inspiron win7 and it was riddled with all sorts, i had to use a usb mouse and onboard keyboard to get this far. mbam cant find anything now nor can superantispyware, avast is clear too. this entry worries me though Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 191318 Time elapsed: 7 minute(s), 47 second(s) my main concern right now is to get mouse and keyboard working is it possible anyone can help? thanks in advance Jjude
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.