Jump to content

supercleann14

Members
 View Profile  See their activity

  • Posts

    3

  • Joined

  • Last visited

Reputation

0 Neutral
  1. supercleann14
    Hey, Thanks for replying. I had no clue I was running 2 anti-virus programs, thank you. Also, I have to apologize for sounding ignorant but are you saying that i can delete the incredibar stuff by uninstalling and reinstalling firefox?
  2. supercleann14
    bump. . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_29 Run by Rey at 21:04:23 on 2012-01-13 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.1790.826 [GMT -5:00] . AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116} AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160} SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\atieclxx.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\SUPERAntiSpyware\SASCORE.EXE C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\M-Audio\Axiom\AudioDevMon.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe -k hpdevmgmt C:\Program Files\Common Files\Motive\McciCMService.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe C:\Program Files\Novatel Wireless\Novacore\Server\NvtlSrvr.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe C:\Windows\system32\svchost.exe -k HPService c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\ATT-SST\McciTrayApp.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Logitech\SetPointP\SetPoint.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\HP\HP Software Update\hpwuschd2.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE C:\Program Files\Windows Sidebar\sidebar.exe C:\Users\Rey\AppData\Local\Google\Update\1.3.21.79\GoogleCrashHandler.exe C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE C:\Users\Rey\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE C:\Program Files\iPod\bin\iPodService.exe C:\Users\Rey\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Rey\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Rey\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Rey\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Rey\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Rey\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Rey\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Rey\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\wuauclt.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe C:\Windows\system32\rundll32.exe C:\Users\Rey\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Rey\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Rey\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Rey\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Rey\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Rey\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.att.net uInternet Settings,ProxyOverride = *.local uURLSearchHooks: H - No File BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~4\office14\GROOVEEX.DLL BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~4\office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn\YTSingleInstance.dll BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll TB: att.net Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll TB: {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll uRun: [Google Update] "c:\users\rey\appdata\local\google\update\GoogleUpdate.exe" /c uRun: [OfficeSyncProcess] "c:\program files\microsoft office\office14\MSOSYNC.EXE" uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun uRun: [iSUSPM Startup] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -startup uRun: [chromium] c:\users\rey\appdata\local\google\chrome\application\chrome.exe --no-startup-window uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe mRun: [ATT-SST_McciTrayApp] "c:\program files\att-sst\McciTrayApp.exe" mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey mRun: [bCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices mRun: [EvtMgr6] c:\program files\logitech\setpointp\SetPoint.exe /launchGaming mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe" mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe mRun: [<NO NAME>] mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" StartupFolder: c:\users\rey\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office14\ONENOTEM.EXE StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~1\micros~4\office14\ONBttnIE.dll/105 IE: {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - c:\program files\pokerstars.net\PokerStarsUpdate.exe IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll Trusted Zone: $talisma_url$ DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: {E0FEE963-BB53-4215-81AD-B28C77384644} - hxxps://pattcw.att.motive.com/wizlet/DSLActivation/static/installer/ATTInternetInstaller.cab TCP: DhcpNameServer = 192.168.1.254 TCP: Interfaces\{10009465-130E-44A2-8277-36236F4312D2} : DhcpNameServer = 192.168.1.254 TCP: Interfaces\{3FCF8642-D66F-4A82-A2C9-CA8CFDB775E6} : DhcpNameServer = 192.168.1.254 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~4\office14\GROOVEEX.DLL . ================= FIREFOX =================== . FF - ProfilePath - c:\users\rey\appdata\roaming\mozilla\firefox\profiles\zcww89nv.default\ FF - prefs.js: browser.search.selectedEngine - MyStart Search FF - prefs.js: browser.startup.homepage - hxxp://mystart.incredibar.com?a=6R8gFpfJwq&i=26 FF - prefs.js: keyword.URL - hxxp://mystart.incredibar.com/?loc=IB_DS&a=6R8gFpfJwq&&i=26&search= FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpClipBook.dll FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpClipBookDB.dll FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpNeoLogger.dll FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSaturn.dll FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSeymour.dll FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSmartSelect.dll FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSmartWebPrinting.dll FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSWPOperation.dll FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXPLogging.dll FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXPMTC.dll FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXPMTL.dll FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXREStub.dll FF - component: c:\users\rey\appdata\roaming\mozilla\firefox\profiles\zcww89nv.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll FF - component: c:\users\rey\appdata\roaming\mozilla\firefox\profiles\zcww89nv.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar-ff3.dll FF - plugin: c:\progra~1\micros~4\office14\NPAUTHZ.DLL FF - plugin: c:\progra~1\micros~4\office14\NPSPWRAP.DLL FF - plugin: c:\program files\common files\motive\npMotive.dll FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll FF - plugin: c:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll FF - plugin: c:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll FF - plugin: c:\users\rey\appdata\local\google\update\1.3.21.79\npGoogleUpdate3.dll . ---- FIREFOX POLICIES ---- FF - user.js: extensions.incredibar_i.newTab - false FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6R8gFpfJwq&loc=IB_TB&i=26&search= FF - user.js: extensions.incredibar_i.id - a899b30b0000000000000c6076270dfb FF - user.js: extensions.incredibar_i.hardId - a899b30b0000000000000c6076270dfb FF - user.js: extensions.incredibar_i.instlDay - 15352 FF - user.js: extensions.incredibar_i.vrsn - 1.5.3.27 FF - user.js: extensions.incredibar_i.vrsni - 1.5.3.27 FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.3.2719:34:21 FF - user.js: extensions.incredibar_i.prtnrId - Incredibar FF - user.js: extensions.incredibar_i.prdct - incredibar FF - user.js: extensions.incredibar_i.aflt - orgnl FF - user.js: extensions.incredibar_i.smplGrp - none FF - user.js: extensions.incredibar_i.tlbrId - base FF - user.js: extensions.incredibar_i.instlRef - FF - user.js: extensions.incredibar_i.dfltLng - FF - user.js: extensions.incredibar_i.excTlbr - false FF - user.js: extensions.incredibar_i.ms_url_id - FF - user.js: extensions.incredibar_i.upn2 - 6R8gFpfJwq FF - user.js: extensions.incredibar_i.upn2n - 92823664528804230 FF - user.js: extensions.incredibar_i.productid - 26 FF - user.js: extensions.incredibar_i.installerproductid - 26 FF - user.js: extensions.incredibar_i.did - 10589 FF - user.js: extensions.incredibar_i.ppd - . ============= SERVICES / DRIVERS =============== . R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2011-4-17 64512] R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24 165648] R1 MpKsl3da855a0;MpKsl3da855a0;c:\programdata\microsoft\microsoft antimalware\definition updates\{b07aad8a-589e-4b10-bd5f-7172bbe9221e}\MpKsl3da855a0.sys [2012-1-12 29904] R1 MpKslda31a9f8;MpKslda31a9f8;c:\programdata\microsoft\microsoft antimalware\definition updates\{b07aad8a-589e-4b10-bd5f-7172bbe9221e}\MpKslda31a9f8.sys [2012-1-13 29904] R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880] R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664] R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128] R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-11 116608] R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-8-18 176128] R2 AxiomAudioDevMon;Axiom Audio Device Monitor;c:\program files\m-audio\axiom\AudioDevMon.exe [2010-2-19 1632776] R2 NIHardwareService;NIHardwareService;c:\program files\common files\native instruments\hardware\NIHardwareService.exe [2010-10-19 3791872] R2 NvtlService;NovaCore SDK Service;c:\program files\novatel wireless\novacore\server\NvtlSrvr.exe [2009-8-24 82432] R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2011-4-12 1153368] R3 a2djavs;a2djavs;c:\windows\system32\drivers\a2djavs.sys [2009-4-21 35216] R3 a2djusb;a2djusb;c:\windows\system32\drivers\a2djusb.sys [2009-4-21 226576] R3 k57nd60x;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\k57nd60x.sys [2009-7-13 229888] R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2010-10-24 43392] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 65024] R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2011-4-27 208944] R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360] R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992] R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504] S2 Adobe Licensing Console;Adobe Licensing Console;c:\windows\system32\msvfd32.exe --> c:\windows\system32\msvfd32.exe [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-12-3 136176] S3 a4djavs;Audio 4 DJ WDM Audio;c:\windows\system32\drivers\a4djavs.sys [2010-10-20 342096] S3 a4djusb;a4djusb;c:\windows\system32\drivers\a4djusb.sys [2010-10-20 88656] S3 a4djusb_svc;Audio 4 DJ;c:\windows\system32\drivers\a4djusb.sys [2010-10-20 88656] S3 AXIOM;Service for M-Audio Axiom;c:\windows\system32\drivers\MAudioAxiom.sys [2010-2-19 115336] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888] S3 gbxavs;gbxavs;c:\windows\system32\drivers\gbxavs.sys [2009-10-8 35408] S3 gbxusb;gbxusb;c:\windows\system32\drivers\gbxusb.sys [2009-10-8 276432] S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-12-3 136176] S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2011-2-28 2152152] S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\lavasoft\ad-aware\kernexplorer.sys [2011-2-28 15232] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2011-6-12 31125880] S3 NWUSBCDFIL;Novatel Wireless Installation CD;c:\windows\system32\drivers\NwUsbCdFil.sys [2008-7-7 20480] S3 NWUSBPort2;Novatel Wireless USB Status2 Port Driver;c:\windows\system32\drivers\nwusbser2.sys [2008-5-9 174336] S3 NWVMModem;Virgin Mobile USB Modem Driver;c:\windows\system32\drivers\nwvmmdm.sys [2009-5-15 174720] S3 NWVMPort;Virgin Mobile USB Status Port Driver;c:\windows\system32\drivers\nwvmser.sys [2009-5-15 174720] S3 NWVMPort2;Virgin Mobile USB Status2 Port Driver;c:\windows\system32\drivers\nwvmser2.sys [2009-5-15 174720] S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000] S3 SL3Usb;SL3 driver;c:\windows\system32\drivers\Sl3.sys [2009-2-16 46184] S3 SMSIVZAM5;SMSIVZAM5 NDIS Protocol Driver;c:\progra~1\verizo~1\vzacce~1\SMSIVZAM5.SYS [2009-3-20 32408] S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-11-12 1343400] . =============== File Associations =============== . regfile="regedit.exe" "%1" . =============== Created Last 30 ================ . 2012-01-13 23:34:06 29904 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{b07aad8a-589e-4b10-bd5f-7172bbe9221e}\MpKslda31a9f8.sys 2012-01-13 04:49:19 388096 ----a-r- c:\users\rey\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe 2012-01-13 04:49:17 -------- d-----w- c:\program files\Trend Micro 2012-01-13 03:33:43 29904 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{b07aad8a-589e-4b10-bd5f-7172bbe9221e}\MpKsl3da855a0.sys 2012-01-13 03:33:38 56200 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{b07aad8a-589e-4b10-bd5f-7172bbe9221e}\offreg.dll 2012-01-13 01:32:22 -------- d-----w- c:\users\rey\appdata\roaming\SUPERAntiSpyware.com 2012-01-13 01:31:19 -------- d-----w- c:\programdata\SUPERAntiSpyware.com 2012-01-13 01:31:19 -------- d-----w- c:\program files\SUPERAntiSpyware 2012-01-13 01:09:28 6823496 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{b07aad8a-589e-4b10-bd5f-7172bbe9221e}\mpengine.dll 2012-01-13 00:35:14 -------- d-----w- c:\users\rey\appdata\local\Conduit 2012-01-13 00:32:59 -------- d-----w- c:\users\rey\appdata\local\TempDIR 2012-01-11 12:02:35 1288984 ----a-w- c:\windows\system32\ntdll.dll 2012-01-11 12:01:39 67072 ----a-w- c:\windows\system32\packager.dll 2012-01-11 12:00:22 1328640 ----a-w- c:\windows\system32\quartz.dll 2012-01-11 12:00:21 514560 ----a-w- c:\windows\system32\qdvd.dll 2012-01-04 03:57:09 -------- d-----w- c:\program files\Steinberg 2012-01-04 03:56:23 -------- d-----w- c:\program files\Camel Audio 2012-01-04 03:56:22 -------- d-----w- c:\programdata\Camel Audio 2012-01-01 02:14:57 -------- d-----w- c:\program files\MixMeister Fusion 2011-12-22 07:43:11 61440 ----a-r- c:\users\rey\appdata\roaming\microsoft\installer\{4db09036-a19c-42f9-b346-3a61c9d6fcd1}\NewShortcut7_B56E5B51EA954C948003CC703E2AFAD5.exe 2011-12-22 07:43:11 61440 ----a-r- c:\users\rey\appdata\roaming\microsoft\installer\{4db09036-a19c-42f9-b346-3a61c9d6fcd1}\NewShortcut1_9046FC1E1C604E8F87F08E640274C274.exe 2011-12-22 07:42:35 -------- d-----w- c:\program files\Serato 2011-12-21 23:39:15 -------- d-----w- c:\program files\iPod 2011-12-21 23:39:14 -------- d-----w- c:\program files\iTunes 2011-12-21 22:24:21 -------- d-----w- c:\users\rey\appdata\roaming\HpUpdate 2011-12-21 22:24:02 -------- d-----w- c:\windows\Hewlett-Packard . ==================== Find3M ==================== . 2011-12-27 10:03:40 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-11-24 04:23:31 2340352 ----a-w- c:\windows\system32\win32k.sys 2011-11-22 12:43:19 275968 ----a-w- c:\windows\system32\REX Shared Library.dll 2011-11-05 04:30:11 2048 ----a-w- c:\windows\system32\tzres.dll 2011-11-03 22:47:42 1798144 ----a-w- c:\windows\system32\jscript9.dll 2011-11-03 22:40:21 1427456 ----a-w- c:\windows\system32\inetcpl.cpl 2011-11-03 22:39:47 1127424 ----a-w- c:\windows\system32\wininet.dll 2011-11-03 22:31:57 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2011-10-26 04:42:38 3901808 ----a-w- c:\windows\system32\ntoskrnl.exe 2011-10-26 04:42:37 3957104 ----a-w- c:\windows\system32\ntkrnlpa.exe 2011-10-26 04:25:28 38912 ----a-w- c:\windows\system32\csrsrv.dll 2011-10-24 19:29:02 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2011-10-24 19:29:02 69632 ----a-w- c:\windows\system32\QuickTime.qts . ============= FINISH: 21:06:00.52 ===============
  3. supercleann14
    Hi, Need help removing mystart incredibar. I tried uninstalling but it seems to pop up on all my web browsers. Last night I was searching about this through another forum and i downloaded and ran 2 programs. SUPERantispyware and HijackThis. Don't know if that helps but thought you should know. Please help I nned this gone asap, Thanks. Malwarebytes Anti-Malware (Trial) 1.60.0.1800 www.malwarebytes.org Database version: v2012.01.13.05 Windows 7 x86 NTFS Internet Explorer 9.0.8112.16421 Rey :: RAY-PC [administrator] Protection: Enabled 1/13/2012 10:04:52 PM mbam-log-2012-01-13 (23-53-16).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 240649 Time elapsed: 12 minute(s), 35 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 1 HKCR\regfile\shell\open\command| (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> No action taken. Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:51:06 PM, on 1/12/2012 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\ATT-SST\McciTrayApp.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Logitech\SetPointP\SetPoint.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\HP\HP Software Update\hpwuschd2.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE C:\Program Files\Windows Sidebar\sidebar.exe C:\Users\Rey\AppData\Local\Google\Update\1.3.21.79\GoogleCrashHandler.exe C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Users\Rey\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\Users\Rey\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Rey\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Rey\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Rey\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Rey\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Rey\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Rey\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Rey\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe C:\Users\Rey\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Rey\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\rundll32.exe C:\Users\Rey\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\wuauclt.exe C:\Windows\system32\NOTEPAD.EXE C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\Windows\system32\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.att.net R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file) O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: att.net Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [ATT-SST_McciTrayApp] "C:\Program Files\ATT-SST\McciTrayApp.exe" O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [Google Update] "C:\Users\Rey\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [iSUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [chromium] C:\Users\Rey\AppData\Local\Google\Chrome\Application\chrome.exe --no-startup-window O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~4\Office14\ONBttnIE.dll/105 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E0FEE963-BB53-4215-81AD-B28C77384644} (WebBrowserType Class) - https://pattcw.att.motive.com/wizlet/DSLActivation/static/installer/ATTInternetInstaller.cab O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE O23 - Service: Adobe Licensing Console - Unknown owner - C:\Windows\system32\msvfd32.exe (file missing) O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Axiom Audio Device Monitor (AxiomAudioDevMon) - M-Audio - C:\Program Files\M-Audio\Axiom\AudioDevMon.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe O23 - Service: McciCMService - Alcatel-Lucent - C:\Program Files\Common Files\Motive\McciCMService.exe O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe O23 - Service: NovaCore SDK Service (NvtlService) - Unknown owner - C:\Program Files\Novatel Wireless\Novacore\Server\NvtlSrvr.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- DDS.txt Attach.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.