[RESOLVED] spywarestriker.exe

**Running_on_Wheel** · March 7th, 2011, 10:46 PM

anyone know what this is ...

my buddy gave me his laptop to clean up ... ive gotten everything off but when i boot up i get the UAC with that .exe trying to 'access his computer'.

ive searched the registry (deleted an entry), and then i searched the pc and deleted 2 links, but it keeps returning.

ive looked thru the startup and msconfig ... but im at my wits end, and i dont want to buy something that more than likely will make this even worse.

thanks in advance!
row

**Broni** · March 7th, 2011, 11:21 PM

Please, complete all steps listed here: http://discussions.virtualdr.com/sho...d.php?t=167915

Please, observe following rules:

Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
If you're stuck, or you're not sure about certain step, always ask before doing anything else.
Please refrain from running tools or applying updates other than those I suggest.
Never run more than one scan at a time.
Keep updating me regarding your computer behavior, good, or bad.
The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

**Running_on_Wheel** · March 10th, 2011, 08:16 AM

will edit this post tonight with my logs

thanks!

**Broni** · March 10th, 2011, 05:13 PM

Don't edit. Post new reply. I don't get any email notification on editing.

**Running_on_Wheel** · March 10th, 2011, 08:15 PM

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5988

Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000

3/8/2011 7:15:35 AM
mbam-log-2011-03-08 (07-15-35).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 293281
Time elapsed: 52 minute(s), 41 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

**Running_on_Wheel** · March 10th, 2011, 08:18 PM

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows Vista Home Premium Edition
Windows Information: Service Pack 1 (build 6001), 64-bit
Base Board Manufacturer: Dell Inc.
BIOS Manufacturer: Dell Inc.
System Manufacturer: Dell Inc.
System Product Name: Studio 1535
Logical Drives Mask: 0x0000001c

Kernel Drivers (total 157):
0x01E62000 \SystemRoot\system32\ntoskrnl.exe
0x01E1C000 \SystemRoot\system32\hal.dll
0x0060F000 \SystemRoot\system32\kdcom.dll
0x00619000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00646000 \SystemRoot\system32\PSHED.dll
0x0065A000 \SystemRoot\system32\CLFS.SYS
0x006B7000 \SystemRoot\system32\CI.dll
0x00806000 \SystemRoot\system32\drivers\Wdf01000.sys
0x008E0000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x008EE000 \SystemRoot\system32\drivers\acpi.sys
0x00944000 \SystemRoot\system32\drivers\WMILIB.SYS
0x0094D000 \SystemRoot\system32\drivers\msisadrv.sys
0x00957000 \SystemRoot\system32\drivers\pci.sys
0x00987000 \SystemRoot\System32\drivers\partmgr.sys
0x0099C000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x009A0000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x009AC000 \SystemRoot\system32\drivers\volmgr.sys
0x00769000 \SystemRoot\System32\drivers\volmgrx.sys
0x009C0000 \SystemRoot\System32\drivers\mountmgr.sys
0x009D3000 \SystemRoot\system32\drivers\atapi.sys
0x009DB000 \SystemRoot\system32\drivers\ataport.SYS
0x007CF000 \SystemRoot\system32\drivers\msahci.sys
0x007D9000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x00A00000 \SystemRoot\system32\drivers\fltmgr.sys
0x00A46000 \SystemRoot\system32\drivers\fileinfo.sys
0x00A5A000 \SystemRoot\System32\Drivers\PxHlpa64.sys
0x00A66000 \SystemRoot\System32\Drivers\ksecdd.sys
0x00C0E000 \SystemRoot\system32\drivers\ndis.sys
0x00AED000 \SystemRoot\system32\drivers\msrpc.sys
0x00B3D000 \SystemRoot\system32\drivers\NETIO.SYS
0x00E01000 \SystemRoot\System32\drivers\tcpip.sys
0x00F75000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x0100F000 \SystemRoot\System32\Drivers\Ntfs.sys
0x01193000 \SystemRoot\system32\drivers\volsnap.sys
0x011D7000 \SystemRoot\System32\Drivers\spldr.sys
0x011DF000 \SystemRoot\System32\Drivers\mup.sys
0x00FA1000 \SystemRoot\System32\drivers\ecache.sys
0x00FCD000 \SystemRoot\system32\drivers\disk.sys
0x00DD1000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x011F1000 \SystemRoot\system32\drivers\crcdisk.sys
0x01000000 \SystemRoot\system32\DRIVERS\avgrkx64.sys
0x00FE1000 \SystemRoot\system32\DRIVERS\AVGIDSEH.Sys
0x00B9F000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x00BAC000 \SystemRoot\system32\DRIVERS\tunmp.sys
0x02002000 \SystemRoot\system32\DRIVERS\igdkmd64.sys
0x0280B000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x028EA000 \SystemRoot\System32\drivers\watchdog.sys
0x028F9000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x02905000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x0294B000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x0295C000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x02A06000 \SystemRoot\system32\DRIVERS\bcmwl664.sys
0x02B57000 \SystemRoot\system32\DRIVERS\k57nd60a.sys
0x02B96000 \SystemRoot\system32\DRIVERS\ohci1394.sys
0x02BA8000 \SystemRoot\system32\DRIVERS\1394BUS.SYS
0x02BB8000 \SystemRoot\system32\DRIVERS\sdbus.sys
0x02BD8000 \SystemRoot\system32\DRIVERS\rimmpx64.sys
0x0296F000 \SystemRoot\system32\DRIVERS\rimspx64.sys
0x02986000 \SystemRoot\system32\DRIVERS\rixdpx64.sys
0x029DD000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x0275D000 \SystemRoot\system32\DRIVERS\Apfiltr.sys
0x02BED000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x02792000 \SystemRoot\system32\DRIVERS\itecir.sys
0x027ED000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x00BB5000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x029F3000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x02BF9000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x02800000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x00BD1000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x02C05000 \SystemRoot\system32\DRIVERS\msiscsi.sys
0x02C3D000 \SystemRoot\system32\DRIVERS\storport.sys
0x02C9A000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x02CA7000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x02CCA000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x02CD6000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x02D07000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x02D17000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x02D35000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x02D4D000 \SystemRoot\system32\DRIVERS\termdd.sys
0x02D5F000 \SystemRoot\system32\DRIVERS\swenum.sys
0x02D61000 \SystemRoot\system32\DRIVERS\ks.sys
0x02D95000 \SystemRoot\system32\DRIVERS\circlass.sys
0x02DA6000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x02DB1000 \SystemRoot\system32\DRIVERS\umbus.sys
0x03004000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x0304B000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x0305F000 \SystemRoot\system32\DRIVERS\stwrt64.sys
0x030D3000 \SystemRoot\system32\DRIVERS\portcls.sys
0x0310E000 \SystemRoot\system32\DRIVERS\drmk.sys
0x03131000 \SystemRoot\system32\drivers\ksthunk.sys
0x03137000 \SystemRoot\system32\drivers\IntcHdmi.sys
0x0315B000 \SystemRoot\system32\DRIVERS\hidir.sys
0x03166000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x03178000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x03180000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0x0318A000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x03195000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x031B1000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x031B3000 \SystemRoot\system32\DRIVERS\OA001Vid.sys
0x02DC1000 \SystemRoot\system32\DRIVERS\OA001Ufd.sys
0x02DEA000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x00BE4000 \SystemRoot\system32\DRIVERS\avgmfx64.sys
0x02DF3000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0x00BF3000 \SystemRoot\System32\Drivers\Null.SYS
0x007E9000 \SystemRoot\System32\drivers\vga.sys
0x03C01000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x03C26000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x03C2F000 \SystemRoot\system32\drivers\rdpencdd.sys
0x03C38000 \SystemRoot\System32\Drivers\Msfs.SYS
0x03C43000 \SystemRoot\System32\Drivers\Npfs.SYS
0x03C54000 \SystemRoot\System32\DRIVERS\rasacd.sys
0x03C5D000 \SystemRoot\system32\DRIVERS\tdx.sys
0x03C7A000 \SystemRoot\system32\DRIVERS\smb.sys
0x03C95000 \SystemRoot\system32\DRIVERS\avgtdia.sys
0x03CF6000 \SystemRoot\System32\DRIVERS\netbt.sys
0x03D3A000 \SystemRoot\system32\drivers\afd.sys
0x03DA7000 \SystemRoot\system32\DRIVERS\pacer.sys
0x03DC5000 \SystemRoot\system32\DRIVERS\netbios.sys
0x03DD4000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x03E02000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x03E50000 \SystemRoot\system32\drivers\nsiproxy.sys
0x03E5C000 \SystemRoot\System32\Drivers\dfsc.sys
0x03E79000 \SystemRoot\system32\DRIVERS\avgldx64.sys
0x03EC9000 \SystemRoot\System32\Drivers\crashdmp.sys
0x03ED7000 \SystemRoot\System32\Drivers\dump_dumpata.sys
0x03EE3000 \SystemRoot\System32\Drivers\dump_msahci.sys
0x00040000 \SystemRoot\System32\win32k.sys
0x03EED000 \SystemRoot\System32\drivers\Dxapi.sys
0x03EF9000 \SystemRoot\system32\DRIVERS\monitor.sys
0x004B0000 \SystemRoot\System32\TSDDD.dll
0x00650000 \SystemRoot\System32\cdd.dll
0x03F0C000 \SystemRoot\system32\drivers\luafv.sys
0x03F2E000 \SystemRoot\system32\drivers\spsys.sys
0x03FC8000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x15205000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x15239000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x15244000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x1525C000 \SystemRoot\system32\drivers\HTTP.sys
0x152FB000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x15324000 \SystemRoot\system32\DRIVERS\bowser.sys
0x15342000 \SystemRoot\System32\drivers\mpsdrv.sys
0x1535C000 \SystemRoot\system32\drivers\mrxdav.sys
0x15383000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x153AC000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x03FDC000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x1560E000 \SystemRoot\System32\DRIVERS\srv2.sys
0x15640000 \SystemRoot\System32\DRIVERS\srv.sys
0x156D6000 \SystemRoot\system32\DRIVERS\AVGIDSFilter.Sys
0x156E2000 \SystemRoot\system32\drivers\peauth.sys
0x15798000 \SystemRoot\System32\Drivers\fastfat.SYS
0x157CD000 \SystemRoot\System32\Drivers\secdrv.SYS
0x157D8000 \SystemRoot\System32\drivers\tcpipreg.sys
0x15E01000 \SystemRoot\system32\DRIVERS\AVGIDSDriver.Sys
0x15E86000 \SystemRoot\system32\DRIVERS\rfcomm.sys
0x15FD1000 \SystemRoot\system32\drivers\BCM42RLY.sys
0x15FDA000 \SystemRoot\system32\DRIVERS\cdfs.sys
0x77400000 \Windows\System32\ntdll.dll

Processes (total 87):
0 System Idle Process
4 System
420 C:\Windows\System32\smss.exe
628 csrss.exe
676 C:\Windows\System32\wininit.exe
688 csrss.exe
732 C:\Windows\System32\services.exe
760 C:\Windows\System32\winlogon.exe
784 C:\Windows\System32\lsass.exe
792 C:\Windows\System32\lsm.exe
940 C:\Windows\System32\svchost.exe
1000 C:\Windows\System32\svchost.exe
460 C:\Windows\System32\svchost.exe
600 C:\Windows\System32\svchost.exe
672 C:\Windows\System32\svchost.exe
948 C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_d0e22e95\stacsv64.exe
1088 C:\Windows\System32\audiodg.exe
1184 C:\Windows\System32\SLsvc.exe
1216 C:\Windows\System32\svchost.exe
1408 C:\Windows\System32\svchost.exe
1532 C:\Windows\System32\WLTRYSVC.EXE
1540 C:\Windows\System32\wlanext.exe
1568 C:\Windows\System32\BCMWLTRY.EXE
1700 C:\Windows\System32\spoolsv.exe
1728 C:\Windows\System32\svchost.exe
1988 C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_d0e22e95\AESTSr64.exe
2020 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1424 C:\Windows\System32\dwm.exe
1492 C:\Windows\System32\taskeng.exe
1876 C:\Windows\explorer.exe
1984 C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
1828 C:\Program Files (x86)\Bonjour\mDNSResponder.exe
2104 C:\Program Files\DellTPad\Apoint.exe
2112 C:\Windows\System32\svchost.exe
2120 C:\Program Files\IDT\WDM\sttray64.exe
2136 C:\Windows\System32\igfxtray.exe
2156 C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
2180 C:\Windows\System32\hkcmd.exe
2232 C:\Windows\System32\igfxpers.exe
2276 C:\Windows\System32\WLTRAY.EXE
2288 C:\Program Files\Windows Sidebar\sidebar.exe
2312 C:\Windows\ehome\ehtray.exe
2412 C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
2504 C:\Windows\System32\svchost.exe
2596 C:\Windows\System32\igfxsrvc.exe
2608 C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
2680 C:\Windows\System32\svchost.exe
2748 C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe
2772 C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
2796 C:\Windows\System32\svchost.exe
2816 C:\Windows\System32\SearchIndexer.exe
2824 C:\Program Files\Dell\QuickSet\quickset.exe
2864 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
2904 C:\Program Files (x86)\Dell\MediaDirect\PCMService.exe
2932 C:\Program Files (x86)\iTunes\iTunesHelper.exe
2996 C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe
3020 C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
2812 C:\Windows\ehome\ehmsas.exe
3372 C:\Program Files (x86)\AVG\AVG10\avgnsa.exe
3380 C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
3400 C:\Program Files (x86)\AVG\AVG10\avgemca.exe
3856 C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
3992 C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe
4084 C:\Program Files (x86)\AVG\AVG10\avgchsva.exe
4092 WmiPrvSE.exe
3908 C:\Program Files (x86)\iPod\bin\iPodService.exe
4260 C:\Program Files\DellTPad\ApMsgFwd.exe
4632 C:\Program Files\DellTPad\ApntEx.exe
4664 C:\Program Files\DellTPad\hidfind.exe
5064 C:\Windows\System32\wbem\unsecapp.exe
4748 C:\Program Files (x86)\Symantec\LiveUpdate\AluSchedulerSvc.exe
1712 C:\Program Files (x86)\Ascentive\Spyware Striker\SBAMSvc.exe
4428 C:\Program Files (x86)\AVG\AVG10\avgtray.exe
5028 C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
2676 C:\PROGRA~2\AVG\AVG10\avgrsa.exe
488 C:\Program Files\Windows Media Player\wmpnscfg.exe
3284 C:\Program Files\Windows Media Player\wmpnetwk.exe
4976 C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe
4472 C:\Windows\SysWOW64\notepad.exe
3152 C:\Windows\System32\taskeng.exe
5480 C:\Windows\System32\wuauclt.exe
5200 C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
5628 C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
5960 C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
2592 C:\Windows\System32\SearchProtocolHost.exe
5156 C:\Windows\System32\SearchFilterHost.exe
4120 C:\Users\Owner\Downloads\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000002`73738a00 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000000`02738a00 (NTFS)

PhysicalDrive0 Model Number: WDCWD3200BEVT-75ZCT1, Rev: 11.01A11

Size Device Name MBR Status
--------------------------------------------
298 GB \\.\PhysicalDrive0 Dell Inspiron MBR code detected
SHA1: AE3E0A945D44C8EA304A19A8F50F69065C34344B

Done!

**Running_on_Wheel** · March 10th, 2011, 08:19 PM

.
DDS (Ver_11-03-05.01) - NTFS_AMD64
Run by Owner at 18:10:50.99 on Thu 03/10/2011
Internet Explorer: 7.0.6001.18000
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.4085.1786 [GMT -6:00]
.
AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: Ascentive AntiMalware *Disabled/Outdated* {EB7B86C7-56E4-8851-2533-24C5CA20ABFA}
SP: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_d0e22e95\STacSV64.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\WLTRYSVC.EXE
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_d0e22e95\AESTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\IDT\WDM\sttray64.exe
C:\Windows\System32\igfxtray.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\igfxsrvc.exe
C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Dell\MediaDirect\PCMService.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe
C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files (x86)\AVG\AVG10\avgnsa.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files (x86)\AVG\AVG10\avgemca.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe
C:\Program Files (x86)\AVG\AVG10\avgchsva.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\iPod\bin\iPodService.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files (x86)\Ascentive\Spyware Striker\SBAMSvc.exe
C:\Program Files (x86)\AVG\AVG10\avgtray.exe
C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\PROGRA~2\AVG\AVG10\avgrsa.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Owner\Downloads\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uWindow Title = Internet Explorer provided by Dell
uDefault_Page_URL = hxxp://www.dell.com
mDefault_Page_URL = hxxp://www.dell.com
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll
mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll
BHO: ooVoo Toolbar: {59c6f12b-f004-43e5-9997-08f2123119b6} - C:\Program Files (x86)\oovootoolbar\oovootoolbarX.dll
BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No File
BHO: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll
BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll
TB: ooVoo Toolbar: {59c6f12b-f004-43e5-9997-08f2123119b6} - C:\Program Files (x86)\oovootoolbar\oovootoolbarX.dll
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [ehTray.exe] C:\Windows\ehome\ehTray.exe
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [ooVoo.exe] C:\Program Files (x86)\ooVoo\oovoo.exe /minimized
uRun: [Google Update] "C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe" /mode2
mRun: [PCMService] "C:\Program Files (x86)\Dell\MediaDirect\PCMService.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Spyware Striker Pro] "C:\Program Files (x86)\Ascentive\Spyware Striker\SpywareStriker.exe" -m
mRun: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\QUICKB~1.LNK - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\QuickSet.lnk - C:\Program Files\Dell\QuickSet\quickset.exe
uPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll
Handler: intu-help-qb1 - {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - C:\Program Files (x86)\Intuit\QuickBooks 2008\HelpAsyncPluggableProtocol.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\System32\mscoree.dll
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg64.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
mRun-x64: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun-x64: [Apoint] C:\Program Files\DellTPad\Apoint.exe
mRun-x64: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray64.exe
mRun-x64: [IgfxTray] C:\Windows\system32\igfxtray.exe
mRun-x64: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
mRun-x64: [Persistence] C:\Windows\system32\igfxpers.exe
mRun-x64: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Hosts: 127.0.0.1 www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;C:\Windows\System32\drivers\AVGIDSEH.sys [2010-9-13 27216]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2010-9-7 30288]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2008-7-25 53488]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2010-12-8 308304]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2010-9-7 41040]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2010-11-12 382032]
R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_d0e22e95\AESTSr64.exe [2008-7-25 86016]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2011-1-6 6128720]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [2010-10-22 265400]
R2 SBAMSvc;AntiMalware;C:\Program Files (x86)\Ascentive\Spyware Striker\SBAMSvc.exe [2009-9-8 1012040]
R2 vseamps;vseamps;C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe [2010-4-8 149544]
R2 vsedsps;vsedsps;C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe [2010-4-8 148008]
R2 vseqrts;vseqrts;C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe [2010-4-8 205352]
R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\AVGIDSDriver.sys [2010-8-3 133712]
R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\System32\drivers\AVGIDSFilter.sys [2010-8-3 35920]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service;C:\Windows\System32\drivers\IntcHdmi.sys [2008-7-25 125440]
R3 itecir;ITECIR Infrared Receiver;C:\Windows\System32\drivers\itecir.sys [2008-7-25 59392]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2008-7-25 239104]
R3 OA001Ufd;Creative Camera OA001 Upper Filter Driver;C:\Windows\System32\drivers\OA001Ufd.sys [2008-7-25 173368]
R3 OA001Vid;Creative Camera OA001 Function Driver;C:\Windows\System32\drivers\OA001Vid.sys [2008-7-25 316184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [2011-3-7 517448]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2008-7-25 36392]
S3 netr28ux;Linksys USB Wireless LAN Card Driver for Vista;C:\Windows\System32\drivers\netr28ux.sys [2007-12-14 709632]
S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2010-9-28 51712]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-7-8 93184]
.
=============== Created Last 30 ================
.
2011-03-09 02:59:10 2424320 ----a-w- C:\Windows\System32\mstscax.dll
2011-03-09 02:59:10 2067456 ----a-w- C:\Windows\SysWow64\mstscax.dll
2011-03-09 02:59:09 730624 ----a-w- C:\Windows\System32\mstsc.exe
2011-03-09 02:59:09 677888 ----a-w- C:\Windows\SysWow64\mstsc.exe
2011-03-09 02:59:08 560128 ----a-w- C:\Windows\System32\EncDec.dll
2011-03-09 02:59:08 429056 ----a-w- C:\Windows\SysWow64\EncDec.dll
2011-03-09 02:59:08 416768 ----a-w- C:\Windows\System32\sbe.dll
2011-03-09 02:59:08 323072 ----a-w- C:\Windows\SysWow64\sbe.dll
2011-03-09 02:59:08 226816 ----a-w- C:\Windows\System32\mpg2splt.ax
2011-03-09 02:59:08 210944 ----a-w- C:\Windows\System32\sbeio.dll
2011-03-09 02:59:08 177664 ----a-w- C:\Windows\SysWow64\mpg2splt.ax
2011-03-09 02:59:08 153088 ----a-w- C:\Windows\SysWow64\sbeio.dll
2011-03-08 02:09:25 -------- d-----w- C:\Windows\pss
2011-03-07 02:31:38 -------- d-----w- C:\Users\Owner\AppData\Roaming\Malwarebytes
2011-03-07 02:31:06 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2011-03-07 02:31:05 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-03-07 02:31:05 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-03-07 02:31:05 -------- d-----w- C:\PROGRA~3\Malwarebytes
2011-03-07 02:12:51 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2011-03-07 02:12:51 -------- d-----w- C:\PROGRA~3\Spybot - Search & Destroy
2011-03-04 05:13:37 -------- d-----w- C:\Program Files (x86)\MemTurbo 4
2011-03-04 03:48:51 -------- d--h--w- C:\$AVG
2011-03-04 03:22:12 -------- d-----w- C:\Users\Owner\AppData\Roaming\AVG10
2011-03-04 03:17:17 -------- d-----w- C:\PROGRA~3\AVG Security Toolbar
2011-03-04 03:16:19 -------- d-----w- C:\Windows\SysWow64\drivers\AVG
2011-03-04 03:13:38 -------- d-----w- C:\Windows\System32\drivers\AVG
2011-03-04 03:13:38 -------- d-----w- C:\PROGRA~3\AVG10
2011-03-04 03:03:15 -------- d-----w- C:\Program Files (x86)\AVG
2011-03-04 02:31:47 -------- d-----w- C:\PROGRA~3\MFAData
2011-03-04 02:09:00 78376 ----a-w- C:\Windows\System32\drivers\CDAVFS.sys
2011-03-04 02:08:40 -------- d-----w- C:\Program Files\Common Files\Authentium
2011-03-04 02:08:40 -------- d-----w- C:\Program Files (x86)\Common Files\Authentium
2011-03-04 02:01:52 -------- d-----w- C:\PROGRA~3\Sunbelt Software
2011-03-04 02:01:33 -------- d-----w- C:\PROGRA~3\Ascentive
2011-03-04 02:00:25 -------- d-----w- C:\Windows\Downloaded Installations
2011-03-04 02:00:22 -------- d-----w- C:\Program Files (x86)\Ascentive
2011-03-04 01:52:40 -------- d-----w- C:\Users\Owner\AppData\Roaming\Uniblue
2011-03-04 01:52:13 -------- d-----w- C:\Users\Owner\AppData\Local\PackageAware
2011-03-02 00:56:21 7947600 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{7014FF68-1756-44ED-8DD6-1E75DADE410E}\mpengine.dll
2011-02-25 21:19:00 2048 ----a-w- C:\Windows\SysWow64\winrsmgr.dll
2011-02-25 21:19:00 2048 ----a-w- C:\Windows\System32\winrsmgr.dll
2011-02-25 21:19:00 13312 ----a-w- C:\Windows\System32\wsmplpxy.dll
2011-02-25 21:19:00 13312 ----a-w- C:\Windows\System32\winrssrv.dll
2011-02-11 20:49:16 2409784 ----a-w- C:\Program Files\Windows Mail\OESpamFilter.dat
2011-02-11 20:49:16 2409784 ----a-w- C:\Program Files (x86)\Windows Mail\OESpamFilter.dat
2011-02-11 20:49:13 2755584 ----a-w- C:\Windows\System32\win32k.sys
2011-02-11 20:45:45 4692368 ----a-w- C:\Windows\System32\ntoskrnl.exe
2011-02-11 20:45:44 1560960 ----a-w- C:\Windows\System32\ntdll.dll
2011-02-11 20:45:44 1167488 ----a-w- C:\Windows\SysWow64\ntdll.dll
2011-02-11 20:45:39 48128 ----a-w- C:\Windows\System32\atmlib.dll
2011-02-11 20:45:39 367104 ----a-w- C:\Windows\System32\atmfd.dll
2011-02-11 20:45:39 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2011-02-11 20:45:39 292352 ----a-w- C:\Windows\SysWow64\atmfd.dll
.
==================== Find3M ====================
.
2011-02-02 23:11:20 270720 ------w- C:\Windows\System32\MpSigStub.exe
2011-01-24 12:45:08 479232 ----a-w- C:\Windows\SysWow64\AscConTest.dll
2011-01-05 11:15:58 44544 ----a-w- C:\Windows\SysWow64\msxml4a.dll
2011-01-05 11:15:56 307200 ----a-w- C:\Windows\SysWow64\AscSQLite.dll
2010-12-28 15:26:13 462848 ----a-w- C:\Windows\System32\odbc32.dll
2010-12-28 14:57:35 409600 ----a-w- C:\Windows\SysWow64\odbc32.dll
2010-12-20 16:08:20 1032704 ----a-w- C:\Windows\System32\wininet.dll
2010-12-20 16:04:07 86528 ----a-w- C:\Windows\System32\ieencode.dll
2010-12-20 15:40:24 833024 ----a-w- C:\Windows\SysWow64\wininet.dll
2010-12-20 15:37:57 78336 ----a-w- C:\Windows\SysWow64\ieencode.dll
2010-12-20 14:37:07 485376 ----a-w- C:\Windows\System32\html.iec
2010-12-20 14:12:59 389632 ----a-w- C:\Windows\SysWow64\html.iec
2010-12-20 14:12:01 1383424 ----a-w- C:\Windows\System32\mshtml.tlb
2010-12-20 13:51:45 1383424 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2010-12-14 16:20:18 1251840 ----a-w- C:\Windows\System32\sdclt.exe
.
============= FINISH: 18:11:29.60 ===============

**Running_on_Wheel** · March 10th, 2011, 08:20 PM

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-03-05.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume3
Install Date: 7/25/2008 8:02:17 AM
System Uptime: 3/10/2011 10:19:41 AM (8 hours ago)
.
Motherboard: Dell Inc. | | 0M263C
Processor: Intel(R) Core(TM)2 Duo CPU T8100 @ 2.10GHz | Microprocessor | 2101/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 288 GiB total, 204.76 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 4.666 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP164: 2/1/2011 5:59:41 PM - Windows Update
RP165: 2/4/2011 10:09:12 AM - Windows Update
RP166: 2/10/2011 8:48:49 PM - Windows Update
RP167: 2/11/2011 2:45:59 PM - Windows Update
RP168: 2/12/2011 10:10:23 AM - Windows Update
RP169: 2/12/2011 10:20:03 AM - Windows Update
RP170: 2/13/2011 3:00:15 AM - Windows Update
RP171: 2/15/2011 2:30:52 PM - Windows Update
RP172: 2/17/2011 8:09:59 PM - Scheduled Checkpoint
RP173: 2/18/2011 1:29:41 AM - Windows Update
RP174: 2/22/2011 6:27:35 AM - Windows Update
RP175: 2/25/2011 3:17:17 PM - Windows Update
RP176: 2/25/2011 3:25:03 PM - Windows Update
RP177: 3/1/2011 6:55:37 PM - Windows Update
RP178: 3/3/2011 8:00:27 PM - Installed Sunbelt
RP179: 3/3/2011 8:29:33 PM - ARO 2011 - Before Installation
RP180: 3/3/2011 8:41:48 PM - Installed
RP182: 3/3/2011 9:00:24 PM - Installed AVG 2011
RP183: 3/3/2011 9:04:00 PM - Installed AVG 2011
RP184: 3/6/2011 11:04:24 PM - Scheduled Checkpoint
RP185: 3/7/2011 8:19:11 PM - Windows Update
RP186: 3/7/2011 8:20:35 PM - Windows Update
RP187: 3/8/2011 8:50:52 AM - Scheduled Checkpoint
RP188: 3/9/2011 3:03:03 AM - Windows Update
RP189: 3/10/2011 5:34:48 PM - Scheduled Checkpoint
.
==== Installed Programs ======================
.
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)
Adobe Flash Player 10 ActiveX
Adobe Reader 8.1.2
Adobe Reader 8.1.2 Security Update 1 (KB403742)
Advanced Audio FX Engine
Apple Application Support
Apple Software Update
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Compatibility Pack for the 2007 Office system
Dell Video Chat (remove only)
Dell Webcam Central
EDocs
Google Chrome
Google Toolbar for Internet Explorer
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
ITECIR Driver
Java Auto Updater
Java(TM) 6 Update 22
Java(TM) 6 Update 5
Linksys Dual-Band Wireless-N USB Network Adapter
Linksys WUSB600N Dual-Band Wireless-N USB Network Adapter
Live! Cam Avatar Creator
LiveUpdate (Symantec Corporation)
Malwarebytes' Anti-Malware
MediaDirect
MemTurbo 4
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Works
MSN Toolbar
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
ooVoo
ooVoo Toolbar
Performance Center
QuickBooks Pro 2008
QuickTime
Roxio Creator Audio
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Express Labeler 3
Roxio Update Manager
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Socrates Media Product Browser
Spybot - Search & Destroy
Spyware Striker
Sunbelt
SupportSoft Assisted Service
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Visual Studio 2008 x64 Redistributables
.
==== End Of File ===========================

**Running_on_Wheel** · March 10th, 2011, 08:21 PM

GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2011-03-10 18:09:51
Windows 6.0.6001 Service Pack 1
Running: l4m1rfuh.exe

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\BthPort\Parameters\Keys\001644fe42dc
Reg HKLM\SYSTEM\ControlSet003\Services\BthPort\Parameters\Keys\001644fe42dc (not active ControlSet)

---- EOF - GMER 1.0.15 ----

thanks for your assistance!

**Broni** · March 10th, 2011, 09:45 PM

I can see "Spyware Striker", which is a rogue program is listed in "Programs & Features".
Did you try to uninstall it?

**Running_on_Wheel** · March 11th, 2011, 08:44 PM

oh vey.

thanks for holding my hand.

[resolved]

**Broni** · March 11th, 2011, 08:50 PM

Very well

Good luck!

Thread: [RESOLVED] spywarestriker.exe

Thread Tools

Search Thread

Display

[RESOLVED] spywarestriker.exe

mbam

mbr check

Thread Information

Users Browsing this Thread

Posting Permissions