Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help

User Tag List

Internet behaving Glitchy

This is a discussion on Internet behaving Glitchy within the Virus/Trojan/Spyware Help forums, part of the Tech Support Forum category. February 2nd I went to some site and all of a sudden things began to download onto my computer. I


Closed Thread
 
Thread Tools Search this Thread
Old 02-10-2016, 01:41 PM   #1
Registered Member
 
Join Date: Oct 2010
Posts: 30
OS: windows 7



February 2nd I went to some site and all of a sudden things began to download onto my computer. I tried to get out of it and stop, but all sorts of things kept popping up. Now my internet keeps cutting out. When i am on the internet my open tabs begins to flash in and out and sometimes locks up, and i can't do anything. I'm not sure all what is wrong, but it is definitely not working correctly. I tried running malware bytes and super anti spyware. I found alot of files, but still it doesn't run correctly. I can't even use mozilla anymore, im having to use Chrome. DDS log Below

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.18124 BrowserJavaVersion: 10.65.2
Run by dislas at 15:25:37 on 2016-02-10
Microsoft Windows 8.1 Pro 6.3.9600.0.1252.1.1033.18.4018.1955 [GMT -6:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan Enterprise *Enabled/Updated* {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee VirusScan Enterprise Antispyware Module *Enabled/Updated* {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\dwm.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\SysWOW64\AmoWindowService.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\dashost.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Windows\system32\IProsetMonitor.exe
C:\Program Files (x86)\McAfee\Common Framework\macmnsvc.exe
C:\Program Files (x86)\McAfee\Common Framework\masvc.exe
C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
C:\Windows\system32\mfevtps.exe
C:\Windows\system32\mfevtps.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\msdtc.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\McAfee\Common Framework\x86\macompatsvc.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhostex.exe
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files (x86)\eInstruction\Device Manager\Launch.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files\WinZip\FAHWindow64.exe
C:\Program Files (x86)\eInstruction\Insight 360\Tools\Insight 360 Director.exe
C:\Program Files (x86)\McAfee\Common Framework\x86\UpdaterUI.exe
C:\Program Files\WinZip\WZUpdateNotifier.exe
C:\Program Files\WinZip\WzPreloader.exe
C:\Program Files (x86)\McAfee\Common Framework\x86\McTray.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Dell Backup and Recovery\COMPONENTS\DBRUPDATE\DBRUPD.EXE
C:\Program Files (x86)\Dell Backup and Recovery\TOASTER.EXE
C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
svchost.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
mStart Page = about:blank
mWinlogon: Userinit = userinit.exe,
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20150918101900.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [Itibiti.exe] C:\Program Files (x86)\Itibiti Soft Phone\Itibiti.exe
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [ShStatEXE] "C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
mRun: [McAfeeUpdaterUI] "C:\Program Files (x86)\McAfee\Common Framework\x86\UpdaterUI.exe" /StartedFromRunKey
dRunOnce: [Application Restart #0] C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe /Crashed
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\EINSTR~1.LNK - C:\Program Files (x86)\eInstruction\Device Manager\Launch.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\FAH.lnk - C:\Program Files\WinZip\FAHConsole.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\INSIGH~1.LNK - C:\Program Files (x86)\eInstruction\Insight 360\Tools\Insight 360 Director.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\UPDATE~1.LNK - C:\Program Files\WinZip\WZUpdateNotifier.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\WINZIP~1.LNK - C:\Program Files\WinZip\WzPreloader.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: EnableLUA = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
Trusted Zone: localhost
Trusted Zone: webcompanion.com
TCP: NameServer = 10.253.204.10 10.253.204.12
TCP: Interfaces\{3D0714B2-0D00-4719-BF98-5F2F5C7D0CCA} : DHCPNameServer = 10.253.204.10 10.253.204.12
TCP: Interfaces\{3D0714B2-0D00-4719-BF98-5F2F5C7D0CCA}\144545932303 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{3D0714B2-0D00-4719-BF98-5F2F5C7D0CCA}\35340535755626143636563737 : DHCPNameServer = 10.253.204.10 10.253.204.12
TCP: Interfaces\{3D0714B2-0D00-4719-BF98-5F2F5C7D0CCA}\3534053575962756C6563737 : DHCPNameServer = 10.253.204.10 10.253.204.12
TCP: Interfaces\{7D43C501-B0E5-48C0-AFC8-ADEEB2DD5E13} : DHCPNameServer = 10.253.204.10 10.253.204.12
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages = ""
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.103\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = about:blank
x64-BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20150918101858.dll
x64-Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe /s
x64-Run: [RtHDVBg] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX4P1
x64-Run: [WavesSvc] C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe
x64-Run: [RtHDVBg_PushButton] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /IM
x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
x64-Run: [IntelPROSet] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PROSet/Wireless
x64-Run: [IgfxTray] "C:\Windows\System32\igfxtray.exe"
x64-Run: [HotKeysCmds] "C:\Windows\System32\hkcmd.exe"
x64-Run: [Persistence] "C:\Windows\System32\igfxpers.exe"
x64-Run: [IAStorIcon] "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
x64-mPolicies-System: EnableLUA = dword:0
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\dislas\AppData\Roaming\Mozilla\Firefox\Profiles\8amp8rzb.default\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\dislas\AppData\Roaming\DISH Anywhere\DISH Anywhere Video Player\npNMPCBrowserPlugin.dll
FF - plugin: C:\Users\dislas\AppData\Roaming\GradeCam Corporation\GCPlugin\npGCPlugin_1.9.2.1.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2014-7-9 631656]
R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\Windows\System32\drivers\intelpep.sys [2015-2-26 39744]
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2014-8-6 875928]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2014-8-6 344704]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\System32\drivers\stdcfltn.sys [2014-7-9 22168]
R0 Wof;Windows Overlay File System Filter Driver;C:\Windows\System32\drivers\wof.sys [2014-7-9 157016]
R1 ahcache;Application Compatibility Cache;C:\Windows\System32\drivers\ahcache.sys [2015-6-4 80384]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2014-7-22 172344]
R2 Amodb Service;Amodb Service;C:\Windows\SysWOW64\AmoWindowService.exe [2016-1-29 58880]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2013-10-3 1137016]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2013-10-3 1157496]
R2 Dell.PowerManager.Service;Dell.PowerManager.Service;C:\Windows\System32\dllhost.exe [2015-2-26 19264]
R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2015-2-26 38792]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-10-28 15720]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-8-27 747520]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2013-7-30 204552]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-7-9 169432]
R2 macmnsvc;McAfee Agent Common Services;C:\Program Files (x86)\McAfee\Common Framework\macmnsvc.exe [2015-7-12 138608]
R2 masvc;McAfee Agent Service;C:\Program Files (x86)\McAfee\Common Framework\masvc.exe [2015-7-12 56688]
R2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2014-8-6 262544]
R2 McTaskManager;McAfee Task Manager;C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe [2015-8-20 208936]
R2 mfemms;McAfee Service Controller;C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [2015-9-18 373736]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2014-8-6 254792]
R2 RtkAudioService;Realtek Audio Service;C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2014-7-9 289496]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [2014-7-9 1915920]
R2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2013-10-11 3671792]
R3 AppXSvc;AppX Deployment Service (AppXSVC);C:\Windows\System32\svchost.exe -k wsappx [2015-2-26 38792]
R3 BthLEEnum;Bluetooth Low Energy Driver;C:\Windows\System32\drivers\BthLEEnum.sys [2014-3-18 226304]
R3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2013-10-18 1408824]
R3 DellRbtn;Airplane Mode Switch;C:\Windows\System32\drivers\DellRbtn.sys [2014-7-9 10752]
R3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D;C:\Windows\System32\drivers\e1d64x64.sys [2014-7-9 468240]
R3 ibtusb;Intel(R) Wireless Bluetooth(R) 4.0 + HS Adapter;C:\Windows\System32\drivers\ibtusb.sys [2013-10-2 142280]
R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\drivers\iwdbus.sys [2013-12-26 27032]
R3 McAfeeFramework;McAfee Agent Backwards Compatibility Service;C:\Program Files (x86)\McAfee\Common Framework\x86\macompatsvc.exe [2015-7-12 213872]
R3 mfeaack;McAfee Inc. mfeaack;C:\Windows\System32\drivers\mfeaack.sys [2015-9-18 412440]
R3 mfeaacsk;McAfee Inc. mfeaacsk;C:\Windows\System32\drivers\mfeaacsk.sys [2015-9-18 64416]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2014-8-6 347800]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2015-9-18 496888]
R3 mfeplk;McAfee Inc. mfeplk;C:\Windows\System32\drivers\mfeplk.sys [2015-9-18 66080]
R3 NcbService;Network Connection Broker;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-2-26 38792]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\Windows\System32\drivers\NdisVirtualBus.sys [2013-8-22 16384]
R3 NETwNb64;@oem92.inf,___ %NIC_Service_DispName_WINB_64%;___ Intel(R) Wireless Adapter Driver for Windows 8.1 - 64 Bit;C:\Windows\System32\drivers\NETwbw02.sys [2013-10-14 3607520]
R3 O2FJ2RDR;O2FJ2RDR;C:\Windows\System32\drivers\O2FJ2w8x64.sys [2014-7-9 195768]
R3 ST_ACCEL;STMicroelectronics Accelerometer Service;C:\Windows\System32\drivers\ST_Accel.sys [2014-7-9 93432]
S0 mfeelamk;McAfee Inc. mfeelamk;C:\Windows\System32\drivers\mfeelamk.sys [2014-8-6 80920]
S2 Aulit;Aulit;"C:\Users\dislas\AppData\Roaming\IfhthfEmhluzt\Yhaau.exe" -cms --> C:\Users\dislas\AppData\Roaming\IfhthfEmhluzt\Yhaau.exe [?]
S2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2014-4-10 202248]
S3 ADP80XX;ADP80XX;C:\Windows\System32\drivers\adp80xx.sys [2013-8-22 782176]
S3 AppReadiness;App Readiness;C:\Windows\System32\svchost.exe -k AppReadiness [2015-2-26 38792]
S3 bcmfn2;bcmfn2 Service;C:\Windows\System32\drivers\bcmfn2.sys [2013-8-22 17624]
S3 BthHFSrv;Bluetooth Handsfree Service;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2015-2-26 38792]
S3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2013-7-22 140600]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [2013-8-22 24568]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\Windows\System32\drivers\iaLPSSi_I2C.sys [2013-8-22 99320]
S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\Windows\System32\drivers\iaStorAV.sys [2013-8-22 651248]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-11-11 114688]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\drivers\intelaud.sys [2013-12-26 38296]
S3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2014-7-9 450520]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-8-27 828376]
S3 kbldfltr;kbldfltr;C:\Windows\System32\drivers\kbldfltr.sys [2014-7-9 22272]
S3 lfsvc;Windows Location Framework Service;C:\Windows\System32\svchost.exe -k netsvcs [2015-2-26 38792]
S3 LSI_SAS3;LSI_SAS3;C:\Windows\System32\drivers\lsi_sas3.sys [2013-8-22 81760]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\System32\drivers\mferkdet.sys [2014-8-6 114880]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2013-10-11 284912]
S3 netvsc;netvsc;C:\Windows\System32\drivers\netvsc63.sys [2015-2-26 87040]
S3 NETwNe64;@netwew02.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit;C:\Windows\System32\drivers\NETwew02.sys [2013-8-22 4649440]
S3 ReFS;ReFS;C:\Windows\System32\drivers\refs.sys [2015-2-26 921920]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-2-26 38792]
S3 SerCx2;Serial UART Support Library;C:\Windows\System32\drivers\SerCx2.sys [2014-3-18 146776]
S3 smphost;Microsoft Storage Spaces SMP;C:\Windows\System32\svchost.exe -k smphost [2015-2-26 38792]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\Windows\System32\drivers\stornvme.sys [2014-3-18 57176]
S3 UEFI;Microsoft UEFI Driver;C:\Windows\System32\drivers\uefi.sys [2013-8-22 26976]
S3 vmbusr;Virtual Machine Bus Provider;C:\Windows\System32\drivers\vmbusr.sys [2014-7-9 129536]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-2-26 38792]
S3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\Windows\System32\drivers\WdNisDrv.sys [2015-8-21 114520]
S3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2015-8-21 366552]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\Windows\System32\svchost.exe -k WepHostSvcGroup [2015-2-26 38792]
S3 workfolderssvc;Work Folders;C:\Windows\System32\svchost.exe -k LocalService [2015-2-26 38792]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\drivers\WUDFRd.sys [2015-2-26 226304]
S4 MsKeyboardFilter;Microsoft Keyboard Filter;C:\Windows\System32\svchost.exe -k netsvcs [2015-2-26 38792]
.
=============== Created Last 30 ================
.
2016-02-10 20:32:30 -------- d-----w- C:\Users\dislas\AppData\Local\ElevatedDiagnostics
2016-02-03 21:42:20 -------- d-----w- C:\Users\dislas\AppData\Roaming\SUPERAntiSpyware.com
2016-02-03 21:42:03 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2016-02-03 21:42:03 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2016-02-03 16:39:06 -------- d-----w- C:\Windows\System32\icaf
2016-02-03 16:02:17 -------- d-----w- C:\ProgramData\Malwarebytes
2016-02-03 15:46:42 -------- d-----w- C:\Windows\System32\awo
2016-02-03 14:54:09 -------- d-----w- C:\Windows\System32\pez
2016-02-03 14:46:33 -------- d-----w- C:\Windows\System32\lum
2016-02-03 14:38:48 -------- d-----w- C:\Program Files (x86)\4C4C4544-1454510328-3210-8052-B6C04F363132
2016-02-02 21:45:59 -------- d-----w- C:\searchplugins
2016-02-02 21:45:23 425744 ----a-w- C:\Windows\System32\LavasoftTcpService64.dll
2016-02-02 21:45:22 345360 ----a-w- C:\Windows\SysWow64\LavasoftTcpService.dll
2016-02-02 21:23:56 -------- d-----w- C:\Users\dislas\AppData\Roaming\HielPef
2016-02-02 19:33:31 -------- d-----w- C:\Users\dislas\AppData\Local\Tempfolder
2016-02-02 19:31:59 -------- d-----w- C:\ProgramData\7b437eb0-28f1-0
2016-02-02 19:31:57 -------- d-----w- C:\ProgramData\7b437eb0-27d1-1
2016-02-02 16:37:05 -------- d-----w- C:\Users\dislas\AppData\Local\assembly
2016-02-02 15:57:13 -------- d-----w- C:\Users\dislas\AppData\Roaming\WinZip
2016-02-02 15:52:36 -------- d-----w- C:\Program Files\Sound+
2016-02-02 15:52:11 -------- d-----w- C:\Users\dislas\AppData\Local\Programs
2016-02-02 15:48:00 -------- d-----w- C:\Users\dislas\AppData\Local\Nico Mak Computing
2016-02-02 15:47:46 -------- d-----w- C:\Users\dislas\AppData\Local\WinZip
2016-01-29 06:57:46 58880 ----a-w- C:\Windows\SysWow64\AmoWindowService.exe
2016-01-15 17:57:00 571904 ----a-w- C:\Windows\System32\vbscript.dll
2016-01-15 17:53:11 670208 ----a-w- C:\Windows\System32\qedit.dll
2016-01-15 17:53:10 561664 ----a-w- C:\Windows\SysWow64\qedit.dll
2016-01-15 17:49:20 202240 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2016-01-15 17:47:46 1735000 ----a-w- C:\Windows\System32\ntdll.dll
2016-01-15 17:47:46 1499912 ----a-w- C:\Windows\SysWow64\ntdll.dll
2016-01-15 17:47:45 7453016 ----a-w- C:\Windows\System32\ntoskrnl.exe
2016-01-15 17:47:31 1380600 ----a-w- C:\Windows\System32\gdi32.dll
2016-01-15 17:47:31 1097216 ----a-w- C:\Windows\SysWow64\gdi32.dll
2016-01-15 17:47:21 76800 ----a-w- C:\Windows\System32\acmigration.dll
2016-01-15 17:47:21 33456 ----a-w- C:\Windows\System32\CompatTelRunner.exe
2016-01-15 17:47:20 792064 ----a-w- C:\Windows\System32\generaltel.dll
2016-01-15 17:47:20 705024 ----a-w- C:\Windows\System32\invagent.dll
2016-01-15 17:47:20 505344 ----a-w- C:\Windows\System32\devinv.dll
2016-01-15 17:47:20 210432 ----a-w- C:\Windows\System32\aepic.dll
2016-01-15 17:47:19 1380864 ----a-w- C:\Windows\System32\appraiser.dll
2016-01-15 17:47:19 1164800 ----a-w- C:\Windows\System32\aeinv.dll
2016-01-15 17:28:43 685432 ----a-w- C:\Windows\System32\advapi32.dll
2016-01-15 17:28:43 507176 ----a-w- C:\Windows\SysWow64\advapi32.dll
.
==================== Find3M ====================
.
2016-01-09 12:49:56 443392 ----a-w- C:\Windows\SysWow64\Newtonsoft.Json.dll
2016-01-05 20:04:40 826872 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2016-01-05 20:04:40 176632 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2015-12-11 03:55:28 6051328 ----a-w- C:\Windows\System32\jscript9.dll
2015-12-11 03:21:10 496640 ----a-w- C:\Windows\SysWow64\vbscript.dll
2015-12-11 03:09:52 1032704 ----a-w- C:\Windows\System32\inetcomm.dll
2015-12-11 02:43:42 880128 ----a-w- C:\Windows\SysWow64\inetcomm.dll
2015-12-11 02:43:19 4610560 ----a-w- C:\Windows\SysWow64\jscript9.dll
2015-12-11 02:38:30 2487808 ----a-w- C:\Windows\System32\wininet.dll
2015-12-11 02:12:12 2011136 ----a-w- C:\Windows\SysWow64\wininet.dll
2015-12-10 01:58:16 1070232 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX
2015-12-03 19:42:08 561952 ----a-w- C:\Windows\System32\drivers\cng.sys
2015-12-03 19:42:08 137968 ----a-w- C:\Windows\System32\ncrypt.dll
2015-12-03 19:42:08 106960 ----a-w- C:\Windows\System32\ncryptsslp.dll
2015-12-03 19:42:07 397224 ----a-w- C:\Windows\System32\bcryptprimitives.dll
2015-12-03 19:41:17 177488 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2015-12-03 18:52:09 91416 ----a-w- C:\Windows\SysWow64\ncryptsslp.dll
2015-12-03 18:52:09 340872 ----a-w- C:\Windows\SysWow64\bcryptprimitives.dll
2015-12-03 18:52:09 120376 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2015-12-03 18:28:00 401920 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2015-12-03 18:07:57 340992 ----a-w- C:\Windows\System32\qdvd.dll
2015-12-03 18:07:05 289792 ----a-w- C:\Windows\System32\ksproxy.ax
2015-12-03 18:05:48 644608 ----a-w- C:\Windows\System32\WMVXENCD.DLL
2015-12-03 18:02:34 1664000 ----a-w- C:\Windows\System32\WMSPDMOE.DLL
2015-12-03 18:00:42 451072 ----a-w- C:\Windows\System32\WMVSENCD.DLL
2015-12-03 17:58:15 378880 -c--a-w- C:\Windows\System32\SysFxUI.dll
2015-12-03 17:51:47 445440 ----a-w- C:\Windows\System32\certcli.dll
2015-12-03 17:36:41 1697792 ----a-w- C:\Windows\System32\quartz.dll
2015-12-03 17:30:44 468480 ----a-w- C:\Windows\System32\MFWMAAEC.DLL
2015-12-03 17:28:41 519680 ----a-w- C:\Windows\SysWow64\qdvd.dll
2015-12-03 17:28:01 245760 ----a-w- C:\Windows\SysWow64\ksproxy.ax
2015-12-03 17:27:02 736256 ----a-w- C:\Windows\SysWow64\WMVXENCD.DLL
2015-12-03 17:24:50 1411584 ----a-w- C:\Windows\SysWow64\WMSPDMOE.DLL
2015-12-03 17:23:13 402432 ----a-w- C:\Windows\SysWow64\WMVSENCD.DLL
2015-12-03 17:16:32 324096 ----a-w- C:\Windows\SysWow64\certcli.dll
2015-12-03 17:13:34 1441280 ----a-w- C:\Windows\System32\lsasrv.dll
2015-12-03 17:07:06 432128 ----a-w- C:\Windows\System32\schannel.dll
2015-12-03 1736 1501184 ----a-w- C:\Windows\SysWow64\quartz.dll
2015-12-03 17:01:46 743936 ----a-w- C:\Windows\SysWow64\MFWMAAEC.DLL
2015-12-03 16:45:16 357888 ----a-w- C:\Windows\SysWow64\schannel.dll
2015-12-03 16:40:13 1010688 ----a-w- C:\Windows\System32\WMSPDMOD.DLL
2015-12-03 16:29:36 887296 ----a-w- C:\Windows\SysWow64\WMSPDMOD.DLL
2015-11-22 06:59:22 1659568 ----a-w- C:\Windows\System32\winload.efi
2015-11-22 06:59:22 1519592 ----a-w- C:\Windows\System32\winload.exe
2015-11-22 06:59:22 1487008 ----a-w- C:\Windows\System32\winresume.efi
2015-11-22 06:59:22 1355848 ----a-w- C:\Windows\System32\winresume.exe
2015-11-21 18:32:33 16896 ----a-w- C:\Windows\System32\ntvdm64.dll
2015-11-21 17:50:31 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2015-11-21 16:59:56 1706496 ----a-w- C:\Windows\System32\comsvcs.dll
2015-11-21 16:49:44 1344000 ----a-w- C:\Windows\SysWow64\comsvcs.dll
2015-11-21 16:47:09 522240 ----a-w- C:\Windows\System32\catsrvut.dll
2015-11-21 16:40:31 414208 ----a-w- C:\Windows\SysWow64\catsrvut.dll
2015-11-20 16:47:36 35840 ----a-w- C:\Windows\System32\wuapp.exe
2015-11-20 16:46:51 140288 ----a-w- C:\Windows\System32\wuwebv.dll
2015-11-20 16:44:35 409088 ----a-w- C:\Windows\System32\WUSettingsProvider.dll
2015-11-20 16:44:05 95744 ----a-w- C:\Windows\System32\wudriver.dll
2015-11-20 16:42:20 2243584 ----a-w- C:\Windows\System32\wucltux.dll
2015-11-20 16:30:10 29696 ----a-w- C:\Windows\SysWow64\wuapp.exe
2015-11-20 16:29:43 124928 ----a-w- C:\Windows\SysWow64\wuwebv.dll
2015-11-20 16:28:06 81920 ----a-w- C:\Windows\SysWow64\wudriver.dll
.
============= FINISH: 15:27:15.75 ===============
Attached Files
File Type: txt attach.txt (13.5 KB, 25 views)
deana73 is offline  
Sponsored Links
Advertisement
 
Old 02-11-2016, 01:00 AM   #2
Security Team
Analyst
 
tekir06's Avatar
 
Join Date: Oct 2010
Location: Turkiye
Posts: 1,859
OS: Windows 7 (32 Bit)



Hello deana73,

My name is Tolga and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

If you haven't already, please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.
First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
Please download to and run all requested tools from your Desktop.
Perform everything in the correct order. Sometimes one step requires the previous one.
If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
My native language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

Now, let's get started, shall we?

Please do the below steps.

STEP 1

Please download AdwCleaner from here and save it to your desktop.

Click the green 'Download now @bleepingcomputer' button.
Run AdwCleaner and select Scan
Once the Scan is done, select Cleaning
Once done it will ask to reboot, please allow the reboot.
On reboot, a log will be produced. It can also be found at C:\AdwCleaner\AdwCleaner[C#].txt
Please copy/paste the contents of the log in your next reply.

STEP 2

Please download Farbar Recovery Scan Tool and save it to your desktop.

Double-click FRST64 to run it. When the tool opens click Yes to the disclaimer.
Make sure the Addition.txt button is ticked.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
The first time the tool is run, it also makes another log (Addition.txt). Please attach it to your reply.
__________________
tekir06 is offline  
Old 02-14-2016, 10:53 PM   #3
Security Team
Analyst
 
tekir06's Avatar
 
Join Date: Oct 2010
Location: Turkiye
Posts: 1,859
OS: Windows 7 (32 Bit)



Hello deana73,

Still with us ? If you don't reply within 24 hours, this thread shall be closed.
__________________
tekir06 is offline  
Closed Thread

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Similar Threads
Thread Thread Starter Forum Replies Last Post
Drive-by Download Site Infection(s)?
Hi, I have been asked by my neighbour to take a look at her laptop. From what she has told me, she was using the laptop when a 'chat window' popped open that had some guy in it claiming to be there to provide IT support. He apparently connected remotely to the machine and did who knows what. He...
mev Inactive Malware Help Topics 11 07-24-2015 07:07 PM
Luhe.Sire.A infection
I tried to download both programs you advice to download and run, but each time I tried the pc wouldn't allow the download or even to run them direct...A pop up window said 'Item cannot be downloaded as it contained a virus'. when clicking on a tab within the message which said "Learn More" a...
Aw-Naw Resolved HJT Threads 43 06-06-2013 01:37 AM
Dell is running SO SLOW
Hi, I know next to nothing about most of what I'm finding on this site, but the step-by-steps are helpful! My Dell Insprion 1525 is running so slow, I can barely even run internal scans to find out what's wrong. It just took over 90 minutes to run my "Windows Experience Index." iTunes is no...
rebel150 Resolved HJT Threads 15 07-05-2012 09:28 AM
[SOLVED] Re: IE7 cannot connect with secure sites
Hi...Corday of the Internet Explorer forum site suggested that I put the DDS file and Attach files on this forum. I could not download the ark.txt from the many GMER sites that I saw. The following was sent to Corday who suggested the re-direction to the Security centre. Corday..thanks...
raringer Resolved HJT Threads 43 06-26-2012 08:33 PM
Computer Virus/Trojan Problems
Amateur. First may I thank you for responding to my request for help. I have compiled the following List of Problems that I am aware of on my computer. Windows is being stopped from updating. Trend Micro is being stopped from updating.
Jack Willday Inactive Malware Help Topics 65 07-13-2011 12:57 AM

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 01:21 PM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts