Unsolved
This post is more than 5 years old
8 Posts
0
10068
Deleting PC Tools folders after trying to uninstall Spyware program.
Good Evening,
I have been trying unsuccessfully to uninstall the remaining reminants of Spyware Doctor. I hae not been able to do so, after using the control panel to uninstall the program. When I try to delete the remaining parts of all related folders, I am notable to. It says the folders are being used elsewhere. I am not able to delete whatever program is using the remaining files.
These folders are located both in the Common Files area, and program files. Any suggestons on how to get rid of this problem I am not able to install a different Internet filtering software program.
Thanks,
Greg
Bugbatter
20.5K Posts
0
December 27th, 2011 19:00
Hi Greg,
Please download DDS and save it to your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Information on A/V control HERE.
---------------------------------------------------
Please include the contents of the following logs by copying and pasting the text of each into your next reply:
DDS.txt
Attach.txt
Bugbatter
20.5K Posts
0
December 28th, 2011 18:00
Greg, do you still need help? Let me know if you have any questions about running DDS.
hawkeye6741
8 Posts
0
January 1st, 2012 22:00
I still need assistance with this issue. Thanks.
hawkeye6741
8 Posts
0
January 1st, 2012 23:00
I will try this again. I did not realize that my previous running did not post.
Here it is:
DDS.txt
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421
Run by Greg at 23:07:26 on 2012-01-01
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3070.1430 [GMT -8:00]
.
AV: Norton Security Suite *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Security Suite *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe
C:\Program Files\Fingerprint Reader Suite\upeksvr.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_24288096a5cd99f6\aestsrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
C:\Program Files\EaseUS\Todo Backup\bin\Agent.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files\Norton Security Suite\Engine\5.1.0.29\ccSvcHst.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Internet Content Filter\UpdateService.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\System32\WLTRYSVC.EXE
C:\Windows\System32\bcmwltry.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Norton Security Suite\Engine\5.1.0.29\ccSvcHst.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Windows\OEM02Mon.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files\EaseUS\Todo Backup\bin\EuWatch.exe
C:\Program Files\EaseUS\Todo Backup\bin\TrayNotify.exe
C:\Program Files\Fingerprint Reader Suite\psqltray.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe
C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\Program Files\Internet Content Filter\SafeEyes.exe
C:\Program Files\Comcast\Comcast PhotoShow 4\data\Xtras\mssysmgr.exe
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files\iPod\bin\iPodService.exe
c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page =
uSearch Bar =
uWindow Title = Internet Explorer provided by Dell
uStart Page = hxxp://www.comcast.net/
uDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=0080129
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: H - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: PC Tools Browser Guard BHO: {2a0f3d1b-0909-4ff4-b272-609cce6054e7} - c:\program files\spyware doctor\bdt\PCTBrowserDefender.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton security suite\engine\5.1.0.29\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton security suite\engine\5.1.0.29\ips\IPSBHO.DLL
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\mif5ba~1\office14\GROOVEEX.DLL
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\mif5ba~1\office14\URLREDIR.DLL
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\dell\bae\BAE.dll
TB: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} - c:\program files\spyware doctor\bdt\PCTBrowserDefender.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton security suite\engine\5.1.0.29\coIEPlg.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [PhotoShow Deluxe Media Manager] c:\progra~1\comcast\comcas~1\data\xtras\mssysmgr.exe
uRun: [OfficeSyncProcess] "c:\program files\microsoft office\office14\MSOSYNC.EXE"
uRun: [ISUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler
uRun: [DellSupport] "c:\program files\dellsupport\DSAgnt.exe" /startup
mRun: [Apoint] c:\program files\delltpad\Apoint.exe
mRun: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
mRun: [OEM02Mon.exe] c:\windows\OEM02Mon.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [IAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NVHotkey] rundll32.exe c:\windows\system32\nvHotkey.dll,Start
mRun: [PCMService] "c:\program files\dell\mediadirect\PCMService.exe"
mRun: [PSQLLauncher] "c:\program files\fingerprint reader suite\launcher.exe" /startup
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [RIMBBLaunchAgent.exe] c:\program files\common files\research in motion\usb drivers\RIMBBLaunchAgent.exe
mRun: [EaseUs Watch] "c:\program files\easeus\todo backup\bin\EuWatch.exe"
mRun: [EaseUs Tray] "c:\program files\easeus\todo backup\bin\TrayNotify.exe"
mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [DELL Webcam Manager] "c:\program files\dell\dell webcam manager\DellWMgr.exe" /s
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [ICF] "c:\program files\internet content filter\SafeEyes.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
StartupFolder: c:\users\greg\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office14\ONENOTEM.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickset.lnk - c:\program files\dell\quickset\quickset.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: DisableCAD = 1 (0x1)
IE: E&xport to Microsoft Excel - c:\progra~1\mif5ba~1\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\mif5ba~1\office14\ONBttnIE.dll/105
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0\bin\npjpi160.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
LSP: c:\program files\common files\pc tools\lsp\PCTLsp.dll
LSP: c:\windows\system32\icf.dll
Trusted Zone: intuit.com\ttlc
DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://oas.support.microsoft.com/ActiveX/MSDcode.cab
DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} - hxxps://support.dell.com/systemprofiler/SysProExe.CAB
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{017FE617-D2CE-4F32-8132-1FFB05CA49BC} : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{BAD3340D-3443-4E4B-9B43-39ACB83EFD23} : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{BAD3340D-3443-4E4B-9B43-39ACB83EFD23}\441697370294E6E6 : DhcpNameServer = 204.130.255.3 209.63.0.6
TCP: Interfaces\{BAD3340D-3443-4E4B-9B43-39ACB83EFD23}\744534A5A4A40284F6D656 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{BAD3340D-3443-4E4B-9B43-39ACB83EFD23}\E4544574541425 : DhcpNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: psfus - c:\windows\system32\psqlpwd.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\mif5ba~1\office14\GROOVEEX.DLL
LSA: Notification Packages = scecli psqlpwd
.
============= SERVICES / DRIVERS ===============
.
R0 EUBAKUP;EUBAKUP;c:\windows\system32\drivers\eubakup.sys [2011-9-23 39560]
R0 EUBKMON;EUBKMON;c:\windows\system32\drivers\EUBKMON.sys [2011-9-23 43656]
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2009-5-9 207792]
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\0501000.01d\symds.sys [2011-10-4 340088]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\0501000.01d\symefa.sys [2011-10-4 744568]
R0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [2010-2-10 51984]
R0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys [2010-2-10 59664]
R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.0.0.125\definitions\bashdefs\20111221.003\BHDrvx86.sys [2011-12-26 819320]
R1 EUDSKACS;EUDSKACS;c:\windows\system32\drivers\eudskacs.sys [2011-9-23 17032]
R1 EUFDDISK;EUFDDISK;c:\windows\system32\drivers\EuFdDisk.sys [2011-9-23 185480]
R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.0.0.125\definitions\ipsdefs\20111228.001\IDSvix86.sys [2011-12-28 368248]
R1 pctgntdi;pctgntdi;c:\windows\system32\drivers\pctgntdi.sys [2009-5-9 233136]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\0501000.01d\ironx86.sys [2011-10-4 136312]
R1 SymNetS;Symantec Network Security WFP Driver;c:\windows\system32\drivers\n360\0501000.01d\symnets.sys [2011-10-4 299640]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2011-6-6 64952]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\driverstore\filerepository\stwrt.inf_x86_neutral_24288096a5cd99f6\AEstSrv.exe [2010-6-10 73728]
R2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\spyware doctor\bdt\BDTUpdateService.exe [2010-2-10 112592]
R2 EaseUS Agent;EaseUS Agent;c:\program files\easeus\todo backup\bin\Agent.exe [2011-9-23 60040]
R2 N360;Norton Security Suite;c:\program files\norton security suite\engine\5.1.0.29\ccsvchst.exe [2011-10-4 130008]
R2 seUpdateSvc;Safe Eyes Update Service;c:\program files\internet content filter\UpdateService.exe [2011-11-14 234496]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2010-4-14 45736]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2011-11-9 106104]
R3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-9-28 315392]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-9-23 136176]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2010-10-26 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-22 1493352]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-9-23 136176]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2011-6-12 31125880]
S3 pctplsg;pctplsg;c:\windows\system32\drivers\pctplsg.sys [2009-5-9 70408]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2011-12-26 27192]
S3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [2010-2-10 33552]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-7-1 52224]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-6-21 1343400]
S4 iaNvStor;Intel(R) Turbo Memory Controller;c:\windows\system32\drivers\iaNvStor.sys [2008-1-29 209408]
S4 sdCoreService;PC Tools Security Service;c:\program files\spyware doctor\pctssvc.exe --> c:\program files\spyware doctor\pctsSvc.exe [?]
S4 ThreatFire;ThreatFire;c:\program files\spyware doctor\tfengine\tfservice.exe service --> c:\program files\spyware doctor\tfengine\TFService.exe service [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]
.
=============== Created Last 30 ================
.
2011-12-28 01:40:37 -------- d-----w- c:\users\greg\appdata\roaming\com.amazon.music.uploader
2011-12-28 01:38:10 -------- dc----w- c:\program files\Amazon
2011-12-27 07:27:20 -------- d-----w- c:\users\greg\appdata\local\VS Revo Group
2011-12-27 07:27:09 27192 ----a-w- c:\windows\system32\drivers\revoflt.sys
2011-12-27 07:27:05 -------- dc----w- c:\program files\VS Revo Group
2011-12-27 02:19:05 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll
2011-12-27 02:19:05 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll
2011-12-27 02:19:05 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll
2011-12-27 02:19:05 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll
2011-12-27 02:19:05 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll
2011-12-27 02:19:05 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll
2011-12-27 02:19:05 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll
2011-12-26 18:30:17 -------- dc----w- c:\program files\iPod
2011-12-26 18:30:14 -------- dc----w- c:\program files\iTunes
2011-12-26 18:03:35 -------- dc----w- c:\program files\Bonjour
2011-12-14 11:05:02 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-12-14 11:05:02 141112 ----a-w- c:\program files\internet explorer\sqmapi.dll
2011-12-14 11:05:01 194048 ----a-w- c:\program files\internet explorer\IEShims.dll
2011-12-14 11:05:01 1798144 ----a-w- c:\windows\system32\jscript9.dll
2011-12-14 11:05:00 1127424 ----a-w- c:\windows\system32\wininet.dll
2011-12-14 11:04:59 678912 ----a-w- c:\program files\internet explorer\iedvtool.dll
2011-12-14 11:04:56 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-12-13 23:18:59 2342912 ----a-w- c:\windows\system32\win32k.sys
2011-12-13 23:18:51 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-13 23:18:37 534528 ----a-w- c:\windows\system32\EncDec.dll
2011-12-13 23:18:36 38912 ----a-w- c:\windows\system32\csrsrv.dll
2011-12-13 23:18:34 3967856 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-12-13 23:18:34 3912560 ----a-w- c:\windows\system32\ntoskrnl.exe
.
==================== Find3M ====================
.
2011-11-19 17:09:39 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-05 14:58:36 212992 ----a-w- c:\windows\system32\BibleSaver.scr
2011-10-24 22:29:02 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-10-24 22:29:02 69632 ----a-w- c:\windows\system32\QuickTime.qts
2011-10-10 20:47:44 293376 --sha-w- C:\EUMONBMP.SYS
2011-10-08 00:29:02 217088 ----a-w- c:\windows\system32\DownloadXPro.dll
2011-10-05 00:32:14 126584 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
.
=================== ROOTKIT ====================
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.1.7601 Disk: WDC_WD32 rev.01.0 -> Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
.
device: opened successfully
user: MBR read successfully
.
Disk trace:
called modules: >>UNKNOWN [0x82E46000]<< >>UNKNOWN [0x8BD16000]<< >>UNKNOWN [0x8BD05000]<< >>UNKNOWN [0x8B5A6000]<< >>UNKNOWN [0x8B40E000]<< >>UNKNOWN [0x82E0F000]<<
_asm { DEC EBP; POP EDX; NOP ; ADD [EBX], AL; ADD [EAX], AL; ADD [EAX+EAX], AL; ADD [EAX], AL; }
1 ntkrnlpa!IofCallDriver[0x82E7D52A] -> \Device\Harddisk0\DR0[0x870B6310]
\Driver\Disk[0x870B4288] -> IRP_MJ_CREATE -> 0x8BD1A39F
3 [0x8BD1A59E] -> ntkrnlpa!IofCallDriver[0x82E7D52A] -> [0x870B6B40]
\Driver\PCTCore[0x862E8030] -> IRP_MJ_CREATE -> 0x8B5C5154
5 [0x8B5B2891] -> ntkrnlpa!IofCallDriver[0x82E7D52A] -> \Device\Ide\IAAStorageDevice-0[0x862DB030]
\Driver\iaStor[0x862CD958] -> IRP_MJ_CREATE -> 0x8B44D818
kernel: MBR read successfully
_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; MOV ES, AX; MOV DS, AX; MOV SI, 0x7c00; MOV DI, 0x600; MOV CX, 0x200; CLD ; REP MOVSB ; PUSH AX; PUSH 0x61c; RETF ; STI ; MOV CX, 0x4; MOV BP, 0x7be; CMP BYTE [BP+0x0], 0x0; }
user & kernel MBR OK
Warning: possible TDL3 rootkit infection !
.
============= FINISH: 23:08:09.46 ===============
Attach.txt
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume3
Install Date: 6/15/2010 6:02:58 PM
System Uptime: 1/1/2012 6:51:02 PM (5 hours ago)
.
Motherboard: Dell Inc. | | 0XR509
Processor: Intel(R) Core(TM)2 Duo CPU T5450 @ 1.66GHz | Microprocessor | 1667/166mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 286 GiB total, 204.44 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 2.084 GiB free.
E: is CDROM ()
F: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP123: 11/9/2011 7:41:54 PM - Windows Update
RP124: 11/11/2011 9:30:07 PM - Windows Update
RP125: 11/12/2011 6:41:51 PM - Installed calibre
RP126: 11/26/2011 2:29:02 PM - Installed e-Sword.
RP127: 12/6/2011 8:11:11 AM - Removed e-Sword Macros for Word 2010
RP128: 12/6/2011 8:13:16 AM - Removed e-Sword Macros for Word 2007
RP129: 12/6/2011 8:15:49 AM - Removed e-Sword GUI Localization.
RP130: 12/6/2011 8:16:16 AM - Removed e-Sword Bible Screen Saver
RP131: 12/6/2011 8:17:34 AM - Removed e-Sword
RP132: 12/13/2011 4:24:48 PM - Installed e-Sword.
RP133: 12/13/2011 4:30:54 PM - Installed e-Sword Bible Screen Saver
RP134: 12/13/2011 4:34:41 PM - Installed e-Sword STEP Sampler
RP135: 12/14/2011 3:00:41 AM - Windows Update
RP136: 12/26/2011 10:04:39 AM - Installed iTunes
RP137: 12/26/2011 7:35:04 PM - Installed calibre
RP138: 12/26/2011 7:43:44 PM - Installed calibre
RP139: 1/1/2012 7:51:37 PM - Removed Apple Mobile Device Support
RP141: 1/1/2012 10:41:25 PM - Revo Uninstaller Pro's restore point - Lambers
RP143: 1/1/2012 10:44:18 PM - Revo Uninstaller Pro's restore point - CPA AUDIT Special Edition
RP145: 1/1/2012 10:46:36 PM - Revo Uninstaller Pro's restore point - Lambers
RP147: 1/1/2012 10:49:34 PM - Revo Uninstaller Pro's restore point - CPA BEC Special Edition
RP149: 1/1/2012 10:51:25 PM - Revo Uninstaller Pro's restore point - CPA FAR Special Edition
RP151: 1/1/2012 10:55:13 PM - Revo Uninstaller Pro's restore point - CPA REG Special Edition
.
==== Installed Programs ======================
.
.
Acrobat.com
Adobe AIR
Adobe Common File Installer
Adobe Digital Editions
Adobe Flash Player 11 ActiveX
Adobe Premiere Elements 4.0
Adobe Premiere Elements 4.0 Templates
Adobe Reader X (10.1.1)
Advanced Audio FX Engine
Advanced Video FX Engine
Amazon MP3 Uploader
Apple Application Support
Apple Software Update
BlackBerry Desktop Software 6.1
BlackBerry Device Software Updater
BlackBerry® Media Sync
Bonjour
Browser Address Error Redirector
Browser Defender 2.0.6.15
calibre
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Comcast PhotoShow Deluxe 4
D3DX10
Definition update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell Driver Download Manager
Dell Getting Started Guide
Dell Resource CD
Dell Support Center
Dell Touchpad
Dell Webcam Center
Dell Webcam Manager
Dell Wireless WLAN Card
DellSupport
e-Sword
e-Sword Bible Screen Saver
EaseUS Todo Backup Free 3.0
ExamMatrix CPA Exam Review 2011
Fingerprint Reader Suite 5.6
Google Toolbar for Internet Explorer
Google Update Helper
Intel(R) Matrix Storage Manager
iTunes
Java(TM) SE Runtime Environment 6
Junk Mail filter update
Laptop Integrated Webcam Driver (1.04.01.1011)
Live! Cam Avatar Creator
Live! Cam Avatar v1.0
MediaDirect
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft IntelliPoint 8.2
Microsoft Math Add-in for Word 2007
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel 2007 Get Started Tab
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Live Add-in 1.5
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
Microsoft Office Small Business Connectivity Components
Microsoft Office Visual Web Developer 2007
Microsoft Office Visual Web Developer MUI (English) 2007
Microsoft Office Word 2007 Get Started Tab
Microsoft Office Word MUI (English) 2010
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft Small Basic v0.6
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)
Microsoft SQL Server 2005 Tools Express Edition
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft Visual C Runtime
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual Studio Web Authoring Component
Microsoft Visual Web Developer 2008 Express Edition - ENU
Microsoft Web Platform Installer 2.0 RC
Microsoft Windows SDK for Visual Studio 2008 Express Tools for Web
Microsoft Works
Move Networks Media Player for Internet Explorer
MSVCRT
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Music, Photos & Videos Launcher
NetZeroInstallers
Norton Security Suite
NVIDIA Drivers
OGA Notifier 2.0.0048.0
OutlookAddinSetup
Product Documentation Launcher
QuickSet
QuickTime
Revo Uninstaller Pro 2.5.7
Roxio Creator Audio
Roxio Creator BDAV Plugin
Roxio Creator Copy
Roxio Creator Data
Roxio Creator Premier
Roxio Creator Tools
Roxio EasyArchive
Roxio MyDVD Premier
Roxio Update Manager
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553353) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
SigmaTel Audio
Skype Toolbars
Skype™ 5.0
Sonic Activation Module
Spelling Dictionaries Support For Adobe Reader 8
TurboTax 2010
TurboTax 2010 WinPerFedFormset
TurboTax 2010 WinPerReleaseEngine
TurboTax 2010 WinPerTaxSupport
TurboTax 2010 wrapper
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553455) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition
Update for Microsoft Outlook Social Connector (KB2583935)
User's Guides
VC Runtimes MSI
WIDCOMM Bluetooth Software 6.0.1.3100
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
.
==== Event Viewer Messages From Past Week ========
.
12/27/2011 7:37:30 PM, Error: NetBT [4321] - The name "TAYLOR NETWORK :1d" could not be registered on the interface with IP address 192.168.0.18. The computer with the IP address 192.168.0.10 did not allow the name to be claimed by this computer.
12/26/2011 2:14:17 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer TAYLOR-FAMILYPC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{BAD3340D-3443-4E4B-9B43-39. The master browser is stopping or an election is being forced.
12/26/2011 2:03:54 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
1/1/2012 8:36:00 PM, Error: Service Control Manager [7034] - The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly. It has done this 2 time(s).
1/1/2012 8:05:25 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D3DCB472-7261-43CE-924B-0704BD730D5F} and APPID {D3DCB472-7261-43CE-924B-0704BD730D5F} to the user GNT-LAPTOP\Greg SID (S-1-5-21-3364808351-3183729669-1809300887-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
1/1/2012 8:05:25 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {B77C4C36-0154-4C52-AB49-FAA03837E47F} and APPID {EA022610-0748-4C24-B229-6C507EBDFDBB} to the user GNT-LAPTOP\Greg SID (S-1-5-21-3364808351-3183729669-1809300887-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
1/1/2012 8:05:25 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {145B4335-FE2A-4927-A040-7C35AD3180EF} and APPID {145B4335-FE2A-4927-A040-7C35AD3180EF} to the user GNT-LAPTOP\Greg SID (S-1-5-21-3364808351-3183729669-1809300887-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
1/1/2012 7:58:29 PM, Error: Service Control Manager [7031] - The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
1/1/2012 7:48:59 PM, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
1/1/2012 6:52:39 PM, Error: Microsoft-Windows-WMPNSS-Service [14346] - A new media server was not initialized because RegisterRunningDevice() encountered error '0x80070005'. Restart your computer, and then restart the WMPNetworkSvc service.
1/1/2012 6:52:36 PM, Error: Service Control Manager [7000] - The BCM42RLY service failed to start due to the following error: The system cannot find the file specified.
1/1/2012 6:52:11 PM, Error: Service Control Manager [7000] - The SupportSoft Sprocket Service (dellsupportcenter) service failed to start due to the following error: The system cannot find the file specified.
.
==== End Of File ===========================
Thanks,
Greg
Bugbatter
20.5K Posts
0
January 2nd, 2012 05:00
Did you try disabling Norton and removing the folders in Safemode? It appears that you have tried Revo Uninstaller. Did you by any chance try AppRemover?
I'm concerned about this line:
Warning: possible TDL3 rootkit infection !
I would suggest having some more extensive diagnostics done on this to see why there is a rootkit warning. It may be a false positive, but it would be good to know. Dell Community no longer handles malware removal and related diagnostics.My suggestion is to post in the Malware Removal Forum at SpywareHammer and have the staff trained in malware removal walk you through the diagnostic logs and a cleanup. Help is free, but you will need to register there. In addition, there are other options listed at the top of the this forum. Some are free; some require a fee. Please use only one resource. It can be counter-productive to have too many people trying to help. Good luck! :emotion-1:
hawkeye6741
8 Posts
0
January 2nd, 2012 11:00
Thanks. I just tried the disabling of Norton, and removing the files in safe mode. I was not able to do so. I downloaded AppRemover, and can't temove the last file under a PC Tools folder. The executable file that the .dll file runs from does not exist, but i can't break the file.
I will try to use SpywareHammer and see i they can help. I need to get rid of this so I can load a different internet safety program.
Thanks.
Greg
Bugbatter
20.5K Posts
0
January 2nd, 2012 12:00
You're welcome, Greg. I approved your membership there and alerted staff that you will be posting. I also included a link to your DDS logs so you probably will not need to repeat that. In fact, skip the initial HijackThis scan and log and tell them to refer to your DDS log at Dell.
Bugbatter
20.5K Posts
0
January 9th, 2012 18:00
Greg, your topic at SpywareHammer has gone inactive. Your helper is waiting for you to post the results of the scan for the rootkit that was noted.
Bugbatter
20.5K Posts
0
February 8th, 2012 11:00
This discussion is closed because the original poster has been referred to a dedicated malware removal site.
Everyone else wanting advice on a similar issue, please begin a New Post at the top of the forum.