1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

possible trojan/virus, internet speed very sluggish

Discussion in 'Virus & Other Malware Removal' started by Perfuse, Nov 21, 2011.

Thread Status:
Not open for further replies.
  1. Perfuse

    Perfuse Thread Starter

    Joined:
    Apr 5, 2003
    Messages:
    95
    Hi,

    Lately my net speed has been very sluggish, to the point where I can barely load web sites and Im receiving conflicting IP addresses with my router from my PC. Ive ran Spybot S&D and Windows Security Essentials, but they havent found anything.

    Here are the logs you need, and thank you very much for your time and help.

    Logfile of HijackThis v1.99.1
    Scan saved at 9:41:25 PM, on 11/21/2011
    Platform: Unknown Windows (WinNT 6.00.1906 SP2)
    MSIE: Internet Explorer v8.00 (8.00.6001.18999)

    Running processes:
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O1 - Hosts: 208.94.26.142 update2.triongames.com
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dll (file missing)
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (file missing)
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll (file missing)
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dll (file missing)
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre6\bin\npjpi160_29.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre6\bin\npjpi160_29.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
    O11 - Options group: [INTERNATIONAL] International
    O13 - Gopher Prefix:
    O15 - Trusted Zone: *.clonewarsadventures.com
    O15 - Trusted Zone: *.freerealms.com
    O15 - Trusted Zone: *.soe.com
    O15 - Trusted Zone: *.sony.com
    O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
    O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
    O23 - Service: Windows Media Center Service Launcher (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)
    O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - %windir%\system32\svchost.exe (file missing)
    O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc (file missing)
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: MySql - Unknown owner - C:/DBFiles/mannequin/mysql/bin/mysqld-nt.exe (file missing)
    O23 - Service: MySQL4 - Unknown owner - C:\wamp\bin\mysql\mysql5.1.32\bin\bin\mysqld".exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Unknown owner - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: Steam Client Service - Unknown owner - C:\Program Files (x86)\Common Files\Steam\SteamService.exe (file missing)
    O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)



    .
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 8.0.6001.18999 BrowserJavaVersion: 1.6.0_29
    Run by Administrator at 21:43:29 on 2011-11-21
    Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.4094.2812 [GMT -5:00]
    .
    AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
    SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe -k rpcss
    c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Microsoft Security Client\msseces.exe
    c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
    C:\Program Files\Process Hacker 2\ProcessHacker.exe
    C:\Windows\system32\wuauclt.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\SysWOW64\cscript.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.com/
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
    BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB: &Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dll
    TB: {10134636-E7AF-4AC5-A1DC-C7C44BB97D81} - No File
    mRun: [Easy Dock]
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    IE: Sothink SWF Catcher
    IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBC} - C:\Program Files (x86)\Java\jre6\bin\npjpi160_29.dll
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    Trusted Zone: clonewarsadventures.com
    Trusted Zone: freerealms.com
    Trusted Zone: soe.com
    Trusted Zone: sony.com
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
    DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    TCP: DhcpNameServer = 192.168.2.1
    TCP: Interfaces\{DC95D25F-B780-4B06-89EB-83185DECC2D7} : DhcpNameServer = 192.168.2.1
    BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO-X64: AcroIEHelperStub - No File
    BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dll
    BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
    BHO-X64: Google Dictionary Compression sdch: {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
    BHO-X64: Google Dictionary Compression sdch - No File
    BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB-X64: &Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dll
    TB-X64: {10134636-E7AF-4AC5-A1DC-C7C44BB97D81} - No File
    mRun-x64: [Easy Dock]
    Hosts: 127.0.0.1 www.spywareinfo.com
    Hosts: 208.94.26.142 update2.triongames.com
    .
    ============= SERVICES / DRIVERS ===============
    .
    R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
    R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys --> C:\Windows\system32\DRIVERS\MpNWMon.sys [?]
    R3 netr7364;Belkin Wireless 54G USB Network Adapter Driver for Vista;C:\Windows\system32\DRIVERS\netr7364.sys --> C:\Windows\system32\DRIVERS\netr7364.sys [?]
    R3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
    R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272]
    R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);C:\Windows\system32\DRIVERS\vcsvad.sys --> C:\Windows\system32\DRIVERS\vcsvad.sys [?]
    R4 KProcessHacker2;KProcessHacker2;C:\Program Files\Process Hacker 2\kprocesshacker.sys [2011-1-4 35400]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-4-7 378472]
    S3 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
    S3 FontCache;Windows Font Cache Service;C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
    S3 gupdate;Google Update Service (gupdate);"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [?]
    S3 MEMSWEEP2;MEMSWEEP2;\??\C:\Windows\system32\20D8.tmp --> C:\Windows\system32\20D8.tmp [?]
    S3 MySQL4;MySQL4;"C:\wamp\bin\mysql\mysql5.1.32\bin\bin\mysqld" --defaults-file="C:\wamp\bin\mysql\mysql5.1.32\bin\my.ini" MySQL4 --> C:\wamp\bin\mysql\mysql5.1.32\bin\bin\mysqld [?]
    S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968]
    S3 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-10-9 1153368]
    S3 ScreamBAudioSvc;ScreamBee Audio;C:\Windows\system32\drivers\ScreamingBAudio64.sys --> C:\Windows\system32\drivers\ScreamingBAudio64.sys [?]
    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768]
    S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-12-2 89920]
    S4 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-11-21 2214504]
    S4 wampserver;wampserver;"c:\wamp\apache\Apache.exe" --ntservice --> c:\wamp\apache\Apache.exe [?]
    .
    =============== File Associations ===============
    .
    JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*
    .
    =============== Created Last 30 ================
    .
    2011-11-22 02:19:15 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{62AF7DE0-B848-4671-81BC-D7EEF8AD45C4}\offreg.dll
    2011-11-21 19:57:15 917840 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{50D2DB72-5B59-4146-9546-99143EB75FF0}\gapaengine.dll
    2011-11-21 19:57:10 8570192 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{62AF7DE0-B848-4671-81BC-D7EEF8AD45C4}\mpengine.dll
    2011-11-21 19:54:34 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
    2011-11-21 19:54:26 -------- d-----w- C:\Program Files\Microsoft Security Client
    2011-11-21 18:31:24 2560616 ----a-w- C:\Windows\System32\nvsvcr.dll
    2011-11-21 16:28:02 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
    .
    ==================== Find3M ====================
    .
    2011-11-21 18:48:55 525792 ----a-w- C:\Windows\DIFxAPI.dll
    2011-11-21 17:10:06 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2010-11-09 02:05:18 395264 ----a-w- C:\Program Files\LaunchPad.exe
    2010-11-09 02:05:09 913920 ----a-w- C:\Program Files\LaunchPad.dll
    2010-09-22 19:52:38 163840 ----a-w- C:\Program Files\assetdb.dll
    2010-04-16 19:26:48 940032 ----a-w- C:\Program Files\dbghelp.dll
    .
    ============= FINISH: 21:44:05.88 ===============


    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2011-08-26.01)
    .
    Microsoft® Windows Vista™ Home Premium
    Boot Device: \Device\HarddiskVolume1
    Install Date: 2/2/2009 11:05:31 AM
    System Uptime: 11/21/2011 9:18:26 PM (0 hours ago)
    .
    Motherboard: MICRO-STAR INTERNATIONAL CO.,LTD | | MS-7529
    Processor: Intel(R) Core(TM)2 Quad CPU Q9550 @ 2.83GHz | CPU 1 | 2842/333mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 466 GiB total, 378.325 GiB free.
    D: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Realtek RTL8101 Family PCI-E Fast Ethernet NIC (NDIS 6.0)
    Device ID: PCI\VEN_10EC&DEV_8136&SUBSYS_529C1462&REV_01\10EC813600
    Manufacturer: Realtek
    Name: Realtek RTL8101 Family PCI-E Fast Ethernet NIC (NDIS 6.0)
    PNP Device ID: PCI\VEN_10EC&DEV_8136&SUBSYS_529C1462&REV_01\10EC813600
    Service: RTL8169
    .
    ==== System Restore Points ===================
    .
    RP1087: 11/21/2011 2:05:07 PM - Windows Update
    RP1088: 11/21/2011 2:56:52 PM - Windows Update
    RP1089: 11/21/2011 9:16:37 PM - Windows Update
    RP1090: 11/21/2011 9:23:20 PM - Windows Update
    .
    ==== Installed Programs ======================
    .
    Activation Assistant for the 2007 Microsoft Office suites
    Adobe AIR
    Adobe Flash Player 10 ActiveX
    Adobe Reader X (10.1.1)
    Adobe Setup
    Adobe Shockwave Player 11.6
    Advanced Combat Tracker (remove only)
    Apple Software Update
    Belkin 54g USB Network Adapter
    Belkin 54Mbps Wireless Network Adapter
    EQ2MAP Updater 1.2.4
    Eudemons Online
    EverQuest
    EverQuest II Extended
    Flash Decompiler Trillix
    Free WMA to MP3 Converter 1.16
    Google Update Helper
    HijackThis 1.99.1
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Java Auto Updater
    Java(TM) 6 Update 29
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Security Update (KB2572067)
    Microsoft .NET Framework 1.1 Security Update (KB979906)
    Microsoft Silverlight
    Microsoft VC9 runtime libraries
    Microsoft Visual Basic 2005 Express Edition - ENU
    Microsoft Visual Basic 2005 Express Edition - ENU Service Pack 1 (KB926747)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Mozilla Firefox (3.6.13)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    NVIDIA 3D Vision Controller Driver
    NVIDIA PhysX
    NVIDIA Stereoscopic 3D Driver
    OpenAL
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft Visual Basic 2005 Express Edition - ENU (KB2251481)
    SpeedFan (remove only)
    Spybot - Search & Destroy
    swMSM
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft Visual Basic 2005 Express Edition - ENU (KB932232)
    VLC media player 1.0.2
    WinRAR archiver
    .
    ==== Event Viewer Messages From Past Week ========
    .
    11/21/2011 9:29:01 AM, Error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.2.2 with the system having network hardware address F0-4D-A2-3A-8D-AD. Network operations on this system may be disrupted as a result.
    11/21/2011 9:21:49 PM, Error: Service Control Manager [7034] - The NVIDIA Stereoscopic 3D Driver Service service terminated unexpectedly. It has done this 1 time(s).
    11/21/2011 9:20:26 PM, Error: Service Control Manager [7000] - The MySql service failed to start due to the following error: The system cannot find the path specified.
    11/21/2011 9:17:42 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package (KB2538243).
    11/21/2011 1:54:11 PM, Error: Service Control Manager [7034] - The NVIDIA Update Service Daemon service terminated unexpectedly. It has done this 1 time(s).
    11/20/2011 1:53:53 PM, Error: EventLog [6008] - The previous system shutdown at 1:51:42 PM on 11/20/2011 was unexpected.
    11/17/2011 1:45:56 AM, Error: Service Control Manager [7034] - The MBAMService service terminated unexpectedly. It has done this 1 time(s).
    11/16/2011 7:59:53 PM, Error: EventLog [6008] - The previous system shutdown at 11:36:19 AM on 11/16/2011 was unexpected.
    .
    ==== End Of File ===========================
     
  2. Perfuse

    Perfuse Thread Starter

    Joined:
    Apr 5, 2003
    Messages:
    95
    Hmm, its been well over a month and my problem hasnt been resolved, and I could use help.

    Before anyone responds with their initial requests for me to perform scans, etc.. I have done so with several different programs, each time in safe mode, and safe mode with networking, etc, etc, etc..

    After Resetting my router, and resetting it's config information, for the posibility of a DNS hijack.. I noticed after flushing my PC's dns, and getting a dns display there are "numerous" porn sites and malware sites listed there..

    Above is an example of how there is "proof" I am infected, yet no current malware/trojan/virus software is able to catch even the slightest tracking cookie..

    I am beginning to believe I have secured my PC to the point, where I have even safely secured whatever trojan or virus, I may have been infected with, deep within my PC.

    I am a stickler when it comes to my PC's security, and I do not share it with anyone else (that I am aware of)..

    So please, I need an advanced PC security specialist/networking security specialist(I know there are other specialist titles), or someone with such advanced knowledge to take a look, I believe I can help you, help me.. and this may even be a fulfilling challenge for us both..

    Again, please skip any basic and even intermediate questions, trust me .. I am already ahead of you there.

    Thank you very much.
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1027937

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice