Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Hello All who can help? I got logs!


  • This topic is locked This topic is locked
2 replies to this topic

#1 thewoah57

thewoah57

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:19 PM

Posted 22 November 2009 - 12:47 AM

thread
DDS LOG:


DDS (Ver_09-10-26.01) - NTFSX64
Run by Austin at 0:35:23.04 on Sun 11/22/2009
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_16
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.5887.3253 [GMT -5:00]


============== Running Processes ===============

C:Windowssystem32wininit.exe
C:Program Files (x86)AVGAVG9avgchsva.exe
C:Program Files (x86)AVGAVG9avgrsa.exe
C:Windowssystem32lsm.exe
C:Windowssystem32svchost.exe -k DcomLaunch
C:Program Files (x86)AVGAVG9avgcsrva.exe
C:Program Files (x86)WebrootWebrootSecurityWRConsumerService.exe
C:Windowssystem32nvvsvc.exe
C:Windowssystem32svchost.exe -k RPCSS
C:WindowsSystem32svchost.exe -k LocalServiceNetworkRestricted
C:WindowsSystem32svchost.exe -k LocalSystemNetworkRestricted
C:Windowssystem32svchost.exe -k netsvcs
C:Windowssystem32svchost.exe -k LocalService
C:Windowssystem32svchost.exe -k NetworkService
C:WindowsSystem32spoolsv.exe
C:Program Files (x86)AVGAVG9Identity ProtectionAgentBinAVGIDSAgent.exe
C:Windowssystem32svchost.exe -k LocalServiceNoNetwork
C:Program FilesLSI SoftModemagr64svc.exe
C:Program Files (x86)Common FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
C:Program Files (x86)AVGAVG9avgwdsvc.exe
C:Program Files (x86)AVGAVG9avgfws9.exe
C:Program Files (x86)BonjourmDNSResponder.exe
C:Program Files (x86)Common FilesInterVideoDeviceServiceDevSvc.exe
C:Windowssystem32svchost.exe -k LocalServiceAndNoImpersonation
C:Program Files (x86)Common FilesLightScribeLSSrvc.exe
C:Program Files (x86)SonyShared Plug-InsMedia ManagerMSSQL$SONY_MEDIAMGRBinnsqlservr.exe
C:Program Files (x86)Blaze Media ProNMSAccess32.exe
C:Program Files (x86)Norton Internet SecurityEngine16.7.2.11ccSvcHst.exe
C:Program Files (x86)WebrootWebrootSecuritySpySweeper.exe
C:Program Files (x86)Yahoo!SoftwareUpdateYahooAUService.exe
C:Windowssystem32fxssvc.exe
C:Program Files (x86)AVGAVG9avgemc.exe
C:Program Files (x86)AVGAVG9avgam.exe
C:Program Files (x86)AVGAVG9avgnsa.exe
C:Program Files (x86)AVGAVG9avgcsrvx.exe
C:Windowssystem32svchost.exe -k NetworkServiceNetworkRestricted
C:Program Files (x86)AVGAVG9avgcsrva.exe
C:Program Files (x86)Hewlett-PackardHP Health Checkhphc_service.exe
C:Windowssystem32SearchIndexer.exe
C:WindowsMicrosoft.NetFramework64v3.0WPFPresentationFontCache.exe
C:Program Files (x86)iPodbiniPodService.exe
C:Windowssystem32nvvsvc.exe
C:Program Files (x86)Norton Internet SecurityEngine16.7.2.11ccSvcHst.exe
C:Windowssystem32Dwm.exe
C:Windowssystem32taskhost.exe
C:WindowsExplorer.EXE
C:Program FilesHewlett-PackardHP MediaSmartSmartMenu.exe
C:Program Files (x86)Hewlett-PackardHP AdvisorHPAdvisor.exe
C:WindowsSystem32spooldriversx643E_IATIADA.EXE
C:Program Files (x86)Common FilesLightScribeLightScribeControlPanel.exe
C:Program Files (x86)PictureMoverBinPictureMover.exe
C:Program Files (x86)Hewlett-PackardHP Odometerhpsysdrv.exe
C:Program Files (x86)Hewlett-PackardHP Remote SolutionHP_Remote_Solution.exe
C:Program Files (x86)hpHP Software Updatehpwuschd2.exe
C:Program Files (x86)Javajre6binjusched.exe
C:Program Files (x86)iTunesiTunesHelper.exe
C:Program Files (x86)AVGAVG9avgtray.exe
C:Program Files (x86)WebrootWebrootSecuritySpySweeperUI.exe
C:Windowssystem32svchost.exe -k imgsvc
C:Program Files (x86)AVGAVG9Identity Protectionagentbinavgidsmonitor.exe
C:Windowssystem32conhost.exe
C:Program Files (x86)WebrootWebrootSecuritySSU.EXE
C:Windowssystem32taskeng.exe
c:Program Files (x86)Hewlett-PackardMediaDVDDVDAgent.exe
c:Program Files (x86)Hewlett-PackardTouchSmartMediaKernelCLMLCLMLSvc.exe
C:Windowssystem32nvvsvc.exe
C:Program Files (x86)Norton Internet SecurityEngine16.7.2.11ccSvcHst.exe
C:Windowssystem32Dwm.exe
C:WindowsExplorer.EXE
C:Windowssystem32taskhost.exe
C:Program FilesHewlett-PackardHP MediaSmartSmartMenu.exe
C:Program Files (x86)mozilla.orgSeaMonkeyseamonkey.exe
C:Program Files (x86)Common FilesLightScribeLightScribeControlPanel.exe
C:WindowsSystem32spooldriversx643E_IATIADA.EXE
C:WindowsSystem32StikyNot.exe
C:UsersAustinAppDataRoamingSanDiskSansa UpdaterSansaDispatch.exe
C:Program Files (x86)PictureMoverBinPictureMover.exe
C:Program Files (x86)Hewlett-PackardHP Odometerhpsysdrv.exe
C:Program Files (x86)Hewlett-PackardHP Remote SolutionHP_Remote_Solution.exe
C:Program Files (x86)hpHP Software Updatehpwuschd2.exe
C:Program Files (x86)Javajre6binjusched.exe
C:Program Files (x86)iTunesiTunesHelper.exe
C:Program Files (x86)Common FilesRealUpdate_OBrealsched.exe
C:Program Files (x86)AVGAVG9avgtray.exe
C:Program Files (x86)Yahoo!Messengerymsgr_tray.exe
C:Program Files (x86)AVGAVG9Identity Protectionagentbinavgidsmonitor.exe
C:Windowssystem32conhost.exe
C:WindowsSystem32svchost.exe -k secsvcs
C:Windowssystem32LogonUI.exe
C:Program FilesWindows DefenderMSASCui.exe
C:WindowsSysWow64MacromedFlashFlashUtil10c.exe
C:Program Files (x86)Internet Exploreriexplore.exe
C:Program Files (x86)Internet Exploreriexplore.exe
c:Program Files (x86)MSNToolbar3.0.0560.0msntask.exe
C:Program Files (x86)AVGAVG9avgui.exe
C:Program Files (x86)Mozilla Firefoxfirefox.exe
C:Windowsexplorer.exe
C:UsersAustinDownloadsdds.scr
C:Windowssystem32conhost.exe
C:Windowssystem32wbemwmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=bestbuy&pf=cndt
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=bestbuy&pf=cndt
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=bestbuy&pf=cndt
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=bestbuy&pf=cndt
mLocal Page = c:windowssyswow64blank.htm
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:program files (x86)yahoo!companioninstallscpn0yt.dll
uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:program files (x86)avgavg9toolbarIEToolbar.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:program files (x86)yahoo!companioninstallscpn0yt.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:program files (x86)realrealplayerrpbrowserrecordplugin.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:program files (x86)avgavg9avgssie.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:program files (x86)norton internet securityengine16.7.2.11coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:program files (x86)norton internet securityengine16.7.2.11IPSBHO.DLL
BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:program files (x86)avgavg9toolbarIEToolbar.dll
BHO: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:program files (x86)msntoolbar3.0.0560.0msneshellx.dll
BHO: Ask.com Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:program files (x86)ask.comGenericAskToolbar.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:program files (x86)javajre6binjp2ssv.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:program files (x86)yahoo!companioninstallscpn0YTSingleInstance.dll
TB: Microsoft Live Search Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:program files (x86)msntoolbar3.0.0560.0msneshellx.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:program files (x86)norton internet securityengine16.7.2.11coIEPlg.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:program files (x86)yahoo!companioninstallscpn0yt.dll
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:program files (x86)avgavg9toolbarIEToolbar.dll
TB: Ask.com Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:program files (x86)ask.comGenericAskToolbar.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
uRun: [HPADVISOR] "c:program files (x86)hewlett-packardhp advisorHPAdvisor.exe" view=DOCKVIEW
uRun: [SeaMonkey Quick Launch] "c:program files (x86)mozilla.orgseamonkeySeaMonkey.exe" -turbo
uRun: [Messenger (Yahoo!)] "c:program files (x86)yahoo!messengerYahooMessenger.exe" -quiet
uRun: [LightScribe Control Panel] "c:program files (x86)common fileslightscribeLightScribeControlPanel.exe" -hidden
uRun: [EPSON Stylus CX4800 Series] "c:windowssystem32spooldriversx643e_iatiada.exe" /fu "c:usersaustinappdatalocaltempE_S3D05.tmp" /EF "HKCU"
uRun: [RESTART_STICKY_NOTES] "c:windowssystem32StikyNot.exe"
uRun: [SansaDispatch] "c:usersaustinappdataroamingsandisksansa updaterSansaDispatch.exe"
mRun: [hpsysdrv] "c:program files (x86)hewlett-packardhp odometerhpsysdrv.exe"
mRun: [HP Remote Solution] "%ProgramFiles%Hewlett-PackardHP Remote SolutionHP_Remote_Solution.exe"
mRun: [HP Software Update] "c:program files (x86)hphp software updateHPWuSchd2.exe"
mRun: []
mRun: [NortonOnlineBackupReminder] "c:program files (x86)symantecnorton online backupactivationNobuActivation.exe" UNATTENDED
mRun: [UpdatePRCShortCut] "c:program files (x86)hewlett-packardrecoverymuitransfermuistartmenu.exe" "c:program files (x86)hewlett-packardrecovery" updatewithcreateonce "softwarecyberlinkPowerRecover"
mRun: [Malwarebytes Anti-Malware (reboot)] "c:program files (x86)malwarebytes' anti-malwarembam.exe" /runcleanupscript
mRun: [SunJavaUpdateSched] "c:program files (x86)javajre6binjusched.exe"
mRun: [QuickTime Task] "c:program files (x86)quicktimeQTTask.exe" -atboottime
mRun: [iTunesHelper] "c:program files (x86)itunesiTunesHelper.exe"
mRun: [TkBellExe] "c:program files (x86)common filesrealupdate_obrealsched.exe" -osboot
mRun: [AVG9_TRAY] "c:progra~2avgavg9avgtray.exe"
mRun: [SpySweeper] c:program files (x86)webrootwebrootsecuritySpySweeperUI.exe /startintray
StartupFolder: c:progra~3micros~1windowsstartm~1programsstartuppictur~1.lnk - c:program files (x86)picturemoverbinPictureMover.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:program files (x86)avgavg9avgpp.dll
Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - c:program files (x86)norton internet securityengine16.7.2.11CoIEPlg.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:program files (x86)common fileslightscribeLSRunOnce.exe"
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - c:program files (x86)avgavg9avgssiea.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
TB-X64: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
TB-X64: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
mRun-x64: [NvCplDaemon] "RUNDLL32.EXE" c:windowssystem32NvCpl.dll,NvStartup
mRun-x64: [SmartMenu] "c:program fileshewlett-packardhp mediasmartSmartMenu.exe" /background
AppInit_DLLs-X64: avgrssta.dll

================= FIREFOX ===================

FF - ProfilePath - c:usersaustinappdataroamingmozillafirefoxprofilesgmmpfgh7.default
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: keyword.URL - hxxp://supertoolbar.ask.com/redirect?client=ff&src=kw&tb=WBR&o=13993&locale=en_US&q=
FF - component: c:program files (x86)realrealplayerbrowserrecordfirefoxextcomponentsnprpffbrowserrecordext.dll
FF - component: c:programdatanorton{0c55c096-0f1d-4f28-aaa2-85ef591126e7}nortoncoffplgncomponentscoFFPlgn.dll
FF - component: c:programdatanorton{0c55c096-0f1d-4f28-aaa2-85ef591126e7}nortonipsffplgncomponentsIPSFFPl.dll
FF - plugin: c:program files (x86)googleupdate1.2.183.13npGoogleOneClick8.dll
FF - plugin: c:program files (x86)mozilla firefoxpluginsnpFoxitReaderPlugin.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:program files (x86)mozilla firefoxextensions{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - truec:program files (x86)mozilla firefoxgreprefssecurity-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

============= SERVICES / DRIVERS ===============

R0 AVGIDSErHrw7a;AVG9IDSErHr;c:windowssystem32driversAVGIDSwa.sys [2009-11-15 27144]
R0 AvgRkx64;avgrkx64.sys;c:windowssystem32driversavgrkx64.sys [2009-11-15 201928]
R0 Lbd;Lbd;c:windowssystem32driversLbd.sys [2009-11-13 69152]
R0 nvstor64;nvstor64;c:windowssystem32driversnvstor64.sys [2009-8-21 240672]
R0 ssfs0bbc;ssfs0bbc;c:windowssystem32driversssfs0bbc.sys [2009-11-6 37488]
R0 SymEFA;Symantec Extended File Attributes;c:windowssystem32driversnisx641007020.00bSymEFA64.sys [2009-10-29 402992]
R1 Avgfwfd;AVG network filter service;c:windowssystem32driversavgfwd6a.sys [2009-11-15 29976]
R1 AvgLdx64;AVG AVI Loader Driver x64;c:windowssystem32driversavgldx64.sys [2009-11-15 422920]
R1 AvgMfx64;AVG On-access Scanner Minifilter Driver x64;c:windowssystem32driversavgmfx64.sys [2009-11-15 34248]
R1 AvgTdiA;AVG Network Redirector x64;c:windowssystem32driversavgtdia.sys [2009-11-15 470024]
R1 BHDrvx64;Symantec Heuristics Driver;c:windowssystem32driversnisx641007020.00bBHDrvx64.sys [2009-10-29 334384]
R1 ccHP;Symantec Hash Provider;c:windowssystem32driversnisx641007020.00bcchpx64.sys [2009-10-29 583296]
R1 IDSVia64;IDSVia64;c:programdatanorton{0c55c096-0f1d-4f28-aaa2-85ef591126e7}nortondefinitionsipsdefs20091111.001IDSviA64.sys [2009-11-12 466992]
R2 avg9emc;AVG E-mail Scanner;c:program files (x86)avgavg9avgemc.exe [2009-11-15 906520]
R2 avg9wd;AVG WatchDog;c:program files (x86)avgavg9avgwdsvc.exe [2009-11-15 285392]
R2 avgfws9;AVG Firewall;c:program files (x86)avgavg9avgfws9.exe [2009-11-15 2304192]
R2 AVGIDSAgent;AVG9IDSAgent;c:program files (x86)avgavg9identity protectionagentbinAVGIDSAgent.exe [2009-11-15 5832712]
R2 Norton Internet Security;Norton Internet Security;c:program files (x86)norton internet securityengine16.7.2.11ccSvcHst.exe [2009-10-29 117640]
R2 WRConsumerService;Webroot Client Service;c:program files (x86)webrootwebrootsecurityWRConsumerService.exe [2009-11-19 1201640]
R2 YahooAUService;Yahoo! Updater;c:program files (x86)yahoo!softwareupdateYahooAUService.exe [2008-11-9 602392]
R3 AVGIDSDriverw7a;AVG9IDSDriver;c:program files (x86)avgavg9identity protectionagentdriverplatform_win764AVGIDSDriver.sys [2009-11-15 132616]
R3 AVGIDSFilterw7a;AVG9IDSFilter;c:program files (x86)avgavg9identity protectionagentdriverplatform_win764AVGIDSFilter.sys [2009-11-15 35848]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:program files (x86)common filessymantec sharedeengineEraserUtilRebootDrv.sys [2009-11-7 132656]
R3 NVNET;NVIDIA nForce 10/100 Mbps Ethernet ;c:windowssystem32driversnvmf6264.sys [2009-8-21 339360]
R3 SYMNDISV;Symantec Network Filter Driver;c:windowssystem32driversnisx641007020.00bsymndisv.sys [2009-10-29 56880]
S2 gupdate1ca60bc3ca62500;Google Update Service (gupdate1ca60bc3ca62500);c:program files (x86)googleupdateGoogleUpdate.exe [2009-11-8 133104]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:program files (x86)lavasoftad-awareAAWService.exe [2009-9-24 1184912]
S2 RelevantKnowledge;RelevantKnowledge;c:program files (x86)relevantknowledgerlservice.exe /service --> c:program files (x86)relevantknowledgerlservice.exe [?]

=============== Created Last 30 ================

2009-11-21 22:02:12 0 d-----w- c:program files (x86)Spybot - Search & Destroy
2009-11-20 03:46:32 511328 ----a-w- c:windowssyswow64capicom.dll
2009-11-20 03:46:27 0 d-----w- c:program files (x86)Ask.com
2009-11-20 03:46:05 0 d-----w- c:program files (x86)MSSOAP
2009-11-20 03:46:05 0 d-----w- c:program files (x86)common filesMSSoap
2009-11-20 03:45:48 1563008 ----a-w- c:windowsWRSetup.dll
2009-11-20 03:45:48 0 d-----w- c:usersaustinappdataroamingWebroot
2009-11-20 03:45:48 0 d-----w- c:programdataWebroot
2009-11-20 03:45:48 0 d-----w- c:program files (x86)Webroot
2009-11-20 03:31:29 164 ----a-w- c:windowsinstall.dat
2009-11-20 03:12:18 0 d-----w- c:program files (x86)Uniblue
2009-11-16 01:40:12 0 d-----w- c:usersaustinappdataroamingAVG9
2009-11-16 01:30:40 0 d--h--w- C:$AVG
2009-11-16 01:30:34 12464 ----a-w- c:windowssystem32avgrssta.dll
2009-11-16 01:30:33 27144 ----a-w- c:windowssystem32driversAVGIDSwa.sys
2009-11-16 01:30:33 201928 ----a-w- c:windowssystem32driversavgrkx64.sys
2009-11-16 01:30:31 470024 ----a-w- c:windowssystem32driversavgtdia.sys
2009-11-16 01:30:28 422920 ----a-w- c:windowssystem32driversavgldx64.sys
2009-11-16 01:30:28 34248 ----a-w- c:windowssystem32driversavgmfx64.sys
2009-11-16 01:30:28 0 d-----w- c:windowssystem32driversAvg
2009-11-16 01:30:26 0 d-----w- c:programdataAVG Security Toolbar
2009-11-16 01:29:38 29976 ----a-w- c:windowssystem32driversavgfwd6a.sys
2009-11-16 01:29:36 0 d-----w- c:program files (x86)AVG
2009-11-16 01:29:31 0 d-----w- c:programdataavg9
2009-11-14 20:38:39 15880 ----a-w- c:windowssystem32lsdelete.exe
2009-11-14 02:49:03 69152 ----a-w- c:windowssystem32driversLbd.sys
2009-11-14 02:48:58 93360 ----a-w- c:windowssystem32driversSBREDrv.sys
2009-11-14 02:41:07 0 dc-h--w- c:programdata{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
2009-11-14 02:40:43 0 d-----w- c:programdataLavasoft
2009-11-14 02:40:43 0 d-----w- c:program files (x86)Lavasoft
2009-11-14 01:47:54 0 d-----w- c:usersaustinappdataroamingFoxit
2009-11-14 01:47:46 0 d-----w- c:program files (x86)Foxit Software
2009-11-12 23:24:36 0 d-----w- c:programdata{B0689242-B0A0-4F2C-83E0-F3E560357B90}
2009-11-12 23:24:13 0 d-----w- c:usersaustinappdataroaminghpqLog
2009-11-12 23:23:35 0 d-----w- c:usersaustinappdataroamingWinBatch
2009-11-12 19:49:09 692224 ----a-w- c:windowssyswow64bsrmgcv.dll
2009-11-12 19:49:09 192512 ----a-w- c:windowssyswow64bsrmgps.dll
2009-11-12 19:49:05 585728 ----a-w- c:windowssyswow64bsratswf.dll
2009-11-12 19:49:05 147456 ----a-w- c:windowssyswow64bsratwmv.dll
2009-11-12 19:49:04 0 d-----w- c:program filesBSR Screen Recorder 4
2009-11-08 21:51:47 0 d-----w- c:program files (x86)CamStudio
2009-11-08 21:42:47 185920 ----a-w- c:windowssyswow64rmoc3260.dll
2009-11-08 21:42:44 6656 ----a-w- c:windowssyswow64pndx5016.dll
2009-11-08 21:42:44 5632 ----a-w- c:windowssyswow64pndx5032.dll
2009-11-08 21:42:42 0 d-----w- c:program files (x86)common filesxing shared
2009-11-08 21:42:28 278528 ----a-w- c:windowssyswow64pncrt.dll
2009-11-08 21:42:25 0 d-----w- c:program files (x86)common filesReal
2009-11-08 21:42:24 0 d-----w- c:programdataReal
2009-11-07 22:07:53 0 d-----w- c:program files (x86)iTunes
2009-11-07 22:07:53 0 d-----w- c:program files (x86)iPod
2009-11-07 22:07:15 0 d-----w- c:program files (x86)Bonjour
2009-11-07 21:21:51 0 d-----w- c:program filesBonjour
2009-11-07 21:19:54 0 d-----w- c:programdataApple Computer
2009-11-07 21:19:10 0 d-----w- c:programdataApple
2009-11-06 17:00:36 135280 ----a-w- c:windowssystem32driversssidrv.sys
2009-11-06 17:00:34 37488 ----a-w- c:windowssystem32driversssfs0bbc.sys
2009-11-06 17:00:28 31088 ----a-w- c:windowssyswow64wrLZMA.dll
2009-11-06 00:11:23 0 d-----w- c:program files (x86)Trend Micro
2009-11-05 20:29:14 0 d-----w- c:usersaustinappdataroamingLimeWire
2009-11-05 20:29:04 0 d-----w- c:program files (x86)LimeWire
2009-11-05 19:46:36 0 d-----w- c:usersaustinappdataroamingSanDisk
2009-11-05 19:45:29 0 ---ha-w- c:windowssystem32driversMsft_User_WpdMtpDr_01_09_00.Wdf
2009-11-05 19:30:11 0 d-----w- c:usersaustinappdataroamingNetMedia Providers
2009-11-05 19:28:54 730638 ----a-w- c:windowssyswow64PerfStringBackup.INI
2009-11-05 19:28:46 20480 ----a-w- c:windowssyswow64cliconfg.728
2009-11-05 19:28:45 33340 ------w- c:windowssyswow64dbmsqlgc.dll
2009-11-05 19:28:45 24576 ------w- c:windowssyswow64dbmsgnet.dll
2009-11-05 19:28:41 306688 ----a-w- c:windowsIsUninst.exe
2009-11-05 19:28:33 0 d-----w- c:program files (x86)Microsoft SQL Server
2009-11-05 19:26:10 0 d-----w- c:program files (x86)Sony
2009-11-05 19:25:12 0 d-----w- c:program files (x86)Sony Setup
2009-11-05 01:47:32 0 d-----w- c:program filesDivX
2009-11-05 00:12:46 0 d-----w- c:program files (x86)Blaze Media Pro
2009-11-05 00:12:25 0 dc-h--w- c:programdata{B10A9EE2-3B21-44A2-A778-D14E0C4BB591}
2009-11-04 23:32:14 5958656 ----a-w- c:windowssyswow64mshtml.dll
2009-11-04 01:59:21 0 d-----w- c:program files (x86)common filesInterVideo
2009-11-04 01:58:39 0 d-----w- c:program files (x86)Windows Media Components
2009-11-04 01:57:54 0 d-----w- c:programdataUlead Systems
2009-11-04 01:56:22 0 d-----w- c:program files (x86)Ulead Systems
2009-11-03 02:09:15 0 d-sh--w- c:windowssystem32%APPDATA%
2009-11-01 19:48:41 64512 ----a-w- c:windowssyswow64msfeedsbs.dll
2009-10-30 14:58:06 0 d-----w- c:program files (x86)LightScribe
2009-10-30 14:21:10 0 d-----w- c:programdataLightScribe
2009-10-30 07:39:06 0 d-----w- c:programdataYahoo! Companion
2009-10-30 07:37:36 0 d-----w- c:programdataYahoo!
2009-10-30 07:37:29 0 d-----w- c:program files (x86)Yahoo!
2009-10-30 02:01:26 0 d-----w- c:programdataEPSON
2009-10-30 02:00:06 86528 ----a-w- c:windowssystem32E_IBCBADA.DLL
2009-10-30 02:00:06 129536 ----a-w- c:windowssystem32E_ILMADA.DLL
2009-10-30 02:00:01 0 d-----w- c:program filesEPSON
2009-10-30 01:59:46 0 d-----w- c:program files (x86)epson
2009-10-30 01:59:45 93184 ----a-w- c:windowssystem32esxcwiad.dll
2009-10-29 20:07:43 0 d-----w- c:usersaustinappdataroamingHP Support Assistant
2009-10-29 19:23:08 411368 ----a-w- c:windowssyswow64deploytk.dll
2009-10-29 19:23:08 149280 ----a-w- c:windowssyswow64javaws.exe
2009-10-29 19:23:08 145184 ----a-w- c:windowssyswow64javaw.exe
2009-10-29 19:23:08 145184 ----a-w- c:windowssyswow64java.exe
2009-10-29 02:07:32 0 d-----w- c:usersaustinappdataroamingHpUpdate
2009-10-29 01:05:05 0 d-----w- c:program files (x86)common filesSymantec Shared
2009-10-29 00:58:15 0 d-----w- c:usersaustinappdataroamingMalwarebytes
2009-10-29 00:15:15 31280 ----a-r- c:windowssystem32driversSymIMV.sys
2009-10-29 00:15:13 855 ----a-w- c:windowssystem32driversSYMEVENT64x86.INF
2009-10-29 00:15:13 7440 ----a-w- c:windowssystem32driversSYMEVENT64x86.CAT
2009-10-29 00:15:13 172592 ----a-w- c:windowssystem32driversSYMEVENT64x86.SYS
2009-10-29 00:15:13 0 d-----w- c:program filesSymantec
2009-10-29 00:15:13 0 d-----w- c:program filescommon filesSymantec Shared
2009-10-28 22:53:58 311808 ----a-w- c:windowssystem32msv1_0.dll
2009-10-28 22:53:58 257024 ----a-w- c:windowssyswow64msv1_0.dll
2009-10-28 22:53:26 0 d-----w- c:program files (x86)MSXML 4.0
2009-10-28 22:49:25 0 d-----w- c:program files (x86)Totally Free Burner
2009-10-28 22:48:47 0 d-----w- C:Converted Videos
2009-10-28 22:48:40 1435272 ----a-w- c:windowssyswow64Flash.ocx
2009-10-28 22:48:39 0 d-----w- c:program files (x86)Robust.ws
2009-10-28 22:46:34 22104 ----a-w- c:windowssystem32driversmbam.sys
2009-10-28 22:46:34 0 d-----w- c:programdataMalwarebytes
2009-10-28 22:46:34 0 d-----w- c:program files (x86)Malwarebytes' Anti-Malware
2009-10-28 20:43:56 46592 ----a-w- c:windowssystem32msasn1.dll
2009-10-28 20:43:56 34816 ----a-w- c:windowssyswow64msasn1.dll
2009-10-28 13:50:57 0 d-----w- c:programdataAdobe
2009-10-28 03:23:00 0 d-----w- c:usersaustinappdataroamingWildTangent
2009-10-28 02:59:11 0 d-----w- c:usersaustinappdataroaminguTorrent
2009-10-28 02:50:18 1534 ----a-w- c:usersaustinappdataroamingwklnhst.dat
2009-10-28 02:06:03 226688 ------w- c:windowssystem32MpSigStub.exe
2009-10-28 01:54:16 118784 ----a-w- c:windowsSeaMonkeyUninstall.exe
2009-10-28 01:54:11 118784 ----a-w- c:windowsGREUninstall.exe
2009-10-28 01:54:10 8839 ----a-w- c:windowsmozver.dat
2009-10-28 01:54:00 0 d-----w- c:program files (x86)mozilla.org
2009-10-28 01:52:05 0 d-----w- c:program files (x86)common filesPX Storage Engine
2009-10-28 01:51:52 0 d-----w- c:program files (x86)DivX
2009-10-28 01:51:52 0 d-----w- c:program files (x86)common filesDivX Shared
2009-10-28 01:45:55 0 d-----w- c:usersaustinappdataroamingPictureMover
2009-10-28 01:35:31 0 d-----w- c:usersaustinappdataroamingHP TCS

==================== Find3M ====================

2009-10-28 13:57:17 35100 ----a-w- c:windowsfontsAdvert-Italic.ttf
2009-10-28 13:57:17 34796 ----a-w- c:windowsfontsAdvert-Regular.ttf
2009-10-28 01:35:37 1823 --sha-r- c:windowssystem32drivers103C_HP_CPC_NY545AA-ABA p6210y_YC_0Pavi_QMXU938_E94NAv6PrA2_49_IVIOLET_SPEGATRON CORPORATION_V3.02_B5.17_T090724_WUH0_L409_M5888_J640_7AMD_8Athlon II X4 620_92.6_#_N10DE0760_Z11C10630_G10DE0847.MRK
2009-10-02 04:32:07 982600 ----a-w- c:windowssystem32driversdxgkrnl.sys
2009-09-25 16:41:26 856064 ----a-w- c:windowssyswow64divx_xx0c.dll
2009-09-25 16:41:26 856064 ----a-w- c:windowssyswow64divx_xx07.dll
2009-09-25 16:41:26 847872 ----a-w- c:windowssyswow64divx_xx0a.dll
2009-09-25 16:41:26 843776 ----a-w- c:windowssyswow64divx_xx16.dll
2009-09-25 16:41:26 839680 ----a-w- c:windowssyswow64divx_xx11.dll
2009-09-25 16:41:26 696320 ----a-w- c:windowssyswow64DivX.dll
2009-09-03 07:36:39 1975296 ----a-w- c:windowssystem32CertEnroll.dll
2009-09-03 07:04:15 1320960 ----a-w- c:windowssyswow64CertEnroll.dll
2009-08-29 07:45:05 12625920 ----a-w- c:windowssystem32wmploc.DLL
2009-08-29 06:59:32 11406336 ----a-w- c:windowssyswow64wmp.dll
2009-08-29 06:54:52 12625408 ----a-w- c:windowssyswow64wmploc.DLL
2009-07-14 05:37:38 31548 ----a-w- c:windowsinfperflib0409perfd.dat
2009-07-14 05:37:38 31548 ----a-w- c:windowsinfperflib0409perfc.dat
2009-07-14 05:37:38 291294 ----a-w- c:windowsinfperflib0409perfi.dat
2009-07-14 05:37:38 291294 ----a-w- c:windowsinfperflib0409perfh.dat
2009-07-14 04:54:24 174 --sha-w- c:program filesdesktop.ini
2009-07-14 04:54:24 174 --sha-w- c:program files (x86)desktop.ini
2009-07-14 01:00:34 291294 ----a-w- c:windowsinfperflib0000perfi.dat
2009-07-14 01:00:34 291294 ----a-w- c:windowsinfperflib0000perfh.dat
2009-07-14 01:00:32 31548 ----a-w- c:windowsinfperflib0000perfd.dat
2009-07-14 01:00:32 31548 ----a-w- c:windowsinfperflib0000perfc.dat
2009-06-10 20:44:08 9633792 --sha-r- c:windowsfontsStaticCache.dat
2009-07-14 01:39:53 398848 --sha-w- c:windowswinsxsamd64_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_4d4d1f2f696639a2WinMail.exe
2009-07-14 01:14:45 396800 --sha-w- c:windowswinsxsx86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86cWinMail.exe

============= FINISH: 0:36:10.10 ===============

Posted Image
Posted Image

Merged posts. ~ OB

Attached Files


Edited by Orange Blossom, 22 November 2009 - 12:08 PM.


BC AdBot (Login to Remove)

 


#2 thcbytes

thcbytes

  • Malware Response Team
  • 14,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:19 PM

Posted 28 November 2009 - 10:35 AM

Hello,
Do you still desire help? Please outline your current problems and inform me of what you have done since your last post.
Kind regards,
~ t
Proud member - Unified Network of Instructors and Trained Eliminators
Posted Image

I do not accept personal donations for assistance provided. I would ask that you instead consider donating the greatest gift - Organ Donation. Your organs are of no use to you when your gone. You will save a life that would otherwise be lost!

http://donatelife.net/register-now/

#3 thcbytes

thcbytes

  • Malware Response Team
  • 14,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:19 PM

Posted 04 December 2009 - 08:41 AM

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic
Proud member - Unified Network of Instructors and Trained Eliminators
Posted Image

I do not accept personal donations for assistance provided. I would ask that you instead consider donating the greatest gift - Organ Donation. Your organs are of no use to you when your gone. You will save a life that would otherwise be lost!

http://donatelife.net/register-now/




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users