Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

SMART HDD


  • Please log in to reply
19 replies to this topic

#16 Aaflac

Aaflac

    Doin' Dis 'n Dat...


  • Malware Response Team
  • 2,307 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:USA
  • Local time:06:52 PM

Posted 27 April 2012 - 05:38 PM

:thumbup2:

Last, please download Security Check

Save it to the Desktop.
Double-click SecurityCheck.exe and follow the onscreen instructions (on the black screen)
When done, a Notepad document opens automatically: checkup.txt

Please post the contents of checkup.txt in your repl

Old duck...


BC AdBot (Login to Remove)

 


#17 EmilyMD

EmilyMD
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:52 PM

Posted 27 April 2012 - 08:10 PM

Results of screen317's Security Check version 0.99.24
Windows 7 x64 (UAC is enabled)
Internet Explorer 9
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
ESET Online Scanner v3
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

Java™ 6 Update 17
Out of date Java installed!
````````````````````````````````
Process Check:
objlist.exe by Laurent

``````````End of Log````````````

#18 Aaflac

Aaflac

    Doin' Dis 'n Dat...


  • Malware Response Team
  • 2,307 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:USA
  • Local time:06:52 PM

Posted 27 April 2012 - 08:53 PM

The BIG question...what AntiVirus program are you using?

If you do not have one available, the following free AVs are available, and you may find more doing a Google search:

Avast! Free: http://www.avast.com/free-antivirus-download

Microsoft Security Essentials: http://www.microsoft.com/security/pc-security/mse.aspx

Please take action to install or enable an AV program, before you post back! <<Very important!


Also, the following task needs attention:

Out of date Java installed!
Please verify the version of Java you have installed:
http://www.java.com/en/download/installed.jsp

If your version of Java is outdated, it needs to be updated to eliminate security vulnerabilities.
When done, uninstall older versions:
http://www.java.com/en/download/uninstall.jsp

Last, please run DDS once again, and post (do not attach) the report in your reply.

Old duck...


#19 EmilyMD

EmilyMD
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:52 PM

Posted 28 April 2012 - 05:51 PM

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Emily at 17:31:45 on 2012-04-28
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.2940.1049 [GMT -5:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\windows\system32\taskhost.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Fitbit\fitbit.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\igfxtray.exe
C:\windows\system32\TODDSrv.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Fitbit\fitbit-tray.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\igfxext.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\DllHost.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\windows\System32\svchost.exe -k secsvcs
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\windows\system32\Macromed\Flash\FlashUtil64_11_2_202_233_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\windows\system32\wuauclt.exe
C:\Program Files (x86)\Pidgin\pidgin.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\SysWOW64\cmd.exe
C:\windows\system32\conhost.exe
C:\windows\SysWOW64\cscript.exe
C:\windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uDefault_Page_URL = hxxp://start.toshiba.com/g/
uInternet Settings,ProxyOverride = <local>;*.local
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~3\Office12\GR469A~1.DLL
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: TOSHIBA Media Controller Plug-in: {f3c88694-effa-4d78-b409-54b7b2535b14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [Fitbit Service Monitor] C:\Program Files (x86)\Fitbit\fitbit-tray.exe
uRun: [SUPERAntiSpyware] E:\SUPERAntiSpyware.exe
mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
mRun: [ToshibaAppPlace] "C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe"
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
StartupFolder: C:\Users\Emily\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Pidgin.lnk - C:\Program Files (x86)\Pidgin\pidgin.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
TCP: DhcpNameServer = 192.168.15.1
TCP: Interfaces\{6B0F2361-1617-4D63-855D-C1F6167E5071} : DhcpNameServer = 192.168.15.1
TCP: Interfaces\{6B0F2361-1617-4D63-855D-C1F6167E5071}\4416C647F6E6 : DhcpNameServer = 64.6.42.11 207.5.120.17
TCP: Interfaces\{6B0F2361-1617-4D63-855D-C1F6167E5071}\84F6C6964616970294E6E602E4F627D616E6 : DhcpNameServer = 8.8.4.4 8.8.8.8
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~3\Office12\GRA32A~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~3\Office12\GR469A~1.DLL
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office12\GR469A~1.DLL
BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
mRun-x64: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
mRun-x64: [ToshibaAppPlace] "C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe"
mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun-x64: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~3\Office12\GR469A~1.DLL
.
============= SERVICES / DRIVERS ===============
.
R1 aswSP;aswSP;C:\windows\system32\drivers\aswSP.sys --> C:\windows\system32\drivers\aswSP.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys --> C:\windows\system32\DRIVERS\vwififlt.sys [?]
R2 aswFsBlk;aswFsBlk;C:\windows\system32\drivers\aswFsBlk.sys --> C:\windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\windows\system32\drivers\aswMonFlt.sys --> C:\windows\system32\drivers\aswMonFlt.sys [?]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-4-28 44768]
R2 Fitbit;Fitbit Data Uploader;C:\Program Files (x86)\Fitbit\fitbit.exe [2012-3-4 788000]
R3 FwLnk;FwLnk Driver;C:\windows\system32\DRIVERS\FwLnk.sys --> C:\windows\system32\DRIVERS\FwLnk.sys [?]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\windows\system32\DRIVERS\L1C62x64.sys --> C:\windows\system32\DRIVERS\L1C62x64.sys [?]
R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-2-6 51512]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560]
S1 aswSnx;aswSnx;C:\windows\system32\drivers\aswSnx.sys --> C:\windows\system32\drivers\aswSnx.sys [?]
S2 !SASCORE;SAS Core Service;"E:\SASCORE64.EXE" --> E:\SASCORE64.EXE [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-15 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-26 253088]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-15 136176]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\system32\Drivers\RtsUStor.sys --> C:\windows\system32\Drivers\RtsUStor.sys [?]
S3 SIUSBXP;SIUSBXP;C:\windows\system32\drivers\SiUSBXp.sys --> C:\windows\system32\drivers\SiUSBXp.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe --> C:\windows\system32\Wat\WatAdminSvc.exe [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
SUnknown wsrsomcn;wsrsomcn; [x]
.
=============== Created Last 30 ================
.
2012-04-28 21:30:29 525544 ----a-w- C:\windows\System32\deployJava1.dll
2012-04-28 21:23:23 53080 ----a-w- C:\windows\System32\drivers\aswRdr2.sys
2012-04-28 21:23:22 819032 ----a-w- C:\windows\System32\drivers\aswSnx.sys
2012-04-28 21:23:17 69976 ----a-w- C:\windows\System32\drivers\aswMonFlt.sys
2012-04-28 21:22:53 41184 ----a-w- C:\windows\avastSS.scr
2012-04-28 21:22:41 -------- d-----w- C:\ProgramData\AVAST Software
2012-04-28 21:22:41 -------- d-----w- C:\Program Files\AVAST Software
2012-04-28 01:15:34 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E9768D7C-7AF0-4CC1-B45C-441AA0751AB3}\offreg.dll
2012-04-27 15:03:06 8917360 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E9768D7C-7AF0-4CC1-B45C-441AA0751AB3}\mpengine.dll
2012-04-27 14:56:55 -------- d-----w- C:\Program Files (x86)\ESET
2012-04-26 21:08:39 8741536 ----a-w- C:\windows\SysWow64\FlashPlayerInstaller.exe
2012-04-26 19:52:21 418464 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2012-04-23 14:49:55 1280512 ----a-w- C:\Users\Emily\RogueKiller.exe
2012-04-21 18:00:50 -------- d--h--w- C:\Users\Emily\AppData\Roaming\SUPERAntiSpyware.com
2012-04-21 17:57:51 -------- d--h--w- C:\ProgramData\SUPERAntiSpyware.com
2012-04-21 16:11:03 -------- d--h--w- C:\Users\Emily\AppData\Roaming\Malwarebytes
2012-04-21 16:10:53 24904 ----a-w- C:\windows\System32\drivers\mbam.sys
2012-04-21 16:10:53 -------- d--h--w- C:\ProgramData\Malwarebytes
2012-04-21 16:10:53 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-04-12 02:49:45 80896 ----a-w- C:\windows\System32\imagehlp.dll
2012-04-12 02:49:45 22896 ----a-w- C:\windows\System32\drivers\fs_rec.sys
2012-04-12 02:49:45 158720 ----a-w- C:\windows\SysWow64\imagehlp.dll
2012-04-12 02:49:44 5120 ----a-w- C:\windows\SysWow64\wmi.dll
2012-04-12 02:49:44 5120 ----a-w- C:\windows\System32\wmi.dll
2012-04-12 02:49:44 220672 ----a-w- C:\windows\System32\wintrust.dll
2012-04-12 02:49:44 172544 ----a-w- C:\windows\SysWow64\wintrust.dll
.
==================== Find3M ====================
.
2012-04-26 21:08:46 70304 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-03-06 06:43:21 5504880 ----a-w- C:\windows\System32\ntoskrnl.exe
2012-03-06 05:59:41 3958128 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe
2012-03-06 05:59:41 3902320 ----a-w- C:\windows\SysWow64\ntoskrnl.exe
2012-02-28 06:56:48 2311168 ----a-w- C:\windows\System32\jscript9.dll
2012-02-28 06:49:56 1390080 ----a-w- C:\windows\System32\wininet.dll
2012-02-28 06:48:57 1493504 ----a-w- C:\windows\System32\inetcpl.cpl
2012-02-28 06:42:55 2382848 ----a-w- C:\windows\System32\mshtml.tlb
2012-02-28 01:18:55 1799168 ----a-w- C:\windows\SysWow64\jscript9.dll
2012-02-28 01:11:21 1427456 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2012-02-28 01:11:07 1127424 ----a-w- C:\windows\SysWow64\wininet.dll
2012-02-28 01:03:16 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb
2012-02-23 15:18:36 279656 ------w- C:\windows\System32\MpSigStub.exe
2012-02-15 06:27:54 1031680 ----a-w- C:\windows\System32\rdpcore.dll
2012-02-15 05:44:57 826368 ----a-w- C:\windows\SysWow64\rdpcore.dll
2012-02-15 04:47:21 204800 ----a-w- C:\windows\System32\drivers\rdpwd.sys
2012-02-15 04:46:59 23552 ----a-w- C:\windows\System32\drivers\tdtcp.sys
2012-02-10 06:18:10 1541120 ----a-w- C:\windows\System32\DWrite.dll
2012-02-10 06:17:55 1837568 ----a-w- C:\windows\System32\d3d10warp.dll
2012-02-10 06:17:54 902656 ----a-w- C:\windows\System32\d2d1.dll
2012-02-10 06:17:54 320512 ----a-w- C:\windows\System32\d3d10_1core.dll
2012-02-10 06:17:54 197120 ----a-w- C:\windows\System32\d3d10_1.dll
2012-02-10 05:41:38 1074176 ----a-w- C:\windows\SysWow64\DWrite.dll
2012-02-10 05:41:20 218624 ----a-w- C:\windows\SysWow64\d3d10_1core.dll
2012-02-10 05:41:20 161792 ----a-w- C:\windows\SysWow64\d3d10_1.dll
2012-02-10 05:41:20 1170944 ----a-w- C:\windows\SysWow64\d3d10warp.dll
2012-02-10 05:41:19 739840 ----a-w- C:\windows\SysWow64\d2d1.dll
2012-02-03 04:16:03 3143168 ----a-w- C:\windows\System32\win32k.sys
.
============= FINISH: 17:35:37.94 ===============

#20 Aaflac

Aaflac

    Doin' Dis 'n Dat...


  • Malware Response Team
  • 2,307 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:USA
  • Local time:06:52 PM

Posted 30 April 2012 - 06:51 PM

If you are no longer having malware problems, you are good to go.

You can remove programs we have used like RogueKiller, SecurityCheck, DDS, and their related reports or folders.

As far as Malwarebytes' Anti-Malware, you can keep it, if you wish, and schedule your calendar to scan with it on a regular basis. You can also use the Eset Online Scanner.

Just make sure these programs are not all running at the same time. It is also best to temporarily disable your AV program when doing your scans.



Consider doing the following to prevent future infections...

Malware is normally installed through vulnerabilities found in out-dated and insecure programs on a computer.

You can use the Secunia Personal Software Inspector to scan for vulnerable programs.

A tutorial on how to use the program is found here


Also, WOT (Web of Trust) is a program that warns you about risky websites that try to scam visitors, deliver malware or send spam.
It offers a front-line layer of protection when browsing in unfamiliar territory.

Its color-coded icons show you ratings for numerous websites, helping you avoid the dangerous sites.
WOT also has an Add-on available for both Firefox and Internet Explorer.


Surf safely, EmilyMD!!

Edited by Aaflac, 30 April 2012 - 06:54 PM.

Old duck...





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users