Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

MBAM gives a infaction.. Cant delete it!


  • Please log in to reply
13 replies to this topic

#1 Quote

Quote

  • Banned
  • 173 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:43 PM

Posted 07 October 2012 - 12:32 PM

DDS:
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.7.2
Run by Mark at 19:30:12 on 2012-10-07
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.31.1043.18.8044.4879 [GMT 2:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
C:\Program Files (x86)\Launch Manager\LMutilps32.exe
C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Windows\system32\lxeacoms.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
C:\Program Files (x86)\Secunia\PSI\sua.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\taskhost.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe
C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
C:\Program Files (x86)\AgataSoft\PingMaster_Pro\Ping_Master_Pro.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\Samsung\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Dolby PCEE4\pcee4.exe
C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
C:\Program Files (x86)\EMET\EMET_notifier.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files\EgisTec IPS\PMMUpdate.exe
C:\Program Files\EgisTec IPS\EgisUpdate.exe
C:\Users\Samsung\Local Settings\TempDIR\BetterInstaller.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = https://www.google.nl/
uSearch Bar = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=NL&userid=e9875d33-c9a0-42b8-b637-6ec40bf6b254&searchtype=ds&q={searchTerms}
mStart Page = about:blank
uInternet Settings,ProxyServer = http=;ftp=;https=;
uSearchAssistant = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=NL&userid=e9875d33-c9a0-42b8-b637-6ec40bf6b254&searchtype=ds&q={searchTerms}
BHO: ThreeShips IE Helper: {17fdb9f8-dcc4-4f6a-ae07-b16018a48469} - C:\Program Files (x86)\Common Files\Threeships Shared\DLL\ThreeShipsIEHelper.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: CIESpeechBHO Class: {8d10f6c4-0e01-4bd4-8601-11ac1fdf8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO: Windows Live Aanmelden - Help: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [Google Update] "C:\Users\Samsung\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
uRun: [AgataSoft_PingMaster_Pro] C:\Program Files (x86)\AgataSoft\PingMaster_Pro\Ping_Master_Pro.exe
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [Dolby Advanced Audio v2] "C:\Dolby PCEE4\pcee4.exe" -autostart
mRun: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
mRun: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [EMET Notifier] C:\Program Files (x86)\EMET\EMET_notifier.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
dRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
dRunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid}
StartupFolder: C:\Users\Samsung\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Samsung\AppData\Roaming\Dropbox\bin\Dropbox.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: HideFastUserSwitching = 0 (0x0)
IE: &Verzenden naar OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: E&xporteren naar Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
Trusted Zone: mediapluspro.com\www
Trusted Zone: scalda.nl\natschool
TCP: DhcpNameServer = 192.168.2.254
TCP: Interfaces\{EC4C1DE1-6B16-4D67-9AC4-84DDB5601D0F} : DhcpNameServer = 192.168.2.254
TCP: Interfaces\{EC4C1DE1-6B16-4D67-9AC4-84DDB5601D0F}\7455543545 : DhcpNameServer = 145.90.234.10 145.90.234.11 145.90.234.12
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
{17FDB9F8-DCC4-4F6A-AE07-B16018A48469}
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
{53707962-6F74-2D53-2644-206D7942484F}
BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
{72853161-30C5-4D22-B7F9-0BBC1D38A37E}
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{B4F3A835-0E21-4959-BA22-42B3008E02FF}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
mRun-x64: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
mRun-x64: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun-x64: [Dolby Advanced Audio v2] "C:\Dolby PCEE4\pcee4.exe" -autostart
mRun-x64: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
mRun-x64: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
mRun-x64: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun-x64: [EMET Notifier] C:\Program Files (x86)\EMET\EMET_notifier.exe
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
IE-X64: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
AppInit_DLLs-X64: C:\Windows\SysWOW64\nvinit.dll
SEH-X64: {B5A7F190-DDA6-4420-B3BA-52453494E6CD}: Groove GFS Stub Execution Hook
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\86y5d7jg.default\
FF - prefs.js: browser.startup.homepage - www.google.nl
FF - prefs.js: network.proxy.gopher -
FF - prefs.js: network.proxy.gopher_port - 0
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\ThreeShips Shared\Dll\npTSHelper.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll
FF - plugin: C:\Users\Samsung\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R0 nvpciflt;nvpciflt;C:\Windows\system32\DRIVERS\nvpciflt.sys --> C:\Windows\system32\DRIVERS\nvpciflt.sys [?]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]
R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\system32\DRIVERS\mwlPSDFilter.sys --> C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [?]
R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\system32\DRIVERS\mwlPSDNServ.sys --> C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [?]
R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys --> C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-7-27 63960]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2011-3-13 74912]
R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-10-14 353360]
R2 ePowerSvc;ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2012-2-21 872552]
R2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2011-5-30 36456]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-8-29 2369960]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-10-14 13592]
R2 Live Updater Service;Live Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2012-8-26 255376]
R2 lxea_device;lxea_device;C:\Windows\system32\lxeacoms.exe -service --> C:\Windows\system32\lxeacoms.exe -service [?]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-9-10 399432]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-9-10 676936]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-2 2804568]
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-4-24 256832]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2012-2-21 2253120]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-8-31 1153368]
R2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2012-7-25 681056]
R2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-8-31 2754984]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-2-21 2656280]
R3 b57xdbd;Broadcom xD Picture Bus Driver Service;C:\Windows\system32\drivers\b57xdbd.sys --> C:\Windows\system32\drivers\b57xdbd.sys [?]
R3 b57xdmp;Broadcom xD Picture vstorp client drv;C:\Windows\system32\drivers\b57xdmp.sys --> C:\Windows\system32\drivers\b57xdmp.sys [?]
R3 bScsiMSa;bScsiMSa;C:\Windows\system32\drivers\bScsiMSa.sys --> C:\Windows\system32\drivers\bScsiMSa.sys [?]
R3 bScsiSDa;bScsiSDa;C:\Windows\system32\DRIVERS\bScsiSDa.sys --> C:\Windows\system32\DRIVERS\bScsiSDa.sys [?]
R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\system32\DRIVERS\btath_bus.sys --> C:\Windows\system32\DRIVERS\btath_bus.sys [?]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\system32\DRIVERS\ETD.sys --> C:\Windows\system32\DRIVERS\ETD.sys [?]
R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 NisSrv;Microsoft Netwerkinspectie;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-9-12 368896]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]
R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2012-8-25 202632]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update-service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-9-25 116648]
S2 KMService;KMService;C:\Windows\System32\srvany.exe [2012-8-23 8192]
S2 lxeaCATSCustConnectService;lxeaCATSCustConnectService;C:\Windows\System32\spool\DRIVERS\x64\3\lxeaserv.exe [2012-9-1 45736]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-8-23 250568]
S3 EgisTec Ticket Service;EgisTec Ticket Service;C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-6-21 173424]
S3 FreeOTFE;FreeOTFE;\??\C:\Windows\System32\FreeOTFE.sys --> C:\Windows\System32\FreeOTFE.sys [?]
S3 FreeOTFECypherAES_ltc;FreeOTFECypherAES_ltc;\??\C:\Windows\System32\FreeOTFECypherAES_ltc.sys --> C:\Windows\System32\FreeOTFECypherAES_ltc.sys [?]
S3 FreeOTFECypherBlowfish;FreeOTFECypherBlowfish;\??\C:\Windows\System32\FreeOTFECypherBlowfish.sys --> C:\Windows\System32\FreeOTFECypherBlowfish.sys [?]
S3 FreeOTFECypherCAST5;FreeOTFECypherCAST5;\??\C:\Windows\System32\FreeOTFECypherCAST5.sys --> C:\Windows\System32\FreeOTFECypherCAST5.sys [?]
S3 FreeOTFECypherCAST6_Gladman;FreeOTFECypherCAST6_Gladman;\??\C:\Windows\System32\FreeOTFECypherCAST6_Gladman.sys --> C:\Windows\System32\FreeOTFECypherCAST6_Gladman.sys [?]
S3 FreeOTFECypherDES;FreeOTFECypherDES;\??\C:\Windows\System32\FreeOTFECypherDES.sys --> C:\Windows\System32\FreeOTFECypherDES.sys [?]
S3 FreeOTFECypherMARS_Gladman;FreeOTFECypherMARS_Gladman;\??\C:\Windows\System32\FreeOTFECypherMARS_Gladman.sys --> C:\Windows\System32\FreeOTFECypherMARS_Gladman.sys [?]
S3 FreeOTFECypherRC6_ltc;FreeOTFECypherRC6_ltc;\??\C:\Windows\System32\FreeOTFECypherRC6_ltc.sys --> C:\Windows\System32\FreeOTFECypherRC6_ltc.sys [?]
S3 FreeOTFECypherSerpent_Gladman;FreeOTFECypherSerpent_Gladman;\??\C:\Windows\System32\FreeOTFECypherSerpent_Gladman.sys --> C:\Windows\System32\FreeOTFECypherSerpent_Gladman.sys [?]
S3 FreeOTFECypherTwofish_ltc;FreeOTFECypherTwofish_ltc;\??\C:\Windows\System32\FreeOTFECypherTwofish_ltc.sys --> C:\Windows\System32\FreeOTFECypherTwofish_ltc.sys [?]
S3 FreeOTFEHashMD;FreeOTFEHashMD;\??\C:\Windows\System32\FreeOTFEHashMD.sys --> C:\Windows\System32\FreeOTFEHashMD.sys [?]
S3 FreeOTFEHashRIPEMD;FreeOTFEHashRIPEMD;\??\C:\Windows\System32\FreeOTFEHashRIPEMD.sys --> C:\Windows\System32\FreeOTFEHashRIPEMD.sys [?]
S3 FreeOTFEHashSHA;FreeOTFEHashSHA;\??\C:\Windows\System32\FreeOTFEHashSHA.sys --> C:\Windows\System32\FreeOTFEHashSHA.sys [?]
S3 FreeOTFEHashTiger;FreeOTFEHashTiger;\??\C:\Windows\System32\FreeOTFEHashTiger.sys --> C:\Windows\System32\FreeOTFEHashTiger.sys [?]
S3 FreeOTFEHashWhirlpool;FreeOTFEHashWhirlpool;\??\C:\Windows\System32\FreeOTFEHashWhirlpool.sys --> C:\Windows\System32\FreeOTFEHashWhirlpool.sys [?]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Google Update-service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-9-25 116648]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 51740536]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-8-29 114144]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 PSI;PSI;C:\Windows\system32\DRIVERS\psi_mf.sys --> C:\Windows\system32\DRIVERS\psi_mf.sys [?]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?]
S3 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2012-7-25 1326176]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 teamviewervpn;TeamViewer VPN Adapter;C:\Windows\system32\DRIVERS\teamviewervpn.sys --> C:\Windows\system32\DRIVERS\teamviewervpn.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-30 149504]
S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2012-10-07 08:04:13 9308616 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{23CC9BCA-48D3-49AC-93D2-48634900281C}\mpengine.dll
2012-10-06 07:57:55 972192 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C5C66587-A30F-47E4-8576-B4490C8116DB}\gapaengine.dll
2012-10-06 07:57:32 9308616 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-10-02 15:06:47 -------- d-----w- C:\ProgramData\2F3E1
2012-10-01 15:15:00 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2012-09-30 16:48:21 -------- d-----w- C:\Users\Samsung\AppData\Roaming\MusicNet
2012-09-30 16:48:17 -------- d-----w- C:\Users\Samsung\AppData\Local\BearShare
2012-09-30 16:47:05 -------- d-----w- C:\ProgramData\BearShare
2012-09-30 16:47:05 -------- d-----w- C:\Program Files (x86)\BearShare Applications
2012-09-30 16:46:51 -------- dc-h--w- C:\ProgramData\{AD40B07F-6EC4-46EB-9C0B-5A2CC7CAFAD9}
2012-09-30 16:31:29 -------- d-----w- C:\Program Files (x86)\VirtualDJ
2012-09-30 09:20:18 -------- d-----w- C:\Program Files (x86)\uTorrent
2012-09-30 09:19:03 -------- d-----w- C:\Users\Samsung\AppData\Roaming\uTorrent
2012-09-29 13:27:13 -------- d-----w- C:\Program Files\CCleaner
2012-09-28 05:24:53 972192 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2012-09-28 05:24:40 972192 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B28F4ED9-CAE1-4AB5-8898-7F9CD85CE96C}\gapaengine.dll
2012-09-26 16:11:54 245760 ----a-w- C:\Windows\System32\OxpsConverter.exe
2012-09-25 16:22:20 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2012-09-25 16:22:18 -------- d-----w- C:\Program Files\Microsoft Security Client
2012-09-25 16:19:38 9308616 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D0E4F067-9F0C-4DDC-92E7-201F9688298F}\mpengine.dll
2012-09-25 16:18:46 217151 ----a-w- C:\ProgramData\1348589839.bdinstall.bin
2012-09-24 11:56:28 -------- d-----w- C:\Users\Samsung\AppData\Roaming\calibre
2012-09-24 11:55:11 -------- d-----w- C:\Program Files (x86)\Calibre2
2012-09-24 11:04:53 2871808 ----a-w- C:\Windows\explorer_edit_w7sbc.exe
2012-09-24 11:04:53 2871808 ----a-w- C:\Windows\explorer_backup_w7sbc.exe
2012-09-24 11:04:53 2388992 ----a-w- C:\Windows\explorer.exe
2012-09-24 11:04:53 -------- d-----w- C:\Windows\W7SBC
2012-09-24 06:33:02 -------- d-----w- C:\Users\Samsung\AppData\Local\EgisTec
2012-09-23 14:04:15 -------- d-----w- C:\Program Files (x86)\Common Files\TechSmith Shared
2012-09-23 12:21:38 260096 ----a-w- C:\Windows\SysWow64\RICHTX32.ocx
2012-09-23 12:21:38 209608 ----a-w- C:\Windows\SysWow64\tabctl32.ocx
2012-09-23 12:21:38 140488 ----a-w- C:\Windows\SysWow64\comdlg32.ocx
2012-09-23 12:21:38 124688 ----a-w- C:\Windows\SysWow64\Mswinsck.ocx
2012-09-23 12:21:38 115016 ----a-w- C:\Windows\SysWow64\MSInet.ocx
2012-09-23 12:21:38 1081616 ----a-w- C:\Windows\SysWow64\Mscomctl.ocx
2012-09-23 12:21:38 -------- d-----w- C:\Program Files (x86)\Havij
2012-09-23 11:22:24 224088 ----a-w- C:\Windows\System32\drivers\VBoxDrv.sys
2012-09-23 11:22:23 130904 ----a-w- C:\Windows\System32\drivers\VBoxUSBMon.sys
2012-09-22 10:19:54 35112 ----a-w- C:\Windows\System32\drivers\teamviewervpn.sys
2012-09-22 09:12:46 -------- d-----w- C:\Program Files (x86)\AgataSoft
2012-09-21 17:29:01 -------- d-----w- C:\Users\Samsung\AppData\Local\LogMeIn Hamachi
2012-09-21 17:28:57 33856 ---ha-w- C:\Windows\System32\hamachi.sys
2012-09-21 17:28:55 -------- d-----w- C:\Program Files (x86)\LogMeIn Hamachi
2012-09-20 12:04:35 -------- d-----w- C:\Users\Samsung\AppData\Roaming\C__Users_Samsung_Desktop_Mask My IP v2.3.1.2 Including Crack [h33t][iahq76]_Crack_MaskMyIP.exe
2012-09-20 12:04:35 -------- d-----w- C:\ProgramData\C__Users_Samsung_Desktop_Mask My IP v2.3.1.2 Including Crack [h33t][iahq76]_Crack_MaskMyIP.exe
2012-09-20 11:17:48 -------- d-----w- C:\Users\Samsung\AppData\Roaming\NVIDIA
2012-09-20 08:47:33 -------- d-sh--w- C:\ProgramData\HHD Software Hex Editor 4
2012-09-20 08:46:03 -------- d-----w- C:\Users\Samsung\AppData\Local\HHD Software
2012-09-19 14:52:12 -------- d-----w- C:\Users\Samsung\AppData\Roaming\liQeNSoft
2012-09-19 14:51:31 370531 ----a-w- C:\ProgramData\1348065883.bdinstall.bin
2012-09-19 12:59:17 -------- d-----w- C:\Program Files (x86)\Macromedia
2012-09-19 12:59:17 -------- d-----w- C:\Program Files (x86)\Common Files\Macromedia
2012-09-19 12:58:50 409600 ------w- C:\Program Files (x86)\Common Files\InstallShield\Driver\10\Intel 32\ISRT.dll
2012-09-19 12:58:50 32768 ------w- C:\Program Files (x86)\Common Files\InstallShield\Driver\10\Intel 32\objpscnv.dll
2012-09-19 12:58:50 266240 ------w- C:\Program Files (x86)\Common Files\InstallShield\Driver\10\Intel 32\IScrCnv.dll
2012-09-19 12:58:50 180224 ------w- C:\Program Files (x86)\Common Files\InstallShield\Driver\10\Intel 32\iGdiCnv.dll
2012-09-19 12:58:49 761856 ------w- C:\Program Files (x86)\Common Files\InstallShield\Driver\10\Intel 32\IDriver.exe
2012-09-19 12:58:49 172032 ------w- C:\Program Files (x86)\Common Files\InstallShield\Driver\10\Intel 32\IUserCnv.dll
2012-09-19 12:58:48 540772 ------w- C:\Program Files (x86)\Common Files\InstallShield\Driver\10\Intel 32\_ISRES1033.dll
2012-09-19 09:58:57 -------- d-----w- C:\Program Files (x86)\FreeOTFE
2012-09-19 09:25:59 -------- d-----w- C:\Users\Samsung\AppData\Roaming\TrueCrypt
2012-09-19 07:18:53 -------- d-----w- C:\Program Files (x86)\EMET
2012-09-18 17:58:26 -------- d-----w- C:\Users\Samsung\AppData\Roaming\URSoft
2012-09-18 17:58:16 -------- d-----w- C:\Program Files (x86)\Your Uninstaller! 7
2012-09-18 16:57:02 231376 ----a-w- C:\Windows\System32\drivers\truecrypt.sys
2012-09-18 16:56:45 -------- d-----w- C:\Program Files\TrueCrypt
2012-09-17 16:22:06 -------- d-----w- C:\Program Files (x86)\KASHU
2012-09-17 16:21:44 -------- d-----w- C:\Users\Samsung\AppData\Local\TempDIR
2012-09-17 14:16:20 -------- d-----w- C:\Users\Samsung\AppData\Roaming\MaskMyIP
2012-09-17 14:16:20 -------- d-----w- C:\ProgramData\MaskMyIP
2012-09-17 14:14:09 -------- d-----w- C:\Program Files (x86)\MaskMyIP
2012-09-17 08:52:54 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe
2012-09-15 15:10:13 266720 ----a-w- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
2012-09-15 13:56:48 -------- d-----w- C:\Users\Samsung\AppData\Roaming\JAM Software
2012-09-15 09:49:22 -------- d-----w- C:\Users\Samsung\AppData\Roaming\Rovio
2012-09-15 09:48:59 -------- d-----w- C:\Program Files (x86)\Rovio
2012-09-12 06:27:09 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys
2012-09-12 06:27:09 574464 ----a-w- C:\Windows\System32\d3d10level9.dll
2012-09-12 06:27:09 490496 ----a-w- C:\Windows\SysWow64\d3d10level9.dll
2012-09-12 06:27:09 41472 ----a-w- C:\Windows\System32\drivers\RNDISMP.sys
2012-09-12 06:27:08 376688 ----a-w- C:\Windows\System32\drivers\netio.sys
2012-09-12 06:27:08 288624 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2012-09-12 06:27:08 1913200 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-09-09 15:54:52 25928 ------w- C:\Windows\System32\drivers\mbam.sys
2012-09-09 15:54:52 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
.
==================== Find3M ====================
.
2012-10-01 15:14:53 821736 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
2012-10-01 15:14:53 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-09-07 15:38:22 166232 ----a-w- C:\Windows\System32\drivers\VBoxNetFlt.sys
2012-09-07 15:38:22 147288 ----a-w- C:\Windows\System32\drivers\VBoxNetAdp.sys
2012-09-07 15:37:46 320856 ----a-w- C:\Windows\System32\VBoxNetFltNobj.dll
2012-08-31 10:22:15 108008 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2012-08-31 10:22:13 916456 ----a-w- C:\Windows\System32\deployJava1.dll
2012-08-31 10:22:13 1034216 ----a-w- C:\Windows\System32\npDeployJava1.dll
2012-08-30 20:03:48 228768 ----a-w- C:\Windows\System32\drivers\MpFilter.sys
2012-08-30 20:03:48 128456 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys
2012-08-30 09:01:16 73416 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-30 09:01:16 696520 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-08-26 14:31:08 202376 ----a-w- C:\ProgramData\1345991418.bdinstall.bin
2012-08-26 12:57:14 397248 ----a-w- C:\ProgramData\1345985617.bdinstall.bin
2012-08-26 12:19:17 210127 ----a-w- C:\ProgramData\1345983512.bdinstall.bin
2012-08-26 12:01:42 404851 ----a-w- C:\ProgramData\1345982204.bdinstall.bin
2012-08-26 11:51:00 49752 ----a-w- C:\ProgramData\1345981854.bdinstall.bin
2012-08-26 11:49:15 204071 ----a-w- C:\ProgramData\1345981715.bdinstall.bin
2012-08-26 11:41:34 401358 ----a-w- C:\ProgramData\1345980898.bdinstall.bin
2012-08-24 10:31:32 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-08-24 10:21:18 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-08-24 10:20:11 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-08-24 10:14:45 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-08-24 10:13:29 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-08-24 10:09:42 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-08-24 06:59:17 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-08-24 06:51:27 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-08-24 06:51:02 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-08-24 06:47:26 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-08-24 06:47:12 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-08-24 06:43:58 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-08-23 16:11:16 283200 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys
2012-07-18 18:15:06 3148800 ----a-w- C:\Windows\System32\win32k.sys
.
============= FINISH: 19:31:03,59 ===============
MBAM:
Malwarebytes Anti-Malware (PRO) 1.65.0.1400
www.malwarebytes.org

Databaseversie: v2012.10.07.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Mark :: MARK [administrator]

Realtime bescherming: Ingeschakeld

7-10-2012 18:00:02
mbam-log-2012-10-07 (18-00-02).txt

Scantype: Snelle scan
Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scanopties: P2P
Objecten gescand: 221132
Verstreken tijd: 1 minuut/minuten, 31 seconde(n)

Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 1
C:\Users\Samsung\Local Settings\TempDIR\BetterInstaller.exe (PUP.BundleInstaller.Somoto) -> Geen actie ondernomen.

(einde)

Thanks.

BC AdBot (Login to Remove)

 


#2 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:12:43 AM

Posted 08 October 2012 - 12:05 AM

Hi,

There's nothing suspicious in your log here.
What Malwarebytes has found is an installer of an unwanted program - which is no malware perse, just potentially unwanted (hence why it's detected as PUP)
You can safely remove what malwarebytes found.
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#3 Quote

Quote
  • Topic Starter

  • Banned
  • 173 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:43 PM

Posted 08 October 2012 - 01:38 AM

Hi,

There's nothing suspicious in your log here.
What Malwarebytes has found is an installer of an unwanted program - which is no malware perse, just potentially unwanted (hence why it's detected as PUP)
You can safely remove what malwarebytes found.

Hello,

I can't get that program away, the next automatic scan gives the same log, what to do then?

#4 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:12:43 AM

Posted 08 October 2012 - 02:41 AM

Hi, That's because it's a PUP, so this means, it's not selected to remove automatically. You need to select/check the file in the results scan first and then click to remove.

Ik zie dat je Nederlands bent, dus nog eens in het nederlands... Het is hier aangegeven als een PUP. Dit wil zeggen dat ze niet pre-geselecteerd zijn in de resultaten. Hiervoor moet je dus eerst het item aanvinken in het vakje ervoor die malwarebytes heeft gevonden. Dan kiezen om te verwijderen. :)
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#5 Quote

Quote
  • Topic Starter

  • Banned
  • 173 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:43 PM

Posted 08 October 2012 - 03:16 AM

Hi, That's because it's a PUP, so this means, it's not selected to remove automatically. You need to select/check the file in the results scan first and then click to remove.

Ik zie dat je Nederlands bent, dus nog eens in het nederlands... Het is hier aangegeven als een PUP. Dit wil zeggen dat ze niet pre-geselecteerd zijn in de resultaten. Hiervoor moet je dus eerst het item aanvinken in het vakje ervoor die malwarebytes heeft gevonden. Dan kiezen om te verwijderen. :)


Mag ik in het Nederlands reageren? Hoe doe ik dat?

#6 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:12:43 AM

Posted 08 October 2012 - 03:26 AM

Mag ik in het Nederlands reageren? Hoe doe ik dat?

Gewoon posten in het Nederlands zoals je daarnet hebt gedaan. :)
Is het nu weg nadat je het hebt aangevinkt en malwarebytes het heeft laten verwijderen?
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#7 Quote

Quote
  • Topic Starter

  • Banned
  • 173 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:43 PM

Posted 08 October 2012 - 03:38 AM

Mag ik in het Nederlands reageren? Hoe doe ik dat?

Gewoon posten in het Nederlands zoals je daarnet hebt gedaan. :)
Is het nu weg nadat je het hebt aangevinkt en malwarebytes het heeft laten verwijderen?


Dankjewel, ben even een snelle scan aan het uitvoeren. Als het goed is word het nu verwijderd. Kan je me computer verder nog controleren of is ie verder schoon?
Malwarebytes Anti-Malware (PRO) 1.65.0.1400
www.malwarebytes.org

Databaseversie: v2012.10.08.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Mark :: MARK [administrator]

Realtime bescherming: Ingeschakeld

8-10-2012 10:34:13
mbam-log-2012-10-08 (10-34-13).txt

Scantype: Snelle scan
Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM | P2P
Uitgeschakelde scanopties:
Objecten gescand: 221259
Verstreken tijd: 3 minuut/minuten, 39 seconde(n)

Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 1
C:\Users\Samsung\Local Settings\TempDIR\BetterInstaller.exe (PUP.BundleInstaller.Somoto) -> Succesvol in quarantaine geplaatst en verwijderd.

(einde)
Zal zometeen opnieuw opstarten en nogmaals een scan doen.

#8 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:12:43 AM

Posted 08 October 2012 - 03:49 AM

Hoi,

Ik zag zowiezo niks verdachts/vreemds in je DDS log hoor :)
Dus je kan op beide oren slapen :)
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#9 Quote

Quote
  • Topic Starter

  • Banned
  • 173 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:43 PM

Posted 08 October 2012 - 04:43 AM

Hoi,

Ik zag zowiezo niks verdachts/vreemds in je DDS log hoor :)
Dus je kan op beide oren slapen :)


Hoe moet dat? :)

Malwarebytes Anti-Malware (PRO) 1.65.0.1400
www.malwarebytes.org

Databaseversie: v2012.10.08.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Mark :: MARK [administrator]

Realtime bescherming: Ingeschakeld

8-10-2012 10:47:16
mbam-log-2012-10-08 (10-47-16).txt

Scantype: Volledige scan (C:\|)
Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM | P2P
Uitgeschakelde scanopties:
Objecten gescand: 398499
Verstreken tijd: 52 minuut/minuten, 59 seconde(n)

Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 1
C:\Users\Samsung\Desktop\Privé\IceCold ReLoaded.exe (Malware.Packer.Gen) -> Succesvol in quarantaine geplaatst en verwijderd.

(einde)

Inmiddels ook verwijderd.

#10 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:12:43 AM

Posted 08 October 2012 - 04:53 AM

Wat mbam heeft gevonden in de laatste log is ook nergens om je zorgen over te maken. In dit geval gaat dit over een tool om je msn account te "bevriezen". Dit wordt meestal voor verkeerde doeleinden gebruikt, daarom dat het ook gedetecteerd wordt.
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#11 Quote

Quote
  • Topic Starter

  • Banned
  • 173 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:43 PM

Posted 08 October 2012 - 05:01 AM

Wat mbam heeft gevonden in de laatste log is ook nergens om je zorgen over te maken. In dit geval gaat dit over een tool om je msn account te "bevriezen". Dit wordt meestal voor verkeerde doeleinden gebruikt, daarom dat het ook gedetecteerd wordt.


Haha, bedankt. Dan mag deze naar de vernietiginator.

#12 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:12:43 AM

Posted 08 October 2012 - 05:06 AM

Graag gedaan :)
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#13 Quote

Quote
  • Topic Starter

  • Banned
  • 173 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:43 PM

Posted 08 October 2012 - 05:15 AM

Geen probleem, kan deze weg of?

#14 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:12:43 AM

Posted 08 October 2012 - 05:38 AM

De thread wordt binnen enkele dagen gesloten als opgelost :)
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users