Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unknown Infection


  • This topic is locked This topic is locked
1 reply to this topic

#1 paintboxz

paintboxz

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:19 AM

Posted 18 December 2012 - 03:32 AM

I have posted earlier today but received no reply's, can anyone help me please. My PC is infected with something which causes all programs either not to start or to crash or freeze. Windows Explorer is effected by re-starts. UBS ports have stopped working, cannot pass information via USB sticks, have to use CD.
I have attached required files, also pasted below, any help will be greatly appreciated:

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 11/11/2010 4:38:49 PM
System Uptime: 18/12/2012 11:50:51 AM (1 hours ago)
.
Motherboard: Gigabyte Technology Co., Ltd. | | H55-USB3
Processor: Intel® Core™ i5 CPU 661 @ 3.33GHz | Socket 1156 | 3333/133mhz
.
==== Disk Partitions =========================
.
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
@BIOS
1ClickDownload
3DVIA player 5.0
ABBYY FineReader 11
ABBYY FineReader 9.0 Professional Edition
abgx360 v1.0.6
Adobe After Effects CS3
Adobe After Effects CS3 Presets
Adobe AIR
Adobe Anchor Service CS3
Adobe Anchor Service CS4
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge CS4
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe Captivate Quiz Results Analyzer
Adobe Captivate Reviewer
Adobe CMaps CS4
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Community Help
Adobe CSI CS4
Adobe CSI CS4 x64
Adobe Default Language CS4
Adobe Device Central CS3
Adobe Device Central CS4
Adobe Digital Editions
Adobe Dreamweaver CS4
Adobe eLearning Suite 2
Adobe ExtendScript Toolkit 2
Adobe ExtendScript Toolkit CS4
Adobe Extension Manager CS3
Adobe Extension Manager CS4
Adobe Fireworks CS3
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Linguistics CS3
Adobe Media Player
Adobe MotionPicture Color Files
Adobe Output Module
Adobe PDF Library Files CS4
Adobe Photoshop CS5
Adobe Presenter 7
Adobe Reader X (10.1.4)
Adobe Search for Help
Adobe Service Manager Extension
Adobe Setup
Adobe Shockwave Player 11.6
Adobe Type Support CS4
Adobe Update Manager CS3
Adobe Update Manager CS4
Adobe Version Cue CS3 Client
Adobe Video Profiles
Adobe Widget Browser
Adobe XMP DVA Panels CS3
Adobe XMP Panels CS3
Adobe XMP Panels CS4
aerosoft's - Budapest 2007 - FS2004
Aerosoft's - Mega Airport Budapest
Amazon Kindle
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft MediaConverter 4 Platinum
ArcSoft PhotoImpression 6
ArcSoft ShowBiz
ArcSoft Video Downloader
ASUS Gamer OSD
ASUS VGA Driver
AT&T Labs' Natural Voices - Desktop 1.4 Redist
ATI AVIVO64 Codecs
ATI Catalyst Install Manager
µTorrent
ATT 1.4 Engine Only (no voices)
AutoGreen B09.1014.2
AVI Splitter
AVI/MPEG/RM/WMV Joiner 4.82
Avidemux 2.5
BBC iPlayer Desktop
Bitcoin
Bitdefender 60-Second Virus Scanner
Bonjour
Bonjour Print Services
Broadcom 802.11n Network Adapter
Browser Configuration Utility
calibre
CameraHelperMsi
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
ccc-utility64
CCC Help English
CCleaner
Cepstral Lawrence 5.2.0
Cepstral Millie 4.2.0
ClamWin Free Antivirus 0.97.6
CloneDVD2
Cobian Backup 10
ColorSchemer Studio 2
Connect
Corel Graphics - Windows Shell Extension
Corel Graphics - Windows Shell Extension 64 Bit
CorelDRAW Graphics Suite X5
CorelDRAW Graphics Suite X5 - Capture
CorelDRAW Graphics Suite X5 - Common
CorelDRAW Graphics Suite X5 - Connect
CorelDRAW Graphics Suite X5 - Custom Data
CorelDRAW Graphics Suite X5 - Draw
CorelDRAW Graphics Suite X5 - EN
CorelDRAW Graphics Suite X5 - Filters
CorelDRAW Graphics Suite X5 - FontNav
CorelDRAW Graphics Suite X5 - IPM
CorelDRAW Graphics Suite X5 - PHOTO-PAINT
CorelDRAW Graphics Suite X5 - Photozoom Plugin
CorelDRAW Graphics Suite X5 - Redist
CorelDRAW Graphics Suite X5 - Setup Files
CorelDRAW Graphics Suite X5 - VBA
CorelDRAW Graphics Suite X5 - VideoBrowser
CorelDRAW Graphics Suite X5 - VSTA
CorelDRAW Graphics Suite X5 - WT
CorelDRAW® Graphics Suite X5
CSE HTML Validator Professional v10.00
CutePDF Writer 2.8
D3DX10
Deployment Manager 2.0.0.229
DES 2.0
Douglas DC-4 for FSX
DVD Shrink 3.2
DVD43 Plug-in v1.0.0.5
EASEUS Todo Backup 1.1
Easy-Hide-IP 4.1.7.0
Easy HTML5 Video
Easy Tune 6 B10.0521.1
Easy Video Splitter 1.28
erLT
Flight Simulator X
Flight Simulator X Service Pack 1
FormatFactory 2.90
Gigabyte Raid Configurer
GIMP
Google Chrome
Google Chrome Frame
Google Earth
Google Talk Plugin
Google Update Helper
Graboid Video 3.05
GT Interactive - Driver
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)
HP Deskjet 3000 J310 series Basic Device Software
HP Deskjet 3000 J310 series Help
IIS Database Manager
IIS Search Engine Optimization Toolkit 1.0
IIS URL Rewrite Module 2
iLivid
ImgBurn
IncredibleCharts Pro
InfraRecorder
Intel® Management Engine Components
iTunes
Java Auto Updater
Java™ 6 Update 35
Junk Mail filter update
Just Flight - FS Insider C152
Just Flight F-117A Stealth Fighter (FSX)
Kcast for Windows
kuler
Logitech Vid HD
Logitech Webcam Software
LWS Facebook
LWS Gallery
LWS Help_main
LWS Launcher
LWS Motion Detection
LWS Pictures And Video
LWS Twitter
LWS Video Mask Maker
LWS VideoEffects
LWS Webcam Software
LWS WLM Plugin
LWS YouTube Plugin
M8 Free Clipboard
Malwarebytes Anti-Malware version 1.65.1.1000
Mesh Runtime
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft Application Error Reporting
Microsoft ASP.NET MVC 2
Microsoft ASP.NET MVC 2 - VWD Express 2010 Tools
Microsoft Flight Simulator X
Microsoft Flight Simulator X: Acceleration
Microsoft Help Viewer 1.0
Microsoft IntelliPoint 8.2
Microsoft IntelliType Pro 8.2
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Plus 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Silverlight 3 SDK
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2008 (64-bit)
Microsoft SQL Server 2008 Browser
Microsoft SQL Server 2008 Common Files
Microsoft SQL Server 2008 Database Engine Services
Microsoft SQL Server 2008 Database Engine Shared
Microsoft SQL Server 2008 Management Objects
Microsoft SQL Server 2008 Native Client
Microsoft SQL Server 2008 R2 Management Objects
Microsoft SQL Server 2008 R2 Setup (English)
Microsoft SQL Server 2008 RsFx Driver
Microsoft SQL Server 2008 Setup Support Files
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft SQL Server Compact 3.5 SP2 x64 ENU
Microsoft SQL Server Database Publishing Wizard 1.4
Microsoft SQL Server System CLR Types
Microsoft SQL Server VSS Writer
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU
Microsoft Visual Studio Tools for Applications 2.0 - ENU
Microsoft Visual Studio Tools for Applications 2.0 Runtime
Microsoft Visual Web Developer 2010 Express - ENU
Microsoft Web Platform Installer 3.0
Microsoft_VC80_ATL_x86
Microsoft_VC80_ATL_x86_x64
Microsoft_VC80_CRT_x86
Microsoft_VC80_CRT_x86_x64
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFC_x86_x64
Microsoft_VC80_MFCLOC_x86
Microsoft_VC80_MFCLOC_x86_x64
Microsoft_VC90_ATL_x86
Microsoft_VC90_ATL_x86_x64
Microsoft_VC90_CRT_x86
Microsoft_VC90_CRT_x86_x64
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFC_x86_x64
MiniTool Power Data Recovery
Mobipocket Creator 4.2
Mobipocket Reader 6.2
Mozilla Firefox 11.0 (x86 en-US)
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
Muse (code name)
MySQL Connector Net 5.2.5
MySQL Server 5.1
NEC Electronics USB 3.0 Host Controller Driver
Nero 7 Premium
neroxml
NETGEAR WNA1000M Wireless USB 2.0 Adapter
NextUp-Acapela Elan Graham22 UK English Voice
NextUp-Acapela Elan Lucy22 UK English Voice
NextUp-ScanSoft Jennifer US English Voice
NextUp.com-NeoSpeech Paul16 Voice
ON_OFF Charge B10.0427.1
OutlookTools 2
P2PFilter 3.0.5
PDF Settings CS5
Photoshop Camera Raw
PHP 5.2.14
Picasa 3
PlayReady PC Runtime amd64
Power Data Recovery 4.1.1
PowerISO
Pre-Paid Telstra WIFI 4G
QuickTime
R-Studio
Rapport
Realtek Ethernet Controller Driver For Windows 7
Realtek High Definition Audio Driver
Revo Uninstaller Pro 2.5.5
Safari
Sage Instant Accounts
Sage Instant Accounts V12.00
Sage Line 50 7.0
Salling Media Sync
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Security Update for Microsoft Visual Web Developer 2010 Express - ENU (KB2251489)
Service Pack 1 for SQL Server 2008 (KB968369) (64-bit)
Skype Click to Call
Skype™ 5.10
Smart 6 B10.0422.1
Spybot - Search & Destroy
Sql Server Customer Experience Improvement Program
SQL Server System CLR Types
Stellar Phoenix Windows Data Recovery V3.0
Striata Reader
Suite Shared Configuration CS4
swMSM
Task Coach 1.3.4
TextAloud
The KMPlayer (remove only)
UltraSearch V1.7.1
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760573) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Utility
Van Dyke Technologies AbsoluteFTP 1.9
Veetle TV
Visual Basic for Applications ® Core
Visual Basic for Applications ® Core - English
VLC media player 1.0.5
Web Deployment Tool
Windows Cache Extension 1.1 for PHP 5.2
Windows Internet Explorer Platform Preview
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Player Firefox Plugin
WinPatrol
WinRAR 4.10 (64-bit)
WinRAR archiver
WinSCP 4.3.3
Wondershare LiveBoot 2012 (Build 7.0.1)
Xilisoft DVD Ripper Platinum 4
Xilisoft DVD Ripper Platinum 5
Xilisoft DVD Ripper Ultimate
Xvid 1.2.2 final uninstall
XviD MPEG-4 Video Codec
ZTE LTE Device USB Driver
.
==== End Of File ===========================




DDS (Ver_2012-11-20.01) - NTFS_AMD64 MINIMAL
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 1.6.0_35
Run by William at 12:35:46 on 2012-12-18
Microsoft Windows 7 Professional 6.1.7601.1.1252.61.1033.18.8119.6758 [GMT 11:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\taskmgr.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\ctfmon.exe
C:\Windows\explorer.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uSearch Bar = hxxp://feed.snap.do/?publisher=SnapdoEMon&dpid=SnapdoEMon&co=AU&userid=960449c2-eb04-4575-a21d-41b1241c6dfc&searchtype=ds&q={searchTerms}
uSearch Page = hxxp://feed.snap.do/?publisher=SnapdoEMon&dpid=SnapdoEMon&co=AU&userid=960449c2-eb04-4575-a21d-41b1241c6dfc&searchtype=ds&q={searchTerms}
uProxyServer = socks=127.0.0.1:4021
uProxyOverride = local;*.local
uSearchAssistant = hxxp://feed.snap.do/?publisher=SnapdoEMon&dpid=SnapdoEMon&co=AU&userid=960449c2-eb04-4575-a21d-41b1241c6dfc&searchtype=ds&q={searchTerms}
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: IEPlugin Class: {11222041-111B-46E3-BD29-EFB2449479B1} - C:\Program Files (x86)\ArcSoft\Video Downloader\ArcURLRecord.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: TextAloud: {F053C368-5458-45B2-9B4D-D8914BDDDBFF} - C:\Program Files (x86)\TextAloud\TAForIE.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [ISUSPM Startup] c:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
uRun: [KcastWin7] <no file>
mRun: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
mRun: [BCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"
mRun: [ClamWin] "C:\Program Files (x86)\ClamWin\bin\ClamTray.exe" --logon
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Bonus.SSR.FR11] "C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe" /autorun
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
mRunOnce: [InnoSetupRegFile.0000000001] "C:\Windows\is-RVRCS.exe" /REG /REGSVRMODE
StartupFolder: C:\Users\William\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\AUTORU~1\BBCIPL~1.LNK - C:\Program Files (x86)\BBC iPlayer Desktop\BBC iPlayer Desktop.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\NETGEA~1.LNK - C:\Program Files (x86)\NETGEAR\WNA1000M\WNA1000M.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
LSP: C:\Windows\System32\EasyRedirect.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 10.1.1.1
TCP: Interfaces\{1CDD0306-C2C3-4057-AB24-A62D87187E62} : DHCPNameServer = 10.1.1.1
TCP: Interfaces\{4D59C85B-6E37-4CBE-BB10-CD2593D500F2} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{D62F08E7-5464-49BE-93AB-F9C56F91EAC0} : DHCPNameServer = 192.168.1.1
Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Users\William\AppData\Local\Google\Chrome\Application\23.0.1271.97\npchrome_frame.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - <orphaned>
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
x64-Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\William\AppData\Roaming\Mozilla\Firefox\Profiles\bb6qmzjc.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1060933&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - hxxp://feed.snap.do/?publisher=SnapdoEMon&dpid=SnapdoEMon&co=AU&userid=960449c2-eb04-4575-a21d-41b1241c6dfc&searchtype=hp
FF - prefs.js: browser.search.selectedEngine - Web Search
FF - prefs.js: keyword.URL - hxxp://feed.snap.do/?publisher=SnapdoEMon&dpid=SnapdoEMon&co=AU&userid=960449c2-eb04-4575-a21d-41b1241c6dfc&searchtype=ds&q=
FF - prefs.js: network.proxy.socks - 127.0.0.1
FF - prefs.js: network.proxy.socks_port - 4021
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Veetle\Player\npvlc.dll
FF - plugin: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
FF - plugin: C:\Program Files (x86)\Virtools\3D Life Player\npvirtools.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files\Microsoft\Web Platform Installer\NPWPIDetector.dll
FF - plugin: C:\Users\William\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Users\William\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\William\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MDPMGRNT;MacDrive Partition Driver;C:\Windows\System32\drivers\MDPMGRNT.SYS [2012-1-26 32352]
R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\drivers\SmartDefragDriver.sys [2011-3-12 17720]
R3 EuDisk;EASEUS Disk Enumerator;C:\Windows\System32\drivers\EuDisk.sys [2010-11-11 137608]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2009-10-27 75264]
R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2009-10-27 176640]
S0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2012-8-30 228768]
S0 RapportKE64;RapportKE64;C:\Windows\System32\drivers\RapportKE64.sys [2012-1-2 236216]
S1 AppleCharger;AppleCharger;C:\Windows\System32\drivers\AppleCharger.sys [2010-11-11 21544]
S1 RapportCerberus_44365;RapportCerberus_44365;C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_44365.sys [2012-10-28 508024]
S1 RapportEI64;RapportEI64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2012-11-14 224024]
S1 RtlProt;Realtke RtlProt WLAN Utility Protocol Driver;C:\Windows\System32\drivers\RtlProt.sys [2012-7-15 31016]
S2 ABBYY.Licensing.FineReader.Professional.11.0;ABBYY FineReader 11 PE Licensing Service;C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe [2011-10-12 819976]
S2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2009-11-11 203776]
S2 BCUService;Browser Configuration Utility Service;C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2009-10-15 223464]
S2 cbVSCService;Cobian Backup 10 Volume Shadow Copy service;C:\Program Files (x86)\Cobian Backup 10\cbVSCService.exe [2012-1-27 67584]
S2 Cepstral License Server;Cepstral License Server;C:\Program Files (x86)\Cepstral\bin\CepstralLicSrv.exe [2009-9-29 117760]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 CobianBackup10;Cobian Backup Boletus;C:\Program Files (x86)\Cobian Backup 10\cbService.exe [2012-1-27 1125376]
S2 CronService;Cron Service for Prey;C:\Prey\platform\windows\cronsvc.exe [2011-2-16 19968]
S2 DES2 Service;DES2 Service for Energy Saving.;C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe [2010-11-11 68136]
S2 DeviceMonitor_MF91;Device Monitor For ZTE MF91;C:\Program Files\Pre-Paid Telstra WIFI 4G\DeviceMonitor_x64.exe [2012-9-7 234008]
S2 EasyRedirect;EasyRedirect;C:\Program Files\Easy-Hide-IP\rdr\EasyRedirect.exe [2012-9-23 3542856]
S2 JMB36X;JMB36X;C:\Windows\SysWOW64\XSrvSetup.exe [2010-11-11 72304]
S2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2010-10-24 128456]
S2 pdserv;Bitdefender 60-Second Virus Scanner Service;C:\Program Files\Bitdefender\60-Second Virus Scanner\pdscan.exe \svc --> C:\Program Files\Bitdefender\60-Second Virus Scanner\pdscan.exe \svc [?]
S2 RapportMgmtService;Rapport Management Service;C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2012-11-14 1115992]
S2 RealtekUSB;RealtekUSB;C:\Program Files (x86)\Realtek\RTL8187 Wireless LAN Utility\RtlService.exe --> C:\Program Files (x86)\Realtek\RTL8187 Wireless LAN Utility\RtlService.exe [?]
S2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2010-11-11 1153368]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S2 Smart TimeLock;Smart TimeLock Service;C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe [2010-11-11 114688]
S2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-1-18 450848]
S2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-11-11 2320920]
S2 WlanWpsSvc;WlanWpsSvc;C:\Program Files (x86)\NETGEAR\WNA1000M\WlanWpsSvc.exe [2010-11-16 174560]
S3 AF9035BDA;AF9035 BDA Devices;C:\Windows\System32\drivers\AF9035BDA.sys [2009-5-22 488832]
S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]
S3 AvsBluebird;FusionHDTV USB, AVStream Capture;C:\Windows\System32\drivers\bluebird64.sys [2010-6-28 575744]
S3 CompFilter64;UVCCompositeFilter;C:\Windows\System32\drivers\lvbflt64.sys [2012-1-18 25632]
S3 EUDSKACS;EUDSKACS;C:\Windows\SysWOW64\drivers\eudskacs.sys [2010-11-11 17800]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2010-11-13 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-13 1492840]
S3 GVTDrv64;GVTDrv64;C:\Windows\GVTDrv64.sys [2010-11-11 30528]
S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2012-1-18 351136]
S3 LVUVC64;Logitech HD Pro Webcam C910(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2012-1-18 4865568]
S3 massfilter_lte;ZTE LTE Device Mass Storage Filter Driver;C:\Windows\System32\drivers\massfilter_LTE.sys [2012-9-7 18456]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-9-12 368896]
S3 npggsvc;nProtect GameGuard Service;C:\Windows\System32\GameMon.des -service --> C:\Windows\System32\GameMon.des -service [?]
S3 Revoflt;Revoflt;C:\Windows\System32\drivers\revoflt.sys [2011-11-14 31800]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-11-11 346144]
S3 RTL8192cu;NETGEAR WNA1000M N150 Wireless USB Micro Adapter;C:\Windows\System32\drivers\WNA1000M.sys [2011-1-31 855144]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-6-7 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2011-5-10 51712]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-11-12 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S3 zgdcat;ZTE Datacard AT Port;C:\Windows\System32\drivers\zgdcat.sys [2012-9-7 130200]
S3 zgdcdiag;ZTE Datacard Diagnostics Port;C:\Windows\System32\drivers\zgdcdiag.sys [2012-9-7 130200]
S3 zgdcnet;ZTE Datacard Network Adapter;C:\Windows\System32\drivers\zgdcnet.sys [2012-9-7 169496]
S4 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;C:\Program Files (x86)\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [2007-12-6 660768]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-7-22 61976]
S4 RsFx0103;RsFx0103 Driver;C:\Windows\System32\drivers\RsFx0103.sys [2009-3-30 311656]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-3-30 427880]
S4 StarWindServiceAE;StarWind AE Service;C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-24 370688]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== File Associations ===============
.
FileExt: .js: jsfile="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS4\Dreamweaver.exe","%1"
ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS4\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2012-12-18 01:06:16 -------- d-sh--w- C:\$RECYCLE.BIN
2012-12-18 00:43:21 711240 ----a-w- C:\Windows\is-RVRCS.exe
2012-12-18 00:41:37 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-12-18 00:38:22 98816 ----a-w- C:\Windows\sed.exe
2012-12-18 00:38:22 256000 ----a-w- C:\Windows\PEV.exe
2012-12-18 00:38:22 208896 ----a-w- C:\Windows\MBR.exe
2012-12-18 00:38:07 -------- d-s---w- C:\ComboFix
2012-12-17 21:48:54 76232 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{022D14D3-55B5-4E0F-A5FE-700F689E76B1}\offreg.dll
2012-12-17 10:32:07 41148 ----a-w- C:\ProgramData\1355740071.bdinstall.bin
2012-12-17 10:29:26 -------- d-----w- C:\Program Files\Bitdefender
2012-12-17 09:22:16 9125352 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{022D14D3-55B5-4E0F-A5FE-700F689E76B1}\mpengine.dll
2012-12-17 03:22:41 -------- d-----w- C:\Users\William\AppData\Local\{F7956FD0-3AD5-48F7-A50B-5929435EC8B9}
2012-12-16 23:10:50 -------- d-----w- C:\Program Files (x86)\R-Studio
2012-12-16 23:00:38 69632 ----a-w- C:\Windows\SysWow64\Crypserv.exe
2012-12-16 23:00:38 31846 ----a-w- C:\Windows\SysWow64\Ckldrv.sys
2012-12-16 23:00:38 27648 ----a-r- C:\Windows\Setup_ck.exe
2012-12-16 23:00:38 18432 ----a-w- C:\Windows\Setup_ck.dll
2012-12-16 23:00:38 165888 ----a-w- C:\Windows\Ckconfig.exe
2012-12-16 23:00:38 11776 ----a-w- C:\Windows\Ckrfresh.exe
2012-12-16 23:00:25 260920 ----a-w- C:\Windows\SysWow64\MSDATGRD.OCX
2012-12-16 23:00:25 -------- d-----w- C:\Program Files (x86)\Stellar Phoenix Windows Data Recovery
2012-12-16 22:14:39 -------- d-----w- C:\TestDisk
2012-12-16 21:58:43 -------- d-----w- C:\ProgramData\Spotmau
2012-12-16 21:58:01 -------- d-----w- C:\Program Files (x86)\Wondershare
2012-12-16 05:45:37 9125352 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-12-14 03:10:18 -------- d-----w- C:\Users\William\AppData\Local\{D91944B3-769D-4525-AEA7-29B6AA56FA6A}
2012-12-13 23:22:03 -------- d-----w- C:\Users\William\AppData\Roaming\JAM Software
2012-12-13 23:22:01 -------- d-----w- C:\Program Files (x86)\JAM Software
2012-12-13 06:43:51 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-12-13 06:42:45 478208 ----a-w- C:\Windows\System32\dpnet.dll
2012-12-13 06:42:45 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll
2012-12-12 00:03:09 16363960 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2012-12-11 01:27:03 -------- d-----w- C:\Users\William\AppData\Local\{8CDE2F32-FC18-4A51-B36C-49835FA56E1D}
2012-12-11 00:27:14 -------- d-----w- C:\Windows\SysWow64\Adobe
2012-12-01 01:24:11 972264 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D815C849-1EA2-42AD-AC77-A9B6D983803C}\gapaengine.dll
2012-11-26 05:46:52 -------- d-----w- C:\Users\William\AppData\Roaming\com.adobe.ExMan
2012-11-23 04:29:13 -------- d-----w- C:\Program Files (x86)\NETGEAR
.
==================== Find3M ====================
.
2012-12-18 00:36:52 29 ----a-w- C:\Windows\SysWow64\TempWmicBatchFile.bat
2012-12-17 23:36:47 25640 ----a-w- C:\Windows\gdrv.sys
2012-12-12 00:03:18 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-12 00:03:18 697272 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-11-22 03:26:40 3149824 ----a-w- C:\Windows\System32\win32k.sys
2012-11-14 11:25:54 236216 ----a-w- C:\Windows\System32\drivers\RapportKE64.sys
2012-11-14 06:11:44 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-11-14 06:04:11 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-11-14 06:02:49 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-11-14 05:57:46 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-11-14 05:57:35 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-11-14 05:52:40 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-11-14 02:09:22 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-11-14 01:58:15 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-11-14 01:57:37 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-11-14 01:49:25 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-11-14 01:48:27 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-11-14 01:44:42 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-11-09 05:45:09 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-11-05 21:35:16 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-11-05 20:41:32 367616 ----a-w- C:\Windows\System32\atmfd.dll
2012-11-05 20:32:16 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-11-05 20:32:09 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-10-16 08:38:37 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38:34 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39:52 561664 ----a-w- C:\Windows\apppatch\AcLayers.dll
2012-10-11 08:32:55 477168 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
2012-10-11 08:32:55 473072 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-10-09 18:17:13 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll
2012-10-09 18:17:13 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll
2012-10-09 17:40:31 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40:31 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll
2012-10-04 17:46:16 362496 ----a-w- C:\Windows\System32\wow64win.dll
2012-10-04 17:46:15 243200 ----a-w- C:\Windows\System32\wow64.dll
2012-10-04 17:46:15 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2012-10-04 17:45:55 215040 ----a-w- C:\Windows\System32\winsrv.dll
2012-10-04 17:43:28 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2012-10-04 17:41:16 424960 ----a-w- C:\Windows\System32\KernelBase.dll
2012-10-04 16:47:41 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2012-10-04 16:47:41 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2012-10-04 15:21:55 338432 ----a-w- C:\Windows\System32\conhost.exe
2012-10-04 14:46:46 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2012-10-04 14:46:46 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2012-10-04 14:46:44 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2012-10-04 14:46:43 2048 ----a-w- C:\Windows\SysWow64\user.exe
2012-10-04 14:41:50 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-10-04 14:41:50 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-04 14:41:50 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-10-04 14:41:50 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-10-03 17:56:54 1914248 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-10-03 17:44:21 70656 ----a-w- C:\Windows\System32\nlaapi.dll
2012-10-03 17:44:21 303104 ----a-w- C:\Windows\System32\nlasvc.dll
2012-10-03 17:44:17 246272 ----a-w- C:\Windows\System32\netcorehc.dll
2012-10-03 17:44:17 18944 ----a-w- C:\Windows\System32\netevent.dll
2012-10-03 17:44:16 216576 ----a-w- C:\Windows\System32\ncsi.dll
2012-10-03 17:42:16 569344 ----a-w- C:\Windows\System32\iphlpsvc.dll
2012-10-03 16:42:24 18944 ----a-w- C:\Windows\SysWow64\netevent.dll
2012-10-03 16:42:24 175104 ----a-w- C:\Windows\SysWow64\netcorehc.dll
2012-10-03 16:42:23 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll
2012-10-03 16:07:26 45568 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys
2012-09-29 08:54:26 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-09-25 22:47:43 78336 ----a-w- C:\Windows\SysWow64\synceng.dll
2012-09-25 22:46:17 95744 ----a-w- C:\Windows\System32\synceng.dll
2008-04-13 08:12:14 102912 ----a-w- C:\Program Files (x86)\clipbrd.exe
.
============= FINISH: 12:37:21.12 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,946 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:03:19 PM

Posted 18 December 2012 - 04:13 AM

Please be patient. We receive many requests for assistance, and we only have so many trained volunteers. It may take a few days for your topic here: http://www.bleepingcomputer.com/forums/topic478820.html to receive a reply, but it will be picked up. I suggest checking your topic once a day for a reply as the e-mail notification system is not completely reliable.

Note: if Helpbot replies, you MUST follow step one in its reply so that we know you need assistance.

This topic is now closed and shall be deleted later to avoid confusion.

Orange Blossom :cherry:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users