Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

possible malware in google chrome, displaying Chinese characters


  • This topic is locked This topic is locked
2 replies to this topic

#1 kumasan

kumasan

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:21 AM

Posted 22 August 2013 - 05:12 AM

Hello,

during exploration of various app creators for android I came across beta.appinventor.mit.edu. I'm still using IE8(sadly no more support) but have google chrome as a second option. 

I'm not sure when what happened exactly. I did a defrag, cleaned some old files. I tried to open beta.appinventor in chrome and it displays chinese characters across the screen.

Even when I log-in to my modem (portable wifi router) from chrome it displays chinese characters. Very few sites display adds in chinese the rest of the site would be ok. Also if I open a tab in incognito mode the entire window is filled with chinese characters.

Now the chinese characters are not displayed by opening 'normal' url's.

The puzzling thing is, the speed of the system is good. IE8 has no problems. I can open websites in chrome, no problem. 

I tried ccleaner, norton scan, dr.web scan, uninstalled chrome, re installed, several times, knowing I will not be able to remove all chrome instances in the reg, trying it again with revo uninstaller and re install.

Same problem chinese characters. I don't know what else to do.

 

Attached File  attach.zip   5.71KB   0 downloadsAttached File  Untitled-1.jpg   61.33KB   1 downloads

 

did a hijackthis as well, not sure if I should post this as well.

 

thanks in advance for taking a look

 

following the dds and attached zip file plus a screen shot of the chinese characters:

 

DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 8.0.6001.18702  BrowserJavaVersion: 10.25.2
Run by Guido at 10:26:32 on 2013-08-22
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.3326.2345 [GMT 1:00]
.
AV: Norton Internet Security *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *Enabled* 
.
============== Running Processes ================
.
C:\WINDOWS\system32\nvwmi.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Google\Update\1.3.21.153\GoogleCrashHandler.exe
C:\Documents and Settings\All Users\Application Data\DatacardService\HWDeviceService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\nvwmi.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\meo internet movel MF190J\UIMain.exe
C:\Program Files\meo internet movel MF190J\CMUpdater.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\svchost.exe -k Akamai
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mStart Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=NIS&pvid=20.3.0.36
uProxyOverride = localhost;*.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\program files\norton internet security\engine\20.4.0.40\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\norton internet security\engine\20.4.0.40\ips\ipsbho.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.8313.1002\swg.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - c:\program files\yahoo!\companion\installs\cpn\YTSingleInstance.dll
BHO: SimpleAdblock Class: {FFCB3198-32F3-4E8B-9539-4324694ED664} - c:\program files\common files\simple adblock\SimpleAdblock.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton internet security\engine\20.4.0.40\coieplg.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:323
uPolicies-Explorer: NoDriveAutoRun = dword:67108863
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
IE: {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - c:\program files\iespell\iespell.dll/SPELLCHECK.HTM
IE: {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - c:\program files\iespell\iespell.dll/SPELLOPTION.HTM
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} - hxxp://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: {22945A69-1191-4DCF-9E6F-409BDE94D101} - hxxp://dl-ak.solidworks.com/nonsecure/edrawings/e2012sp03/12.3.0.113/cab//eModelsStandard.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} - hxxp://i.dell.com/images/global/js/scanner/SysProExe.cab
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1341314728781
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect1263.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {B479199A-1242-4E3C-AD81-7F0DF801B4AE} - hxxp://download.microsoft.com/download/C/9/C/C9C3D86D-84AC-4AF0-8584-842756A66467/MicrosoftDownloadManager.cab
DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 88.214.178.2 88.214.182.1
TCP: Interfaces\{27FD90C5-3AB9-4F98-B3AC-EE8FE3D33131} : DHCPNameServer = 88.214.178.2 88.214.182.1
TCP: Interfaces\{CA698B49-E6DC-408E-83E1-2E785643F497} : NameServer = 8.8.8.8,8.8.4.4
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
AppInit_DLLs= c:\windows\system32\acaptuser32.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
SEH: DVDIdleShell Class - {93994DE8-8239-4655-B1D1-5F4E91300429} - c:\program files\dvd region+css free\DVDShell.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\29.0.1547.57\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nis\1404000.028\symds.sys [2013-6-8 367704]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1404000.028\symefa.sys [2013-6-8 934488]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_20.1.1.2\definitions\bashdefs\20130715.001\BHDrvx86.sys [2013-7-17 1002072]
R1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\nis\1404000.028\ccsetx86.sys [2013-6-8 134744]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nis\1404000.028\ironx86.sys [2013-6-8 175264]
R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2008-4-25 14336]
R2 HWDeviceService.exe;HWDeviceService.exe;c:\documents and settings\all users\application data\datacardservice\HWDeviceService.exe [2011-3-14 271712]
R2 NIS;Norton Internet Security;c:\program files\norton internet security\engine\20.4.0.40\ccsvchst.exe [2013-6-8 144368]
R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2013-3-1 36600]
R2 NVIDIA Performance Driver Service;NVIDIA Performance Driver Service;c:\program files\nvidia corporation\performance drivers\nvPDsvc.exe [2008-9-10 3653632]
R2 NVWMI;NVIDIA WMI Provider;c:\windows\system32\nvwmi.exe [2012-2-4 478016]
R3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\system32\drivers\CT20XUT.sys [2008-10-7 171096]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\system32\drivers\CTEXFIFX.sys [2008-10-7 1324120]
R3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\system32\drivers\CTHWIUT.sys [2008-10-7 72792]
R3 dvdfab;dvdfab;c:\windows\system32\drivers\dvdfab.sys [2013-5-12 54144]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2013-8-21 106656]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [2013-7-26 76544]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_20.1.1.2\definitions\ipsdefs\20130821.003\IDSXpx86.sys [2013-8-22 380832]
R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_20.1.1.2\definitions\virusdefs\20130821.024\NAVENG.SYS [2013-8-22 93272]
R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_20.1.1.2\definitions\virusdefs\20130821.024\NAVEX15.SYS [2013-8-22 1611992]
R3 zte_cdc_acm;ZTE All CDC-ACM driver;c:\windows\system32\drivers\zte_cdc_acm.sys [2012-3-23 68352]
R3 zte_cdc_ecm;zte_cdc_ecm;c:\windows\system32\drivers\zte_cdc_ecm.sys [2012-3-23 33152]
R3 zte_ecm_enum;ZTE All DC Enumerator;c:\windows\system32\drivers\zte_ecm_enum.sys [2012-3-23 47744]
R3 zte_ecm_enum_filter;zte_ecm_enum_filter;c:\windows\system32\drivers\zte_ecm_enum_filter.sys [2012-3-23 47744]
S0 395177DBEB72;395177DBEB72;c:\windows\system32\drivers\395177dbeb72.sys --> c:\windows\system32\drivers\395177DBEB72.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 androidusb;ADB Interface Driver;c:\windows\system32\drivers\Medion_androidusb.sys [2012-4-23 25728]
S3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.sys [2008-10-7 171096]
S3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.sys [2008-10-7 1324120]
S3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.sys [2008-10-7 72792]
S3 esgiguard;esgiguard;\??\c:\program files\enigma software group\spyhunter\esgiguard.sys --> c:\program files\enigma software group\spyhunter\esgiguard.sys [?]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys [2013-7-26 102784]
S3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\drivers\ew_usbenumfilter.sys [2013-7-26 11136]
S3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\drivers\ew_jucdcacm.sys [2013-7-26 96000]
S3 huawei_cdcecm;huawei_cdcecm;c:\windows\system32\drivers\ew_jucdcecm.sys [2013-7-26 69760]
S3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\drivers\ew_juextctrl.sys [2013-7-26 27520]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\drivers\teamviewervpn.sys [2013-6-24 25088]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2011\TuneUpUtilitiesDriver32.sys [2010-10-7 10064]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2008-4-25 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-4-18 754856]
S3 zte_wcpo;ZTE All Install (WCPO);c:\windows\system32\drivers\zte_wcpo.sys [2012-3-23 9600]
S4 ArchVision Content Manager Service;ArchVision Content Manager Service;c:\program files\archvision\archvision content manager\rpcacmapp.exe --service --path "c:\program files\archvision\archvision content manager" --> c:\program files\archvision\archvision content manager\rpcacmapp.exe --service --path c:\program files\archvision\ArchVision Content Manager [?]
S4 ASFIPmon;Broadcom ASF IP and SMBIOS Mailbox Monitor;c:\program files\broadcom\asfipmon\AsfIpMon.exe [2007-6-20 79168]
S4 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\common files\creative labs shared\service\CTAELicensing.exe [2009-4-7 79360]
S4 gupdate1c9b542db9d2df0;Google Update Service (gupdate1c9b542db9d2df0);c:\program files\google\update\GoogleUpdate.exe [2009-4-4 133104]
S4 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files\intel\intel® rapid storage technology\IAStorDataMgrSvc.exe [2011-7-24 13336]
S4 Skype C2C Service;Skype C2C Service;c:\documents and settings\all users\application data\skype\toolbars\skype c2c service\c2c_service.exe [2013-4-15 3289208]
S4 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-6-21 162408]
S4 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\tuneup utilities 2011\TuneUpUtilitiesService32.exe [2011-12-8 1527104]
S4 UI Assistant Service;UI Assistant Service;c:\program files\meo internet movel mf190j\AssistantServices.exe [2013-8-18 273224]
S4 UMVPFSrv;UMVPFSrv;c:\program files\common files\logishrd\lvmvfm\UMVPFSrv.exe [2012-1-18 450848]
.
=============== Created Last 30 ================
.
2013-08-22 08:37:36 388096 ----a-r- c:\documents and settings\guido\application data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2013-08-21 20:17:15 -------- d-----w- c:\program files\Coupons
2013-08-21 18:59:31 712704 ----a-r- c:\windows\system32\hposwia_d02c.dll
2013-08-21 18:59:31 589824 ----a-r- c:\windows\system32\hpost_d02c.dll
2013-08-21 18:59:31 372736 ----a-r- c:\windows\system32\hppldcoi.dll
2013-08-21 18:59:31 315392 ----a-r- c:\windows\system32\hposc_d02a.dll
2013-08-21 18:59:31 309760 ----a-r- c:\windows\system32\difxapi.dll
2013-08-20 22:30:11 -------- d-----w- c:\program files\VS Revo Group
2013-08-20 10:45:31 -------- d-----w- c:\documents and settings\guido\local settings\application data\NPE
2013-08-18 15:09:31 -------- d-----w- c:\program files\meo internet movel MF190J
2013-08-17 11:38:15 -------- d-----w- c:\documents and settings\guido\.android
2013-08-17 10:22:32 -------- d-----w- c:\documents and settings\guido\.appinventor
2013-08-17 10:16:17 -------- d-----w- c:\program files\AppInventor
2013-08-16 16:40:17 -------- d-----w- c:\documents and settings\guido\local settings\application data\Microsoft_Corporation
2013-08-14 19:09:30 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-08-13 17:04:35 -------- d-----w- c:\program files\Pika Software Builder
2013-08-13 17:03:19 -------- d-----w- c:\program files\MyPC Backup
2013-08-13 17:03:10 -------- d-----w- c:\documents and settings\guido\local settings\application data\TNT2
2013-08-13 17:03:00 -------- d-----w- c:\documents and settings\guido\application data\DefaultTab
2013-08-13 10:40:24 -------- d-----w- c:\documents and settings\guido\.lowklib
2013-08-13 10:40:24 -------- d-----w- c:\documents and settings\guido\.ffdb
2013-08-13 10:40:24 -------- d-----w- c:\documents and settings\guido\.cstm
2013-08-13 10:24:17 -------- d-----w- c:\documents and settings\guido\flexdock
2013-07-28 22:41:10 -------- d-----w- c:\windows\system32\MRT
2013-07-27 12:59:05 -------- d-----w- c:\windows\system32\NtmsData
2013-07-26 22:16:53 96000 ----a-w- c:\windows\system32\drivers\ew_jucdcacm.sys
2013-07-26 22:16:53 76544 ----a-w- c:\windows\system32\drivers\ew_jubusenum.sys
2013-07-26 22:16:53 69760 ----a-w- c:\windows\system32\drivers\ew_jucdcecm.sys
2013-07-26 22:16:53 27520 ----a-w- c:\windows\system32\drivers\ew_juextctrl.sys
2013-07-26 22:16:52 861696 ----a-w- c:\windows\system32\drivers\mod7700.sys
2013-07-26 22:16:52 28672 ----a-w- c:\windows\system32\drivers\usbccid.sys
2013-07-26 22:16:52 25856 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
2013-07-26 22:16:52 249472 ----a-w- c:\windows\system32\drivers\ewusbnet.sys
2013-07-26 22:16:52 199168 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2013-07-26 22:16:52 19200 ----a-w- c:\windows\system32\drivers\ew_hwupgrade.sys
2013-07-26 22:16:52 11136 ----a-w- c:\windows\system32\drivers\ew_usbenumfilter.sys
2013-07-26 22:16:52 102784 ----a-w- c:\windows\system32\drivers\ew_hwusbdev.sys
.
==================== Find3M  ====================
.
2013-08-14 19:09:20 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-08-14 19:09:20 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-08-14 19:09:20 144896 ----a-w- c:\windows\system32\javacpl.cpl
2013-07-31 15:12:38 278420 ----a-w- c:\windows\system32\nvdrsdb0.bin
2013-07-31 15:12:38 1 ----a-w- c:\windows\system32\nvdrssel.bin
2013-07-26 02:47:17 920064 ----a-w- c:\windows\system32\wininet.dll
2013-07-26 02:47:13 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-07-26 02:47:12 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2013-07-25 15:52:59 385024 ----a-w- c:\windows\system32\html.iec
2013-07-10 10:37:53 406016 ----a-w- c:\windows\system32\usp10.dll
2013-07-04 03:03:25 2149888 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-07-04 02:08:30 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-06-20 09:00:47 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-06-20 09:00:47 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-06-17 22:25:15 142496 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2013-06-06 06:24:06 25088 ----a-w- c:\windows\system32\drivers\teamviewervpn.sys
2013-06-04 07:23:02 562688 ----a-w- c:\windows\system32\qedit.dll
2013-06-04 01:40:45 1876736 ----a-w- c:\windows\system32\win32k.sys
2013-05-28 01:59:37 590848 ----a-w- c:\windows\system32\rpcrt4.dll
2013-05-28 00:41:07 6144 ----a-w- c:\windows\system32\xpsp4res.dll
2013-05-27 21:59:52 278420 ----a-w- c:\windows\system32\nvdrsdb1.bin
.
============= FINISH: 10:26:42.26 ===============

 



BC AdBot (Login to Remove)

 


#2 kumasan

kumasan
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:21 AM

Posted 22 August 2013 - 01:50 PM

hi everybody,

sorry for my own confusion. I kept on digging and came across a forum. It was suggested to change the encoding in chrome to autodetect, While my chrome showed unicode. Anyway I tried, the result no chinese characters anymore. Allways thought unicode was more or less universal, that would have been the last thing for me to suspect.

Strange was that a new install to my laptop which never had chrome on it came with unicode already in place. Had to change that, too.

Long story, happy ending, problem solved.



#3 oneof4

oneof4

  • Malware Response Team
  • 3,779 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Collective
  • Local time:11:21 PM

Posted 26 August 2013 - 05:37 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

Best Regards,
oneof4.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users