Jump to content

robert_bryan10

Members
 View Profile  See their activity

  • Posts

    10

  • Joined

  • Last visited

 Content Type 

Everything posted by robert_bryan10

  1. robert_bryan10

    Thanks so much sir ;) Godbless ;)

  2. robert_bryan10
    Thanks so much for your help
  3. robert_bryan10
    another thing i want to ask, why'd you chose MSE over other AV?? Ok thanks. i will just uninstall Bitdefender and put ESET in my machine. So regarding my computer issues, is everything fixed? and can I uninstall the combofix and the DDS,src from my machine?
  4. robert_bryan10
    2012-08-07 16:38:18 . 2012-08-07 16:38:18 115,137 ----a-w- C:\Qoobox\Quarantine\C\Users\Se7eN\AppData\Local\Temp\26b4a1dd-e07b-48af-be4e-9642b273284b\CliSecureRT.dll.vir 2012-08-07 16:35:39 . 2012-08-07 16:35:39 230 ----a-w- C:\Qoobox\Quarantine\Registry_backups\Service_Application Updater.reg.dat 2012-08-07 16:20:12 . 2012-08-08 01:28:30 0 ----a-w- C:\Qoobox\Quarantine\catchme.txt 2012-08-07 15:50:45 . 2012-08-07 15:50:45 118 ----a-w- C:\Qoobox\Quarantine\Registry_backups\URLSearchHooks-{F3FEE66E-E034-436a-86E4-9690573BEE8A}.reg.dat 2012-08-07 15:44:16 . 2012-08-08 01:32:39 6,074 ----a-w- C:\Qoobox\Quarantine\Registry_backups\tcpip.reg 2012-08-07 15:38:39 . 2012-08-08 01:28:30 350 ----a-w- C:\Qoobox\Quarantine\catchme.log 2012-08-07 15:30:02 . 2012-08-07 15:30:02 389,083 ----a-w- C:\Qoobox\Quarantine\C\ProgramData\1344353325.bdinstall.bin.vir 2012-08-07 15:28:45 . 2012-08-07 15:28:45 71,156 ----a-w- C:\Qoobox\Quarantine\C\ProgramData\1344353323.bdinstall.bin.vir 2012-07-31 08:33:14 . 2012-07-31 08:33:14 45 ----a-w- C:\Qoobox\Quarantine\C\Program Files\Common Files\Spigot\Search Settings\config.ini.vir 2012-07-31 08:33:14 . 2012-07-31 08:33:14 33 ----a-w- C:\Qoobox\Quarantine\C\Program Files\YTD Toolbar\IE\6.2\config.ini.vir 2012-07-31 08:33:14 . 2012-07-31 08:33:14 85 ----a-w- C:\Qoobox\Quarantine\C\Program Files\Application Updater\config.ini.vir 2012-07-28 11:30:03 . 2012-06-25 18:14:39 160,768 ----a-w- C:\Qoobox\Quarantine\C\Windows\System32\ui\bdidntconp.ui.vir 2012-07-28 10:31:33 . 2012-07-28 10:31:34 1,699 ----a-w- C:\Qoobox\Quarantine\C\ProgramData\1343471187.932.bin.vir 2012-07-28 10:26:46 . 2012-07-28 11:35:36 186,812 ----a-w- C:\Qoobox\Quarantine\C\ProgramData\1343471187.3656.bin.vir 2012-07-28 10:26:46 . 2012-07-28 10:26:49 8,544 ----a-w- C:\Qoobox\Quarantine\C\ProgramData\1343471187.3716.bin.vir 2012-07-28 10:26:46 . 2012-07-28 10:26:48 13,531 ----a-w- C:\Qoobox\Quarantine\C\ProgramData\1343471187.1332.bin.vir 2012-07-28 10:26:46 . 2012-07-28 10:42:56 1,090 ----a-w- C:\Qoobox\Quarantine\C\ProgramData\1343471187.1820.bin.vir 2012-07-28 10:26:46 . 2012-07-28 10:30:01 1,090 ----a-w- C:\Qoobox\Quarantine\C\ProgramData\1343471187.2060.bin.vir 2012-07-28 10:26:46 . 2012-07-28 10:43:22 7,401 ----a-w- C:\Qoobox\Quarantine\C\ProgramData\1343471187.2640.bin.vir 2012-07-28 10:26:46 . 2012-07-28 10:26:47 3,042 ----a-w- C:\Qoobox\Quarantine\C\ProgramData\1343471187.2960.bin.vir 2012-07-28 10:26:31 . 2012-07-28 11:35:36 751,551 ----a-w- C:\Qoobox\Quarantine\C\ProgramData\1343471187.1464.bin.vir 2012-07-28 10:26:29 . 2012-07-28 11:35:36 37,648 ----a-w- C:\Qoobox\Quarantine\C\ProgramData\1343471187.2736.bin.vir 2012-07-28 10:26:27 . 2012-07-28 11:35:39 102,200 ----a-w- C:\Qoobox\Quarantine\C\ProgramData\1343471187.3732.bin.vir 2012-07-26 11:52:06 . 2012-07-26 11:52:06 23,944 ----a-w- C:\Qoobox\Quarantine\C\Program Files\Common Files\Spigot\Search Settings\wth.dll.vir 2012-07-26 11:52:04 . 2012-07-26 11:52:04 1,095,560 ----a-w- C:\Qoobox\Quarantine\C\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe.vir 2012-07-26 11:52:02 . 2012-07-26 11:52:02 1,213,832 ----a-w- C:\Qoobox\Quarantine\C\Program Files\YTD Toolbar\IE\6.2\ytdToolbarIE.dll.vir 2012-07-26 11:51:44 . 2012-07-26 11:51:44 69,000 ----a-w- C:\Qoobox\Quarantine\C\Program Files\YTD Toolbar\WidgiHelper.exe.vir 2012-07-26 11:40:56 . 2012-07-26 11:40:56 794,560 ----a-w- C:\Qoobox\Quarantine\C\Program Files\Application Updater\ApplicationUpdater.exe.vir 2012-07-24 02:54:18 . 2012-07-24 02:54:18 10,107 ----a-w- C:\Qoobox\Quarantine\C\Program Files\YTD Toolbar\Res\widgets.xml.vir 2012-07-23 02:44:56 . 2012-07-23 02:44:56 15,590 ----a-w- C:\Qoobox\Quarantine\C\Program Files\Common Files\Spigot\GC\coupons_2.1.crx.vir 2012-07-20 08:50:18 . 2012-07-20 08:50:18 4,680 ----a-w- C:\Qoobox\Quarantine\C\Program Files\YTD Toolbar\Res\Lang\res1031.ini.vir 2012-07-20 08:50:18 . 2012-07-20 08:50:18 4,432 ----a-w- C:\Qoobox\Quarantine\C\Program Files\YTD Toolbar\Res\Lang\res1033.ini.vir 2012-07-20 08:50:18 . 2012-07-20 08:50:18 4,967 ----a-w- C:\Qoobox\Quarantine\C\Program Files\YTD Toolbar\Res\Lang\res1034.ini.vir 2012-07-20 08:50:18 . 2012-07-20 08:50:18 4,916 ----a-w- C:\Qoobox\Quarantine\C\Program Files\YTD Toolbar\Res\Lang\res1036.ini.vir 2012-07-20 08:50:18 . 2012-07-20 08:50:18 4,931 ----a-w- C:\Qoobox\Quarantine\C\Program Files\YTD Toolbar\Res\Lang\res1040.ini.vir 2012-07-17 11:26:15 . 2012-08-03 22:51:09 38,715 ----a-w- C:\Qoobox\Quarantine\C\Windows\System32\DEBUG.log.vir 2012-07-11 10:53:08 . 2012-07-11 10:53:08 976 ----a-w- C:\Qoobox\Quarantine\C\Program Files\YTD Toolbar\Res\amazon.gif.vir 2012-07-11 10:53:08 . 2012-07-11 10:53:08 953 ----a-w- C:\Qoobox\Quarantine\C\Program Files\YTD Toolbar\Res\dailymotion.gif.vir 2012-07-11 10:53:08 . 2012-07-11 10:53:08 920 ----a-w- C:\Qoobox\Quarantine\C\Program Files\YTD Toolbar\Res\ebay.gif.vir 2012-07-11 10:53:08 . 2012-07-11 10:53:08 100 ----a-w- C:\Qoobox\Quarantine\C\Program Files\YTD Toolbar\Res\facebook.gif.vir 2012-07-11 10:53:08 . 2012-07-11 10:53:08 1,085 ----a-w- C:\Qoobox\Quarantine\C\Program Files\YTD Toolbar\Res\googleplus.gif.vir 2012-07-11 10:53:08 . 2012-07-11 10:53:08 945 ----a-w- C:\Qoobox\Quarantine\C\Program Files\YTD Toolbar\Res\hulu.gif.vir 2012-07-11 10:53:08 . 2012-07-11 10:53:08 899 ----a-w- C:\Qoobox\Quarantine\C\Program Files\YTD Toolbar\Res\metacafe.gif.vir 2012-07-11 10:53:08 . 2012-07-11 10:53:08 1,027 ----a-w- C:\Qoobox\Quarantine\C\Program Files\YTD Toolbar\Res\radiobeta.gif.vir 2012-07-11 10:53:08 . 2012-07-11 10:53:08 1,004 ----a-w- C:\Qoobox\Quarantine\C\Program Files\YTD Toolbar\Res\search_amazon.gif.vir 2012-07-11 10:53:08 . 2012-07-11 10:53:08 614 ----a-w- C:\Qoobox\Quarantine\C\Program Files\YTD Toolbar\Res\search_baidu.gif.vir 2012-07-11 10:53:08 . 2012-07-11 10:53:08 929 ----a-w- C:\Qoobox\Quarantine\C\Program Files\YTD Toolbar\Res\search_ebay.gif.vir 2012-07-11 10:53:08 . 2012-07-11 10:53:08 941 ----a-w- C:\Qoobox\Quarantine\C\Program Files\YTD Toolbar\Res\search_yahoo.gif.vir 2012-07-11 10:53:08 . 2012-07-11 10:53:08 327 ----a-w- C:\Qoobox\Quarantine\C\Program Files\YTD Toolbar\Res\search_yandex.gif.vir 2012-07-11 10:53:08 . 2012-07-11 10:53:08 996 ----a-w- C:\Qoobox\Quarantine\C\Program Files\YTD Toolbar\Res\search_youtube.gif.vir 2012-07-11 10:53:08 . 2012-07-11 10:53:08 166 ----a-w- C:\Qoobox\Quarantine\C\Program Files\YTD Toolbar\Res\twitter.gif.vir 2012-07-11 10:53:08 . 2012-07-11 10:53:08 1,009 ----a-w- C:\Qoobox\Quarantine\C\Program Files\YTD Toolbar\Res\veoh.gif.vir 2012-07-11 10:53:08 . 2012-07-11 10:53:08 963 ----a-w- C:\Qoobox\Quarantine\C\Program Files\YTD Toolbar\Res\youtube.gif.vir 2012-07-11 10:53:08 . 2012-07-11 10:53:08 353 ----a-w- C:\Qoobox\Quarantine\C\Program Files\YTD Toolbar\Res\ytd.gif.vir 2012-07-11 10:53:08 . 2012-07-11 10:53:08 1,306 ----a-w- C:\Qoobox\Quarantine\C\Program Files\YTD Toolbar\Res\ytd_logo.gif.vir 2012-07-11 10:53:08 . 2012-07-11 10:53:08 2,358 ----a-w- C:\Qoobox\Quarantine\C\Program Files\YTD Toolbar\Res\ytd_logo_hover.gif.vir 2012-06-27 09:31:00 . 2012-06-27 09:31:00 14,201 ----a-w- C:\Qoobox\Quarantine\C\Program Files\Common Files\Spigot\GC\ErrorAssistant_1.0.crx.vir 2012-06-06 09:34:12 . 2012-06-06 09:34:12 1,105 ----a-w- C:\Qoobox\Quarantine\C\Program Files\Common Files\Spigot\Search Settings\Lang\res1031.ini.vir 2012-06-06 09:34:12 . 2012-06-06 09:34:12 1,028 ----a-w- C:\Qoobox\Quarantine\C\Program Files\Common Files\Spigot\Search Settings\Lang\res1033.ini.vir 2012-06-06 09:34:12 . 2012-06-06 09:34:12 1,156 ----a-w- C:\Qoobox\Quarantine\C\Program Files\Common Files\Spigot\Search Settings\Lang\res1034.ini.vir 2012-06-06 09:34:12 . 2012-06-06 09:34:12 1,119 ----a-w- C:\Qoobox\Quarantine\C\Program Files\Common Files\Spigot\Search Settings\Lang\res1036.ini.vir 2012-06-06 09:34:12 . 2012-06-06 09:34:12 1,170 ----a-w- C:\Qoobox\Quarantine\C\Program Files\Common Files\Spigot\Search Settings\Lang\res1040.ini.vir 2011-11-06 01:59:13 . 2011-11-06 01:59:13 864,146 ----a-w- C:\Qoobox\Quarantine\C\ProgramData\1320541090.bdinstall.bin.vir 2011-11-05 13:33:27 . 2011-11-05 13:33:27 1,378,974 ----a-w- C:\Qoobox\Quarantine\C\ProgramData\1320493382.bdinstall.bin.vir 2011-10-31 03:22:40 . 2011-10-31 03:22:40 172,032 ----a-w- C:\Qoobox\Quarantine\C\Windows\System32\muzapp.exe.vir 2011-10-27 08:42:04 . 2011-10-27 08:42:04 258 ----a-w- C:\Qoobox\Quarantine\C\Program Files\YTD Toolbar\Res\radio-close.gif.vir 2011-10-27 08:42:04 . 2011-10-27 08:42:04 237 ----a-w- C:\Qoobox\Quarantine\C\Program Files\YTD Toolbar\Res\radio-minimize.gif.vir 2011-10-02 01:38:54 . 2011-10-02 01:38:54 303 ----a-w- C:\Qoobox\Quarantine\C\Windows\ST6UNST.000.vir 2011-09-26 12:40:18 . 2011-09-26 12:40:18 1,837 ----a-w- C:\Qoobox\Quarantine\C\Program Files\Common Files\Spigot\Search Settings\yandex_ff.xml.vir 2011-09-26 09:48:52 . 2011-09-26 09:48:52 3,958 ----a-w- C:\Qoobox\Quarantine\C\Program Files\Common Files\Spigot\Search Settings\baidu_ff.xml.vir 2011-09-23 10:02:32 . 2012-07-31 08:33:14 470 ----a-w- C:\Qoobox\Quarantine\C\Program Files\Common Files\Spigot\Search Settings\yahoo_ie.xml.vir 2011-09-23 04:15:30 . 2011-09-23 04:15:30 416 ----a-w- C:\Qoobox\Quarantine\C\Program Files\Common Files\Spigot\Search Settings\baidu_ie.xml.vir 2011-09-23 04:15:30 . 2011-09-23 04:15:30 494 ----a-w- C:\Qoobox\Quarantine\C\Program Files\Common Files\Spigot\Search Settings\yandex_ie.xml.vir 2010-09-23 10:55:40 . 2012-07-31 08:33:14 888 ----a-w- C:\Qoobox\Quarantine\C\Program Files\Common Files\Spigot\Search Settings\yahoo_ff.xml.vir 2009-06-10 12:15:14 . 2009-06-10 12:15:14 941 ----a-w- C:\Qoobox\Quarantine\C\Program Files\YTD Toolbar\Res\icon_settings.gif.vir 2008-12-30 04:22:36 . 2008-12-30 04:22:36 1,029 ----a-w- C:\Qoobox\Quarantine\C\Program Files\YTD Toolbar\Res\search-button-hover.gif.vir 2008-12-30 04:22:36 . 2008-12-30 04:22:36 1,037 ----a-w- C:\Qoobox\Quarantine\C\Program Files\YTD Toolbar\Res\search-button.gif.vir 2008-12-30 04:22:36 . 2008-12-30 04:22:36 948 ----a-w- C:\Qoobox\Quarantine\C\Program Files\YTD Toolbar\Res\search-chevron-hover.gif.vir 2008-12-30 04:22:36 . 2008-12-30 04:22:36 846 ----a-w- C:\Qoobox\Quarantine\C\Program Files\YTD Toolbar\Res\search-chevron.gif.vir Thanks for your suggestion but do you think ESET Smart Security 5 would be a great substitute?? coz MY sister bought a cd of this antivirus for her laptop which is good for 3 pc's.
  5. robert_bryan10
    Malwarebytes Anti-Malware (PRO) 1.62.0.1300 www.malwarebytes.org Database version: v2012.08.08.05 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 Se7eN :: GAVINOFAMILY [administrator] Protection: Enabled 8/8/2012 8:19:32 PM mbam-log-2012-08-08 (20-19-32).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 198751 Time elapsed: 37 minute(s), 20 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) Thanks sir. As of now eveything's fine with my computer except that after fixing the problems with comboFix, my antivirus (Bitdefender Total Security 2013) lost its other tabs and features in its interface. (screenshot attached below) what fix should i do with this?? any suggestion coz i might want to change my AV coz its already irritating me, I want a suggestion from you as an expert on what AV i should put on to my PC. thanks
  6. robert_bryan10
    ComboFix 12-08-07.02 - Se7eN 08/08/2012 9:28.5.2 - x86 MINIMAL Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.2013.1213 [GMT 8:00] Running from: c:\users\Se7eN\Desktop\ComboFix.exe Command switches used :: c:\users\Se7eN\Desktop\CFScript.txt AV: Bitdefender Antivirus *Disabled/Outdated* {98CD50CE-5097-4098-9669-6C401FB3969C} FW: Bitdefender Firewall *Disabled* {A0F6D1EB-1AF8-41C0-BD36-C575E160D1E7} SP: Bitdefender Antispyware *Disabled/Updated* {23ACB12A-76AD-4F16-ACD9-57326434DC21} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point . . ((((((((((((((((((((((((( Files Created from 2012-07-08 to 2012-08-08 ))))))))))))))))))))))))))))))) . . 2012-08-08 01:33 . 2012-08-08 01:33 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-08-07 16:36 . 2012-08-08 01:33 -------- d-----w- c:\users\Se7eN\AppData\Local\temp 2012-08-07 15:29 . 2012-08-07 15:31 -------- d-----w- c:\users\Se7eN\AppData\Roaming\Bitdefender 2012-08-07 15:29 . 2012-08-07 15:30 -------- d-----w- c:\programdata\Bitdefender 2012-08-07 15:29 . 2012-04-24 07:28 340624 ----a-w- c:\windows\system32\drivers\trufos.sys 2012-08-07 15:29 . 2012-04-11 09:03 154464 ----a-w- c:\windows\system32\drivers\gzflt.sys 2012-08-07 12:22 . 2012-08-07 12:22 -------- d-----w- c:\users\Se7eN\AppData\Roaming\HPAppData 2012-08-07 01:55 . 2012-08-07 01:55 -------- d-----w- c:\program files\Oracle 2012-08-07 01:54 . 2012-08-07 01:54 -------- d-----w- c:\program files\Common Files\Java 2012-08-07 01:52 . 2012-08-07 01:53 -------- d-----w- c:\program files\Java 2012-08-05 13:14 . 2012-08-05 13:14 -------- d-----w- c:\users\Se7eN\AppData\Local\Macromedia 2012-08-05 03:00 . 2012-08-05 03:00 4283672 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll 2012-08-05 02:58 . 2012-08-05 02:58 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll 2012-08-05 02:57 . 2012-08-05 02:57 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2012-08-05 02:57 . 2012-08-05 02:57 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll 2012-08-03 07:11 . 2012-08-03 07:11 -------- d-----w- c:\program files\Common Files\Skype 2012-08-03 06:57 . 2012-05-04 11:29 772504 ----a-w- c:\windows\system32\npDeployJava1.dll 2012-08-03 06:23 . 2012-05-01 04:44 164352 ----a-w- c:\windows\system32\profsvc.dll 2012-08-03 06:23 . 2012-04-07 11:26 2342400 ----a-w- c:\windows\system32\msi.dll 2012-08-01 12:57 . 2012-08-01 12:57 -------- d-----w- c:\users\Se7eN\AppData\Local\bryangavino 2012-07-30 12:30 . 2012-07-30 12:30 -------- d-----w- c:\users\Se7eN\AppData\Roaming\Maxthon3 2012-07-30 12:30 . 2012-07-30 12:30 -------- d-----w- c:\program files\Maxthon3 2012-07-28 11:42 . 2012-07-28 11:42 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-07-28 11:42 . 2012-07-03 05:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-07-28 11:33 . 2012-07-28 12:10 -------- d-----w- c:\programdata\BDLogging 2012-07-28 11:31 . 2012-04-17 06:40 72704 ----a-w- c:\windows\system32\drivers\bdvedisk.sys 2012-07-28 11:30 . 2011-11-17 09:38 63056 ----a-w- c:\windows\system32\drivers\bdsandbox.sys 2012-07-28 11:30 . 2011-11-14 12:16 74832 ----a-w- c:\windows\system32\drivers\BdfNdisf6.sys 2012-07-28 11:30 . 2009-07-14 06:27 1461992 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll 2012-07-28 11:30 . 2007-04-11 03:11 511328 ----a-w- c:\windows\capicom.dll 2012-07-28 11:29 . 2012-03-20 12:22 611520 ----a-w- c:\windows\system32\drivers\avc3.sys 2012-07-28 11:29 . 2012-02-17 08:45 447208 ----a-w- c:\windows\system32\drivers\avckf.sys 2012-07-28 11:29 . 2011-11-25 06:59 240184 ----a-w- c:\windows\system32\drivers\avchv.sys 2012-07-28 10:26 . 2012-07-28 10:42 -------- d-----w- c:\program files\Bitdefender 2012-07-28 07:30 . 2012-07-28 07:30 -------- d-----w- c:\users\Se7eN\AppData\Roaming\Malwarebytes 2012-07-28 07:30 . 2012-07-28 07:30 -------- d-----w- c:\programdata\Malwarebytes 2012-07-28 02:20 . 2012-07-28 02:20 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A38DBE21-7AFF-4FEE-9A1D-5D3BE1767696}\offreg.dll 2012-07-22 12:21 . 2012-07-22 12:21 -------- d-----w- c:\program files\Winamp Detect 2012-07-20 23:20 . 2012-06-29 08:44 6891424 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A38DBE21-7AFF-4FEE-9A1D-5D3BE1767696}\mpengine.dll 2012-07-17 11:22 . 2012-08-03 23:32 -------- d-----w- c:\users\Se7eN\AppData\Local\Facebook 2012-07-16 12:15 . 2009-11-18 17:33 79256 ----a-w- c:\windows\system32\npOGPPlugin.dll 2012-07-16 12:15 . 2009-11-18 17:33 271768 ----a-w- c:\windows\system32\OGPIEPlugin.ocx 2012-07-16 12:14 . 2012-07-16 12:49 -------- d-----w- c:\program files\OGPlanet 2012-07-11 14:41 . 2012-06-12 02:40 2345984 ----a-w- c:\windows\system32\win32k.sys 2012-07-11 13:45 . 2012-04-24 04:36 140288 ----a-w- c:\windows\system32\cryptsvc.dll 2012-07-11 13:45 . 2012-04-24 04:36 1158656 ----a-w- c:\windows\system32\crypt32.dll 2012-07-11 13:45 . 2012-04-24 04:36 103936 ----a-w- c:\windows\system32\cryptnet.dll 2012-07-11 13:23 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe 2012-07-11 13:23 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll 2012-07-11 13:23 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll 2012-07-11 13:23 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll 2012-07-11 13:23 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll 2012-07-11 13:23 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll 2012-07-11 13:23 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll 2012-07-11 13:23 . 2012-06-02 07:19 171904 ----a-w- c:\windows\system32\wuwebv.dll 2012-07-11 13:23 . 2012-06-02 07:12 33792 ----a-w- c:\windows\system32\wuapp.exe 2012-07-09 07:11 . 2012-07-09 07:11 -------- d-----w- c:\program files\Vibrant Games . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-08-05 13:03 . 2012-04-11 08:08 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-08-05 13:03 . 2011-09-07 14:08 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-07-02 11:06 . 2012-06-30 10:43 138184 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2012-07-02 11:05 . 2012-06-30 10:43 183112 ----a-w- c:\windows\system32\PnkBstrB.exe 2012-06-30 10:42 . 2012-06-30 10:42 66872 ----a-w- c:\windows\system32\PnkBstrA.exe 2012-05-31 04:25 . 2011-11-06 08:45 237072 ------w- c:\windows\system32\MpSigStub.exe 2012-05-29 07:38 . 2012-03-28 14:11 330240 ----a-w- c:\windows\MASetupCaller.dll 2012-05-24 21:18 . 2012-05-24 21:18 4472832 ----a-w- c:\windows\system32\GPhotos.scr 2012-05-21 02:09 . 2012-06-04 10:43 181432 ----a-w- c:\windows\system32\drivers\ssudobex.sys 2012-05-21 02:09 . 2012-06-04 10:43 80824 ----a-w- c:\windows\system32\drivers\ssudbus.sys 2012-05-21 02:09 . 2012-06-04 10:43 181432 ----a-w- c:\windows\system32\drivers\ssudmdm.sys . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}"= "c:\program files\Yahoo!\Companion\Installs\cpn2\yt.dll" [2012-03-21 1523512] . [HKEY_CLASSES_ROOT\clsid\{81017ea9-9aa8-4a6a-9734-7af40e7d593f}] [HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin.1] [HKEY_CLASSES_ROOT\TypeLib\{003028C2-EA1C-4676-A316-B5CB50917002}] [HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension] @="{CDC95B92-E27C-4745-A8C5-64A52A78855D}" [HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}] 2012-02-08 00:49 22376 ----a-w- c:\program files\Internet Download Manager\IDMShellExt.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox1] @="{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}" [HKEY_CLASSES_ROOT\CLSID\{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}] 2012-07-28 12:04 240920 ------w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox2] @="{342DAA0B-D796-460D-8566-901E08A1CCAD}" [HKEY_CLASSES_ROOT\CLSID\{342DAA0B-D796-460D-8566-901E08A1CCAD}] 2012-07-28 12:04 240920 ------w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox3] @="{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}" [HKEY_CLASSES_ROOT\CLSID\{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}] 2012-07-28 12:04 240920 ------w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox4] @="{33816773-98AE-4723-ADE0-EBE54C8B5A67}" [HKEY_CLASSES_ROOT\CLSID\{33816773-98AE-4723-ADE0-EBE54C8B5A67}] 2012-07-28 12:04 240920 ------w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Messenger (Yahoo!)"="c:\progra~1\Yahoo!\MESSEN~1\YahooMessenger.exe" [2012-05-24 6595928] "KiesPDLR"="c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-06-08 21432] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-01-22 91520] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2011-05-09 49208] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-10-13 138008] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-10-13 171288] "Persistence"="c:\windows\system32\igfxpers.exe" [2011-10-13 172824] "NBAgent"="c:\program files\Nero\Nero 11\Nero BackItUp\NBAgent.exe" [2012-01-13 1493288] "KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2012-06-08 3521464] "WinampAgent"="c:\program files\Winamp\winampa.exe" [2012-06-20 74752] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296] "Bdagent"="c:\program files\Bitdefender\Bitdefender 2013\bdagent.exe" [2012-08-07 1578872] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2011-9-6 113664] HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) "EnableLinkedConnections"= 1 (0x1) . R0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys [x] R0 gzflt;gzflt;c:\windows\system32\DRIVERS\gzflt.sys [x] R1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [x] R1 bdfwfpf;bdfwfpf;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [x] R1 BDVEDISK;BDVEDISK;c:\windows\system32\DRIVERS\bdvedisk.sys [x] R1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [x] R2 BdDesktopParental;Bitdefender Desktop Parental Control;c:\program files\Bitdefender\Bitdefender 2013\bdparentalservice.exe [x] R2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [x] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x] R2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [x] R2 SafeBox;SafeBox;c:\program files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [x] R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x] R2 UPDATESRV;Bitdefender Desktop Update Service;c:\program files\Bitdefender\Bitdefender 2013\updatesrv.exe [x] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x] R3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys [x] R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [x] R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x] R3 dump_wmimmc;dump_wmimmc; [x] R3 GGSAFERDriver;GGSAFER Driver;c:\program files\Garena Classic\safedrv.sys [x] R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [x] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [x] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x] R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [x] R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x] R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSGB6.sys [x] R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [x] R3 ssudobex;SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudobex.sys [x] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files\IObit\Game Booster 3\Driver\WinRing0.sys [x] S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys [x] S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys [x] S3 avchv;avchv Function Driver;c:\windows\system32\DRIVERS\avchv.sys [x] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Contents of the 'Scheduled Tasks' folder . 2012-08-07 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-11 13:03] . 2012-08-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3213346702-3299965334-3253153119-1000Core.job - c:\users\Se7eN\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-13 11:26] . 2012-08-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3213346702-3299965334-3253153119-1000UA.job - c:\users\Se7eN\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-13 11:26] . 2012-08-07 c:\windows\Tasks\HP Photo Creations Communicator.job - c:\programdata\HP Photo Creations\MessageCheck.exe [2012-04-03 06:32] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ uDefault_Search_URL = hxxp://www.google.com/ie uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Download all links with IDM - c:\program files\Internet Download Manager\IEGetAll.htm IE: Download with IDM - c:\program files\Internet Download Manager\IEExt.htm IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105 LSP: c:\program files\Bitdefender\Bitdefender 2013\BdProvider.dll TCP: DhcpNameServer = 121.1.3.81 121.1.3.16 121.1.3.66 . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-3213346702-3299965334-3253153119-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice] @Denied: (2) (S-1-5-21-3213346702-3299965334-3253153119-1000) @Denied: (2) (LocalSystem) "Progid"="IE.AssocFile.HTM" . [HKEY_USERS\S-1-5-21-3213346702-3299965334-3253153119-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice] @Denied: (2) (S-1-5-21-3213346702-3299965334-3253153119-1000) @Denied: (2) (LocalSystem) "Progid"="IE.AssocFile.HTM" . [HKEY_USERS\S-1-5-21-3213346702-3299965334-3253153119-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice] @Denied: (2) (LocalSystem) @Denied: (2) (S-1-5-21-3213346702-3299965334-3253153119-1000) "Progid"="SafariHTML" . [HKEY_USERS\S-1-5-21-3213346702-3299965334-3253153119-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.svg\UserChoice] @Denied: (2) (LocalSystem) "Progid"="SafariHTML" . [HKEY_USERS\S-1-5-21-3213346702-3299965334-3253153119-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice] @Denied: (2) (S-1-5-21-3213346702-3299965334-3253153119-1000) @Denied: (2) (LocalSystem) "Progid"="Opera.HTML" . [HKEY_USERS\S-1-5-21-3213346702-3299965334-3253153119-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice] @Denied: (2) (S-1-5-21-3213346702-3299965334-3253153119-1000) @Denied: (2) (LocalSystem) "Progid"="Opera.HTML" . [HKEY_USERS\S-1-5-21-3213346702-3299965334-3253153119-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="SafariHTML" . [HKEY_USERS\S-1-5-21-3213346702-3299965334-3253153119-1000_Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}] @Denied: (Full) (Everyone) "scansk"=hex(0):48,f8,76,41,56,88,71,1f,bb,b7,65,33,5a,b1,eb,9a,00,2d,1c,09,c3, 55,24,a8,8c,ee,b3,44,0c,bd,31,fb,4d,52,07,03,e0,10,0b,0c,00,00,00,00,00,00,\ . [HKEY_USERS\S-1-5-21-3213346702-3299965334-3253153119-1000_Classes\CLSID\{c28f7db6-d259-4b6f-a002-871210405f9c}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "Model"=dword:000000c5 "Therad"=dword:00000002 "MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a, 1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\ . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2012-08-08 09:35:00 ComboFix-quarantined-files.txt 2012-08-08 01:35 ComboFix2.txt 2012-08-07 15:52 . Pre-Run: 264,169,832,448 bytes free Post-Run: 263,536,676,864 bytes free . - - End Of File - - 61F6F60A9A7DA7E818F96901BAA3B284 here's the log
  7. robert_bryan10
    i did what you've said but it froze on stage 2 and i repeated the steps again but this time after reboot it froze again, i did it the last time and it asked me for an update and after stage 50 it froze again i waited for 40 min but it didn't progressed. what should I do??
  8. robert_bryan10
    Ok i've followed all the steps and here is the log from combofix.txt ComboFix 12-08-07.02 - Se7eN 08/07/2012 23:40:55.1.2 - x86 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.2013.948 [GMT 8:00] Running from: c:\users\Se7eN\Desktop\ComboFix.exe AV: Bitdefender Antivirus *Disabled/Outdated* {98CD50CE-5097-4098-9669-6C401FB3969C} FW: Bitdefender Firewall *Enabled* {A0F6D1EB-1AF8-41C0-BD36-C575E160D1E7} SP: Bitdefender Antispyware *Disabled/Outdated* {23ACB12A-76AD-4F16-ACD9-57326434DC21} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\1320493382.bdinstall.bin c:\programdata\1320541090.bdinstall.bin c:\programdata\1343471187.1332.bin c:\programdata\1343471187.1464.bin c:\programdata\1343471187.1820.bin c:\programdata\1343471187.2060.bin c:\programdata\1343471187.2640.bin c:\programdata\1343471187.2736.bin c:\programdata\1343471187.2960.bin c:\programdata\1343471187.3656.bin c:\programdata\1343471187.3716.bin c:\programdata\1343471187.3732.bin c:\programdata\1343471187.932.bin c:\programdata\1344353323.bdinstall.bin c:\programdata\1344353325.bdinstall.bin c:\users\Se7eN\AppData\Local\Temp\26b4a1dd-e07b-48af-be4e-9642b273284b\CliSecureRT.dll c:\windows\ST6UNST.000 c:\windows\system32\DEBUG.log c:\windows\system32\muzapp.exe c:\windows\system32\ui c:\windows\system32\ui\bdidntconp.ui . . ((((((((((((((((((((((((( Files Created from 2012-07-07 to 2012-08-07 ))))))))))))))))))))))))))))))) . . 2012-08-07 15:46 . 2012-08-07 15:46 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-08-07 15:29 . 2012-08-07 15:31 -------- d-----w- c:\users\Se7eN\AppData\Roaming\Bitdefender 2012-08-07 15:29 . 2012-08-07 15:30 -------- d-----w- c:\programdata\Bitdefender 2012-08-07 15:29 . 2012-04-24 07:28 340624 ----a-w- c:\windows\system32\drivers\trufos.sys 2012-08-07 15:29 . 2012-04-11 09:03 154464 ----a-w- c:\windows\system32\drivers\gzflt.sys 2012-08-07 12:22 . 2012-08-07 12:22 -------- d-----w- c:\users\Se7eN\AppData\Roaming\HPAppData 2012-08-07 01:55 . 2012-08-07 01:55 -------- d-----w- c:\program files\Oracle 2012-08-07 01:54 . 2012-08-07 01:54 -------- d-----w- c:\program files\Common Files\Java 2012-08-07 01:52 . 2012-08-07 01:53 -------- d-----w- c:\program files\Java 2012-08-05 13:14 . 2012-08-05 13:14 -------- d-----w- c:\users\Se7eN\AppData\Local\Macromedia 2012-08-05 03:00 . 2012-08-05 03:00 4283672 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll 2012-08-05 02:58 . 2012-08-05 02:58 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll 2012-08-05 02:57 . 2012-08-05 02:57 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2012-08-05 02:57 . 2012-08-05 02:57 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll 2012-08-03 07:11 . 2012-08-03 07:11 -------- d-----w- c:\program files\Common Files\Skype 2012-08-03 06:57 . 2012-05-04 11:29 772504 ----a-w- c:\windows\system32\npDeployJava1.dll 2012-08-03 06:23 . 2012-05-01 04:44 164352 ----a-w- c:\windows\system32\profsvc.dll 2012-08-03 06:23 . 2012-04-07 11:26 2342400 ----a-w- c:\windows\system32\msi.dll 2012-08-01 12:57 . 2012-08-01 12:57 -------- d-----w- c:\users\Se7eN\AppData\Local\bryangavino 2012-07-31 08:33 . 2012-07-31 08:33 -------- d-----w- c:\program files\YTD Toolbar 2012-07-31 08:33 . 2012-07-31 08:33 -------- d-----w- c:\program files\Common Files\Spigot 2012-07-31 08:33 . 2012-07-31 08:33 -------- d-----w- c:\program files\Application Updater 2012-07-30 12:30 . 2012-07-30 12:30 -------- d-----w- c:\users\Se7eN\AppData\Roaming\Maxthon3 2012-07-30 12:30 . 2012-07-30 12:30 -------- d-----w- c:\program files\Maxthon3 2012-07-28 11:42 . 2012-07-28 11:42 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-07-28 11:42 . 2012-07-03 05:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-07-28 11:33 . 2012-07-28 12:10 -------- d-----w- c:\programdata\BDLogging 2012-07-28 11:31 . 2012-04-17 06:40 72704 ----a-w- c:\windows\system32\drivers\bdvedisk.sys 2012-07-28 11:30 . 2011-11-17 09:38 63056 ----a-w- c:\windows\system32\drivers\bdsandbox.sys 2012-07-28 11:30 . 2011-11-14 12:16 74832 ----a-w- c:\windows\system32\drivers\BdfNdisf6.sys 2012-07-28 11:30 . 2009-07-14 06:27 1461992 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll 2012-07-28 11:30 . 2007-04-11 03:11 511328 ----a-w- c:\windows\capicom.dll 2012-07-28 11:29 . 2012-03-20 12:22 611520 ----a-w- c:\windows\system32\drivers\avc3.sys 2012-07-28 11:29 . 2012-02-17 08:45 447208 ----a-w- c:\windows\system32\drivers\avckf.sys 2012-07-28 11:29 . 2011-11-25 06:59 240184 ----a-w- c:\windows\system32\drivers\avchv.sys 2012-07-28 10:26 . 2012-07-28 10:42 -------- d-----w- c:\program files\Bitdefender 2012-07-28 07:30 . 2012-07-28 07:30 -------- d-----w- c:\users\Se7eN\AppData\Roaming\Malwarebytes 2012-07-28 07:30 . 2012-07-28 07:30 -------- d-----w- c:\programdata\Malwarebytes 2012-07-28 02:20 . 2012-07-28 02:20 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A38DBE21-7AFF-4FEE-9A1D-5D3BE1767696}\offreg.dll 2012-07-22 12:21 . 2012-07-22 12:21 -------- d-----w- c:\program files\Winamp Detect 2012-07-20 23:20 . 2012-06-29 08:44 6891424 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A38DBE21-7AFF-4FEE-9A1D-5D3BE1767696}\mpengine.dll 2012-07-17 11:22 . 2012-08-03 23:32 -------- d-----w- c:\users\Se7eN\AppData\Local\Facebook 2012-07-16 12:15 . 2009-11-18 17:33 79256 ----a-w- c:\windows\system32\npOGPPlugin.dll 2012-07-16 12:15 . 2009-11-18 17:33 271768 ----a-w- c:\windows\system32\OGPIEPlugin.ocx 2012-07-16 12:14 . 2012-07-16 12:49 -------- d-----w- c:\program files\OGPlanet 2012-07-11 14:41 . 2012-06-12 02:40 2345984 ----a-w- c:\windows\system32\win32k.sys 2012-07-11 13:45 . 2012-04-24 04:36 140288 ----a-w- c:\windows\system32\cryptsvc.dll 2012-07-11 13:45 . 2012-04-24 04:36 1158656 ----a-w- c:\windows\system32\crypt32.dll 2012-07-11 13:45 . 2012-04-24 04:36 103936 ----a-w- c:\windows\system32\cryptnet.dll 2012-07-11 13:23 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe 2012-07-11 13:23 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll 2012-07-11 13:23 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll 2012-07-11 13:23 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll 2012-07-11 13:23 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll 2012-07-11 13:23 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll 2012-07-11 13:23 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll 2012-07-11 13:23 . 2012-06-02 07:19 171904 ----a-w- c:\windows\system32\wuwebv.dll 2012-07-11 13:23 . 2012-06-02 07:12 33792 ----a-w- c:\windows\system32\wuapp.exe 2012-07-09 07:11 . 2012-07-09 07:11 -------- d-----w- c:\program files\Vibrant Games . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-08-05 13:03 . 2012-04-11 08:08 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-08-05 13:03 . 2011-09-07 14:08 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-07-02 11:06 . 2012-06-30 10:43 138184 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2012-07-02 11:05 . 2012-06-30 10:43 183112 ----a-w- c:\windows\system32\PnkBstrB.exe 2012-06-30 10:42 . 2012-06-30 10:42 66872 ----a-w- c:\windows\system32\PnkBstrA.exe 2012-05-31 04:25 . 2011-11-06 08:45 237072 ------w- c:\windows\system32\MpSigStub.exe 2012-05-29 07:38 . 2012-03-28 14:11 330240 ----a-w- c:\windows\MASetupCaller.dll 2012-05-24 21:18 . 2012-05-24 21:18 4472832 ----a-w- c:\windows\system32\GPhotos.scr 2012-05-21 02:09 . 2012-06-04 10:43 181432 ----a-w- c:\windows\system32\drivers\ssudobex.sys 2012-05-21 02:09 . 2012-06-04 10:43 80824 ----a-w- c:\windows\system32\drivers\ssudbus.sys 2012-05-21 02:09 . 2012-06-04 10:43 181432 ----a-w- c:\windows\system32\drivers\ssudmdm.sys . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}"= "c:\program files\Yahoo!\Companion\Installs\cpn2\yt.dll" [2012-03-21 1523512] . [HKEY_CLASSES_ROOT\clsid\{81017ea9-9aa8-4a6a-9734-7af40e7d593f}] [HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin.1] [HKEY_CLASSES_ROOT\TypeLib\{003028C2-EA1C-4676-A316-B5CB50917002}] [HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension] @="{CDC95B92-E27C-4745-A8C5-64A52A78855D}" [HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}] 2012-02-08 00:49 22376 ----a-w- c:\program files\Internet Download Manager\IDMShellExt.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox1] @="{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}" [HKEY_CLASSES_ROOT\CLSID\{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}] 2012-07-28 12:04 240920 ------w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox2] @="{342DAA0B-D796-460D-8566-901E08A1CCAD}" [HKEY_CLASSES_ROOT\CLSID\{342DAA0B-D796-460D-8566-901E08A1CCAD}] 2012-07-28 12:04 240920 ------w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox3] @="{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}" [HKEY_CLASSES_ROOT\CLSID\{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}] 2012-07-28 12:04 240920 ------w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox4] @="{33816773-98AE-4723-ADE0-EBE54C8B5A67}" [HKEY_CLASSES_ROOT\CLSID\{33816773-98AE-4723-ADE0-EBE54C8B5A67}] 2012-07-28 12:04 240920 ------w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Messenger (Yahoo!)"="c:\progra~1\Yahoo!\MESSEN~1\YahooMessenger.exe" [2012-05-24 6595928] "KiesPDLR"="c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-06-08 21432] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-01-22 91520] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2011-05-09 49208] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-10-13 138008] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-10-13 171288] "Persistence"="c:\windows\system32\igfxpers.exe" [2011-10-13 172824] "NBAgent"="c:\program files\Nero\Nero 11\Nero BackItUp\NBAgent.exe" [2012-01-13 1493288] "KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2012-06-08 3521464] "WinampAgent"="c:\program files\Winamp\winampa.exe" [2012-06-20 74752] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920] "SearchSettings"="c:\program files\Common Files\Spigot\Search Settings\SearchSettings.exe" [2012-07-26 1095560] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296] "Bdagent"="c:\program files\Bitdefender\Bitdefender 2013\bdagent.exe" [2012-06-25 1506784] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2011-9-6 113664] HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) "EnableLinkedConnections"= 1 (0x1) HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher . R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x] R3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys [x] R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [x] R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x] R3 dump_wmimmc;dump_wmimmc; [x] R3 GGSAFERDriver;GGSAFER Driver;c:\program files\Garena Classic\safedrv.sys [x] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [x] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x] R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [x] R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSGB6.sys [x] R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [x] R3 ssudobex;SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudobex.sys [x] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files\IObit\Game Booster 3\Driver\WinRing0.sys [x] S0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys [x] S0 gzflt;gzflt;c:\windows\system32\DRIVERS\gzflt.sys [x] S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys [x] S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys [x] S1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [x] S1 bdfwfpf;bdfwfpf;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [x] S1 BDVEDISK;BDVEDISK;c:\windows\system32\DRIVERS\bdvedisk.sys [x] S1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [x] S2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [x] S2 BdDesktopParental;Bitdefender Desktop Parental Control;c:\program files\Bitdefender\Bitdefender 2013\bdparentalservice.exe [x] S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [x] S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x] S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [x] S2 SafeBox;SafeBox;c:\program files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [x] S2 UPDATESRV;Bitdefender Desktop Update Service;c:\program files\Bitdefender\Bitdefender 2013\updatesrv.exe [x] S3 avchv;avchv Function Driver;c:\windows\system32\DRIVERS\avchv.sys [x] S3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [x] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Contents of the 'Scheduled Tasks' folder . 2012-08-07 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-11 13:03] . 2012-08-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3213346702-3299965334-3253153119-1000Core.job - c:\users\Se7eN\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-13 11:26] . 2012-08-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3213346702-3299965334-3253153119-1000UA.job - c:\users\Se7eN\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-13 11:26] . 2012-08-07 c:\windows\Tasks\HP Photo Creations Communicator.job - c:\programdata\HP Photo Creations\MessageCheck.exe [2012-04-03 06:32] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ uDefault_Search_URL = hxxp://www.google.com/ie uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Download all links with IDM - c:\program files\Internet Download Manager\IEGetAll.htm IE: Download with IDM - c:\program files\Internet Download Manager\IEExt.htm IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105 LSP: c:\program files\Bitdefender\Bitdefender 2013\BdProvider.dll TCP: DhcpNameServer = 121.1.3.81 121.1.3.16 121.1.3.66 . - - - - ORPHANS REMOVED - - - - . URLSearchHooks-{F3FEE66E-E034-436a-86E4-9690573BEE8A} - (no file) . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-3213346702-3299965334-3253153119-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice] @Denied: (2) (S-1-5-21-3213346702-3299965334-3253153119-1000) @Denied: (2) (LocalSystem) "Progid"="IE.AssocFile.HTM" . [HKEY_USERS\S-1-5-21-3213346702-3299965334-3253153119-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice] @Denied: (2) (S-1-5-21-3213346702-3299965334-3253153119-1000) @Denied: (2) (LocalSystem) "Progid"="IE.AssocFile.HTM" . [HKEY_USERS\S-1-5-21-3213346702-3299965334-3253153119-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice] @Denied: (2) (LocalSystem) @Denied: (2) (S-1-5-21-3213346702-3299965334-3253153119-1000) "Progid"="SafariHTML" . [HKEY_USERS\S-1-5-21-3213346702-3299965334-3253153119-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.svg\UserChoice] @Denied: (2) (LocalSystem) "Progid"="SafariHTML" . [HKEY_USERS\S-1-5-21-3213346702-3299965334-3253153119-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice] @Denied: (2) (S-1-5-21-3213346702-3299965334-3253153119-1000) @Denied: (2) (LocalSystem) "Progid"="Opera.HTML" . [HKEY_USERS\S-1-5-21-3213346702-3299965334-3253153119-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice] @Denied: (2) (S-1-5-21-3213346702-3299965334-3253153119-1000) @Denied: (2) (LocalSystem) "Progid"="Opera.HTML" . [HKEY_USERS\S-1-5-21-3213346702-3299965334-3253153119-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="SafariHTML" . [HKEY_USERS\S-1-5-21-3213346702-3299965334-3253153119-1000_Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}] @Denied: (Full) (Everyone) "scansk"=hex(0):48,f8,76,41,56,88,71,1f,bb,b7,65,33,5a,b1,eb,9a,00,2d,1c,09,c3, 55,24,a8,8c,ee,b3,44,0c,bd,31,fb,4d,52,07,03,e0,10,0b,0c,00,00,00,00,00,00,\ . [HKEY_USERS\S-1-5-21-3213346702-3299965334-3253153119-1000_Classes\CLSID\{c28f7db6-d259-4b6f-a002-871210405f9c}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "Model"=dword:000000c5 "Therad"=dword:00000002 "MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a, 1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\ . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files\Bitdefender\Bitdefender 2013\vsserv.exe c:\windows\system32\taskhost.exe c:\program files\IObit\Game Booster 3\gbtray.exe c:\windows\system32\PnkBstrA.exe c:\windows\system32\sppsvc.exe c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe c:\windows\system32\conhost.exe c:\program files\Bitdefender\Bitdefender 2013\BdParentalSysTray.exe c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe c:\program files\Yahoo!\Messenger\ymsgr_tray.exe c:\program files\HP\Digital Imaging\bin\hpqbam08.exe c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe c:\program files\Windows Media Player\wmpnetwk.exe . ************************************************************************** . Completion time: 2012-08-07 23:52:01 - machine was rebooted ComboFix-quarantined-files.txt 2012-08-07 15:52 . Pre-Run: 264,797,822,976 bytes free Post-Run: 264,459,378,688 bytes free . - - End Of File - - 227107A2D97A7D0BBFE19B1AE17B49FB can i uninstall combofix.exe now??
  9. robert_bryan10
    if bitdefender prompts me again would I allow the process then?? ok, thanks and yes i would like to get rid of those unnecessary things. heres the link from www.virustotal.com https://www.virustotal.com/file/bf287c0d3c51d802ba8e17c5d59e1eaca7bc77c8f4591baebaf9a81b08449d31/analysis/
  10. robert_bryan10
    Hello Guys, To start, 2 days ago I've been receiving notification from bitdefender total security 2013 that there are potentially malicious processes in my computer. And they are the following: C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Common Files\Calibration\Adobe Gamma Loader.exe i ran a quick scan on malwarebytes but there were no threats detected. Any help guys?? thank you here's the DDS.txt . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.1 Run by Se7eN at 21:40:14 on 2012-08-07 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.2013.993 [GMT 8:00] . AV: Bitdefender Antivirus *Disabled/Updated* {98CD50CE-5097-4098-9669-6C401FB3969C} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Bitdefender Antispyware *Disabled/Updated* {23ACB12A-76AD-4F16-ACD9-57326434DC21} FW: Bitdefender Firewall *Enabled* {A0F6D1EB-1AF8-41C0-BD36-C575E160D1E7} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Windows\system32\taskeng.exe C:\Program Files\IObit\Game Booster 3\gbtray.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\HP\HP Software Update\hpwuschd2.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Samsung\Kies\KiesTrayAgent.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe C:\Program Files\Application Updater\ApplicationUpdater.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe C:\Windows\system32\svchost.exe -k hpdevmgmt C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\system32\PnkBstrA.exe C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe C:\Program Files\Bitdefender\Bitdefender 2013\BdParentalSysTray.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Nero\Update\NASvc.exe C:\Program Files\Internet Download Manager\IDMan.exe C:\Program Files\Internet Download Manager\IEMonitor.exe C:\Program Files\Maxthon3\Bin\Maxthon.exe C:\Program Files\Maxthon3\Bin\Maxthon.exe C:\Program Files\Maxthon3\Bin\Maxthon.exe C:\Program Files\Maxthon3\Bin\Maxthon.exe C:\Program Files\Maxthon3\Bin\Maxthon.exe C:\Program Files\Maxthon3\Bin\Maxthon.exe C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uSearch Page = hxxp://www.google.com uStart Page = hxxp://www.google.com/ uSearch Bar = hxxp://www.google.com/ie uDefault_Search_URL = hxxp://www.google.com/ie uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s uURLSearchHooks: YTD Toolbar: {f3fee66e-e034-436a-86e4-9690573bee8a} - c:\program files\ytd toolbar\ie\6.2\ytdToolbarIE.dll uURLSearchHooks: YTNavAssistPlugin Class: {81017ea9-9aa8-4a6a-9734-7af40e7d593f} - c:\program files\yahoo!\companion\installs\cpn2\yt.dll BHO: IDM integration (IDMIEHlprObj Class): {0055c089-8582-441b-a0bf-17b458c2a3a8} - c:\program files\internet download manager\IDMIECC.dll BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn2\yt.dll BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office14\GROOVEEX.DLL BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll BHO: YTD Toolbar: {f3fee66e-e034-436a-86e4-9690573bee8a} - c:\program files\ytd toolbar\ie\6.2\ytdToolbarIE.dll BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn1\YTSingleInstance.dll BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn2\yt.dll TB: YTD Toolbar: {f3fee66e-e034-436a-86e4-9690573bee8a} - c:\program files\ytd toolbar\ie\6.2\ytdToolbarIE.dll EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll uRun: [Google Update] "c:\users\se7en\appdata\local\google\update\GoogleUpdate.exe" /c uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messen~1\YahooMessenger.exe" -quiet uRun: [KiesPDLR] c:\program files\samsung\kies\external\firmwareupdate\KiesPDLR.exe mRun: [bCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [NBAgent] "c:\program files\nero\nero 11\nero backitup\NBAgent.exe" /WinStart mRun: [KiesTrayAgent] c:\program files\samsung\kies\KiesTrayAgent.exe mRun: [WinampAgent] "c:\program files\winamp\winampa.exe" mRun: [bdagent] c:\program files\bitdefender\bitdefender 2013\bdagent.exe mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray mRun: [<NO NAME>] mRun: [searchSettings] "c:\program files\common files\spigot\search settings\SearchSettings.exe" mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) mPolicies-system: EnableLinkedConnections = 1 (0x1) IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Download all links with IDM - c:\program files\internet download manager\IEGetAll.htm IE: Download with IDM - c:\program files\internet download manager\IEExt.htm IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll LSP: c:\program files\bitdefender\bitdefender 2013\BdProvider.dll TCP: DhcpNameServer = 121.1.3.81 121.1.3.16 121.1.3.66 TCP: Interfaces\{0A67CA2F-4D09-4015-BC1C-642981838190} : DhcpNameServer = 124.106.5.2 124.106.4.2 TCP: Interfaces\{B3B3E114-2A4D-4C34-98A2-6DBBEECC6D84} : DhcpNameServer = 121.1.3.81 121.1.3.16 121.1.3.66 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Notify: igfxcui - igfxdev.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office14\GROOVEEX.DLL . ============= SERVICES / DRIVERS =============== . R0 avc3;avc3;c:\windows\system32\drivers\avc3.sys [2012-7-28 611520] R0 gzflt;gzflt;c:\windows\system32\drivers\gzflt.sys [2012-7-28 154464] R0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\drivers\NBVol.sys [2012-3-14 56496] R0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\drivers\NBVolUp.sys [2012-3-14 12464] R1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [2012-7-28 74832] R1 bdfwfpf;bdfwfpf;c:\program files\common files\bitdefender\bitdefender firewall\bdfwfpf.sys [2012-7-28 90704] R1 BDVEDISK;BDVEDISK;c:\windows\system32\drivers\bdvedisk.sys [2012-7-28 72704] R1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [2005-3-16 13696] R2 Application Updater;Application Updater;c:\program files\application updater\ApplicationUpdater.exe [2012-7-26 794560] R2 BdDesktopParental;Bitdefender Desktop Parental Control;c:\program files\bitdefender\bitdefender 2013\bdparentalservice.exe [2012-8-7 58616] R2 IDMWFP;IDMWFP;c:\windows\system32\drivers\idmwfp.sys [2012-6-7 96056] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-7-28 655944] R2 NAUpdate;Nero Update;c:\program files\nero\update\NASvc.exe [2011-11-25 687400] R2 SafeBox;SafeBox;c:\program files\bitdefender\bitdefender safebox\safeboxservice.exe [2012-7-28 82824] R2 UPDATESRV;Bitdefender Desktop Update Service;c:\program files\bitdefender\bitdefender 2013\updatesrv.exe [2012-8-2 55544] R3 avchv;avchv Function Driver;c:\windows\system32\drivers\avchv.sys [2012-7-28 240184] R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2010-3-15 127488] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-7-28 22344] R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-3-1 139776] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-11 250056] S3 avckf;avckf;c:\windows\system32\drivers\avckf.sys [2012-7-28 447208] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888] S3 BDSandBox;BDSandBox;c:\windows\system32\drivers\bdsandbox.sys [2012-7-28 63056] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2012-6-4 80824] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2010-1-22 30963576] S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-10 4640000] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2011-10-8 15872] S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2012-5-7 27192] S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\drivers\SiSGB6.sys [2009-6-11 48128] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2012-6-4 181432] S3 ssudobex;SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.);c:\windows\system32\drivers\ssudobex.sys [2012-6-4 181432] S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-10-8 52224] S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2011-10-7 1343400] S3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files\iobit\game booster 3\driver\WinRing0.sys [2012-5-24 14416] . =============== Created Last 30 ================ . 2012-08-07 01:55:03 -------- d-----w- c:\program files\Oracle 2012-08-05 13:14:19 -------- d-----w- c:\users\se7en\appdata\local\Macromedia 2012-08-05 03:00:11 4283672 ----a-w- c:\programdata\microsoft\ehome\packages\mceclientux\updateablemarkup\markup.dll 2012-08-05 02:58:03 42776 ----a-w- c:\programdata\microsoft\ehome\packages\mceclientux\dsm\StartResources.dll 2012-08-05 02:57:58 539984 ----a-w- c:\programdata\microsoft\ehome\packages\mcespotlight\mcespotlight\SpotlightResources.dll 2012-08-05 02:57:42 737072 ----a-w- c:\programdata\microsoft\ehome\packages\sportsv2\sportstemplatecore\Microsoft.MediaCenter.Sports.UI.dll 2012-08-03 06:57:42 772504 ----a-w- c:\windows\system32\npDeployJava1.dll 2012-08-03 06:23:32 164352 ----a-w- c:\windows\system32\profsvc.dll 2012-08-03 06:23:18 2342400 ----a-w- c:\windows\system32\msi.dll 2012-08-01 12:57:45 -------- d-----w- c:\users\se7en\appdata\local\bryangavino 2012-07-31 08:33:14 -------- d-----w- c:\program files\YTD Toolbar 2012-07-31 08:33:14 -------- d-----w- c:\program files\common files\Spigot 2012-07-31 08:33:14 -------- d-----w- c:\program files\Application Updater 2012-07-30 12:30:15 -------- d-----w- c:\users\se7en\appdata\roaming\Maxthon3 2012-07-30 12:30:11 -------- d-----w- c:\program files\Maxthon3 2012-07-28 11:42:23 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-07-28 11:42:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-07-28 11:33:15 -------- d-----w- c:\programdata\BDLogging 2012-07-28 11:31:38 72704 ----a-w- c:\windows\system32\drivers\bdvedisk.sys 2012-07-28 11:30:03 74832 ----a-w- c:\windows\system32\drivers\BdfNdisf6.sys 2012-07-28 11:30:03 63056 ----a-w- c:\windows\system32\drivers\bdsandbox.sys 2012-07-28 11:30:03 511328 ----a-w- c:\windows\capicom.dll 2012-07-28 11:30:03 1461992 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll 2012-07-28 11:30:03 -------- d-----w- c:\windows\system32\ui 2012-07-28 11:29:56 611520 ----a-w- c:\windows\system32\drivers\avc3.sys 2012-07-28 11:29:56 447208 ----a-w- c:\windows\system32\drivers\avckf.sys 2012-07-28 11:29:56 240184 ----a-w- c:\windows\system32\drivers\avchv.sys 2012-07-28 10:43:00 -------- d-----w- c:\users\se7en\appdata\roaming\Bitdefender 2012-07-28 10:42:57 -------- d-----w- c:\programdata\Bitdefender 2012-07-28 10:31:33 1699 ----a-w- c:\programdata\1343471187.932.bin 2012-07-28 07:30:58 -------- d-----w- c:\users\se7en\appdata\roaming\Malwarebytes 2012-07-28 07:30:52 -------- d-----w- c:\programdata\Malwarebytes 2012-07-28 02:20:39 56200 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{a38dbe21-7aff-4fee-9a1d-5d3be1767696}\offreg.dll 2012-07-22 12:21:58 -------- d-----w- c:\program files\Winamp Detect 2012-07-20 23:20:24 6891424 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{a38dbe21-7aff-4fee-9a1d-5d3be1767696}\mpengine.dll 2012-07-17 11:22:12 -------- d-----w- c:\users\se7en\appdata\local\Facebook 2012-07-16 12:15:02 79256 ----a-w- c:\windows\system32\npOGPPlugin.dll 2012-07-16 12:15:01 271768 ----a-w- c:\windows\system32\OGPIEPlugin.ocx 2012-07-16 12:14:41 -------- d-----w- c:\program files\OGPlanet 2012-07-11 14:41:00 2345984 ----a-w- c:\windows\system32\win32k.sys 2012-07-11 13:45:42 140288 ----a-w- c:\windows\system32\cryptsvc.dll 2012-07-11 13:45:42 1158656 ----a-w- c:\windows\system32\crypt32.dll 2012-07-11 13:45:42 103936 ----a-w- c:\windows\system32\cryptnet.dll 2012-07-11 13:23:33 2422272 ----a-w- c:\windows\system32\wucltux.dll 2012-07-11 13:23:24 88576 ----a-w- c:\windows\system32\wudriver.dll 2012-07-11 13:23:04 33792 ----a-w- c:\windows\system32\wuapp.exe 2012-07-11 13:23:04 171904 ----a-w- c:\windows\system32\wuwebv.dll 2012-07-09 07:11:28 -------- d-----w- c:\program files\Vibrant Games . ==================== Find3M ==================== . 2012-08-05 13:03:23 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-08-05 13:03:23 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-07-28 11:35:39 102200 ----a-w- c:\programdata\1343471187.3732.bin 2012-07-28 11:35:36 751551 ----a-w- c:\programdata\1343471187.1464.bin 2012-07-28 11:35:36 37648 ----a-w- c:\programdata\1343471187.2736.bin 2012-07-28 11:35:36 186812 ----a-w- c:\programdata\1343471187.3656.bin 2012-07-28 10:43:22 7401 ----a-w- c:\programdata\1343471187.2640.bin 2012-07-28 10:42:56 1090 ----a-w- c:\programdata\1343471187.1820.bin 2012-07-28 10:30:01 1090 ----a-w- c:\programdata\1343471187.2060.bin 2012-07-28 10:26:49 8544 ----a-w- c:\programdata\1343471187.3716.bin 2012-07-28 10:26:48 13531 ----a-w- c:\programdata\1343471187.1332.bin 2012-07-28 10:26:47 3042 ----a-w- c:\programdata\1343471187.2960.bin 2012-07-02 11:06:05 138184 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2012-07-02 11:05:48 183112 ----a-w- c:\windows\system32\PnkBstrB.exe 2012-06-30 10:42:59 66872 ----a-w- c:\windows\system32\PnkBstrA.exe 2012-06-06 05:05:52 1390080 ----a-w- c:\windows\system32\msxml6.dll 2012-06-06 05:05:52 1236992 ----a-w- c:\windows\system32\msxml3.dll 2012-06-06 05:03:06 805376 ----a-w- c:\windows\system32\cdosys.dll 2012-06-02 08:33:25 1800192 ----a-w- c:\windows\system32\jscript9.dll 2012-06-02 08:25:08 1129472 ----a-w- c:\windows\system32\wininet.dll 2012-06-02 08:25:03 1427968 ----a-w- c:\windows\system32\inetcpl.cpl 2012-06-02 08:20:33 142848 ----a-w- c:\windows\system32\ieUnatt.exe 2012-06-02 08:16:52 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2012-06-02 04:45:04 67440 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-06-02 04:45:03 134000 ----a-w- c:\windows\system32\drivers\ksecpkg.sys 2012-06-02 04:40:59 369336 ----a-w- c:\windows\system32\drivers\cng.sys 2012-06-02 04:40:39 225280 ----a-w- c:\windows\system32\schannel.dll 2012-06-02 04:39:10 219136 ----a-w- c:\windows\system32\ncrypt.dll 2012-05-31 04:25:14 237072 ------w- c:\windows\system32\MpSigStub.exe 2012-05-29 07:38:50 330240 ----a-w- c:\windows\MASetupCaller.dll 2012-05-24 21:18:40 4472832 ----a-w- c:\windows\system32\GPhotos.scr 2012-05-21 02:09:00 80824 ----a-w- c:\windows\system32\drivers\ssudbus.sys 2012-05-21 02:09:00 181432 ----a-w- c:\windows\system32\drivers\ssudobex.sys 2012-05-21 02:09:00 181432 ----a-w- c:\windows\system32\drivers\ssudmdm.sys . ============= FINISH: 21:40:45.29 =============== Here's the Attach.txt : . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Ultimate Boot Device: \Device\HarddiskVolume1 Install Date: 9/7/2011 7:59:24 AM System Uptime: 8/7/2012 8:01:28 PM (1 hours ago) . Motherboard: BIOSTAR Group | | G41-M7 Processor: Pentium® Dual-Core CPU E6600 @ 3.06GHz | CPU 1 | 1594/267mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 298 GiB total, 246.692 GiB free. D: is CDROM () E: is FIXED (NTFS) - 168 GiB total, 137.731 GiB free. . ==== Disabled Device Manager Items ============= . Class GUID: {4d36e980-e325-11ce-bfc1-08002be10318} Description: Floppy disk drive Device ID: FDC\GENERIC_FLOPPY_DRIVE\5&18FF73AE&0&0 Manufacturer: (Standard floppy disk drives) Name: Floppy disk drive PNP Device ID: FDC\GENERIC_FLOPPY_DRIVE\5&18FF73AE&0&0 Service: flpydisk . ==== System Restore Points =================== . RP198: 7/30/2012 8:25:13 PM - Revo Uninstaller Pro's restore point - Apple Software Update RP200: 7/30/2012 8:26:55 PM - Revo Uninstaller Pro's restore point - Bonjour RP201: 7/30/2012 8:27:21 PM - Removed Bonjour RP203: 7/31/2012 6:10:44 PM - Installed DirectX RP204: 7/31/2012 6:11:57 PM - Installed Nero Prerequisite Installer 1.0. RP205: 8/3/2012 2:23:40 PM - Windows Update RP206: 8/3/2012 2:55:37 PM - Installed Java SE Development Kit 7 Update 5 RP207: 8/3/2012 2:56:25 PM - Installed Java 7 Update 5 RP208: 8/3/2012 2:58:45 PM - Installed JavaFX 2.1.1 SDK RP209: 8/3/2012 2:59:23 PM - Installed JavaFX 2.1.1 RP211: 8/4/2012 6:50:11 AM - Revo Uninstaller Pro's restore point - Facebook Messenger 2.1.4590.0 RP212: 8/4/2012 6:50:56 AM - Removed Facebook Messenger 2.1.4590.0 RP214: 8/6/2012 5:34:51 PM - Revo Uninstaller Pro's restore point - YTD Video Downloader 3.9 RP216: 8/7/2012 9:39:42 AM - Revo Uninstaller Pro's restore point - Java SE Development Kit 7 Update 5 RP218: 8/7/2012 9:41:40 AM - Revo Uninstaller Pro's restore point - Java 7 Update 5 RP219: 8/7/2012 9:41:55 AM - Removed Java 7 Update 5 RP221: 8/7/2012 9:43:05 AM - Revo Uninstaller Pro's restore point - JavaFX 2.1.1 RP222: 8/7/2012 9:43:21 AM - Removed JavaFX 2.1.1 RP224: 8/7/2012 9:44:35 AM - Revo Uninstaller Pro's restore point - JavaFX 2.1.1 SDK RP225: 8/7/2012 9:44:54 AM - Removed JavaFX 2.1.1 SDK RP227: 8/7/2012 9:46:43 AM - Revo Uninstaller Pro's restore point - Java 6 Update 31 RP228: 8/7/2012 9:47:05 AM - Removed Java 6 Update 31 RP229: 8/7/2012 9:52:33 AM - Installed Java SE Development Kit 7 Update 5 RP230: 8/7/2012 9:53:33 AM - Installed Java 7 Update 5 RP231: 8/7/2012 9:54:41 AM - Installed JavaFX 2.1.1 SDK RP232: 8/7/2012 9:55:29 AM - Installed JavaFX 2.1.1 RP234: 8/7/2012 7:39:17 PM - Revo Uninstaller Pro's restore point - Adobe Reader X (10.1.3) . ==== Installed Programs ====================== . 32 Bit HP CIO Components Installer Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Photoshop CS Adobe Shockwave Player 11.6 Bitdefender Total Security 2013 BufferChm CCleaner Copy Coupon Printer for Windows Destinations DeviceDiscovery DJ_AIO_06_F2400_SW_Min F2400 ffdshow [rev 3154] [2009-12-09] Game Booster 3 Google Chrome GPBaseService2 Hewlett-Packard ACLM.NET v1.1.0.0 High-Definition Video Playback Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678) HP Customer Participation Program 14.0 HP Deskjet F2400 All-in-One Driver Software 14.0 Rel. 6 HP Imaging Device Functions 14.0 HP Photo Creations HP Product Detection HP Smart Web Printing 4.60 HP Solution Center 14.0 HP Update HPPhotoGadget HPProductAssistant HPSSupply IGG Web3D Player version 1.0.0.37 Intel® Graphics Media Accelerator Driver Internet Download Manager Java Auto Updater Java SE Development Kit 7 Update 5 Java 7 Update 5 JavaFX 2.1.1 JavaFX 2.1.1 SDK K-Lite Mega Codec Pack 7.0.0 Malwarebytes Anti-Malware version 1.62.0.1300 MarketResearch Maxthon 3 Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Groove MUI (English) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Word MUI (English) 2010 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual Basic 2005 Express Edition - ENU Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft WSE 3.0 Runtime MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MyFreeCodec NBA 2K12 Need for Speed™ Undercover Nero 11 Nero 11 Disc Menus Basic Nero 11 Effects Basic Nero 11 Image Samples Nero 11 Kwik Themes Basic Nero 11 PiP Effects Basic Nero Audio Pack 1 Nero BackItUp 11 Nero BackItUp 11 Help (CHM) Nero Backup Drivers Nero Burning ROM 11 Nero Burning ROM 11 Help (CHM) Nero ControlCenter 11 Nero ControlCenter 11 Help (CHM) Nero Core Components 11 Nero CoverDesigner 11 Nero CoverDesigner 11 Help (CHM) Nero Express 11 Nero Express 11 Help (CHM) Nero Kwik Media Nero Kwik Media Help (CHM) Nero Prerequisite Installer 1.0 Nero Recode 11 Nero Recode 11 Help (CHM) Nero RescueAgent 11 Nero RescueAgent 11 Help (CHM) Nero SharedVideoCodecs Nero SoundTrax 11 Nero SoundTrax 11 Help (CHM) Nero Update Nero Video 11 Nero Video 11 Help (CHM) Nero WaveEditor 11 Nero WaveEditor 11 Help (CHM) nero.prerequisites.msi Pando Media Booster Picasa 3 Popcap Game Collection Revo Uninstaller Pro 2.5.8 Samsung Kies SAMSUNG USB Driver for Mobile Phones Scan Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Shop for HP Supplies Skype web features Skype™ 5.10 SmartWebPrinting SolutionCenter SpeedFan (remove only) Status Supreme Destiny version 7.55 swMSM Toolbox TrayApp TypingMaster Pro Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) WebReg Welcome App (Start-up experience) Winamp Winamp Detector Plug-in Windows Installer Clean Up Windows Live Communications Platform Windows Live Essentials Windows Live Photo Gallery Windows Live Sign-in Assistant Windows Live Sync Windows Live Upload Tool Windows Movie Maker 2.6 WinRAR 4.20 (32-bit) Yahoo! Messenger Yahoo! Software Update Yahoo! Toolbar YTD Toolbar v6.2 . ==== Event Viewer Messages From Past Week ======== . 8/6/2012 2:01:40 PM, Error: Schannel [36888] - The following fatal alert was generated: 10. The internal error state is 10. 8/3/2012 3:00:50 PM, Error: Schannel [36887] - The following fatal alert was received: 40. 7/31/2012 12:18:31 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect. 7/31/2012 12:18:31 AM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 7/31/2012 12:18:31 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 7/31/2012 12:18:31 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 7/31/2012 12:18:25 AM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. 7/31/2012 12:18:25 AM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535. . ==== End Of File ===========================
  11. robert_bryan10
    Hello Guys, To start, 2 days ago I've been receiving notification from bitdefender total security 2013 that there are potentially malicious processes in my computer. And they are the following: C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Common Files\Calibration\Adobe Gamma Loader.exe i ran a quick scan on malwarebytes but there were no threats detected. Any help guys?? thank you
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.