DeWebDude

November 27, 2012

Already Tried running latest MalwareBytes and others with no success.

Any help appreciated!

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 9.0.8112.16455

Run by Raida at 15:35:41 on 2012-11-27

Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.2046.1197 [GMT -5:00]

.

AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}

SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\HPSIsvc.exe

C:\Program Files (x86)\Pervasive Software\PSQL\bin\w3dbsmgr.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\SearchIndexer.exe

C:\Windows\Explorer.EXE

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Windows\system32\Dwm.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\System32\WUDFHost.exe

C:\Windows\system32\wermgr.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://google.com/

uDefault_Page_URL = hxxp://companyweb

mWinlogon: Userinit = userinit.exe,

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll

BHO: PlusIEEventHelper Class: {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDFViewerPlus\bin\PlusIEContextMenu.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL

BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL

BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL

BHO: ZeonIEEventHelper Class: {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} - C:\Program Files (x86)\Nuance\PDFViewerPlus\bin\ZeonIEFavClient.dll

TB: Nuance PDF: {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Program Files (x86)\Nuance\PDFViewerPlus\bin\ZeonIEFavClient.dll

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:0

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableLUA = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: PromptOnSecureDesktop = dword:0

mPolicies-System: RunStartupScriptSync = dword:1

IE: Append the content of the link to existing PDF file - C:\Program Files (x86)\Nuance\PDFViewerPlus\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML

IE: Append the content of the selected links to existing PDF file - C:\Program Files (x86)\Nuance\PDFViewerPlus\Bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML

IE: Append to existing PDF file - C:\Program Files (x86)\Nuance\PDFViewerPlus\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML

IE: Create PDF file - C:\Program Files (x86)\Nuance\PDFViewerPlus\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML

IE: Create PDF file from the content of the link - C:\Program Files (x86)\Nuance\PDFViewerPlus\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML

IE: Create PDF files from the selected links - C:\Program Files (x86)\Nuance\PDFViewerPlus\Bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office15\EXCEL.EXE/3000

IE: Open with PDF Viewer Plus - C:\Program Files (x86)\Nuance\PDFViewerPlus\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm

IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office15\ONBttnIE.dll/105

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab

TCP: NameServer = 192.168.88.1

TCP: Interfaces\{A2C1ED73-AA50-40BF-9B98-F27DE39E5489} : NameServer = 8.8.8.8,8.8.4.4

TCP: Interfaces\{A2C1ED73-AA50-40BF-9B98-F27DE39E5489} : DHCPNameServer = 192.168.88.1

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL

SSODL: WebCheck - <orphaned>

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL

x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll

x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL

x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL

x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL

x64-Run: [pnheb] "C:\Windows\System32\rundll32.exe" "C:\Users\raida.IISG\AppData\Roaming\pnheb.dll",New

x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll

x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>

x64-SSODL: WebCheck - <orphaned>

x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL

.

============= SERVICES / DRIVERS ===============

.

R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2012-8-30 228768]

R2 HPSIService;HP SI Service;C:\Windows\System32\HPSIsvc.exe [2012-10-4 127800]

R2 psqlWGE;Pervasive PSQL Workgroup Engine;C:\Program Files (x86)\Pervasive Software\PSQL\bin\w3dbsmgr.exe [2008-6-6 435528]

R3 mvusbews;USB EWS Device;C:\Windows\System32\drivers\mvusbews.sys [2012-9-25 20480]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 PDFProFiltSrvPP;PDFProFiltSrvPP;C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [2009-9-9 142424]

S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]

S3 ivusb;Initio Driver for USB Default Controller;C:\Windows\System32\drivers\ivusb.sys [2010-7-28 29720]

S3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-8-30 128456]

S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-9-12 368896]

S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-2-15 80384]

S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-2-15 180736]

S3 Peachtree SmartPosting 2011;Peachtree SmartPosting 2011;C:\Program Files (x86)\Sage\Peachtree\SmartPostingService2011.exe [2011-10-25 44400]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-13 19456]

S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-13 57856]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-11-13 30208]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-10-5 1255736]

.

=============== Created Last 30 ================

.

2012-11-27 19:57:11 76232 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3BE5B294-6390-4A1A-918A-11AD98DA2CE1}\offreg.dll

2012-11-27 16:45:24 -------- d-----w- C:\Program Files\HitmanPro

2012-11-27 16:41:59 -------- d-----w- C:\ProgramData\HitmanPro

2012-11-27 15:53:15 -------- d-----w- C:\Windows\System32\appmgmt

2012-11-26 14:02:16 9125352 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3BE5B294-6390-4A1A-918A-11AD98DA2CE1}\mpengine.dll

2012-11-20 17:07:02 -------- d-----w- C:\Program Files\CCleaner

2012-11-20 16:54:29 9125352 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2012-11-15 14:22:46 331264 ----a-w- C:\Users\raida.IISG\AppData\Roaming\pnheb.dll

2012-11-14 00:24:09 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui

2012-11-14 00:24:08 9728 ----a-w- C:\Windows\System32\Wdfres.dll

2012-11-14 00:24:08 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys

2012-11-14 00:24:08 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys

2012-11-14 00:14:51 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2012-11-14 00:10:14 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys

2012-11-14 00:10:14 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll

2012-11-14 00:10:14 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys

2012-11-14 00:10:13 744448 ----a-w- C:\Windows\System32\WUDFx.dll

2012-11-14 00:10:13 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll

2012-11-14 00:10:13 229888 ----a-w- C:\Windows\System32\WUDFHost.exe

2012-11-14 00:10:13 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll

2012-11-13 23:57:28 220160 ----a-w- C:\Windows\System32\wintrust.dll

2012-11-13 23:57:28 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll

2012-11-13 23:55:04 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll

2012-11-13 23:55:04 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll

2012-11-13 23:55:04 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll

2012-11-13 23:55:04 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll

2012-11-13 23:53:16 3149824 ----a-w- C:\Windows\System32\win32k.sys

2012-11-13 23:53:14 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe

2012-11-13 23:53:13 3968880 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2012-11-13 23:53:13 3914096 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2012-11-13 23:52:22 1659760 ----a-w- C:\Windows\System32\drivers\ntfs.sys

2012-11-13 23:52:08 458712 ----a-w- C:\Windows\System32\drivers\cng.sys

2012-11-13 23:52:08 340992 ----a-w- C:\Windows\System32\schannel.dll

2012-11-13 23:52:08 307200 ----a-w- C:\Windows\System32\ncrypt.dll

2012-11-13 23:52:08 247808 ----a-w- C:\Windows\SysWow64\schannel.dll

2012-11-13 23:52:08 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll

2012-11-13 23:52:08 154480 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys

2012-11-13 23:52:08 1448448 ----a-w- C:\Windows\System32\lsasrv.dll

2012-11-13 23:52:07 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll

2012-11-13 23:52:07 22016 ----a-w- C:\Windows\SysWow64\secur32.dll

2012-11-13 23:52:02 715776 ----a-w- C:\Windows\System32\kerberos.dll

2012-11-13 23:52:02 542208 ----a-w- C:\Windows\SysWow64\kerberos.dll

2012-11-13 23:51:59 95744 ----a-w- C:\Windows\System32\synceng.dll

2012-11-13 23:51:59 78336 ----a-w- C:\Windows\SysWow64\synceng.dll

2012-11-13 23:50:19 184320 ----a-w- C:\Windows\System32\cryptsvc.dll

2012-11-13 23:50:19 1464320 ----a-w- C:\Windows\System32\crypt32.dll

2012-11-13 23:50:19 1159680 ----a-w- C:\Windows\SysWow64\crypt32.dll

2012-11-13 23:50:18 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll

2012-11-13 23:50:18 140288 ----a-w- C:\Windows\System32\cryptnet.dll

2012-11-13 23:50:18 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll

2012-11-06 16:26:28 -------- d-----w- C:\ProgramData\regid.1991-06.com.microsoft

2012-11-06 16:25:38 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server

2012-11-05 14:16:33 -------- d-----w- C:\Users\raida.IISG\AppData\Roaming\Malwarebytes

2012-11-05 14:15:14 -------- d-----w- C:\ProgramData\Malwarebytes

2012-11-05 14:15:13 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-11-05 14:15:13 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

.

==================== Find3M ====================

.

2012-10-15 22:32:02 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

2012-10-15 22:32:02 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2012-10-09 16:49:31 207145592 ----a-w- C:\registry.reg

2012-10-09 16:32:50 518456 ----a-w- C:\Windows\System32\acfpdf.dll

2012-10-09 16:32:50 346112 ----a-w- C:\Windows\System32\acfpdfuiia64.dll

2012-10-09 16:32:50 288776 ----a-w- C:\Windows\System32\acfpdfnt.dll

2012-10-09 16:32:50 1093632 ----a-w- C:\Windows\System32\acfpdfuia64.dll

2012-10-09 15:16:42 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-10-09 15:16:42 696760 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2012-10-08 23:11:39 103272 ----a-w- C:\Users\raida.IISG\GoToAssistDownloadHelper.exe

2012-10-08 11:31:03 2312704 ----a-w- C:\Windows\System32\jscript9.dll

2012-10-08 11:23:52 1392128 ----a-w- C:\Windows\System32\wininet.dll

2012-10-08 11:22:55 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2012-10-08 11:18:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2012-10-08 11:17:35 599040 ----a-w- C:\Windows\System32\vbscript.dll

2012-10-08 11:13:33 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2012-10-08 07:56:24 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll

2012-10-08 07:48:03 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-10-08 07:47:44 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2012-10-08 07:44:05 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2012-10-08 07:43:21 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll

2012-10-04 22:11:51 0 ----a-w- C:\Windows\ativpsrm.bin

2012-10-03 17:56:54 1914248 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2012-10-03 17:44:21 70656 ----a-w- C:\Windows\System32\nlaapi.dll

2012-10-03 17:44:21 303104 ----a-w- C:\Windows\System32\nlasvc.dll

2012-10-03 17:44:17 246272 ----a-w- C:\Windows\System32\netcorehc.dll

2012-10-03 17:44:17 18944 ----a-w- C:\Windows\System32\netevent.dll

2012-10-03 17:44:16 216576 ----a-w- C:\Windows\System32\ncsi.dll

2012-10-03 17:42:16 569344 ----a-w- C:\Windows\System32\iphlpsvc.dll

2012-10-03 16:42:24 18944 ----a-w- C:\Windows\SysWow64\netevent.dll

2012-10-03 16:42:24 175104 ----a-w- C:\Windows\SysWow64\netcorehc.dll

2012-10-03 16:42:23 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll

2012-10-03 16:07:26 45568 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys

2012-10-02 01:34:38 31888 ----a-w- C:\Windows\SysWow64\FM20ENU.DLL

2012-10-02 01:32:50 862664 ----a-w- C:\Windows\SysWow64\msvcr110.dll

2012-10-02 01:32:50 534480 ----a-w- C:\Windows\SysWow64\msvcp110.dll

2012-10-02 01:32:50 251864 ----a-w- C:\Windows\SysWow64\vccorlib110.dll

2012-10-02 01:32:50 153536 ----a-w- C:\Windows\SysWow64\atl110.dll

2012-10-02 01:31:20 1158256 ----a-w- C:\Windows\SysWow64\FM20.DLL

2012-10-01 23:58:08 773968 ----a-w- C:\Windows\SysWow64\msvcr100.dll

2012-10-01 23:58:08 421200 ----a-w- C:\Windows\SysWow64\msvcp100.dll

2012-09-29 12:52:24 1070152 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX

2012-09-25 15:52:10 20480 ----a-w- C:\Windows\System32\drivers\mvusbews.sys

2012-09-25 15:52:08 82944 ----a-w- C:\Windows\System32\mvusbews.dll

2012-09-25 14:52:08 49664 ----a-w- C:\Windows\System32\HP1100SMs.dll

2012-09-14 19:19:29 2048 ----a-w- C:\Windows\System32\tzres.dll

2012-09-14 18:28:53 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

2012-08-31 19:10:18 350720 ----a-w- C:\Windows\System32\mvhlewsi.DLL

2012-08-31 19:03:20 1696256 ----a-w- C:\Windows\System32\HP1100SM.EXE

2012-08-31 19:03:12 288768 ----a-w- C:\Windows\System32\HP1100LM.DLL

2012-08-31 02:03:48 228768 ----a-w- C:\Windows\System32\drivers\MpFilter.sys

2012-08-31 02:03:48 128456 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys

.

============= FINISH: 15:36:15.60 ===============

Sign In

DeWebDude

Posts

Joined

Last visited

Content Type

Events

Profiles

Forums

Posts posted by DeWebDude

Infected with Trojan:JS/Medfos.B

Browse

Activity

Personal

Business

Business Modules

Partners

Learn

Start here

Type of malware/attacks

How does it get on my computer?

Scams and grifts

Support

Important Information