Jump to content

JohnnyIN

Members
  • Posts

    1
  • Joined

  • Last visited

Reputation

0 Neutral
  1. I bought the pro version of Malwarebytes. Mbam will see this virus on each scan but is unable to delete it. Google got hijacked about a month ago. I ended up close to a format/reinstall but a restore seemed to work good enough that Mbam was able to take care of the 1400 or so adware/malware files. About 150 were trogans I think and the rest were adwares. However, this svchost.exe infected file remains but isn't really bothering the system, but it does attempt to start the service and Mbam does stop it from doing so. but dam if it can't delete it. Also, Mbam show this message "successfully blocked access to a potentially malicious website: ip." about once every minute - it's done this since I installed Mbam about 1 month ago. here is the log files you requested - also attached Attach.zip): . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_26 Run by John at 9:28:34 on 2011-10-25 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4863.3296 [GMT -4:00] . AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe C:\Program Files (x86)\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\System32\svchost.exe -k HPZ12 C:\Program Files (x86)\Verizon\VSP\ServicepointService.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\WUDFHost.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted -netsvcs C:\Windows\system32\conhost.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Program Files (x86)\AVG\AVG2012\avgtray.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\hp\HP Software Update\hpwuSchd2.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Windows\system32\taskeng.exe c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe C:\Windows\system32\DllHost.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe C:\Program Files (x86)\AVG\AVG2012\avgui.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.drudgereport.com/ uInternet Settings,ProxyOverride = *.local mWinlogon: Userinit=c:\windows\syswow64\userinit.exe, BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File {555d4d79-4bd2-4094-a395-cfc534424a05} uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" uRun: [Google Update] "C:\Users\John\AppData\Local\Google\Update\GoogleUpdate.exe" /c mRun: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mExplorerRun: [2600] C:\PROGRA~3\LOCALS~1\Temp\4558ffff.com mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: &ieSpell Options - C:\Program Files (x86)\ieSpell\iespell.dll/SPELLOPTION.HTM IE: Check &Spelling - C:\Program Files (x86)\ieSpell\iespell.dll/SPELLCHECK.HTM IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html IE: Lookup on Merriam Webster - file://C:\Program Files (x86)\ieSpell\Merriam Webster.HTM IE: Lookup on Wikipedia - file://C:\Program Files (x86)\ieSpell\wikipedia.HTM IE: {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - res://C:\Program Files (x86)\ieSpell\iespell.dll/SPELLCHECK.HTM IE: {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - res://C:\Program Files (x86)\ieSpell\iespell.dll/SPELLOPTION.HTM IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} - hxxp://picture.vzw.com/activex/VerizonWirelessUploadControl.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://www.popcap.com/webgames/popcaploader_v10.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{58EA8867-46A0-4C50-AA44-71575FEFE773} : DhcpNameServer = 192.168.1.1 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO-X64: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File BHO-X64: 0x1 - No File BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB-X64: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File TB-X64: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File mRun-x64: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun-x64: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" IE-X64: {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - res://C:\Program Files (x86)\ieSpell\iespell.dll/SPELLCHECK.HTM IE-X64: {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - res://C:\Program Files (x86)\ieSpell\iespell.dll/SPELLOPTION.HTM SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\3pvsk0hi.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.drudgereport.com/ FF - prefs.js: network.proxy.type - 0 FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Verizon\VSP\nprpspa.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\Default\AppData\Local\HuluDesktop\instances\0.9.9.1\nphdplg.dll FF - plugin: C:\Users\John\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll . ============= SERVICES / DRIVERS =============== . R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?] R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?] R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?] R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?] R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?] R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928] R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368] R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-8-11 140672] R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 192776] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-10-6 366152] R2 ServicepointService;ServicepointService;C:\Program Files (x86)\Verizon\VSP\ServicepointService.exe [2011-2-7 689464] R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?] R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?] R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-9-12 5265248] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-3-4 135664] S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?] S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-13 1492840] S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-3-4 135664] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\system32\DRIVERS\WSDPrint.sys --> C:\Windows\system32\DRIVERS\WSDPrint.sys [?] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2011-10-25 13:08:27 -------- d-----w- C:\SDFix 2011-10-25 12:04:26 -------- d-----w- C:\Windows\SysWow64\drivers\AVG 2011-10-25 11:45:48 -------- d-----w- C:\Users\John\AppData\Local\{87A1A0CF-3058-4A85-B72C-F72A04C95CFC} 2011-10-25 11:45:38 -------- d-----w- C:\Users\John\AppData\Local\{4D904241-BD88-4823-814C-99B12655A814} 2011-10-24 11:07:48 -------- d-----w- C:\Users\John\AppData\Local\{D7C57C57-F642-4DF9-8706-E87295017A2F} 2011-10-24 11:07:36 -------- d-----w- C:\Users\John\AppData\Local\{9F376A1F-620B-4FE8-916A-13F4CC9D33C1} 2011-10-23 06:12:33 -------- d-----w- C:\Users\John\AppData\Local\{4A65E36C-D671-4006-ADA0-8F5E24E67CDF} 2011-10-22 15:32:01 -------- d-----w- C:\Users\John\AppData\Local\{80137CC2-6FEF-489C-8471-67B8FDA46E9C} 2011-10-22 15:31:50 -------- d-----w- C:\Users\John\AppData\Local\{28245E82-EEF7-41E4-9687-3D69C7EC4636} 2011-10-21 11:35:41 -------- d-----w- C:\Users\John\AppData\Local\{ED5B7959-634B-4FC7-BBEF-16FA13CBCCEE} 2011-10-21 11:35:30 -------- d-----w- C:\Users\John\AppData\Local\{CA39D48E-A45B-4F7A-854F-B506134BE3F7} 2011-10-20 10:01:10 -------- d-----w- C:\Users\John\AppData\Local\{D1C1014E-27E1-4D03-8CAE-5BA4200D2EE8} 2011-10-20 10:00:58 -------- d-----w- C:\Users\John\AppData\Local\{FFBB0D44-25CF-4D12-942C-F5D55FFC066E} 2011-10-19 11:31:59 -------- d-----w- C:\Users\John\AppData\Local\{2133376E-6DCA-4B84-8A5C-C6C16F3E6795} 2011-10-19 11:31:48 -------- d-----w- C:\Users\John\AppData\Local\{8E8A8BB9-376C-410D-9A3F-F125F1EA098F} 2011-10-18 11:15:44 -------- d-----w- C:\Users\John\AppData\Local\{ED645F67-2D08-4146-82FE-7D97EF1076F8} 2011-10-18 11:15:33 -------- d-----w- C:\Users\John\AppData\Local\{2BCE7719-2E44-433B-A933-8EB8EEF05B3A} 2011-10-17 11:00:29 -------- d-----w- C:\Users\John\AppData\Local\{404BC22B-63EA-4A72-B989-FF21AD3217CA} 2011-10-17 11:00:17 -------- d-----w- C:\Users\John\AppData\Local\{073FD90B-AB88-4744-AFAB-AC0CA34CB0CA} 2011-10-16 01:24:44 -------- d-----w- C:\Users\John\AppData\Local\{19612B3C-D39C-4910-8D6E-0D5620D5900F} 2011-10-16 01:24:33 -------- d-----w- C:\Users\John\AppData\Local\{340089A6-24A7-440C-A862-13130C6255CB} 2011-10-14 11:13:12 -------- d-----w- C:\Users\John\AppData\Local\{2A43C0C6-2D34-457D-BB46-071A51A07C43} 2011-10-14 11:13:01 -------- d-----w- C:\Users\John\AppData\Local\{DCAE35A5-0514-46CB-A6A4-B3D747AABFEB} 2011-10-13 11:44:59 108032 ----a-w- C:\Windows\System32\psisrndr.ax 2011-10-13 11:44:46 861696 ----a-w- C:\Windows\System32\oleaut32.dll 2011-10-13 11:44:46 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll 2011-10-13 11:44:46 331776 ----a-w- C:\Windows\System32\oleacc.dll 2011-10-13 11:44:46 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll 2011-10-13 11:43:08 -------- d-----w- C:\Users\John\AppData\Local\{176EDFF8-144D-436E-976D-C3538FD742EF} 2011-10-13 11:42:55 -------- d-----w- C:\Users\John\AppData\Local\{9E8F1B2B-3A68-4324-A38B-48F2E46CE7D2} 2011-10-12 23:17:47 -------- d-----w- C:\Users\John\AppData\Local\{DDF9BA6D-1A38-4FAB-BB5B-8594F8802418} 2011-10-12 11:17:20 -------- d-----w- C:\Users\John\AppData\Local\{5DC44479-9A05-4F92-8507-3C9E756ECD38} 2011-10-12 11:17:08 -------- d-----w- C:\Users\John\AppData\Local\{6828D2B0-D1DE-426F-A6D7-A12C3AAA53BC} 2011-10-11 23:09:22 -------- d-----w- C:\Users\John\AppData\Local\{90CE2818-362F-44FB-BE74-5414672D1A7C} 2011-10-11 23:09:05 -------- d-----w- C:\Users\John\AppData\Local\{0D591912-2400-4AF8-9AFB-07E0535E876E} 2011-10-11 13:49:02 -------- d-----w- C:\Users\John\AppData\Roaming\SUPERAntiSpyware.com 2011-10-11 13:48:38 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com 2011-10-11 13:48:38 -------- d-----w- C:\Program Files\SUPERAntiSpyware 2011-10-11 12:13:48 9049936 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8517B32D-C1F8-4083-969B-6ED92B7F8A3D}\mpengine.dll 2011-10-11 11:08:21 -------- d-----w- C:\Users\John\AppData\Local\{7D12644C-9C58-42AD-96DE-4D090B9D17C4} 2011-10-11 11:08:11 -------- d-----w- C:\Users\John\AppData\Local\{929B553D-2462-4A02-B1F8-11567DB0093E} 2011-10-10 11:36:38 -------- d-----w- C:\Users\John\AppData\Local\{09B9B371-A514-44C6-BEE4-6B98993CF3BF} 2011-10-10 11:36:26 -------- d-----w- C:\Users\John\AppData\Local\{F8981474-757E-423D-A572-39ADE2FEC710} 2011-10-10 11:35:35 -------- d-----w- C:\Users\John\AppData\Roaming\AVG2012 2011-10-07 23:26:32 -------- d-----w- C:\Windows\System32\drivers\AVG 2011-10-07 11:42:29 -------- d-----w- C:\Users\John\AppData\Local\{DDD30F42-BE67-4882-A6CA-D478B0662645} 2011-10-07 11:42:19 -------- d-----w- C:\Users\John\AppData\Local\{58BB0ED0-832B-43EF-9097-05335DAA89FD} 2011-10-06 21:22:23 -------- d-----w- C:\ProgramData\Recovery 2011-10-06 18:09:10 -------- d-----w- C:\Users\John\AppData\Roaming\Malwarebytes 2011-10-06 18:09:00 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2011-10-06 17:54:31 -------- d-----w- C:\Users\John\AppData\Roaming\DigiData 2011-10-06 17:39:56 2412032 ----a-w- C:\Windows\SysWow64\jVlIBtzPNc1v2b4.exe 2011-10-06 17:39:53 2412032 ----a-w- C:\Windows\SysWow64\LL9gTXqjYeIrOtA.exe 2011-10-06 17:39:48 2412032 ----a-w- C:\Windows\SysWow64\cEL9gTZqj.exe 2011-10-06 17:39:42 2412032 ----a-w- C:\Windows\SysWow64\LNyxA1uvSoFpGa.exe 2011-10-06 17:39:40 2412032 ----a-w- C:\Windows\SysWow64\Yf9jIlxuiDnaHJg.exe 2011-10-06 17:39:40 2412032 ----a-w- C:\Windows\SysWow64\AnaHW7LZhwVlt0S.exe 2011-10-06 17:39:35 2412032 ----a-w- C:\Windows\SysWow64\KLgTZqYCwIrOtPu.exe 2011-10-06 16:53:24 2412032 ----a-w- C:\Windows\SysWow64\P5sQJ6dEKfZhwCl.exe 2011-10-06 16:53:21 0 ----a-w- C:\Windows\SysWow64\YTQujsDlKvwbj2R.exe 2011-10-06 16:53:21 0 ----a-w- C:\Windows\SysWow64\ym1U7vwbj2R.exe 2011-10-06 15:24:30 0 ----a-w- C:\Windows\SysWow64\gRZ9hTXwjClBzNF.exe 2011-10-06 15:13:38 -------- d-----w- C:\Users\John\AppData\Local\{5E5E09F9-8EF8-43A5-9A24-3BB41C28F4AC} 2011-10-06 15:12:33 -------- d-----w- C:\Users\John\AppData\Local\{EAE926E4-8E96-4360-A183-5839F96399E9} 2011-10-06 12:01:47 -------- d-----w- C:\Users\John\AppData\Local\{3553A3ED-76C6-427F-9255-8E30BE9A6242} 2011-10-06 12:01:36 -------- d-----w- C:\Users\John\AppData\Local\{D5B502B3-7F1F-4BCB-8F4C-B66741058D86} 2011-10-05 11:50:33 -------- d-----w- C:\Users\John\AppData\Local\{E0FEA9F5-C370-447A-BED7-830C479EDEFF} 2011-10-05 11:50:23 -------- d-----w- C:\Users\John\AppData\Local\{6E4F8430-082B-49F4-B74F-36EB2414F9A0} 2011-10-04 14:28:09 -------- d-----w- C:\ProgramData\SecTaskMan 2011-10-04 11:42:22 -------- d-----w- C:\Users\John\AppData\Local\{D5FA624F-8EEF-4DF3-8A45-E47EDD3442D5} 2011-10-04 11:42:12 -------- d-----w- C:\Users\John\AppData\Local\{B85BE70A-A067-4BFD-AC71-DE8E862DB8ED} 2011-10-03 21:07:14 -------- d-----w- C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE 2011-10-03 11:44:17 -------- d-----w- C:\Users\John\AppData\Local\{EFAF7A11-7BE6-44D5-AE59-348FFB7CEBDA} 2011-10-03 11:44:05 -------- d-----w- C:\Users\John\AppData\Local\{833232DB-F594-4743-8FE7-D8791C335F02} 2011-09-30 11:56:56 -------- d-----w- C:\Users\John\AppData\Local\{A9AA6983-4922-4CFA-92EA-7346362DC992} 2011-09-30 11:56:46 -------- d-----w- C:\Users\John\AppData\Local\{48017AF9-8C12-4096-BAAE-6A9F82535571} 2011-09-29 17:22:12 -------- d-----we C:\Windows\system64 2011-09-29 11:51:39 -------- d-----w- C:\Users\John\AppData\Local\{66BB63D4-F00A-492B-909E-DDBC1056D048} 2011-09-29 11:51:28 -------- d-----w- C:\Users\John\AppData\Local\{427CF45E-F1BF-4407-8337-D63D28C5DDBD} 2011-09-28 11:29:15 -------- d-----w- C:\Users\John\AppData\Local\{ABEAEE01-5EE4-4450-A473-DD33025AD3B9} 2011-09-28 11:29:04 -------- d-----w- C:\Users\John\AppData\Local\{BC745C3F-0C86-4C06-BFA4-94CCA836EDAF} 2011-09-27 11:31:58 -------- d-----w- C:\Users\John\AppData\Local\{0C7AF373-1A2E-4684-A69C-A9B5ECC58AF3} 2011-09-27 11:31:47 -------- d-----w- C:\Users\John\AppData\Local\{7C19F440-02FC-42F0-B06B-0F0AC5725175} 2011-09-26 11:30:23 -------- d-----w- C:\Users\John\AppData\Local\{9842AB8B-86A6-47BA-A1C3-196F33F3CF1C} 2011-09-26 11:30:10 -------- d-----w- C:\Users\John\AppData\Local\{2AEE5654-73E5-4001-AC61-92C3357D6A37} . ==================== Find3M ==================== . 2011-10-22 15:31:38 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2011-10-01 03:25:37 1638912 ----a-w- C:\Windows\System32\mshtml.tlb 2011-10-01 02:42:56 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2011-09-13 10:30:08 37456 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys 2011-09-06 03:03:17 3138048 ----a-w- C:\Windows\System32\win32k.sys 2011-08-31 21:00:50 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys 2011-08-20 05:37:58 1188864 ----a-w- C:\Windows\System32\wininet.dll 2011-08-20 04:31:05 981504 ----a-w- C:\Windows\SysWow64\wininet.dll 2011-08-17 05:26:46 613888 ----a-w- C:\Windows\System32\psisdecd.dll 2011-08-17 04:24:12 465408 ----a-w- C:\Windows\SysWow64\psisdecd.dll 2011-08-17 04:19:27 75776 ----a-w- C:\Windows\SysWow64\psisrndr.ax 2011-08-08 10:08:58 46672 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys . ============= FINISH: 9:29:09.49 =============== Attach.zip
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.