Jump to content

I cant run any program after using Malwarebytes


DarJim

Recommended Posts

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421

Run by Darwin Jimenez at 15:17:16 on 2011-12-14

Microsoft Windows 7 Professional 6.1.7601.1.1252.1.3082.18.6051.4383 [GMT -5:00]

.

AV: McAfee Anti-Virus y Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: McAfee Anti-Virus y Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}

FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}

.

============== Running Processes ===============

.

C:\windows\system32\wininit.exe

C:\windows\system32\lsm.exe

C:\windows\system32\svchost.exe -k DcomLaunch

C:\windows\system32\nvvsvc.exe

C:\windows\system32\svchost.exe -k RPCSS

C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\windows\system32\svchost.exe -k netsvcs

C:\Program Files\IDT\WDM\STacSV64.exe

C:\windows\system32\svchost.exe -k LocalService

C:\windows\system32\svchost.exe -k NetworkService

C:\windows\system32\WLANExt.exe

C:\windows\system32\conhost.exe

C:\windows\System32\spoolsv.exe

C:\windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\IDT\WDM\AESTSr64.exe

C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe

C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\windows\system32\svchost.exe -k bthsvcs

C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

C:\Program Files\Intel\WiFi\bin\EvtEng.exe

C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

C:\Windows\system32\mfevtps.exe

C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe

C:\windows\SysWOW64\NLSSRV32.EXE

C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\windows\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe

C:\windows\system32\rundll32.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

C:\windows\SysWOW64\rundll32.exe

C:\windows\system32\wbem\unsecapp.exe

C:\windows\system32\wbem\wmiprvse.exe

C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe

C:\windows\system32\nvvsvc.exe

C:\windows\system32\taskhost.exe

C:\windows\system32\taskeng.exe

C:\windows\system32\Dwm.exe

C:\windows\Explorer.EXE

C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe

C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE

C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE

C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe

C:\windows\system32\SearchIndexer.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\windows\System32\svchost.exe -k LocalServicePeerNet

C:\windows\system32\DllHost.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

c:\PROGRA~1\mcafee.com\agent\mcagent.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\windows\system32\wbem\wmiprvse.exe

C:\windows\system32\vssvc.exe

C:\windows\System32\svchost.exe -k swprv

C:\windows\SysWOW64\NOTEPAD.EXE

C:\windows\SysWOW64\NOTEPAD.EXE

C:\windows\system32\SearchProtocolHost.exe

C:\windows\system32\SearchFilterHost.exe

C:\windows\SysWOW64\cmd.exe

C:\windows\system32\conhost.exe

C:\windows\SysWOW64\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www1.la.dell.com/content/default.aspx?c=do&l=es&s=gen

uInternet Settings,ProxyOverride = *.local

uURLSearchHooks: pdfforge Toolbar: {b922d405-6d13-4a2b-ae89-08a030da4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\4.7\pdfforgeToolbarIE.dll

uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

mWinlogon: Userinit=userinit.exe,

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20111202021006.dll

BHO: Aplicación auxiliar de inicio de sesión de Windows Live ID: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

BHO: pdfforge Toolbar: {b922d405-6d13-4a2b-ae89-08a030da4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\4.7\pdfforgeToolbarIE.dll

BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB: @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll

TB: pdfforge Toolbar: {b922d405-6d13-4a2b-ae89-08a030da4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\4.7\pdfforgeToolbarIE.dll

TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2

mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

mRun: [<NO NAME>]

mRun: [RoxWatchTray] "c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"

mRun: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"

mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

mRun: [searchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"

mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup

mRun: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot

mRun: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xportar a Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab

DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB

DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{A46E14A0-C4CB-43EF-B023-B3113BFB6FBA} : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{A46E14A0-C4CB-43EF-B023-B3113BFB6FBA}\341637160225F6D616E6 : DhcpNameServer = 192.168.2.1

TCP: Interfaces\{A46E14A0-C4CB-43EF-B023-B3113BFB6FBA}\3457279656C60275962756C6563737 : DhcpNameServer = 75.75.75.75 75.75.76.76

Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\msc\McSnIePl.dll

Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

{18DF081C-E8AD-4283-A596-FA578C2EBDC3}

{3049C3E9-B461-4BC5-8870-4C09146192CA}

{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}

{72853161-30C5-4D22-B7F9-0BBC1D38A37E}

{7DB2D5A0-7241-4E79-B68D-6309F01C5231}

{9030D464-4C02-4ABF-8ECC-5164760863C6}

{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

{B164E929-A1B6-4A06-B104-2CD0E90A88FF}

{B922D405-6D13-4A2B-AE89-08A030DA4402}

{d2ce3e00-f94a-4740-988e-03dc2f38c34f}

{DBC80044-A445-435b-BC74-9C25C1C588A9}

{8dcb7100-df86-4384-8842-8fa844297b3f}

{B922D405-6D13-4A2B-AE89-08A030DA4402}

{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}

mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2

mRun-x64: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun-x64: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

mRun-x64: [(Predeterminado)]

mRun-x64: [RoxWatchTray] "c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"

mRun-x64: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"

mRun-x64: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume

mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

mRun-x64: [searchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"

mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun-x64: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup

mRun-x64: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe

mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun-x64: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot

mRun-x64: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

AppInit_DLLs-X64: C:\Windows\SysWOW64\nvinit.dll

SEH-X64: {B5A7F190-DDA6-4420-B3BA-52453494E6CD}: Groove GFS Stub Execution Hook

.

============= SERVICES / DRIVERS ===============

.

R0 mfehidk;McAfee Inc. mfehidk;C:\windows\system32\drivers\mfehidk.sys --> C:\windows\system32\drivers\mfehidk.sys [?]

R0 mfewfpk;McAfee Inc. mfewfpk;C:\windows\system32\drivers\mfewfpk.sys --> C:\windows\system32\drivers\mfewfpk.sys [?]

R0 nvpciflt;nvpciflt;C:\windows\system32\DRIVERS\nvpciflt.sys --> C:\windows\system32\DRIVERS\nvpciflt.sys [?]

R0 PxHlpa64;PxHlpa64;C:\windows\system32\Drivers\PxHlpa64.sys --> C:\windows\system32\Drivers\PxHlpa64.sys [?]

R1 mfenlfk;McAfee NDIS Light Filter;C:\windows\system32\DRIVERS\mfenlfk.sys --> C:\windows\system32\DRIVERS\mfenlfk.sys [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys --> C:\windows\system32\DRIVERS\vwififlt.sys [?]

R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-9-5 64952]

R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-10-9 89600]

R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-8-8 1166848]

R2 Application Updater;Application Updater;C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe [2011-9-27 745880]

R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-5-19 921664]

R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-5-19 995392]

R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-6-3 134928]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-10-9 13336]

R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-1-27 249936]

R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-1-27 249936]

R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-1-27 249936]

R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-1-27 249936]

R2 McShield;McAfee McShield;C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe [2011-10-9 199272]

R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2011-10-9 208536]

R2 mfevtp;McAfee Validation Trust Protection Service;"C:\Windows\system32\mfevtps.exe" --> C:\Windows\system32\mfevtps.exe [?]

R2 NitroDriverReadSpool2;NitroPDFDriverCreatorReadSpool2;C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [2011-11-2 341280]

R2 nlsX86cc;NLS Service;C:\Windows\SysWOW64\NLSSRV32.EXE [2011-11-2 68896]

R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-9 2009704]

R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-10-9 1692480]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-4-21 378472]

R2 TurboB;Turbo Boost UI Monitor driver;C:\windows\system32\DRIVERS\TurboB.sys --> C:\windows\system32\DRIVERS\TurboB.sys [?]

R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-10-9 2655768]

R3 AMPPAL;Adaptador virtual Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed;C:\windows\system32\DRIVERS\AMPPAL.sys --> C:\windows\system32\DRIVERS\AMPPAL.sys [?]

R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-5-19 1335360]

R3 cfwids;McAfee Inc. cfwids;C:\windows\system32\drivers\cfwids.sys --> C:\windows\system32\drivers\cfwids.sys [?]

R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\windows\system32\DRIVERS\CtClsFlt.sys --> C:\windows\system32\DRIVERS\CtClsFlt.sys [?]

R3 iwdbus;IWD Bus Enumerator;C:\windows\system32\DRIVERS\iwdbus.sys --> C:\windows\system32\DRIVERS\iwdbus.sys [?]

R3 MEIx64;Intel® Management Engine Interface;C:\windows\system32\DRIVERS\HECIx64.sys --> C:\windows\system32\DRIVERS\HECIx64.sys [?]

R3 mfeavfk;McAfee Inc. mfeavfk;C:\windows\system32\drivers\mfeavfk.sys --> C:\windows\system32\drivers\mfeavfk.sys [?]

R3 mfefirek;McAfee Inc. mfefirek;C:\windows\system32\drivers\mfefirek.sys --> C:\windows\system32\drivers\mfefirek.sys [?]

R3 NETwNs64;___ Controlador del adaptador Intel® Wireless WiFi Link para Windows 7 de 64 bits;C:\windows\system32\DRIVERS\NETwNs64.sys --> C:\windows\system32\DRIVERS\NETwNs64.sys [?]

R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\windows\system32\DRIVERS\nusb3hub.sys --> C:\windows\system32\DRIVERS\nusb3hub.sys [?]

R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\windows\system32\DRIVERS\nusb3xhc.sys --> C:\windows\system32\DRIVERS\nusb3xhc.sys [?]

R3 RTL8167;Realtek 8167 NT Driver;C:\windows\system32\DRIVERS\Rt64win7.sys --> C:\windows\system32\DRIVERS\Rt64win7.sys [?]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\windows\system32\DRIVERS\vwifimp.sys --> C:\windows\system32\DRIVERS\vwifimp.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-12 136176]

S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]

S3 AMPPALP;Protocolo Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed;C:\windows\system32\DRIVERS\amppal.sys --> C:\windows\system32\DRIVERS\amppal.sys [?]

S3 btmaudio;Intel Bluetooth Audio Service;C:\windows\system32\drivers\btmaud.sys --> C:\windows\system32\drivers\btmaud.sys [?]

S3 btmaux;Intel Bluetooth Auxiliary Service;C:\windows\system32\DRIVERS\btmaux.sys --> C:\windows\system32\DRIVERS\btmaux.sys [?]

S3 btmhsf;btmhsf;C:\windows\system32\DRIVERS\btmhsf.sys --> C:\windows\system32\DRIVERS\btmhsf.sys [?]

S3 dmvsc;dmvsc;C:\windows\system32\drivers\dmvsc.sys --> C:\windows\system32\drivers\dmvsc.sys [?]

S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-12 136176]

S3 iBtFltCoex;iBtFltCoex;C:\windows\system32\DRIVERS\iBtFltCoex.sys --> C:\windows\system32\DRIVERS\iBtFltCoex.sys [?]

S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\windows\system32\drivers\intelaud.sys --> C:\windows\system32\drivers\intelaud.sys [?]

S3 McAWFwk;McAfee Activation Service;C:\PROGRA~1\mcafee\msc\mcawfwk.exe [2011-10-9 224704]

S3 mferkdet;McAfee Inc. mferkdet;C:\windows\system32\drivers\mferkdet.sys --> C:\windows\system32\drivers\mferkdet.sys [?]

S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-7-27 340240]

S3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\windows\system32\drivers\nvhda64v.sys --> C:\windows\system32\drivers\nvhda64v.sys [?]

S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\system32\Drivers\RtsUStor.sys --> C:\windows\system32\Drivers\RtsUStor.sys [?]

S3 StorSvc;Servicio de almacenamiento;C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]

S3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys --> C:\windows\system32\drivers\tsusbflt.sys [?]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\system32\drivers\TsUsbGD.sys --> C:\windows\system32\drivers\TsUsbGD.sys [?]

S3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]

S3 WatAdminSvc;Servicio de tecnologías de activación de Windows;C:\windows\system32\Wat\WatAdminSvc.exe --> C:\windows\system32\Wat\WatAdminSvc.exe [?]

S4 McOobeSv;McAfee OOBE Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-1-27 249936]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== File Associations ===============

.

.exe=GR5

.

=============== Created Last 30 ================

.

2011-12-14 19:42:37 2048 ----a-w- C:\windows\SysWow64\tzres.dll

2011-12-14 19:42:37 2048 ----a-w- C:\windows\System32\tzres.dll

2011-12-14 19:42:17 43520 ----a-w- C:\windows\System32\csrsrv.dll

2011-12-14 19:42:16 3145216 ----a-w- C:\windows\System32\win32k.sys

2011-12-14 19:41:45 723456 ----a-w- C:\windows\System32\EncDec.dll

2011-12-14 19:41:45 534528 ----a-w- C:\windows\SysWow64\EncDec.dll

2011-12-14 18:17:37 -------- d-----w- C:\Users\Darwin Jimenez\AppData\Roaming\Malwarebytes

2011-12-14 18:17:31 -------- d-----w- C:\ProgramData\Malwarebytes

2011-12-14 18:17:27 25416 ----a-w- C:\windows\System32\drivers\mbam.sys

2011-12-14 18:17:26 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2011-12-14 05:47:41 -------- d-----w- C:\Program Files (x86)\Common Files\xing shared

2011-12-14 02:35:34 -------- d-----w- C:\Program Files\iPod

2011-12-14 02:35:33 -------- d-----w- C:\Program Files\iTunes

2011-12-14 02:35:33 -------- d-----w- C:\Program Files (x86)\iTunes

2011-12-13 23:20:43 257024 ----a-w- C:\windows\System32\Spool\prtprocs\x64\hpzppw72.dll

2011-12-13 03:24:44 -------- d-----w- C:\Users\Darwin Jimenez\AppData\Local\Google

2011-12-10 23:30:42 -------- d-----w- C:\Program Files\Zinio Magazine 4

2011-12-05 08:19:22 -------- d-----w- C:\Users\Darwin Jimenez\AppData\Local\Spotify

2011-12-05 08:19:14 -------- d-----w- C:\Users\Darwin Jimenez\AppData\Roaming\Spotify

2011-12-02 07:10:07 28760 ----a-w- C:\Program Files (x86)\Mozilla Firefox\ScriptFF.dll

2011-12-02 02:53:01 -------- d-----w- C:\Users\Darwin Jimenez\AppData\Local\Mozilla

2011-11-30 15:57:21 28960 ----a-w- C:\windows\System32\nitrolocalmon2.dll

2011-11-30 15:57:21 17184 ----a-w- C:\windows\System32\nitrolocalui2.dll

2011-11-30 15:57:15 -------- d-----w- C:\Program Files\Common Files\Nitro PDF

2011-11-30 15:57:14 -------- d-----w- C:\Program Files (x86)\Nitro PDF

2011-11-30 15:57:14 -------- d-----w- C:\Program Files (x86)\Common Files\Nitro PDF

2011-11-30 15:51:57 -------- d-----w- C:\Users\Darwin Jimenez\AppData\Roaming\Downloaded Installations

2011-11-29 04:17:35 -------- d-----w- C:\Program Files\Dell Support Center

2011-11-29 04:13:40 -------- d-----w- C:\Users\Darwin Jimenez\AppData\Roaming\PCDr

2011-11-29 02:53:41 -------- d-----w- C:\Users\Darwin Jimenez\AppData\Local\WindowsUpdate

2011-11-28 13:36:08 414368 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl

2011-11-26 00:44:38 -------- d-----w- C:\Users\Darwin Jimenez\AppData\Roaming\Roxio Burn

2011-11-26 00:06:07 -------- d-----w- C:\Users\Darwin Jimenez\AppData\Roaming\Blackberry Desktop

2011-11-24 20:10:55 -------- d-----w- C:\Users\Darwin Jimenez\AppData\Local\Research In Motion

2011-11-24 20:10:53 -------- d-----w- C:\Users\Darwin Jimenez\AppData\Roaming\Research In Motion

2011-11-24 19:52:46 44032 ----a-w- C:\windows\System32\drivers\RimSerial_AMD64.sys

2011-11-24 19:52:17 -------- d-----w- C:\ProgramData\Research In Motion

2011-11-24 19:52:09 -------- d-----w- C:\Program Files (x86)\Research In Motion

2011-11-24 19:52:09 -------- d-----w- C:\Program Files (x86)\Common Files\Research In Motion

2011-11-24 18:49:48 -------- d-----w- C:\Users\Darwin Jimenez\AppData\Local\Diagnostics

2011-11-24 18:10:34 -------- d-----w- C:\Program Files (x86)\MSECache

2011-11-15 00:05:01 -------- d-----w- C:\Users\Darwin Jimenez\AppData\Local\Adobe

.

==================== Find3M ====================

.

2011-12-14 05:47:25 499712 ----a-w- C:\windows\SysWow64\msvcp71.dll

2011-12-14 05:47:25 348160 ----a-w- C:\windows\SysWow64\msvcr71.dll

2011-11-04 01:53:39 2309120 ----a-w- C:\windows\System32\jscript9.dll

2011-11-04 01:44:47 1390080 ----a-w- C:\windows\System32\wininet.dll

2011-11-04 01:44:21 1493504 ----a-w- C:\windows\System32\inetcpl.cpl

2011-11-04 01:34:43 2382848 ----a-w- C:\windows\System32\mshtml.tlb

2011-11-03 22:47:42 1798144 ----a-w- C:\windows\SysWow64\jscript9.dll

2011-11-03 22:40:21 1427456 ----a-w- C:\windows\SysWow64\inetcpl.cpl

2011-11-03 22:39:47 1127424 ----a-w- C:\windows\SysWow64\wininet.dll

2011-11-03 22:31:57 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb

2011-11-03 20:37:24 507904 ----a-r- C:\windows\SysWow64\btwapi.dll

2011-11-02 13:24:04 68896 ----a-w- C:\windows\SysWow64\NLSSRV32.EXE

2011-10-18 18:32:28 161168 ----a-w- C:\windows\System32\mfevtps.exe

2011-10-15 17:16:16 75808 ----a-w- C:\windows\System32\drivers\mfenlfk.sys

2011-10-15 17:16:16 65264 ----a-w- C:\windows\System32\drivers\cfwids.sys

2011-10-15 17:16:16 647080 ----a-w- C:\windows\System32\drivers\mfehidk.sys

2011-10-15 17:16:16 481768 ----a-w- C:\windows\System32\drivers\mfefirek.sys

2011-10-15 17:16:16 284648 ----a-w- C:\windows\System32\drivers\mfewfpk.sys

2011-10-15 17:16:16 229528 ----a-w- C:\windows\System32\drivers\mfeavfk.sys

2011-10-15 17:16:16 160280 ----a-w- C:\windows\System32\drivers\mfeapfk.sys

2011-10-15 17:16:16 10248 ----a-w- C:\windows\System32\drivers\mfeclnk.sys

2011-10-15 17:16:16 100912 ----a-w- C:\windows\System32\drivers\mferkdet.sys

2011-10-10 06:18:06 2560 ----a-w- C:\windows\SysWow64\drivers\es-ES\qwavedrv.sys.mui

2011-10-10 06:18:02 31232 ----a-w- C:\windows\SysWow64\drivers\es-ES\bfe.dll.mui

2011-10-10 06:18:02 16384 ----a-w- C:\windows\SysWow64\drivers\es-ES\pacer.sys.mui

2011-10-10 06:17:56 2560 ----a-w- C:\windows\SysWow64\drivers\es-ES\scfilter.sys.mui

2011-10-10 06:17:54 6144 ----a-w- C:\windows\SysWow64\drivers\es-ES\ndiscap.sys.mui

2011-10-10 06:17:50 48640 ----a-w- C:\windows\SysWow64\drivers\es-ES\tcpip.sys.mui

2011-10-10 03:40:07 472808 ----a-w- C:\windows\SysWow64\deployJava1.dll

2011-10-10 03:39:54 525544 ----a-w- C:\windows\System32\deployJava1.dll

2011-09-29 16:29:28 1923952 ----a-w- C:\windows\System32\drivers\tcpip.sys

.

============= FINISH: 15:17:52.54 ===============

Link to post
Share on other sites

  • Staff

Hi,

Navigate to the C:\Program Files (x86)\Malwarebytes' Anti-Malware folder.

Locate mbam.exe in there and rename to mbam.com

Please make sure known file extensions are shown, this so you rename it properly. To show file extensions, see here: http://windows.microsoft.com/en-US/windows-vista/Show-or-hide-file-name-extensions

Then doubleclick mbam.com in order to launch malwarebytes. Please update mbam first as we have added detection for this variant today. It should show at least database version 8376. In case it's still an older version presented, just wait a bit till version 8376 is up.

Then run Malwarebytes (using the mbam.com) and let it remove what it found. Let me know if that fixed your issue.

Link to post
Share on other sites

  • 2 weeks later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.