Jump to content

Recommended Posts

I ran Malewarebytes earlier in the week, it found 3 PUMs (disable anti-virus, firewall, and security/updates). Since that scan I haven't had a connection to the internet. My original post is here.

Many thanks for ANY help! Here's my DDS log:

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18702

Run by D03298387 at 20:28:57 on 2011-12-31

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1789.993 [GMT -5:00]

.

AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}

.

============== Running Processes ===============

.

c:\Program Files\Fingerprint Sensor\AtService.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\WINDOWS\system32\spoolsv.exe

svchost.exe

C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

C:\WINDOWS\system32\agrsmsvc.exe

c:\WINDOWS\system32\ifxspmgt.exe

c:\WINDOWS\system32\ifxtcs.exe

C:\WINDOWS\system32\inetsrv\inetinfo.exe

C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\lkcitdl.exe

C:\WINDOWS\system32\lkads.exe

C:\WINDOWS\system32\lktsrv.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe

C:\Program Files\National Instruments\MAX\nimxs.exe

C:\WINDOWS\System32\svchost.exe -k HPZ12

C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe

C:\Program Files\National Instruments\Shared\Tagger\tagsrv.exe

C:\Program Files\TestOut\Orbis\OrbisClient.Services.exe

c:\WINDOWS\system32\IfxPsdSv.exe

C:\WINDOWS\System32\svchost.exe -k HPZ12

svchost.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\WINDOWS\system32\SearchIndexer.exe

C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

C:\WINDOWS\system32\nipalsm.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\WLTRAY.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE

C:\Program Files\National Instruments\NI-DAQ\HWConfig\nidevmon.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe

C:\Program Files\HP\hpcoretech\hpcmpmgr.exe

C:\Program Files\Microsoft IntelliPoint\ipoint.exe

C:\Program Files\Citrix\ICA Client\concentr.exe

C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe

C:\Program Files\DivX\DivX Update\DivXUpdate.exe

C:\Program Files\Brother\ControlCenter3\brccMCtl.exe

C:\Program Files\Citrix\ICA Client\wfcrun32.exe

C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\AVAST Software\Avast\avastUI.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe

C:\WINDOWS\System32\mshta.exe

C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe

C:\WINDOWS\System32\mshta.exe

C:\WINDOWS\System32\mshta.exe

C:\WINDOWS\system32\SearchProtocolHost.exe

C:\WINDOWS\system32\NOTEPAD.EXE

.

============== Pseudo HJT Report ===============

.

uStart Page = about:blank

uSearch Page =

uSearch Bar =

uInternet Settings,ProxyOverride = *.local;<local>

mSearchAssistant =

uURLSearchHooks: H - No File

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll

BHO: {8FD66659-A7AF-4641-9999-C56607D3A0AB} - No File

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: CrossRider: {a876e312-7d08-401a-b7a6-fafc5dc2f292} - c:\program files\crossriderwebapps\Crossrider.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll

TB: &Inbox Toolbar: {d7e97865-918f-41e4-9cd0-25ab1c574ce8} - c:\progra~1\inboxt~1\Inbox.dll

uRun: [<NO NAME>]

uRun: [startCCC] c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [updateMgr] "c:\program files\adobe\acrobat 7.0\reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1

uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messen~1\YahooMessenger.exe" -quiet

uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background

uRun: [Aim] "c:\program files\aim\aim.exe" /d locale=en-US

uRun: [AdobeBridge]

uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe

mRun: [broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe

mRun: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

mRun: [WatchDog] c:\program files\intervideo\dvd check\DVDCheck.exe

mRun: [PTHOSTTR] c:\program files\hewlett-packard\hp protecttools security manager\PTHOSTTR.EXE /Start

mRun: [iFXSPMGT] c:\windows\system32\ifxspmgt.exe /NotifyLogon

mRun: [soundMAX] c:\program files\analog devices\soundmax\Smax4.exe /tray

mRun: [niDevMon] c:\program files\national instruments\ni-daq\hwconfig\nidevmon.exe

mRun: [QlbCtrl.exe] c:\program files\hewlett-packard\hp quick launch buttons\QlbCtrl.exe /Start

mRun: [startCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun

mRun: [HP Component Manager] "c:\program files\hp\hpcoretech\hpcmpmgr.exe"

mRun: [intelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [CarboniteSetupLite] "c:\program files\carbonite\CarbonitePreinstaller.exe" /preinstalled /showonfirst /reshowat=1800

mRun: [ConnectionCenter] "c:\program files\citrix\ica client\concentr.exe" /startup

mRun: [sSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot

mRun: [PaperPort PTD] "c:\program files\scansoft\paperport\pptd40nt.exe"

mRun: [indexSearch] "c:\program files\scansoft\paperport\IndexSearch.exe"

mRun: [PPort11reminder] "c:\program files\scansoft\paperport\ereg\ereg.exe" -r "c:\documents and settings\all users\application data\scansoft\paperport\11\config\ereg\Ereg.ini"

mRun: [brMfcWnd] c:\program files\brother\brmfcmon\BrMfcWnd.exe /AUTORUN

mRun: [ControlCenter3] c:\program files\brother\controlcenter3\brctrcen.exe /autorun

mRun: [sunJavaUpdateSched] c:\program files\java\jre6\bin\jusched.exe

mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW

mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"

mRun: [switchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe

mRun: [AdobeCS5.5ServiceManager] "c:\program files\common files\adobe\cs5.5servicemanager\CS5.5ServiceManager.exe" -launchedbylogin

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\PASPOR~1.LNK -

IE: &Search - http://tbedits.bringmesports.com/one-toolbaredits/menusearch.jhtml?s=100000451&p=YLxdm003YYUS&si=&a=3345FC3F-E160-45E0-ACDD-4D0BBD11F6A2&n=2010102400

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: Send to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {08B0E5C0-4FCB-11CF-AAA5-00401C608501}

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

Trusted Zone: clonewarsadventures.com

Trusted Zone: devry.edu\login

Trusted Zone: devry.edu\my

Trusted Zone: devryu.net

Trusted Zone: freerealms.com

Trusted Zone: soe.com

Trusted Zone: sony.com

DPF: {000F1EA4-5E08-4564-A29B-29076F63A37A} - hxxp://launch.soe.com/plugin/web/SOEWebInstaller.cab

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab

DPF: {37A273C2-5129-11D5-BF37-00A0CCE8754B} - hxxp://asp.mathxl.com/wizmodules/testgen/installers/TestGenXInstall.cab

DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1178730505484

DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - hxxps://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab

DPF: {80B626D6-BC34-4BCF-B5A1-7149E4FD9CFA} - hxxp://zone.msn.com/bingame/zpagames/GAME_UNO1.cab60096.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/products/plugin/autodl/jinstall-160-windows-i586.cab

DPF: {8C279F4E-917E-4CD2-8DF0-D9C73C0CE763} - hxxp://zone.msn.com/bingame/zpagames/zpa_wof.cab55579.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab

DPF: {95D88B35-A521-472B-A182-BB1A98356421} - hxxp://asp.mathxl.com/books/_Players/PearsonInstallAsst2.cab

DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab

DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-160-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {E6D23284-0E9B-417D-A782-03E4487FC947} - hxxp://asp.mathxl.com/books/_Players/MathPlayer.cab

TCP: DhcpNameServer = 192.168.1.1 64.233.222.2 64.233.222.7

TCP: Interfaces\{3ECCC0B8-BE90-4A11-B205-1D1CBC7AAADC} : DhcpNameServer = 192.168.1.1 64.233.222.2 64.233.222.7

Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll

Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll

Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - c:\progra~1\inboxt~1\Inbox.dll

Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL

Notify: AtiExtEvent - Ati2evxx.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll

SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

LSA: Authentication Packages = msv1_0 nwprovau

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\d03298387\application data\mozilla\firefox\profiles\ghxgqk91.default\

FF - prefs.js: browser.startup.homepage - about:blank

FF - plugin: c:\documents and settings\d03298387\local settings\application data\unity\webplayer\loader\npUnity3D32.dll

FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll

FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll

FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll

FF - plugin: c:\program files\microsoft\office live\npOLW.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npatgpc.dll

FF - plugin: c:\program files\real\realplayer enterprise\netscape6\nppl3260.dll

FF - plugin: c:\windows\downloaded program files\npsoe.dll

.

---- FIREFOX POLICIES ----

FF - user.js: yahoo.ytff.general.dontshowhpoffer - true

============= SERVICES / DRIVERS ===============

.

R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-12-31 435032]

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-12-31 314456]

R1 PersonalSecureDrive;PersonalSecureDrive;c:\windows\system32\drivers\psd.sys [2007-1-23 39080]

R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]

R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]

R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-11 116608]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-12-31 20568]

R2 ATService;AuthenTec Fingerprint Service;c:\program files\fingerprint sensor\AtService.exe [2008-5-15 1176824]

R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-12-31 44768]

R2 gpib420;GPIB Analyzer;c:\windows\system32\drivers\gpib420.sys [2005-7-18 31334]

R2 GpibPrtK;Gpib Port;c:\windows\system32\drivers\GpibPrtK.sys [2005-7-18 199783]

R2 lvalarmk;lvalarmk;c:\windows\system32\drivers\lvalarmk.dll [2005-7-27 10829]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-12-31 652872]

R2 nidimk;nidimk;c:\windows\system32\drivers\nidimk.dll [2005-9-28 141824]

R2 nidmxfk;nidmxfk;c:\windows\system32\drivers\nidmxfk.dll [2005-10-13 166912]

R2 niemrk;niemrk;c:\windows\system32\drivers\niemrk.dll [2005-10-7 346624]

R2 nifslk;nifslk;c:\windows\system32\drivers\nifslk.dll [2005-10-6 35328]

R2 nimxpk;nimxpk;c:\windows\system32\drivers\nimxpk.dll [2005-10-6 19456]

R2 nipxirmk;nipxirmk;c:\windows\system32\drivers\nipxirmk.dll [2005-9-21 55296]

R2 niswdk;niswdk;c:\windows\system32\drivers\niswdk.dll [2005-10-8 476160]

R2 OrbisClient.Services;LabSim Configuration and Security;c:\program files\testout\orbis\OrbisClient.Services.exe [2009-10-5 14336]

R2 usb6xxxk;usb6xxxk;c:\windows\system32\drivers\usb6xxxk.dll [2005-10-7 19968]

R3 Com4QLBEx;Com4QLBEx;c:\program files\hewlett-packard\hp quick launch buttons\Com4QLBEx.exe [2008-10-29 193840]

R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [2007-1-23 41216]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-12-31 20464]

R3 nicdrk;nicdrk;c:\windows\system32\drivers\nicdrk.dll [2005-10-6 170496]

R3 nimru2k;nimru2k;c:\windows\system32\drivers\nimru2k.dll [2005-9-28 231936]

R3 nimsdrk;nimsdrk;c:\windows\system32\drivers\nimsdrk.dll [2005-10-6 131072]

R3 nimstsk;nimstsk;c:\windows\system32\drivers\nimstsk.dll [2005-10-6 51200]

R3 niscdk;niscdk;c:\windows\system32\drivers\niscdk.dll [2005-10-6 497664]

S2 Ca1528av;SPCA1528 Video Camera Service;c:\windows\system32\drivers\ca1528av.sys --> c:\windows\system32\drivers\Ca1528av.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-7-18 136176]

S2 nidevldu;nidevldu;system32\nipalsm.exe --> system32\nipalsm.exe [?]

S3 AlteraUSBBlaster;Altera USB-Blaster Device Driver;c:\windows\system32\drivers\FTD2XX.sys [2007-8-14 24197]

S3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver;c:\windows\system32\drivers\ATSwpWDF.sys [2008-5-15 475520]

S3 Bulk1528;SPCA1528 Still Camera Service;c:\windows\system32\drivers\bulk1528.sys --> c:\windows\system32\drivers\Bulk1528.sys [?]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-7-18 136176]

S3 HP24X;HP PC Card Smart Card Reader;c:\windows\system32\drivers\HP24X.sys [2007-7-17 35072]

S3 mchpusb;mchpusb;c:\windows\system32\drivers\mchpusb.sys [2007-8-13 61440]

S3 nidsark;nidsark;c:\windows\system32\drivers\nidsark.dll [2005-10-6 714752]

S3 niesrk;niesrk;c:\windows\system32\drivers\niesrk.dll [2005-10-7 489984]

S3 nimslk;nimslk;c:\windows\system32\drivers\nimslk.dll [2005-10-6 14464]

S3 nimsrlk;nimsrlk;c:\windows\system32\drivers\nimsrlk.dll [2005-10-6 151683]

S3 nisdigk;nisdigk;c:\windows\system32\drivers\nisdigk.dll [2005-10-7 233472]

S3 nisftk;nisftk;c:\windows\system32\drivers\nisftk.dll [2005-10-6 163328]

S3 nispdk;nispdk;c:\windows\system32\drivers\nispdk.dll [2005-10-6 42496]

S3 nissrk;nissrk;c:\windows\system32\drivers\nissrk.dll [2005-10-7 1058304]

S3 nistc2k;nistc2k;c:\windows\system32\drivers\nistc2k.dll [2005-10-6 163328]

S3 nistcrk;nistcrk;c:\windows\system32\drivers\nistcrk.dll [2005-10-10 110080]

S3 nitiork;nitiork;c:\windows\system32\drivers\nitiork.dll [2005-10-7 692736]

S3 NiViFWK;NI-VISA FireWire Driver;c:\windows\system32\drivers\NiViFWK.sys [2005-10-12 8704]

S3 NiViPciK;NI-VISA PCI Driver;c:\windows\system32\drivers\NiViPciK.sys [2005-10-12 37376]

S3 NiViPxiK;NI-VISA PXI Driver;c:\windows\system32\drivers\NiViPxiK.sys [2005-10-12 10752]

S3 niwfrk;niwfrk;c:\windows\system32\drivers\niwfrk.dll [2005-10-7 422400]

S3 nixsrk;nixsrk;c:\windows\system32\drivers\nixsrk.dll [2005-10-7 926720]

S3 SwitchBoard;Adobe SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]

S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2004-8-4 14336]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== Created Last 30 ================

.

2011-12-31 15:53:09 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2011-12-31 15:52:38 41184 ----a-w- c:\windows\avastSS.scr

2011-12-31 15:38:55 -------- d-----w- c:\program files\AVAST Software

2011-12-31 14:25:58 20464 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-12-31 12:38:52 -------- d-----w- c:\documents and settings\d03298387\application data\SUPERAntiSpyware.com

2011-12-31 12:38:02 -------- d-----w- c:\program files\SUPERAntiSpyware

2011-12-31 12:38:02 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com

2011-12-31 12:20:20 -------- d-s---w- C:\iexplorer

2011-12-31 04:45:20 98816 ----a-w- c:\windows\sed.exe

2011-12-31 04:45:20 518144 ----a-w- c:\windows\SWREG.exe

2011-12-31 04:45:20 256000 ----a-w- c:\windows\PEV.exe

2011-12-31 04:45:20 208896 ----a-w- c:\windows\MBR.exe

2011-12-30 15:17:44 -------- d-----w- c:\documents and settings\d03298387\local settings\application data\Identities

2011-12-30 15:17:12 -------- d-----w- c:\documents and settings\d03298387\application data\Windows Desktop Search

2011-12-30 14:56:50 -------- d-----w- c:\documents and settings\d03298387\application data\hpqLog

2011-12-12 16:38:41 -------- d-----w- c:\documents and settings\d03298387\application data\Malwarebytes

2011-12-12 16:38:17 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes

2011-12-12 16:38:05 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-12-08 05:10:28 -------- d-----w- c:\documents and settings\all users\application data\AVAST Software

.

==================== Find3M ====================

.

2011-10-24 19:29:02 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx

2011-10-24 19:29:02 69632 ----a-w- c:\windows\system32\QuickTime.qts

2011-10-24 07:28:49 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-10-10 14:22:41 692736 ----a-w- c:\windows\system32\inetcomm.dll

.

============= FINISH: 20:29:53.15 ===============

attach.txt

Link to post
Share on other sites

post-32477-1261866970.gif

Logs will be closed if you haven't replied within 3 days

Please don't attach the scans / logs for these tools, use "copy/paste".

DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision.

Doing so could make your pc inoperatible and could require a full reinstall of your OS, losing all your programs and data.

Please run a new MBAM scan being sure to update before scanning.

Post the scan results

Also please describe how your computer behaves at the moment.

Please don't attach the scans / logs, use "copy/paste".

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.