QuadDam Posted January 2, 2012 ID:512569 Share Posted January 2, 2012 DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 8.0.7600.16385Run by QuadDam at 11:06:21 on 2012-01-02Microsoft Windows 7 Home Premium 6.1.7600.0.1252.2.1033.18.3894.2105 [GMT -8:00].AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}.============== Running Processes ===============.C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\system32\atiesrxx.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Program Files\IDT\WDM\STacSV64.exeC:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exeC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\Hpservice.exeC:\Windows\system32\vcsFPService.exeC:\Windows\system32\atieclxx.exeC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\WLANExt.exeC:\Windows\system32\conhost.exeC:\Windows\System32\spoolsv.exeC:\Program Files\DigitalPersona\Bin\DpHostW.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Program Files\IDT\WDM\AESTSr64.exeC:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exeC:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exeC:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exeC:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exeC:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exeC:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exeC:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Program Files\Intel\WiFi\bin\EvtEng.exeC:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\Windows\system32\wbem\unsecapp.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\system32\SearchIndexer.exeC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exeC:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exeC:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exeC:\Windows\system32\taskhost.exeC:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exeC:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Windows\System32\igfxpers.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\IDT\WDM\sttray64.exeC:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exeC:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exeC:\Windows\System32\rundll32.exeC:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exeC:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\mswinext.exeC:\Program Files\Synaptics\SynTP\SynTPHelper.exeC:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exeC:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\VolPanlu.exeC:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exeC:\Windows\system32\wuauclt.exeC:\Program Files\DigitalPersona\Bin\DPAgent.exeC:\Windows\system32\wbem\unsecapp.exeC:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\system32\taskeng.exeC:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Windows\system32\notepad.exeC:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exeC:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\system32\SearchProtocolHost.exeC:\Windows\system32\taskhost.exeC:\Windows\system32\DllHost.exeC:\Windows\system32\DllHost.exeC:\Windows\SysWOW64\cmd.exeC:\Windows\system32\conhost.exeC:\Windows\SysWOW64\cscript.exeC:\Windows\system32\SearchFilterHost.exe.============== Pseudo HJT Report ===============.uStart Page = hxxp://forums.malwarebytes.org/index.php?showtopic=99213BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dllBHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No FileBHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dllBHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\IPS\IPSBHO.DLLBHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dllBHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dllBHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dllTB: @C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dllTB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dlluRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hiddenuRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZEDuRun: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exemRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRunmRun: [bing Bar] "C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\mswinext.exe"mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resumemRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exemRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exemRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"mRun: [VolPanel] "C:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\VolPanlu.exe" /rmRun: [Module Loader] C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe -StartUpRunmPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)mPolicies-system: EnableUIADesktopToggle = 0 (0x0)IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllIE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dllDPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cabDPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cabTCP: DhcpNameServer = 192.168.0.1TCP: Interfaces\{62384EB1-EEFE-46BB-B362-4BD8FCC7025E} : DhcpNameServer = 40.2.1.100TCP: Interfaces\{74EC021A-CB29-4CAE-94EC-6A9A07A1644A} : DhcpNameServer = 192.168.0.1LSA: Notification Packages = DPPassFilter sceclimASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO-X64: AcroIEHelperStub - No FileBHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dllBHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No FileBHO-X64: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dllBHO-X64: Symantec NCO BHO - No FileBHO-X64: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\IPS\IPSBHO.DLLBHO-X64: Symantec Intrusion Prevention - No FileBHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dllBHO-X64: Search Helper - No FileBHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO-X64: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dllBHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dllTB-X64: @C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dllTB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dllmRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRunmRun-x64: [bing Bar] "C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\mswinext.exe"mRun-x64: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resumemRun-x64: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exemRun-x64: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exemRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"mRun-x64: [VolPanel] "C:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\VolPanlu.exe" /rmRun-x64: [Module Loader] C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe -StartUpRun.============= SERVICES / DRIVERS ===============.R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\NISx64\1206000.01D\SYMDS64.SYS --> C:\Windows\system32\drivers\NISx64\1206000.01D\SYMDS64.SYS [?]R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\NISx64\1206000.01D\SYMEFA64.SYS --> C:\Windows\system32\drivers\NISx64\1206000.01D\SYMEFA64.SYS [?]R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\BASHDefs\20111221.003\BHDrvx64.sys [2011-12-21 1156216]R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\IPSDefs\20111228.001\IDSviA64.sys [2011-12-28 488568]R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\NISx64\1206000.01D\Ironx64.SYS --> C:\Windows\system32\drivers\NISx64\1206000.01D\Ironx64.SYS [?]R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\system32\Drivers\NISx64\1206000.01D\SYMNETS.SYS --> C:\Windows\system32\Drivers\NISx64\1206000.01D\SYMNETS.SYS [?]R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2010-8-19 89600]R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-6-18 103992]R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-6-25 92216]R2 hpsrv;HP Service;C:\Windows\system32\Hpservice.exe --> C:\Windows\system32\Hpservice.exe [?]R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-6-29 27192]R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccsvchst.exe [2011-12-31 130008]R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-1-1 1153368]R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-8-19 2533400]R2 vcsFPService;Validity VCS Fingerprint Service;C:\Windows\System32\vcsFPService.exe [2010-2-23 1799472]R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]R3 clwvd;HP Webcam Splitter;C:\Windows\system32\DRIVERS\clwvd.sys --> C:\Windows\system32\DRIVERS\clwvd.sys [?]R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-12-31 138360]R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]R3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]R3 intelkmd;intelkmd;C:\Windows\system32\DRIVERS\igdpmd64.sys --> C:\Windows\system32\DRIVERS\igdpmd64.sys [?]R3 ksaud;Creative USB Audio Driver;C:\Windows\system32\drivers\ksaud.sys --> C:\Windows\system32\drivers\ksaud.sys [?]R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETw5s64.sys --> C:\Windows\system32\DRIVERS\NETw5s64.sys [?]R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]R3 wdkmd;Intel WiDi KMD;C:\Windows\system32\DRIVERS\WDKMD.sys --> C:\Windows\system32\DRIVERS\WDKMD.sys [?]S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-31 136176]S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2011-12-31 79360]S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-12-31 79360]S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-31 136176]S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-3-5 340240]S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?]S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?].=============== Created Last 30 ================.2012-01-02 18:55:07 -------- d-----w- C:\$RECYCLE.BIN2012-01-02 18:30:28 98816 ----a-w- C:\Windows\sed.exe2012-01-02 18:30:28 518144 ----a-w- C:\Windows\SWREG.exe2012-01-02 18:30:28 256000 ----a-w- C:\Windows\PEV.exe2012-01-02 18:30:28 208896 ----a-w- C:\Windows\MBR.exe2012-01-02 18:05:34 -------- d-----w- C:\Users\QuadDam\AppData\Roaming\Malwarebytes2012-01-02 18:05:33 15504 ----a-w- C:\Windows\SysWow64\drivers\mbam.sys2012-01-02 18:05:31 38496 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys2012-01-02 18:05:30 -------- d-----w- C:\ProgramData\Malwarebytes2012-01-02 18:05:29 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2012-01-02 06:26:40 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy2012-01-02 06:26:40 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy2012-01-01 02:39:44 -------- d-----w- C:\Windows\SysWow64\Wat2012-01-01 02:39:44 -------- d-----w- C:\Windows\System32\Wat2012-01-01 01:07:21 -------- d-----w- C:\Program Files (x86)\MSXML 4.02012-01-01 01:06:12 99176 ----a-w- C:\Windows\SysWow64\PresentationHostProxy.dll2012-01-01 01:06:12 49472 ----a-w- C:\Windows\SysWow64\netfxperf.dll2012-01-01 01:06:12 48960 ----a-w- C:\Windows\System32\netfxperf.dll2012-01-01 01:06:12 444752 ----a-w- C:\Windows\System32\mscoree.dll2012-01-01 01:06:12 320352 ----a-w- C:\Windows\System32\PresentationHost.exe2012-01-01 01:06:12 297808 ----a-w- C:\Windows\SysWow64\mscoree.dll2012-01-01 01:06:12 295264 ----a-w- C:\Windows\SysWow64\PresentationHost.exe2012-01-01 01:06:12 1942856 ----a-w- C:\Windows\System32\dfshim.dll2012-01-01 01:06:12 1130824 ----a-w- C:\Windows\SysWow64\dfshim.dll2012-01-01 01:06:12 109912 ----a-w- C:\Windows\System32\PresentationHostProxy.dll2011-12-31 23:44:40 -------- d-----w- C:\Users\QuadDam\AppData\Local\CyberLink2011-12-31 23:44:39 -------- d-----w- C:\Users\QuadDam\AppData\Local\PowerCinema2011-12-31 22:18:49 715038 ----a-w- C:\Windows\unins000.exe2011-12-31 22:18:49 -------- d-----w- C:\ProgramData\One Small Clue2011-12-31 22:09:58 -------- d-----w- C:\Program Files (x86)\Common Files\Adobe Systems Shared2011-12-31 22:05:45 -------- d-----w- C:\Users\QuadDam\AppData\Roaming\Ableton2011-12-31 22:05:45 -------- d-----w- C:\ProgramData\Ableton2011-12-31 22:04:44 233472 ----a-w- C:\Windows\SysWow64\REX Shared Library.dll2011-12-31 22:04:43 368640 ----a-w- C:\Windows\SysWow64\ReWire.dll2011-12-31 22:03:44 -------- d-----w- C:\Program Files (x86)\Ableton2011-12-31 18:18:25 524288 ----a-w- C:\Windows\System32\wmicmiplugin.dll2011-12-31 18:18:25 496128 ----a-w- C:\Windows\SysWow64\taskschd.dll2011-12-31 18:18:25 473600 ----a-w- C:\Windows\System32\taskcomp.dll2011-12-31 18:18:25 464384 ----a-w- C:\Windows\System32\taskeng.exe2011-12-31 18:18:25 285696 ----a-w- C:\Windows\System32\schtasks.exe2011-12-31 18:18:25 1169408 ----a-w- C:\Windows\System32\taskschd.dll2011-12-31 18:18:25 1114624 ----a-w- C:\Windows\System32\schedsvc.dll2011-12-31 18:18:24 305152 ----a-w- C:\Windows\SysWow64\taskcomp.dll2011-12-31 18:18:24 192000 ----a-w- C:\Windows\SysWow64\taskeng.exe2011-12-31 18:18:24 179712 ----a-w- C:\Windows\SysWow64\schtasks.exe2011-12-31 18:01:06 961024 ----a-w- C:\Windows\System32\CPFilters.dll2011-12-31 18:01:05 850432 ----a-w- C:\Windows\SysWow64\sbe.dll2011-12-31 18:01:05 642048 ----a-w- C:\Windows\SysWow64\CPFilters.dll2011-12-31 18:01:05 259072 ----a-w- C:\Windows\System32\mpg2splt.ax2011-12-31 18:01:05 199680 ----a-w- C:\Windows\SysWow64\mpg2splt.ax2011-12-31 18:01:05 1118720 ----a-w- C:\Windows\System32\sbe.dll2011-12-31 17:36:08 4582912 ----a-w- C:\Program Files\Windows NT\Accessories\wordpad.exe2011-12-31 17:36:08 4247040 ----a-w- C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe2011-12-31 17:36:08 2085376 ----a-w- C:\Windows\System32\ole32.dll2011-12-31 17:36:07 1413632 ----a-w- C:\Windows\SysWow64\ole32.dll2011-12-31 17:34:25 499712 ----a-w- C:\Windows\System32\drivers\afd.sys2011-12-31 17:30:53 1897328 ----a-w- C:\Windows\System32\drivers\tcpip.sys2011-12-31 17:30:51 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared2011-12-31 17:15:23 987136 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msado15.dll2011-12-31 17:15:23 720896 ----a-w- C:\Windows\System32\odbc32.dll2011-12-31 17:15:23 573440 ----a-w- C:\Windows\SysWow64\odbc32.dll2011-12-31 17:15:23 495616 ----a-w- C:\Program Files\Common Files\System\ado\msadox.dll2011-12-31 17:15:23 466944 ----a-w- C:\Program Files\Common Files\System\ado\msadomd.dll2011-12-31 17:15:23 372736 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadox.dll2011-12-31 17:15:23 352256 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadomd.dll2011-12-31 17:15:23 258048 ----a-w- C:\Program Files\Common Files\System\msadc\msadco.dll2011-12-31 17:15:23 208896 ----a-w- C:\Program Files (x86)\Common Files\System\msadc\msadco.dll2011-12-31 17:15:23 1425408 ----a-w- C:\Program Files\Common Files\System\ado\msado15.dll2011-12-31 17:13:28 714752 ----a-w- C:\Windows\System32\kerberos.dll2011-12-31 17:13:28 541184 ----a-w- C:\Windows\SysWow64\kerberos.dll2011-12-31 17:12:05 106496 ----a-w- C:\Windows\System32\odbccu32.dll2011-12-31 17:12:04 94208 ----a-w- C:\Program Files (x86)\Common Files\System\Ole DB\msdaosp.dll2011-12-31 17:12:04 86016 ----a-w- C:\Windows\SysWow64\odbccu32.dll2011-12-31 17:12:04 81920 ----a-w- C:\Windows\SysWow64\odbccr32.dll2011-12-31 17:12:04 319488 ----a-w- C:\Windows\SysWow64\odbcjt32.dll2011-12-31 17:12:04 212992 ----a-w- C:\Windows\System32\odbctrac.dll2011-12-31 17:12:04 163840 ----a-w- C:\Windows\SysWow64\odbctrac.dll2011-12-31 17:12:04 163840 ----a-w- C:\Windows\System32\odbccp32.dll2011-12-31 17:12:04 126976 ----a-w- C:\Program Files\Common Files\System\Ole DB\msdaosp.dll2011-12-31 17:12:04 122880 ----a-w- C:\Windows\SysWow64\odbccp32.dll2011-12-31 17:12:04 106496 ----a-w- C:\Windows\System32\odbccr32.dll2011-12-31 17:11:08 84992 ----a-w- C:\Windows\System32\asycfilt.dll2011-12-31 17:11:08 67584 ----a-w- C:\Windows\SysWow64\asycfilt.dll2011-12-31 17:11:03 102400 ----a-w- C:\Windows\System32\drivers\dfsc.sys2011-12-31 17:10:44 886784 ----a-w- C:\Program Files\Common Files\System\wab32.dll2011-12-31 17:10:44 708608 ----a-w- C:\Program Files (x86)\Common Files\System\wab32.dll2011-12-31 17:10:26 142336 ----a-w- C:\Windows\System32\poqexec.exe2011-12-31 17:10:25 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe2011-12-31 17:06:35 148992 ----a-w- C:\Windows\System32\t2embed.dll2011-12-31 17:06:35 109056 ----a-w- C:\Windows\SysWow64\t2embed.dll2011-12-31 17:04:40 483840 ----a-w- C:\Windows\System32\StructuredQuery.dll2011-12-31 17:04:40 363520 ----a-w- C:\Windows\SysWow64\StructuredQuery.dll2011-12-31 17:04:37 287744 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys2011-12-31 17:04:37 157696 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys2011-12-31 17:04:37 126464 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys2011-12-31 17:03:20 386168 ----a-w- C:\Windows\System32\drivers\NISx64\1206000.01D\symnets.sys2011-12-31 17:03:19 912504 ----a-w- C:\Windows\System32\drivers\NISx64\1206000.01D\symefa64.sys2011-12-31 17:03:19 744568 ----a-w- C:\Windows\System32\drivers\NISx64\1206000.01D\srtsp64.sys2011-12-31 17:03:19 450680 ----a-w- C:\Windows\System32\drivers\NISx64\1206000.01D\symds64.sys2011-12-31 17:03:19 40568 ----a-w- C:\Windows\System32\drivers\NISx64\1206000.01D\srtspx64.sys2011-12-31 17:03:19 171128 ----a-w- C:\Windows\System32\drivers\NISx64\1206000.01D\ironx64.sys2011-12-31 17:03:13 -------- d-----w- C:\Windows\System32\drivers\NISx64\1206000.01D2011-12-31 16:59:12 759296 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll2011-12-31 16:59:12 1110528 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll2011-12-31 16:58:03 2080256 ----a-w- C:\Program Files\Windows Mail\msoe.dll2011-12-31 16:58:03 1619968 ----a-w- C:\Program Files (x86)\Windows Mail\msoe.dll2011-12-31 16:58:00 43520 ----a-w- C:\Windows\System32\csrsrv.dll2011-12-31 16:55:12 340992 ----a-w- C:\Windows\System32\schannel.dll2011-12-31 16:55:12 224256 ----a-w- C:\Windows\SysWow64\schannel.dll2011-12-31 16:54:52 633856 ----a-w- C:\Windows\System32\comctl32.dll2011-12-31 16:54:52 530432 ----a-w- C:\Windows\SysWow64\comctl32.dll2011-12-31 16:54:44 612352 ----a-w- C:\Windows\System32\vbscript.dll2011-12-31 16:54:44 428032 ----a-w- C:\Windows\SysWow64\vbscript.dll2011-12-31 16:49:35 -------- d-----w- C:\Users\QuadDam\AppData\Local\Google2011-12-31 16:48:29 1359872 ----a-w- C:\Windows\System32\mfc42u.dll2011-12-31 16:48:28 1395712 ----a-w- C:\Windows\System32\mfc42.dll2011-12-31 16:48:28 1164288 ----a-w- C:\Windows\SysWow64\mfc42u.dll2011-12-31 16:48:28 1137664 ----a-w- C:\Windows\SysWow64\mfc42.dll2011-12-31 16:47:42 52224 ----a-w- C:\Windows\System32\rtutils.dll2011-12-31 16:47:42 37376 ----a-w- C:\Windows\SysWow64\rtutils.dll2011-12-31 16:41:47 558592 ----a-w- C:\Windows\System32\spoolsv.exe2011-12-31 16:41:41 46080 ----a-w- C:\Windows\System32\atmlib.dll2011-12-31 16:41:41 367104 ----a-w- C:\Windows\System32\atmfd.dll2011-12-31 16:41:41 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll2011-12-31 16:41:41 294912 ----a-w- C:\Windows\SysWow64\atmfd.dll2011-12-31 16:41:26 395776 ----a-w- C:\Windows\System32\webio.dll2011-12-31 16:41:26 314368 ----a-w- C:\Windows\SysWow64\webio.dll2011-12-31 16:41:22 82944 ----a-w- C:\Windows\SysWow64\iccvid.dll2011-12-31 16:36:22 30208 ----a-w- C:\Windows\System32\dnscacheugc.exe2011-12-31 16:36:22 28672 ----a-w- C:\Windows\SysWow64\dnscacheugc.exe2011-12-31 16:36:22 182272 ----a-w- C:\Windows\System32\dnsrslvr.dll2011-12-31 16:36:01 144384 ----a-w- C:\Windows\System32\cdd.dll2011-12-31 16:33:19 738816 ----a-w- C:\Windows\SysWow64\wmpmde.dll2011-12-31 16:33:19 1024512 ----a-w- C:\Windows\System32\wmpmde.dll2011-12-31 16:25:55 954752 ----a-w- C:\Windows\SysWow64\mfc40.dll2011-12-31 16:25:55 954288 ----a-w- C:\Windows\SysWow64\mfc40u.dll2011-12-31 16:20:56 64512 ----a-w- C:\Windows\SysWow64\devobj.dll2011-12-31 16:19:50 267776 ----a-w- C:\Windows\System32\FXSCOVER.exe2011-12-31 16:18:43 -------- d-----w- C:\Program Files (x86)\uTorrent2011-12-31 16:18:24 -------- d-----w- C:\Users\QuadDam\AppData\Roaming\uTorrent2011-12-31 16:18:11 9728 ----a-w- C:\Windows\SysWow64\sscore.dll2011-12-31 16:18:11 236032 ----a-w- C:\Windows\System32\srvsvc.dll2011-12-31 16:18:04 5507968 ----a-w- C:\Windows\System32\ntoskrnl.exe2011-12-31 16:18:03 3957120 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe2011-12-31 16:18:03 3902336 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe2011-12-31 16:10:13 -------- d-----w- C:\Program Files (x86)\Common Files\Creative2011-12-31 16:10:12 -------- d--h--w- C:\Program Files (x86)\Creative Installation Information2011-12-31 16:09:38 89088 ----a-w- C:\Windows\System32\CmdRtr64.DLL2011-12-31 16:09:38 73728 ----a-w- C:\Windows\SysWow64\CmdRtr.DLL2011-12-31 16:09:38 237056 ----a-w- C:\Windows\System32\APOMgr64.DLL2011-12-31 16:09:38 181760 ----a-w- C:\Windows\SysWow64\APOMngr.DLL2011-12-31 16:07:57 79360 ------w- C:\Windows\SysWow64\CTOPT399.dll2011-12-31 16:07:57 61440 ------w- C:\Windows\SysWow64\CTChkAud.dll2011-12-31 16:07:57 42496 ------w- C:\Windows\SysWow64\AddCat.exe2011-12-31 16:07:56 88576 ------w- C:\Windows\System32\CTOPT399.dll2011-12-31 16:07:56 49664 ------w- C:\Windows\System32\CTChkAud.dll2011-12-31 16:07:56 42496 ------w- C:\Windows\System32\AddCat.exe2011-12-31 16:07:50 647872 ------w- C:\Windows\SysWow64\Mscomct2.ocx2011-12-31 16:07:50 53248 ------w- C:\Windows\Ctregrun.exe2011-12-31 16:07:43 7062 ----a-w- C:\Windows\SysWow64\audiopid.vxd2011-12-31 16:06:24 -------- d-----w- C:\Program Files (x86)\Common Files\Creative Labs Shared2011-12-31 16:06:09 -------- d-----w- C:\Program Files\Creative2011-12-31 16:05:55 -------- d-----w- C:\Program Files (x86)\Creative2011-12-31 16:05:12 729088 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll2011-12-31 16:05:12 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll2011-12-31 16:05:12 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe2011-12-31 16:05:12 266240 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll2011-12-31 16:05:12 192512 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll2011-12-31 16:05:11 311428 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll2011-12-31 16:05:11 188548 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll2011-12-31 16:04:30 -------- d-----w- C:\Users\QuadDam\AppData\Local\CrashDumps2011-12-31 15:51:31 -------- d-----w- C:\Users\QuadDam\Tracing2011-12-31 07:32:08 -------- d-----w- C:\Users\QuadDam\AppData\Local\ATI2011-12-31 07:31:19 174200 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS2011-12-31 07:31:19 -------- d-----w- C:\Program Files\Symantec2011-12-31 07:31:19 -------- d-----w- C:\Program Files\Common Files\Symantec Shared2011-12-31 07:31:09 -------- d-----w- C:\Users\QuadDam\AppData\Roaming\Intel2011-12-31 07:31:08 -------- d-----w- C:\Users\QuadDam\AppData\Roaming\hpqLog2011-12-31 07:30:13 -------- d-----w- C:\Users\QuadDam\AppData\Local\Hewlett-Packard2011-12-31 07:26:19 4398360 ----a-w- C:\Windows\System32\d3dx9_32.dll2011-12-31 07:26:19 3426072 ----a-w- C:\Windows\SysWow64\d3dx9_32.dll2011-12-31 07:26:15 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition2011-12-31 07:25:14 -------- d-----w- C:\Program Files (x86)\Windows Live SkyDrive2011-12-31 07:24:45 -------- d-----w- C:\Windows\PCHEALTH2011-12-31 07:24:31 74520 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\3ce9403c1ccc78d\DSETUP.dll2011-12-31 07:24:31 484632 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\3ce9403c1ccc78d\DXSETUP.exe2011-12-31 07:24:31 1670936 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\3ce9403c1ccc78d\dsetup32.dll2011-12-31 07:23:53 141399376 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\wlc8FFF.tmp2011-12-31 07:23:45 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live2011-12-31 07:16:51 -------- d-----w- C:\ProgramData\Recovery2011-12-31 06:23:02 -------- d-----w- C:\Users\QuadDam\AppData\Roaming\DigitalPersona2011-12-31 06:23:02 -------- d-----w- C:\Users\QuadDam\AppData\Local\DigitalPersona.==================== Find3M ====================.2011-12-31 16:08:16 466520 ----a-w- C:\Windows\System32\wrap_oal.dll2011-12-31 16:08:16 445016 ----a-w- C:\Windows\SysWow64\wrap_oal.dll2011-12-31 16:08:16 123480 ----a-w- C:\Windows\System32\OpenAL32.dll2011-12-31 16:08:16 109144 ----a-w- C:\Windows\SysWow64\OpenAL32.dll2011-11-24 05:00:47 3141632 ----a-w- C:\Windows\System32\win32k.sys2011-11-05 05:26:29 1197568 ----a-w- C:\Windows\System32\wininet.dll2011-11-05 05:23:10 57856 ----a-w- C:\Windows\System32\licmgr10.dll2011-11-05 05:17:42 2048 ----a-w- C:\Windows\System32\tzres.dll2011-11-05 04:35:50 981504 ----a-w- C:\Windows\SysWow64\wininet.dll2011-11-05 04:34:15 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll2011-11-05 04:30:11 2048 ----a-w- C:\Windows\SysWow64\tzres.dll2011-11-05 04:07:32 482816 ----a-w- C:\Windows\System32\html.iec2011-11-05 03:28:41 386048 ----a-w- C:\Windows\SysWow64\html.iec2011-11-05 03:25:44 1638912 ----a-w- C:\Windows\System32\mshtml.tlb2011-11-05 02:55:38 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb2011-10-15 06:25:12 723456 ----a-w- C:\Windows\System32\EncDec.dll2011-10-15 05:48:52 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll.============= FINISH: 11:06:43.07 =============== Link to post Share on other sites More sharing options...
daledoc1 Posted January 2, 2012 ID:512573 Share Posted January 2, 2012 Hello and welcome, QuadDam:We cannot review scan logs or work on malware issues in this section of the forum.And it appears you have already started a topic in the correct section (the malware removal forum).So, please stay with your other topic and wait for free assistance from one of the specially trained malware experts.While you are waiting for assistance, please have a look at I'm Infected - What Do I Do Now? for additional guidance.Thanks for your patience and understanding.daledoc1 Link to post Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now