eduzam

[eduzam]

I also have that problem.

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 8.0.7600.16385

Run by Eduardo at 14:47:31 on 2012-01-30

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.3082.18.3997.2627 [GMT -8:00]

.

AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe

C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe

C:\Windows\system32\svchost.exe -k HsfXAudioService

C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe

C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe

C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe

C:\Program Files (x86)\PacketiX VPN Client English\vpnclient.exe

C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe

C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Windows\system32\igfxsrvc.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files (x86)\Launch Manager\LManager.EXE

C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe

C:\Program Files (x86)\Video Web Camera\traybar.exe

C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe

C:\Program Files (x86)\PacketiX VPN Client English\vpnclient.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe

C:\Windows\system32\igfxext.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Gateway\Gateway Power Management\ePowerEvent.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\System32\svchost.exe -k secsvcs

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files\Gateway\Gateway Updater\alu.exe

C:\Windows\SysWOW64\reg.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\reg.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\reg.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\WUDFHost.exe

C:\Windows\SysWOW64\reg.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\vssvc.exe

C:\Windows\System32\svchost.exe -k swprv

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\DllHost.exe

.

============== Pseudo HJT Report ===============

.

uDefault_Page_URL = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=540a&m=nv48&r=27361111d306l0393z156a4873u276

uStart Page = hxxp://google.com/

mDefault_Page_URL = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=540a&m=nv48&r=27361111d306l0393z156a4873u276

mStart Page = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=540a&m=nv48&r=27361111d306l0393z156a4873u276

mWinlogon: Userinit=userinit.exe,

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\coIEPlg.dll

BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\IPSBHO.DLL

BHO: Windows Live Aplicación auxiliar de inicio de sesión: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\coIEPlg.dll

uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

uRun: [p9pl2181866729957117833] \\?\globalroot\Device\HarddiskVolume3\Users\Eduardo\AppData\Local\Temp\p9pl2181866729957117833.tmp

mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe

mRun: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe" -h -k

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED

mRun: [Camera Assistant Software] "C:\Program Files (x86)\Video Web Camera\traybar.exe"

mRun: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"

mRun: [RemoteControl8] "C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe"

mRun: [PDVD8LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe"

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

dRun: [dplaysvr] C:\Windows\system32\config\systemprofile\AppData\Local\dplaysvr.exe

StartupFolder: C:\Users\Eduardo\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\PACKET~1.LNK - C:\Program Files (x86)\PacketiX VPN Client English\vpncmgr.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: HideSCAHealth = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

DPF: {7CF3E7C4-6112-4D72-A0CD-D0AD7EEB5467} - hxxp://www.packetix.net/en/special/files/vpn2_5350_en/vpnweb.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab

TCP: DhcpNameServer = 209.18.47.61 209.18.47.62

TCP: Interfaces\{144ACE78-7A78-4D34-A5E0-F89778A31417} : DhcpNameServer = 209.18.47.61 209.18.47.62

TCP: Interfaces\{144ACE78-7A78-4D34-A5E0-F89778A31417}\94E46494E4944555D426037336 : DhcpNameServer = 192.168.1.254

TCP: Interfaces\{144ACE78-7A78-4D34-A5E0-F89778A31417}\94E46494E4944555D454731344 : DhcpNameServer = 192.168.1.254

Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\CoIEPlg.dll

{18DF081C-E8AD-4283-A596-FA578C2EBDC3}

BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}

{6D53EC84-6AAE-4787-AEEE-F4628F01010C}

{9030D464-4C02-4ABF-8ECC-5164760863C6}

{DBC80044-A445-435b-BC74-9C25C1C588A9}

{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}

mRun-x64: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe

mRun-x64: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe" -h -k

mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun-x64: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED

mRun-x64: [Camera Assistant Software] "C:\Program Files (x86)\Video Web Camera\traybar.exe"

mRun-x64: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"

mRun-x64: [RemoteControl8] "C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe"

mRun-x64: [PDVD8LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe"

mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

Hosts: 94.63.147.16 www.google.com

Hosts: 94.63.147.17 www.bing.com

.

============= SERVICES / DRIVERS ===============

.

R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\NISx64\1008030.006\SYMEFA64.SYS --> C:\Windows\system32\drivers\NISx64\1008030.006\SYMEFA64.SYS [?]

R1 BHDrvx64;Symantec Heuristics Driver;C:\Windows\system32\Drivers\NISx64\1008030.006\BHDrvx64.sys --> C:\Windows\system32\Drivers\NISx64\1008030.006\BHDrvx64.sys [?]

R1 ccHP;Symantec Hash Provider;C:\Windows\system32\Drivers\NISx64\1008030.006\ccHPx64.sys --> C:\Windows\system32\Drivers\NISx64\1008030.006\ccHPx64.sys [?]

R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20120124.005\IDSviA64.sys [2012-1-24 488568]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 ePowerSvc;Acer ePower Service;C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe [2009-9-2 844320]

R2 Greg_Service;GRegService;C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe [2009-8-28 1150496]

R2 HsfXAudioService;HsfXAudioService;C:\Windows\system32\svchost.exe -k HsfXAudioService [2009-7-13 20992]

R2 Norton Internet Security;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe [2011-11-27 117648]

R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe [2009-8-20 62720]

R2 Updater Service;Updater Service;C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe [2009-9-2 240160]

R2 vpnclient;PacketiX VPN Client;C:\Program Files (x86)\PacketiX VPN Client English\vpnclient.exe [2008-5-15 2478080]

R3 CAXHWAZL;CAXHWAZL;C:\Windows\system32\DRIVERS\CAXHWAZL.sys --> C:\Windows\system32\DRIVERS\CAXHWAZL.sys [?]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-11-26 138360]

R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;C:\Windows\system32\drivers\IntcHdmi.sys --> C:\Windows\system32\drivers\IntcHdmi.sys [?]

R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?]

R3 Neo_VPN;VPN Client Device Driver - VPN;C:\Windows\system32\DRIVERS\Neo_0028.sys --> C:\Windows\system32\DRIVERS\Neo_0028.sys [?]

R3 NETw5s64;Controlador del adaptador Intel® Wireless WiFi Link para Windows 7 de 64 bits;C:\Windows\system32\DRIVERS\NETw5s64.sys --> C:\Windows\system32\DRIVERS\NETw5s64.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]

S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]

S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]

S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]

S3 SYMNDISV;Symantec Network Filter Driver;C:\Windows\system32\Drivers\NISx64\1008030.006\SYMNDISV.SYS --> C:\Windows\system32\Drivers\NISx64\1008030.006\SYMNDISV.SYS [?]

S3 tapoas;TAP-Win32 Adapter OAS;C:\Windows\system32\DRIVERS\tapoas.sys --> C:\Windows\system32\DRIVERS\tapoas.sys [?]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]

S3 WatAdminSvc;Servicio de tecnologías de activación de Windows;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

.

=============== Created Last 30 ================

.

2012-01-30 21:54:50 -------- d-----w- C:\TDSSKiller_Quarantine

2012-01-30 20:14:19 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{115696FF-AE94-4B5F-AC6E-92BB1EE84497}\offreg.dll

2012-01-30 20:00:30 6656 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\80B5.tmp

2012-01-30 20:00:30 6656 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\80B4.tmp

2012-01-27 05:48:03 8602168 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll

2012-01-27 05:47:55 8602168 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{115696FF-AE94-4B5F-AC6E-92BB1EE84497}\mpengine.dll

2012-01-26 04:58:25 279096 ------w- C:\Windows\System32\MpSigStub.exe

2012-01-20 09:12:06 -------- d-----w- C:\Program Files (x86)\LP

2012-01-20 09:08:04 -------- d-----w- C:\Users\Eduardo\AppData\Roaming\D308A

2012-01-20 09:07:53 -------- d-----w- C:\Users\Eduardo\AppData\Roaming\3ACD3

2012-01-20 06:26:43 -------- d-----w- C:\Users\Eduardo\AppData\Roaming\SharePod

2012-01-18 21:14:02 -------- d-----w- C:\Program Files (x86)\VPNReactor

2012-01-16 21:05:13 -------- d-----w- C:\Users\Eduardo\AppData\Roaming\Malwarebytes

2012-01-16 21:05:07 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-01-16 21:05:07 -------- d-----w- C:\ProgramData\Malwarebytes

2012-01-16 21:05:07 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-01-16 20:19:56 81920 ----a-w- C:\Windows\SysWow64\vpncmd.exe

2012-01-16 20:19:41 -------- d-----w- C:\Program Files (x86)\PacketiX VPN Client English

2012-01-16 08:05:59 -------- d-----w- C:\Program Files (x86)\Panda Security

2012-01-14 08:01:08 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2012-01-11 03:29:12 1328640 ----a-w- C:\Windows\SysWow64\quartz.dll

2012-01-11 03:29:11 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll

2012-01-11 03:29:11 366592 ----a-w- C:\Windows\System32\qdvd.dll

2012-01-11 03:29:11 1572864 ----a-w- C:\Windows\System32\quartz.dll

2012-01-11 03:29:05 1739160 ----a-w- C:\Windows\System32\ntdll.dll

2012-01-11 03:29:05 1292592 ----a-w- C:\Windows\SysWow64\ntdll.dll

2012-01-11 03:29:03 77312 ----a-w- C:\Windows\System32\packager.dll

2012-01-11 03:29:03 67072 ----a-w- C:\Windows\SysWow64\packager.dll

2012-01-07 08:58:44 -------- d-----w- C:\Program Files (x86)\Microsoft

2012-01-07 08:56:53 83899240 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\wlc4FF7.tmp

2012-01-07 07:01:32 -------- d-----w- C:\Users\Eduardo\Tracing

2012-01-02 23:17:17 -------- d-----w- C:\Users\Eduardo\AppData\Roaming\Windows Live Writer

2012-01-02 23:17:17 -------- d-----w- C:\Users\Eduardo\AppData\Local\Windows Live Writer

.

==================== Find3M ====================

.

2011-12-16 21:16:32 37888 ----a-w- C:\Windows\System32\drivers\taphss.sys

2011-12-09 00:08:59 29808 ----a-w- C:\Windows\System32\drivers\Neo_0028.sys

2011-12-09 00:08:44 97280 ----a-w- C:\Windows\System32\vpncmd.exe

2011-12-06 00:12:42 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2011-11-27 23:09:50 561800 ----a-w- C:\Windows\System32\drivers\NISx64\1008030.006\cchpx64.sys

2011-11-26 21:39:13 505128 ----a-w- C:\Windows\SysWow64\msvcp71.dll

2011-11-26 21:39:13 353576 ----a-w- C:\Windows\SysWow64\msvcr71.dll

2011-11-26 21:39:13 29480 ----a-w- C:\Windows\SysWow64\msxml3a.dll

2011-11-26 21:34:58 1066544 ----a-w- C:\Windows\SysWow64\MFC71.dll

2011-11-26 21:34:57 1053232 ----a-w- C:\Windows\SysWow64\MFC71u.dll

2011-11-26 21:22:43 172592 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS

2011-11-26 20:54:37 2560 ----a-w- C:\Windows\SysWow64\drivers\es-ES\qwavedrv.sys.mui

2011-11-26 20:54:33 31232 ----a-w- C:\Windows\SysWow64\drivers\es-ES\bfe.dll.mui

2011-11-26 20:54:33 16384 ----a-w- C:\Windows\SysWow64\drivers\es-ES\pacer.sys.mui

2011-11-26 20:54:25 2560 ----a-w- C:\Windows\SysWow64\drivers\es-ES\scfilter.sys.mui

2011-11-26 20:54:23 6144 ----a-w- C:\Windows\SysWow64\drivers\es-ES\ndiscap.sys.mui

2011-11-26 20:54:20 48640 ----a-w- C:\Windows\SysWow64\drivers\es-ES\tcpip.sys.mui

2011-11-26 12:11:49 6 ----a-w- C:\Windows\System32\PLD_Framework.cmd

2011-11-24 05:00:47 3141632 ----a-w- C:\Windows\System32\win32k.sys

2011-11-05 05:26:29 1197568 ----a-w- C:\Windows\System32\wininet.dll

2011-11-05 05:23:10 57856 ----a-w- C:\Windows\System32\licmgr10.dll

2011-11-05 05:17:42 2048 ----a-w- C:\Windows\System32\tzres.dll

2011-11-05 04:35:50 981504 ----a-w- C:\Windows\SysWow64\wininet.dll

2011-11-05 04:34:15 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll

2011-11-05 04:30:11 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

2011-11-05 04:07:32 482816 ----a-w- C:\Windows\System32\html.iec

2011-11-05 03:28:41 386048 ----a-w- C:\Windows\SysWow64\html.iec

2011-11-05 03:25:44 1638912 ----a-w- C:\Windows\System32\mshtml.tlb

2011-11-05 02:55:38 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb

.

============= FINISH: 14:47:50.53 ===============

[LDTate]

Logs will be closed if you haven't replied within 3 days

Please don't attach the scans / logs for these tools, use "copy/paste".

DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision.

Doing so could make your pc inoperatible and could require a full reinstall of your OS, losing all your programs and data.

Please run a new MBAM scan being sure to update before scanning.

Post the scan results

Also please describe how your computer behaves at the moment.

Please don't attach the scans / logs, use "copy/paste".

[LDTate]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!