I can't get rid of DC3_FEXEC

[Zavatar]

Hi everyone.

I've recently noticed that I can't use accents on my keyboard anymore, whenever I press the key for one, two apper - ´´ - like that. Anyway, I decided to check things out, and Malwarebytes found and deleted two infections, one of which was in the registry, named DC3_FEXEC. The problem is, whenever I reboot my computer, it shows up again. Could anyone help? Thanks in advance

DDS

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 8.0.7601.17514

Run by Jorge at 22:56:57 on 2012-03-13

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.351.1033.18.6075.4191 [GMT 0:00]

.

AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}

SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\windows\system32\wininit.exe

C:\windows\system32\lsm.exe

C:\windows\system32\svchost.exe -k DcomLaunch

C:\windows\system32\nvvsvc.exe

C:\windows\system32\svchost.exe -k RPCSS

c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\windows\system32\svchost.exe -k netsvcs

C:\windows\system32\svchost.exe -k LocalService

C:\windows\system32\svchost.exe -k NetworkService

C:\windows\system32\WLANExt.exe

C:\windows\system32\conhost.exe

C:\windows\System32\spoolsv.exe

C:\windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\windows\system32\nvvsvc.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\windows\System32\svchost.exe -k HPZ12

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

C:\windows\System32\svchost.exe -k HPZ12

C:\windows\system32\svchost.exe -k imgsvc

C:\windows\system32\taskhost.exe

C:\windows\system32\ThpSrv.exe

C:\windows\Explorer.EXE

C:\windows\system32\Dwm.exe

C:\windows\system32\taskeng.exe

C:\Program Files\Core Temp\Core Temp.exe

C:\windows\system32\TODDSrv.exe

C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe

C:\Program Files\TOSHIBA\TECO\TecoService.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Rainmeter\Rainmeter.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe

C:\Windows\Temp\AdobeUpdate.exe

C:\windows\system32\wbem\wmiprvse.exe

C:\windows\system32\svchost.exe -k HPService

C:\windows\SysWOW64\svchost.exe -k hpdevmgmt

c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe

C:\windows\system32\SearchIndexer.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe

C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe

C:\windows\System32\svchost.exe -k LocalServicePeerNet

C:\windows\system32\DllHost.exe

C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe

C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Users\Jorge\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Jorge\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Jorge\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Jorge\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Jorge\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Jorge\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Jorge\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Jorge\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Jorge\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\7.8.3.0_0\plugin\ClickClean.exe

C:\Users\Jorge\AppData\Local\Google\Chrome\Application\chrome.exe

C:\windows\system32\msiexec.exe

C:\windows\system32\taskhost.exe

C:\windows\SysWOW64\rundll32.exe

C:\Users\Jorge\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Jorge\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Jorge\AppData\Local\Google\Chrome\Application\chrome.exe

C:\windows\system32\SearchProtocolHost.exe

C:\windows\system32\SearchFilterHost.exe

C:\windows\SysWOW64\cmd.exe

C:\windows\system32\conhost.exe

C:\windows\SysWOW64\cscript.exe

.

============== Pseudo HJT Report ===============

.

uSearch Page = hxxp://www.google.com

uStart Page = hxxp://toshiba.msn.com

uDefault_Page_URL = hxxp://toshiba.msn.com

uSearch Bar = hxxp://www.google.com/ie

uDefault_Search_URL = hxxp://www.google.com/ie

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

mWinlogon: Userinit=userinit.exe,

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO: TOSHIBA Media Controller Plug-in: {f3c88694-effa-4d78-b409-54b7b2535b14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll

uRun: [Google Update] "C:\Users\Jorge\AppData\Local\Google\Update\GoogleUpdate.exe" /c

mRun: [sVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL

mRun: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP

mRun: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe

mRun: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun

mRun: [MobileBroadband] C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe /silent

dRun: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe

StartupFolder: C:\Users\Jorge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Java .exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\RAINME~1.LNK - C:\Program Files\Rainmeter\Rainmeter.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableLUA = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

mPolicies-system: PromptOnSecureDesktop = 0 (0x0)

IE: Add to Google Photos Screensa&ver - C:\windows\system32\GPhotos.scr/200

IE: E&xportar para o Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000

IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{0AC19D56-55ED-44BD-90B0-D86FAF7F4DC2} : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{0AC19D56-55ED-44BD-90B0-D86FAF7F4DC2}\56465727F616D6D27657563747 : DhcpNameServer = 10.1.7.250 10.1.7.251

TCP: Interfaces\{224203EB-8B87-4679-8276-C849DB047521} : DhcpNameServer = 212.18.160.133 212.18.160.134

TCP: Interfaces\{26FF2D08-DE9D-453D-A0D9-42E3D9C4947B} : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{A0D90836-1141-4B3C-963A-2139124544F2} : DhcpNameServer = 212.18.160.133 212.18.160.134

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL

BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO-X64: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL

BHO-X64: URLRedirectionBHO - No File

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO-X64: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll

mRun-x64: [sVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL

mRun-x64: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP

mRun-x64: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe

mRun-x64: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun

mRun-x64: [MobileBroadband] C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe /silent

IE-X64: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Jorge\AppData\Roaming\Mozilla\Firefox\Profiles\8myoayvp.default\

FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL

FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll

FF - plugin: C:\Users\Jorge\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll

FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll

.

============= SERVICES / DRIVERS ===============

.

R0 Thpdrv;TOSHIBA HDD Protection Driver;C:\windows\system32\DRIVERS\thpdrv.sys --> C:\windows\system32\DRIVERS\thpdrv.sys [?]

R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;C:\windows\system32\DRIVERS\Thpevm.SYS --> C:\windows\system32\DRIVERS\Thpevm.SYS [?]

R1 MpFilter;Microsoft Malware Protection Driver;C:\windows\system32\DRIVERS\MpFilter.sys --> C:\windows\system32\DRIVERS\MpFilter.sys [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys --> C:\windows\system32\DRIVERS\vwififlt.sys [?]

R2 cfWiMAXService;ConfigFree WiMAX Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-1-28 249200]

R2 ConfigFree Service;ConfigFree Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-3-10 46448]

R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-8-24 1800808]

R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\Toshiba\TECO\TecoService.exe [2010-4-6 258928]

R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\system32\DRIVERS\TVALZFL.sys --> C:\windows\system32\DRIVERS\TVALZFL.sys [?]

R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-8-24 2320920]

R2 VmbService;Serviço Vodafone Mobile Broadband;C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe [2010-6-25 9216]

R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\windows\system32\DRIVERS\dtsoftbus01.sys --> C:\windows\system32\DRIVERS\dtsoftbus01.sys [?]

R3 enecir;ENE CIR Receiver;C:\windows\system32\DRIVERS\enecir.sys --> C:\windows\system32\DRIVERS\enecir.sys [?]

R3 enecirhid;ENE CIR HID Receiver;C:\windows\system32\DRIVERS\enecirhid.sys --> C:\windows\system32\DRIVERS\enecirhid.sys [?]

R3 enecirhidma;ENE CIR HIDmini Filter;C:\windows\system32\DRIVERS\enecirhidma.sys --> C:\windows\system32\DRIVERS\enecirhidma.sys [?]

R3 HECIx64;Intel® Management Engine Interface;C:\windows\system32\DRIVERS\HECIx64.sys --> C:\windows\system32\DRIVERS\HECIx64.sys [?]

R3 NisDrv;Microsoft Network Inspection System;C:\windows\system32\DRIVERS\NisDrvWFP.sys --> C:\windows\system32\DRIVERS\NisDrvWFP.sys [?]

R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\windows\system32\drivers\nvhda64v.sys --> C:\windows\system32\drivers\nvhda64v.sys [?]

R3 PGEffect;Pangu effect driver;C:\windows\system32\DRIVERS\pgeffect.sys --> C:\windows\system32\DRIVERS\pgeffect.sys [?]

R3 RTL8167;Realtek 8167 NT Driver;C:\windows\system32\DRIVERS\Rt64win7.sys --> C:\windows\system32\DRIVERS\Rt64win7.sys [?]

R3 vodafone_K3805-z_dc_enum;vodafone_K3805-z_dc_enum;C:\windows\system32\DRIVERS\vodafone_K3805-z_dc_enum.sys --> C:\windows\system32\DRIVERS\vodafone_K3805-z_dc_enum.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S3 acpials;ALS Sensor Filter;C:\windows\system32\DRIVERS\acpials.sys --> C:\windows\system32\DRIVERS\acpials.sys [?]

S3 JMCR;JMCR;C:\windows\system32\DRIVERS\jmcr.sys --> C:\windows\system32\DRIVERS\jmcr.sys [?]

S3 massfilter;MBB Mass Storage Filter Driver;C:\windows\system32\DRIVERS\massfilter.sys --> C:\windows\system32\DRIVERS\massfilter.sys [?]

S3 MpNWMon;Microsoft Malware Protection Network Driver;C:\windows\system32\DRIVERS\MpNWMon.sys --> C:\windows\system32\DRIVERS\MpNWMon.sys [?]

S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]

S3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2010-2-11 124368]

S3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-8-24 51512]

S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560]

S3 TPCHSrv;TPCH Service;C:\Program Files\Toshiba\TPHM\TPCHSrv.exe [2010-2-23 835952]

S3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys --> C:\windows\system32\drivers\tsusbflt.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe --> C:\windows\system32\Wat\WatAdminSvc.exe [?]

S3 ZTEusbnet;ZTE USB-NDIS miniport;C:\windows\system32\DRIVERS\ZTEusbnet.sys --> C:\windows\system32\DRIVERS\ZTEusbnet.sys [?]

S3 ZTEusbvoice;ZTE VoUSB Port;C:\windows\system32\DRIVERS\ZTEusbvoice.sys --> C:\windows\system32\DRIVERS\ZTEusbvoice.sys [?]

.

=============== Created Last 30 ================

.

2012-03-13 22:51:42 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7D135418-1B74-4C68-8EE6-53574B9BD3A4}\offreg.dll

2012-03-13 22:26:07 -------- d-----w- C:\HJT

2012-03-13 22:21:35 -------- d-----w- C:\sh4ldr

2012-03-13 22:21:35 -------- d-----w- C:\Program Files\Enigma Software Group

2012-03-13 22:20:59 -------- d-----w- C:\windows\5B210B8AB66E4702B44D0D6F388D29EB.TMP

2012-03-13 22:00:56 -------- d-----w- C:\Users\Jorge\AppData\Roaming\DYA_JITODISSHNHULOVMM

2012-03-13 22:00:56 -------- d-----w- C:\ProgramData\DYA_JITODISSHNHULOVMM

2012-03-13 18:56:58 8643640 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7D135418-1B74-4C68-8EE6-53574B9BD3A4}\mpengine.dll

2012-03-11 00:56:16 -------- d-----w- C:\NVIDIA

2012-03-10 16:20:31 -------- d-----w- C:\Program Files\CCleaner

2012-03-08 15:09:54 -------- d-----w- C:\Users\Jorge\AppData\Roaming\DYA_UDGIWSURCJSANRBGR

2012-03-08 15:09:54 -------- d-----w- C:\ProgramData\DYA_UDGIWSURCJSANRBGR

2012-03-06 14:49:22 -------- d-----w- C:\Users\Jorge\AppData\Roaming\DYA_RESGVQDWEMAJBMTWM

2012-03-06 14:49:22 -------- d-----w- C:\ProgramData\DYA_RESGVQDWEMAJBMTWM

2012-03-05 22:44:06 -------- d-----w- C:\Users\Jorge\AppData\Roaming\DYA_HMRCNDLPKVWTBQDDK

2012-03-05 22:44:06 -------- d-----w- C:\ProgramData\DYA_HMRCNDLPKVWTBQDDK

2012-03-04 21:15:42 -------- d-----w- C:\Users\Jorge\AppData\Roaming\DYA_WMONMGVBMFSIIDGVO

2012-03-04 21:15:42 -------- d-----w- C:\ProgramData\DYA_WMONMGVBMFSIIDGVO

2012-03-03 02:17:26 -------- d-----w- C:\Users\Jorge\AppData\Local\Chromium

2012-03-03 00:53:45 1560576 ----a-w- C:\Users\Jorge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Java .exe

2012-03-01 19:32:17 -------- d-----w- C:\Users\Jorge\AppData\Local\Apps

2012-03-01 19:22:08 -------- d-----w- C:\Users\Jorge\AppData\Local\Shareaza

2012-03-01 19:21:59 -------- d-----w- C:\Users\Jorge\AppData\Roaming\Shareaza

2012-03-01 13:33:37 -------- d-----w- C:\Users\Jorge\Porn

2012-03-01 01:37:14 -------- d-----w- C:\Users\Jorge\Torrents

2012-02-29 19:51:50 -------- d-----w- C:\ubuntu

2012-02-29 10:48:45 -------- d-----w- C:\Users\Jorge\AppData\Roaming\Stellarium

2012-02-29 10:48:33 -------- d-----w- C:\Program Files (x86)\Stellarium

2012-02-25 18:34:28 -------- d-----w- C:\Users\Jorge\AppData\Roaming\MathematicaPlayer

2012-02-25 18:34:28 -------- d-----w- C:\Users\Jorge\AppData\Local\MathematicaPlayer

2012-02-25 18:34:28 -------- d-----w- C:\ProgramData\MathematicaPlayer

2012-02-25 18:34:22 -------- d-----w- C:\Program Files\Common Files\Wolfram Research

2012-02-25 18:34:21 -------- d-----w- C:\ProgramData\Mathematica

2012-02-25 18:34:21 -------- d-----w- C:\Program Files (x86)\Common Files\Wolfram Research

2012-02-25 18:34:21 -------- d-----w- C:\Program Files (x86)\Common Files\ResearchSoft

2012-02-25 18:33:51 93712 ----a-w- C:\windows\SysWow64\mltcp32.mlp

2012-02-25 18:33:51 88080 ----a-w- C:\windows\SysWow64\mlshm32.mlp

2012-02-25 18:33:51 334352 ----a-w- C:\windows\SysWow64\mltcpip32.mlp

2012-02-25 18:33:50 79376 ----a-w- C:\windows\SysWow64\mlmap32.mlp

2012-02-25 18:33:50 370704 ----a-w- C:\windows\SysWow64\ml32i3.dll

2012-02-25 18:33:50 260112 ----a-w- C:\windows\SysWow64\ml32i2.dll

2012-02-25 18:33:50 253968 ----a-w- C:\windows\SysWow64\ml32i1.dll

2012-02-25 18:33:50 163344 ----a-w- C:\windows\SysWow64\mlmodule32.dll

2012-02-25 18:33:21 -------- d-----w- C:\Program Files (x86)\Wolfram Research

.

==================== Find3M ====================

.

2012-03-11 00:44:20 472808 ----a-w- C:\windows\SysWow64\deployJava1.dll

2012-02-18 01:23:52 414368 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-02-10 03:14:04 6074176 ----a-w- C:\windows\System32\nvcpl.dll

2012-02-10 03:14:01 3089728 ----a-w- C:\windows\System32\nvsvc64.dll

2012-02-10 03:07:03 2561856 ----a-w- C:\windows\System32\nvsvcr.dll

2012-02-10 03:07:00 889664 ----a-w- C:\windows\System32\nvvsvc.exe

2012-02-10 03:07:00 63296 ----a-w- C:\windows\System32\nvshext.dll

2012-02-10 03:07:00 118080 ----a-w- C:\windows\System32\nvmctray.dll

2012-01-31 12:44:20 279656 ------w- C:\windows\System32\MpSigStub.exe

2012-01-17 12:46:01 31040 ----a-w- C:\windows\System32\nvhdap64.dll

2012-01-17 12:45:56 188224 ----a-w- C:\windows\System32\drivers\nvhda64v.sys

2012-01-17 12:45:55 1451840 ----a-w- C:\windows\System32\nvhdagenco6420103.dll

2012-01-14 04:06:27 3145728 ----a-w- C:\windows\System32\win32k.sys

2012-01-04 10:44:20 509952 ----a-w- C:\windows\System32\ntshrui.dll

2012-01-04 08:58:41 442880 ----a-w- C:\windows\SysWow64\ntshrui.dll

2011-12-30 06:26:08 515584 ----a-w- C:\windows\System32\timedate.cpl

2011-12-30 05:27:56 478720 ----a-w- C:\windows\SysWow64\timedate.cpl

2011-12-28 03:59:24 498688 ----a-w- C:\windows\System32\drivers\afd.sys

2011-12-16 08:47:38 1188864 ----a-w- C:\windows\System32\wininet.dll

2011-12-16 08:46:06 634880 ----a-w- C:\windows\System32\msvcrt.dll

2011-12-16 07:54:22 981504 ----a-w- C:\windows\SysWow64\wininet.dll

2011-12-16 07:52:58 690688 ----a-w- C:\windows\SysWow64\msvcrt.dll

2011-12-16 06:44:38 1638912 ----a-w- C:\windows\System32\mshtml.tlb

2011-12-16 06:09:17 1638912 ----a-w- C:\windows\SysWow64\mshtml.tlb

2010-11-05 01:58:15 1169224 --sh--w- C:\windows\Temp\AdobeUpdate.exe

.

============= FINISH: 22:57:39,46 ===============

Attach

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 24-08-2011 11:58:21

System Uptime: 13-03-2012 22:37:19 (0 hours ago)

.

Motherboard: TOSHIBA | | NWQAA

Processor: Intel® Core i7 CPU Q 720 @ 1.60GHz | CPU | 1600/133mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 438 GiB total, 236,085 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP237: 11-03-2012 00:18:20 - Installed DirectX

RP238: 12-03-2012 20:26:23 - Windows Update

.

==== Installed Programs ======================

.

Adobe AIR

Adobe Flash Player 10 ActiveX

µTorrent

Borderlands

BufferChm

Compatibility Pack for the 2007 Office system

Copy

DAEMON Tools Lite

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

Destinations

DeviceDiscovery

DJ_AIO_06_F4500_SW_MIN

F4500

Foxit Reader 5.1

GnuCash 2.4.8

Google Chrome

GPBaseService2

HPPhotoGadget

HPProductAssistant

ImagXpress

Intel® Management Engine Components

Intel® Rapid Storage Technology

JMicron Flash Media Controller Driver

Junk Mail filter update

LastPass (uninstall only)

Malwarebytes Anti-Malware version 1.60.1.1000

Microsoft Choice Guard

Microsoft Games for Windows - LIVE Redistributable

Microsoft Games for Windows Marketplace

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (Portuguese (Portugal)) 2010

Microsoft Office Excel MUI (Portuguese (Portugal)) 2010

Microsoft Office OneNote MUI (Portuguese (Portugal)) 2010

Microsoft Office Outlook MUI (Portuguese (Portugal)) 2010

Microsoft Office PowerPoint MUI (Portuguese (Portugal)) 2010

Microsoft Office PowerPoint Viewer 2007 (English)

Microsoft Office Professional 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Portuguese (Portugal)) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (Portuguese (Portugal)) 2010

Microsoft Office Publisher MUI (Portuguese (Portugal)) 2010

Microsoft Office Shared MUI (Portuguese (Portugal)) 2010

Microsoft Office Single Image 2010

Microsoft Office Suite Activation Assistant

Microsoft Office Word MUI (Portuguese (Portugal)) 2010

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft Works

Microsoft XNA Framework Redistributable 3.1

Microsoft XNA Framework Redistributable 4.0

Mozilla Firefox 8.0 (x86 en-US)

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

neroxml

Notepad++

NVIDIA PhysX

NVIDIA Updatus

Picasa 3

Python 2.7.2

Q10 Editor

Racket v5.0.2

Rainmeter

Realtek Ethernet Controller Driver For Windows 7

Realtek High Definition Audio Driver

Revo Uninstaller 1.93

Scan

Section 8: Prejudice

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2416472)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition

Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition

Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)

Security Update for Microsoft Visio Viewer 2010 (KB2597170) 32-Bit Edition

Sid Meier's Civilization 4 Complete

SolutionCenter

Spybot - Search & Destroy

Status

Steam

Stellarium 0.11.1

Toolbox

Toshiba Assist

TOSHIBA Bulletin Board

TOSHIBA ConfigFree

TOSHIBA eco Utility

TOSHIBA Face Recognition

TOSHIBA Flash Cards Support Utility

TOSHIBA Hardware Setup

TOSHIBA HDD/SSD Alert

Toshiba Manuals

TOSHIBA Media Controller

TOSHIBA Media Controller Plug-in

TOSHIBA Online Product Information

TOSHIBA Recovery Media Creator Reminder

TOSHIBA ReelTime

TOSHIBA Remote Control Manager

TOSHIBA Service Station

TOSHIBA Sleep Utility

TOSHIBA Supervisor Password

Toshiba TEMPRO

TOSHIBA Value Added Package

TOSHIBA Web Camera Application

TrayApp

Ubuntu

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition

Update for Microsoft Office 2010 (KB2494150)

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition

Update for Microsoft Outlook Social Connector (KB2583935)

Utility Common Driver

VLC media player 1.1.11

Vodafone Mobile Broadband Lite

WebReg

Winamp

Winamp Detector Plug-in

WinDirStat 1.1.2

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Mail

Windows Live Messenger

Windows Live Movie Maker

Windows Live Photo Gallery

Windows Live Sync

Windows Live Upload Tool

Windows Live Writer

Wolfram CDF Player (M-WIN-D 8.0.4 2609533)

.

==== Event Viewer Messages From Past Week ========

.

13-03-2012 22:38:11, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

13-03-2012 22:38:00, Error: Service Control Manager [7034] - The HP CUE DeviceDiscovery Service service terminated unexpectedly. It has done this 1 time(s).

13-03-2012 22:20:41, Error: Service Control Manager [7034] - The hpqcxs08 service terminated unexpectedly. It has done this 1 time(s).

13-03-2012 22:07:24, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

13-03-2012 21:43:28, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

13-03-2012 21:11:11, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

13-03-2012 14:47:50, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

13-03-2012 13:00:44, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

12-03-2012 23:41:16, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

12-03-2012 17:22:07, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

12-03-2012 14:27:56, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

12-03-2012 11:52:19, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

12-03-2012 09:41:10, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

11-03-2012 15:32:52, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

11-03-2012 15:07:26, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

11-03-2012 01:42:14, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

11-03-2012 00:30:57, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

10-03-2012 21:50:54, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

10-03-2012 14:09:32, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

09-03-2012 14:54:36, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

08-03-2012 16:51:51, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

08-03-2012 13:27:02, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

07-03-2012 20:16:50, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

06-03-2012 20:42:15, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

.

==== End Of File ===========================

[daledoc1]

Hello and welcome to MBAM, Zavatar:

We cannot review scan logs or work on malware removal in this section of the forums, so please read below for assistance with cleaning your system.

IMPORTANT: Please do NOT use any temporary file cleaners unless instructed to do so - they can cause data loss, making it hard to recover your system.

There are some excellent, self-help tutorials on getting MBAM to run on an infected system in the FAQ: HERE.

IF YOU PREFER EXPERT ASSISTANCE WITH MALWARE REMOVAL, PLEASE CHOOSE ONE OF THE FOLLOWING 3 OPTIONS:

OPTION 1: Free, one-on-one, expert assistance in the Malware Removal Forum.

OPTION 2: For paid users of MBAM PRO, free, one-on-one, expert assistance from MBAM support.

OPTION 3: Fee-based, one-on-one, expert assistance from Premium Support.

OPTION 1:

• Please print out, read and carefully follow the instructions in the "I'm Infected - What Do I Do Now?" article.
  
• If the infection has so crippled the computer that you cannot complete some or all of the steps, then just do the best you can and start a new topic as described below.
  

• --->Then please start a new post in the Malware Removal Forum.
  
• When starting your new post, please note the following:
  
• Please do NOT post in a topic started by someone else, even if their problem sounds similar.
  
• Please COPY/PASTE the requested logs into your post, rather than attaching them.
  
• Under options, please be sure to select "track this topic" and "immediate email notification", so you'll know when a helper responds.
  

• An authorized, trained malware expert will provide free, one-on-one assistance as soon as one becomes available.
  

• Please be patient - it may be 48 hours or more before a helper can assist you, especially when the forum is very busy.
  
• Please do NOT "bump" your topic or reply back to it for at least 48 hours.
  
• Doing so may cause your topic to be overlooked, as it will appear that you are already being helped.
  

OPTION 2:

If you are a paid user of MBAM PRO and prefer expert assistance via email, please send an email to support@malwarebytes.org, or contact the help desk here.

OPTION 3:

If you would like to use the Malwarebytes Premium Services (comprehensive solutions to all your computer support needs – from installation and set-up to troubleshooting and tune-ups), please go to our Premium Support site here.

Please be patient – someone will assist you as soon as possible.

Thank you very much,

daledoc1

PS Please use the button or the message pane (instead of the “Quote” and “MultiQuote” buttons) when replying here & at the other forums. That will make your topic easier to follow.

[Zavatar]

I'm so sorry, I posted this in the wrong sub-forum. I meant to post it on the malware removal part, sorry.

[daledoc1]

No problem!

It can be a little overwhelming to navigate around here in such a busy place.

The experts over in the malware removal section will get you fixed up.

Thanks!

daledoc1