infected by partner37 i don't know it im safe now

[XRAEDX]

hi ! i found that i was infected and i used malwarebytes ! i cleaned up my pc and there are no more messages from that virus but i cant acces to some web sites after all this ! and the message is from google chrome now :excl: ! I need help guys (example of web sites i can't access duelingnetwork.com) thanx a lot guys

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.7.2

Run by Raed at 21:09:11 on 2012-09-10

Microsoft Windows 7 Édition Intégrale 6.1.7600.0.1252.33.1036.18.3001.1419 [GMT 1:00]

.

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\WLANExt.exe

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\Windows\system32\conhost.exe

C:\Program Files\AVAST Software\Avast\afwServ.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\BlueStacks\HD-LogRotatorService.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Intel\WiFi\bin\EvtEng.exe

C:\Program Files\InternetEverywhere\InternetEverywhere_Service.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Acer\Acer Updater\UpdaterService.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\QUALCOMM\QDLService\QDLService.exe

C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

C:\Program Files\BlueSprig\JetBoost\JetBoostTray.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\BlueStacks\HD-Service.exe

C:\Program Files\BlueStacks\HD-Network.exe

C:\Windows\system32\conhost.exe

C:\Program Files\BlueStacks\HD-BlockDevice.exe

C:\Windows\system32\conhost.exe

C:\Program Files\BlueStacks\HD-FileSystem.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\System32\rundll32.exe

C:\Windows\system32\WUDFHost.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\PLFSetI.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Windows\system32\igfxsrvc.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\BlueStacks\HD-Agent.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\RocketDock\RocketDock.exe

C:\Program Files\Internet Download Manager\IDMan.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\uTorrent\uTorrent.exe

C:\Program Files\InternetEverywhere\InternetEverywhere_Launcher.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Little transparency.exe

C:\Users\Raed\AppData\Local\Facebook\Messenger\2.1.4631.0\FacebookMessenger.exe

C:\Program Files\Internet Download Manager\IEMonitor.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\InternetEverywhere\InternetEverywhere.exe

C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Users\Raed\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Raed\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Raed\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Raed\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Raed\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Raed\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Raed\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Raed\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Raed\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\ctfmon.exe

C:\Windows\system32\conhost.exe

.

============== Pseudo HJT Report ===============

.

uSearch Page =

uStart Page = hxxp://blekko.com/ws/?source=c3348dd4&toolbarid=blekkotb_031&u=70618A7B54D028310498AF504D18CFB3&tbp=homepage

uSearch Bar =

uDefault_Search_URL = hxxp://search.certified-toolbar.com?si=41516&tid=553&bs=true&q=

mDefault_Search_URL = hxxp://search.certified-toolbar.com?si=41516&tid=553&bs=true&q=

mStart Page = hxxp://search.rpidity.com

mSearch Page = hxxp://search.certified-toolbar.com?si=41516&tid=553&bs=true&q=

mSearch Bar = hxxp://search.certified-toolbar.com?si=41516&tid=553&bs=true&q=

uSearchURL,(Default) = hxxp://www.google.fr/keyword/%s

mSearchAssistant =

uURLSearchHooks: H - No File

BHO: IDM integration (IDMIEHlprObj Class): {0055c089-8582-441b-a0bf-17b458c2a3a8} - c:\program files\internet download manager\IDMIECC.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre7\bin\ssv.dll

BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll

TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll

TB: {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No File

TB: {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - No File

uRun: [bienvenue] c:\windows\system32\rundll32.exe c:\windows\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut

uRun: [skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun

uRun: [Facebook Update] "c:\users\raed\appdata\local\facebook\update\FacebookUpdate.exe" /c /nocrashserver

uRun: [RocketDock] "c:\program files\rocketdock\RocketDock.exe"

uRun: [iDMan] c:\program files\internet download manager\IDMan.exe /onboot

uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun

uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe" /MINIMIZED

uRun: [GoogleChromeAutoLaunch_8929B230222B27885D1E8FA28BE1D5C4] "c:\users\raed\appdata\local\google\chrome\application\chrome.exe" --no-startup-window

mRun: [iAStorIcon] c:\program files\intel\intel® rapid storage technology\iastoriconlaunch.exe "c:\program files\intel\intel® rapid storage technology\IAStorIcon.exe" 60

mRun: [PLFSetI] c:\windows\PLFSetI.exe

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui

mRun: [blueStacks Agent] c:\program files\bluestacks\HD-Agent.exe

StartupFolder: c:\users\raed\appdata\roaming\micros~1\windows\startm~1\programs\startup\facebook messenger.lnk - c:\users\raed\appdata\local\facebook\messenger\2.1.4631.0\FacebookMessenger.exe

StartupFolder: c:\programdata\microsoft\windows\start menu\programs\startup\launcher.lnk - c:\program files\interneteverywhere\InternetEverywhere_Launcher.exe

StartupFolder: c:\programdata\microsoft\windows\start menu\programs\startup\Little transparency.exe

StartupFolder: c:\programdata\microsoft\windows\start menu\programs\startup\rocketdock.lnk - c:\program files\rocketdock\RocketDock.exe

uPolicies-explorer: NoResolveTrack = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)

mPolicies-system: ConsentPromptBehaviorUser = 0 (0x0)

mPolicies-system: EnableLUA = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

mPolicies-system: PromptOnSecureDesktop = 0 (0x0)

IE: Free YouTube Download - c:\users\raed\appdata\roaming\dvdvideosoftiehelpers\freeytvdownloader.htm

IE: Free YouTube to MP3 Converter - c:\users\raed\appdata\roaming\dvdvideosoftiehelpers\freeyoutubetomp3converter.htm

IE: Télécharger avec IDM - c:\program files\internet download manager\IEExt.htm

IE: Télécharger tous les liens avec IDM - c:\program files\internet download manager\IEGetAll.htm

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

TCP: Interfaces\{2191474D-ACE6-4373-AB5D-C8C7BE2427CD} : NameServer = 8.26.56.26,156.154.70.22

TCP: Interfaces\{DFAFAC2D-253C-465E-A853-4C6792DADAC9} : NameServer = 8.26.56.26,156.154.70.22

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll

Notify: igfxcui - igfxdev.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\raed\appdata\roaming\mozilla\firefox\profiles\fjpcstwi.default\

FF - prefs.js: browser.search.selectedEngine - Blekko

FF - prefs.js: browser.startup.homepage - hxxp://blekko.com/ws/?source=c3348dd4&toolbarid=blekkotb_031&u=70618A7B54D028310498AF504D18CFB3&tbp=homepage

FF - prefs.js: keyword.URL - hxxp://blekko.com/ws/?source={SourceID}&tbp=url&toolbarid=blekkotb_031&u=USERGUID&q=

FF - prefs.js: keyword.URL - hxxp://www.google.com/search?btnI=I%27m+Feeling+Lucky&ie=UTF-8&oe=UTF-8&q=

FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll

FF - plugin: c:\program files\veetle\player\npvlc.dll

FF - plugin: c:\program files\veetle\plugins\npVeetle.dll

FF - plugin: c:\users\raed\appdata\local\facebook\messenger\2.1.4631.0\npFbDesktopPlugin.dll

FF - plugin: c:\users\raed\appdata\local\facebook\video\skype\npFacebookVideoCalling.dll

FF - plugin: c:\users\raed\appdata\local\google\update\1.3.21.115\npGoogleUpdate3.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_4_402_265.dll

FF - plugin: c:\windows\system32\npDeployJava1.dll

FF - plugin: c:\windows\system32\npmproxy.dll

.

---- FIREFOX POLICIES ----

FF - user.js: browser.startup.homepage - hxxp://allssearch.com/

============= SERVICES / DRIVERS ===============

.

R0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\drivers\aswNdis.sys [2012-9-1 12112]

R0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys [2012-9-1 202928]

R1 aswFW;avast! TDI Firewall driver;c:\windows\system32\drivers\aswFW.sys [2012-9-1 113776]

R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2012-9-1 18544]

R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-9-1 729752]

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-9-1 355632]

R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128]

R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-7-27 63960]

R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\intel\bluetoothhs\BTHSAmpPalService.exe [2012-3-1 509448]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-9-1 21256]

R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-9-1 58680]

R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-9-1 44808]

R2 avast! Firewall;avast! Firewall;c:\program files\avast software\avast\afwServ.exe [2012-9-1 133912]

R2 BstHdAndroidSvc;BlueStacks Android Service;c:\program files\bluestacks\HD-Service.exe [2012-8-29 397176]

R2 BstHdDrv;BlueStacks Hypervisor;c:\program files\bluestacks\HD-Hypervisor-x86.sys [2012-8-29 66424]

R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files\bluestacks\HD-LogRotatorService.exe [2012-8-29 384888]

R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service;c:\program files\intel\bluetoothhs\BTHSSecurityMgr.exe [2012-3-8 104208]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files\intel\intel® rapid storage technology\IAStorDataMgrSvc.exe [2012-6-7 13592]

R2 IDMWFP;IDMWFP;c:\windows\system32\drivers\idmwfp.sys [2012-8-24 97632]

R2 InternetEverywhere_Service;InternetEverywhere_Service;c:\program files\interneteverywhere\InternetEverywhere_Service.exe [2012-6-10 342984]

R2 Live Updater Service;Live Updater Service;c:\program files\acer\acer updater\UpdaterService.exe [2012-6-7 255376]

R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-9-10 399432]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-9-10 676936]

R2 QDLService;Qualcomm Gobi Download Service;c:\qualcomm\qdlservice\QDLService.exe [2009-2-23 345336]

R3 AMPPAL;Carte réseau virtuelle Intel® Centrino® Wireless Bluetooth® + High Speed;c:\windows\system32\drivers\AmpPal.sys [2012-3-1 141312]

R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\drivers\ew_jucdcacm.sys [2012-8-30 82816]

R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [2012-8-30 72576]

R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2010-3-15 127488]

R3 k57nd60x;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\k57nd60x.sys [2009-7-13 229888]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-9-10 22856]

R3 NETwNs32;___ Pilote de carte de la série Intel® Wireless WiFi Link 5000 pour Windows 7 32 bits ;c:\windows\system32\drivers\Netwsn00.sys [2012-3-12 10339840]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-14 14336]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]

S2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;c:\program files\intel\wifi\bin\ZeroConfigService.exe [2012-4-17 2326288]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-6-6 250568]

S3 AMPPALP;Protocole Intel® Centrino® Wireless Bluetooth® + High Speed;c:\windows\system32\drivers\AmpPal.sys [2012-3-1 141312]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]

S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys [2012-8-30 102784]

S3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\drivers\ew_usbenumfilter.sys [2012-8-30 11136]

S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [2012-8-30 116736]

S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-8-25 113120]

S3 MRV6X32U;Belkin N1 Wireless USB Network Adapter Driver for Windows Vista x86;c:\windows\system32\drivers\MRVW24B.sys [2010-12-20 310016]

S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\intel\wifi\bin\PanDhcpDns.exe [2012-4-17 241936]

S3 RTL8167;Pilote Realtek 8167 NT;c:\windows\system32\drivers\Rt86win7.sys [2009-6-10 139776]

S3 SiSGbeLH;Pilote SiS191/SiS190 Ethernet Device NDIS 6.0;c:\windows\system32\drivers\SiSGB6.sys [2009-6-10 48128]

S3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\wat\WatAdminSvc.exe [2012-6-7 1343400]

S3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files\iobit\game booster 3\driver\WinRing0.sys [2012-8-31 14416]

.

=============== Created Last 30 ================

.

2012-09-10 19:39:09 -------- d-----w- c:\users\raed\appdata\roaming\Malwarebytes

2012-09-10 19:38:55 -------- d-----w- c:\programdata\Malwarebytes

2012-09-10 19:38:49 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-09-10 19:38:49 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-09-09 23:03:00 339320 ----a-w- c:\windows\system32\HMIPCore.dll

2012-09-09 22:31:55 -------- d-----w- c:\programdata\blekko toolbars

2012-09-09 22:31:39 -------- d-----w- c:\users\raed\appdata\local\blekkotb_031

2012-09-07 15:02:28 -------- d-----w- c:\users\raed\appdata\roaming\WebPlayerBdd

2012-09-06 22:37:42 -------- d-----w- c:\users\raed\appdata\local\{166016FE-375A-499A-B4EB-2C44B634AE39}

2012-09-06 18:57:42 -------- d-----w- c:\program files\rpidity

2012-09-06 08:53:12 -------- d-----w- c:\program files\GeoGebra

2012-09-05 15:27:33 -------- d-----w- c:\program files\BlueStacks

2012-09-03 05:44:02 -------- d-----w- c:\users\raed\appdata\local\Diagnostics

2012-09-01 20:09:39 -------- d-----w- c:\programdata\BlueStacks

2012-09-01 18:52:20 -------- d-----w- c:\users\raed\appdata\local\{6B458227-EED7-4F19-A3DC-3B402BDE988B}

2012-09-01 06:22:12 113776 ----a-w- c:\windows\system32\drivers\aswFW.sys

2012-09-01 06:21:48 202928 ----a-w- c:\windows\system32\drivers\aswNdis2.sys

2012-09-01 06:21:47 18544 ----a-w- c:\windows\system32\drivers\aswKbd.sys

2012-09-01 06:20:55 12112 ----a-w- c:\windows\system32\drivers\aswNdis.sys

2012-09-01 06:09:16 -------- d--h--w- c:\programdata\Common Files

2012-09-01 06:02:27 -------- d-----w- c:\users\raed\appdata\roaming\TuneUp Software

2012-09-01 06:01:39 -------- d-----w- c:\programdata\TuneUp Software

2012-09-01 06:01:28 -------- d-sh--w- c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936}

2012-09-01 05:54:32 44784 ----a-w- c:\windows\system32\drivers\aswRdr2.sys

2012-09-01 05:54:31 729752 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2012-09-01 05:54:30 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2012-09-01 05:53:55 41224 ----a-w- c:\windows\avastSS.scr

2012-09-01 05:33:50 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2012-08-31 08:23:36 -------- d-----w- c:\programdata\CPA_VA

2012-08-31 08:19:42 1700352 ----a-w- c:\windows\system32\gdiplus.dll

2012-08-31 08:19:42 1060864 ----a-w- c:\windows\system32\mfc71.dll

2012-08-31 07:51:11 85504 ----a-w- c:\windows\system32\ff_vfw.dll

2012-08-31 07:51:07 -------- d-----w- c:\program files\ffdshow

2012-08-31 07:50:13 -------- d-----w- c:\program files\BlueSprig

2012-08-31 01:58:06 -------- d-----w- c:\program files\AVAST Software

2012-08-30 13:07:48 -------- d-----w- c:\programdata\Avira

2012-08-30 10:19:49 -------- d-----w- c:\program files\GameGain

2012-08-30 09:20:36 860928 ----a-w- c:\windows\system32\drivers\mod7700.sys

2012-08-30 09:20:36 51456 ----a-w- c:\windows\system32\drivers\ew_jucdcecm.sys

2012-08-30 09:20:36 26496 ----a-w- c:\windows\system32\drivers\ew_juextctrl.sys

2012-08-30 09:20:36 11136 ----a-w- c:\windows\system32\drivers\ew_usbenumfilter.sys

2012-08-30 09:20:35 82816 ----a-w- c:\windows\system32\drivers\ew_jucdcacm.sys

2012-08-30 09:20:35 72576 ----a-w- c:\windows\system32\drivers\ew_jubusenum.sys

2012-08-30 09:20:35 116736 ----a-w- c:\windows\system32\drivers\ewusbnet.sys

2012-08-30 09:20:35 106880 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys

2012-08-30 09:20:35 102784 ----a-w- c:\windows\system32\drivers\ew_hwusbdev.sys

2012-08-30 09:20:34 23424 ----a-w- c:\windows\system32\drivers\ewdcsc.sys

2012-08-30 08:32:00 -------- d-----w- c:\programdata\Electronic Arts

2012-08-30 08:32:00 -------- d-----w- c:\programdata\EA Core

2012-08-30 08:16:05 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll

2012-08-30 08:16:01 5501792 ----a-w- c:\windows\system32\d3dcsx_42.dll

2012-08-30 08:16:00 453456 ----a-w- c:\windows\system32\d3dx10_42.dll

2012-08-30 08:16:00 235344 ----a-w- c:\windows\system32\d3dx11_42.dll

2012-08-30 08:15:58 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll

2012-08-30 08:15:57 81768 ----a-w- c:\windows\system32\xinput1_3.dll

2012-08-30 06:01:09 7022536 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{077d4022-2c66-4455-a444-f3e77145bbab}\mpengine.dll

2012-08-30 05:44:48 -------- d-----w- c:\users\raed\appdata\roaming\Kaiba Corporation

2012-08-30 04:21:39 -------- d-----w- c:\users\raed\appdata\local\VirtualStore

2012-08-30 00:05:05 -------- d-----w- c:\programdata\Graboid Inc

2012-08-30 00:05:03 -------- d-----w- c:\users\raed\appdata\local\Geckofx

2012-08-30 00:00:32 -------- d-----w- c:\program files\Graboid

2012-08-29 18:28:29 -------- d-----w- c:\users\raed\appdata\local\{9E0413C5-75DF-4A4A-8A61-4E40D1CE9042}

2012-08-29 07:30:08 393216 ----a-w- c:\windows\system32\drivers\bthport.sys

2012-08-29 06:21:03 400896 ----a-w- c:\windows\system32\srcore.dll

2012-08-29 06:20:57 492032 ----a-w- c:\windows\system32\win32spl.dll

2012-08-29 06:20:57 316928 ----a-w- c:\windows\system32\spoolsv.exe

2012-08-29 06:14:16 -------- d-----w- c:\users\raed\appdata\local\{D8DF1C10-47A1-4062-80EF-1552A446DA61}

2012-08-29 05:27:11 -------- d-----w- c:\users\raed\appdata\roaming\ZalmanInstaller_otshot

2012-08-29 02:31:02 -------- d-----w- c:\users\raed\appdata\roaming\BrowserCompanion

2012-08-28 16:21:10 -------- d-----w- c:\users\raed\appdata\local\{5789050A-685A-4B03-BF6D-F10C99F0FDEE}

2012-08-28 16:20:52 -------- d-----w- c:\users\raed\Tracing

2012-08-28 13:23:27 -------- d-----w- c:\users\raed\Yu Gi Oh

2012-08-28 03:22:22 -------- d-----w- c:\users\raed\appdata\local\{F57CC54F-217E-470C-AF1B-37FF8975319D}

2012-08-28 00:29:42 -------- d-----w- c:\programdata\Dim@net

2012-08-28 00:27:25 -------- d-----w- c:\programdata\DatacardService

2012-08-27 15:22:06 -------- d-----w- c:\users\raed\appdata\local\{FC84C872-B6F8-4BB2-AB53-B7A9F8C51942}

2012-08-27 10:58:09 -------- d-----w- c:\users\raed\appdata\local\{0C6DB8D6-7505-4EFF-A752-B16ADB5CAA4B}

2012-08-27 10:44:31 -------- d-----w- c:\users\raed\appdata\local\FLT

2012-08-27 10:44:31 -------- d-----w- c:\users\raed\appdata\local\2012

2012-08-27 10:28:58 -------- d-----w- c:\program files\Black_Box

2012-08-27 01:22:41 -------- d-----w- c:\program files\smartdl

2012-08-27 01:00:24 -------- d-----w- c:\programdata\Tarma Installer

2012-08-27 00:20:10 -------- d-----w- c:\program files\uTorrent

2012-08-27 00:16:36 -------- d-----w- c:\users\raed\appdata\roaming\uTorrent

2012-08-27 00:10:30 -------- d-----w- c:\programdata\InstallMate

2012-08-26 10:36:44 -------- d-----w- c:\users\raed\appdata\local\{D0DCF1A7-F85C-40AB-9C08-BC98C075DDC2}

2012-08-26 06:01:55 -------- d-----w- c:\users\raed\appdata\local\{80A1D1FB-0FE1-41F9-859A-3EE9F43C8A2B}

2012-08-26 05:58:58 -------- d-----w- c:\users\raed\appdata\local\Macromedia

2012-08-26 05:54:45 -------- d-----w- c:\users\raed\appdata\roaming\IDM

2012-08-26 05:54:45 -------- d-----w- c:\users\raed\appdata\roaming\DMCache

2012-08-26 05:54:37 -------- d-----w- c:\program files\Internet Download Manager

2012-08-25 17:04:31 -------- d-----w- c:\users\raed\appdata\local\{1DB42BB5-D957-4604-8DB5-FE519212EAAC}

2012-08-25 04:14:48 -------- d-----w- c:\users\raed\appdata\local\{DB4A5F8A-5343-47E3-9E83-9F094C14AD6F}

2012-08-24 09:04:00 97632 ----a-w- c:\windows\system32\drivers\idmwfp.sys

2012-08-23 06:07:31 -------- d-----w- c:\users\raed\appdata\local\{82ACAF6C-BEEF-4097-BD2D-8DE7BBC8C687}

2012-08-23 04:13:49 -------- d-----w- c:\programdata\BlueStacksSetup

2012-08-22 20:22:00 209269 ----a-w- C:\torrent.exe

2012-08-21 01:06:53 -------- d-----w- c:\users\raed\appdata\local\MotionDSP

2012-08-21 00:32:29 -------- d-----w- c:\users\raed\appdata\roaming\MotionDSP

2012-08-20 18:06:26 -------- d-----w- c:\users\raed\appdata\local\{B4EF6D24-E5B5-475D-B3CE-5FAD8F655BFE}

2012-08-19 10:33:13 -------- d-----w- c:\users\raed\appdata\local\{9F8CF4DA-EF3E-497A-8942-4B6192FB348E}

2012-08-18 20:26:44 -------- d-----w- c:\users\raed\appdata\local\{C8B7D256-C28F-4FFA-A2FF-30B60BEA4D6E}

2012-08-18 12:17:52 -------- d-----w- c:\users\raed\appdata\local\{CE44936E-A8B5-4B53-8D71-CE3A404B5E17}

2012-08-18 04:48:24 -------- d-----w- c:\programdata\IObit

2012-08-18 04:48:24 -------- d-----w- c:\program files\IObit

2012-08-18 04:24:58 -------- d-----w- c:\users\raed\appdata\local\APN

2012-08-18 04:24:27 -------- d-----w- c:\users\raed\appdata\roaming\WebcamMax

2012-08-18 00:17:34 -------- d-----w- c:\users\raed\appdata\local\{2EB73A5B-0F13-47FB-A880-EC6DDD49ABE0}

2012-08-17 04:19:44 -------- d-----w- c:\programdata\BlueSprig

2012-08-17 00:17:34 -------- d-----w- c:\users\raed\appdata\local\{8D399180-97E6-4337-8A3B-BBFCF4D83522}

2012-08-16 00:17:33 -------- d-----w- c:\users\raed\appdata\local\{8159BBF3-50E4-4FD2-A35B-CA07E2C20226}

2012-08-15 10:08:41 -------- d-----w- c:\users\raed\appdata\local\{F64D43DB-FB35-4CFB-AB86-71F5C0057AF6}

2012-08-15 10:06:33 -------- d-----w- c:\users\raed\appdata\local\{93326598-DE37-4FFA-8FB0-CF59EF7958CB}

2012-08-15 02:01:03 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2012-08-15 02:01:02 194560 ----a-w- c:\program files\internet explorer\ieproxy.dll

2012-08-15 02:01:02 140920 ----a-w- c:\program files\internet explorer\sqmapi.dll

2012-08-15 02:01:01 194048 ----a-w- c:\program files\internet explorer\IEShims.dll

2012-08-14 20:58:58 2344448 ----a-w- c:\windows\system32\win32k.sys

2012-08-14 20:58:56 41472 ----a-w- c:\windows\system32\browcli.dll

2012-08-14 20:58:56 102912 ----a-w- c:\windows\system32\browser.dll

2012-08-14 20:58:54 768512 ----a-w- c:\windows\system32\localspl.dll

2012-08-14 18:15:56 -------- d-----w- c:\users\raed\appdata\local\{73F3C748-9800-4354-98B4-277FD1E39A38}

2012-08-14 15:04:46 -------- d-----w- c:\users\raed\appdata\local\{E63069BF-5A00-435A-82A0-1D35671C8023}

2012-08-14 03:04:28 -------- d-----w- c:\users\raed\appdata\local\{5F2AC2FE-FBB4-4073-A828-B9A5279A49A6}

2012-08-13 15:04:20 -------- d-----w- c:\users\raed\appdata\local\{00143A93-474E-4FB6-AAC6-72351ACC95A2}

2012-08-13 14:36:03 -------- d-----w- c:\users\raed\appdata\roaming\bsnes

2012-08-13 03:03:57 -------- d-----w- c:\users\raed\appdata\local\{8054836F-395B-4B52-B9BE-E19E48324DC7}

2012-08-13 03:02:13 -------- d-----w- c:\users\raed\appdata\local\{A9CD9D83-8D16-43EF-B4ED-B4C27ABE4727}

2012-08-12 12:32:20 -------- d-----w- c:\users\raed\appdata\local\{24F94C26-5FC8-405B-8D02-004EB353E58D}

2012-08-12 00:32:08 -------- d-----w- c:\users\raed\appdata\local\{0DE3351A-5F59-4168-9432-F8A3EA907D0D}

.

==================== Find3M ====================

.

2012-09-09 22:35:01 73416 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-09-09 22:35:01 696520 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-09-01 05:33:39 821736 ----a-w- c:\windows\system32\npDeployJava1.dll

2012-09-01 05:33:39 746984 ----a-w- c:\windows\system32\deployJava1.dll

2012-08-24 14:58:36 405152 ----a-w- c:\windows\system32\Newtonsoft.Json.Net20.dll

2012-07-17 21:43:07 1119658 ----a-w- C:\cvjÙe~–iÔ.exe

2012-07-17 21:40:16 1119658 ----a-w- C:\´Î‰¡˜cÊx.exe

2012-06-29 00:16:58 1800704 ----a-w- c:\windows\system32\jscript9.dll

2012-06-29 00:09:01 1129472 ----a-w- c:\windows\system32\wininet.dll

2012-06-29 00:08:59 1427968 ----a-w- c:\windows\system32\inetcpl.cpl

2012-06-29 00:04:43 142848 ----a-w- c:\windows\system32\ieUnatt.exe

2012-06-14 15:05:26 200704 ----a-w- c:\windows\PLFSetI.exe

.

============= FINISH: 21:10:25,30 ===============

Attach.txt

DDS.txt

[LDTate]

Logs will be closed if you haven't replied within 3 days

Please do not attach the scan results from Combofx. Use copy/paste.

Vista and Windows 7 users:

1. These tools MUST be run from the executable. (.exe) every time you run them

2. With Admin Rights (Right click, choose "Run as Administrator")

Download ComboFix from this link

Link 1

* IMPORTANT !!! Save ComboFix.exe to your Desktop

• Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Note: If you are having difficulty properly disabling your protective programs, or are unsure as to what programs need to be disabled, please refer to the information available through this link : Protective Programs
  
• Double click on ComboFix.exe & follow the prompts.
  Notes: Combofix will run without the Recovery Console installed. Skip the Recovery Console part if you're running Vista or Windows 7.
  Note: If you have XP SP3, use the XP SP2 package.
  If Vista or Windows 7, skip the Recovery Console part
  
• As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  
• Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
  

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt using Copy / Paste in your next reply.

Notes:

1.Do not mouse-click Combofix's window while it is running. That may cause it to stall.

2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.

3. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.

4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

Give it atleast 20-30 minutes to finish if needed.

Please do not attach the scan results from Combofx. Use copy/paste.

Also please describe how your computer behaves at the moment.

[LDTate]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!