Possible virus?

[Asana]

Hey there, I installed kmplayer yesterday, but today when i opened almost every site on the internet, i had lot of advertisement all over the screen.

Since windows defender didn't find anything when I ran a scan, I downloaded malwarebytes (trial version - I got the pro one for now I guess) and it immediately started blocking access to sites, etc.

 

After running a quick and also a full scan, I got rid of the advertisement, but I still had popups, from malwarebytes, about blocking access to some ip's:

111.111.111.111

 

93.115.241.17

 

After searching a little bit, there was a thread saying that the first one was because of pandora service (installed along with kmplayer)

 

I got rid of that popup by uninstalling pandora.tv but I keep being popped up by the 2nd ip, even though I can't find any more virus.

 

I downloaded DDS and ran it. Can anyone help me?

 

Below are the results I got from running DDS:

Attach.txt :

 

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 8 Pro

Boot Device: \Device\HarddiskVolume1

Install Date: 28/06/2013 14:33:55

System Uptime: 30/07/2013 14:50:01 (3 hours ago)

.

Motherboard: Hewlett-Packard |  | 183E

Processor: Intel® Core i7-3612QM CPU @ 2.10GHz | U3E1 | 2101/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 445 GiB total, 384,428 GiB free.

D: is FIXED (NTFS) - 20 GiB total, 2,122 GiB free.

E: is FIXED (FAT32) - 0 GiB total, 0,08 GiB free.

F: is CDROM ()

I: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}

Description: USB Video Device

Device ID: USB\VID_04F2&PID_B2F4&MI_00\7&304CA500&0&0000

Manufacturer: Microsoft

Name: HP Webcam-50

PNP Device ID: USB\VID_04F2&PID_B2F4&MI_00\7&304CA500&0&0000

Service: usbvideo

.

==== System Restore Points ===================

.

RP4: 15/07/2013 13:09:21 - Windows Update

RP5: 24/07/2013 22:36:28 - Scheduled Checkpoint

.

==== Hosts File Hijack ======================

.

Hosts: 212.59.16.245 www.google-analytics.com.

Hosts: 212.59.16.245 connect.facebook.net.

Hosts: 212.59.16.245 platform.twitter.com.

Hosts: 93.115.241.27 www.google-analytics.com.

Hosts: 93.115.241.27 connect.facebook.net.

Hosts: 93.115.241.27 platform.twitter.com.

.

==== Installed Programs ======================

.

 Tools for .Net 3.5

AMD APP SDK Runtime

AMD Catalyst Install Manager

Catalyst Control Center

Catalyst Control Center - Branding

Catalyst Control Center Graphics Previews Common

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

Catalyst Control Center Profiles Mobile

ccc-utility64

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

DAEMON Tools Lite

Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition

Dotfuscator and Analytics Community Edition

Dropbox

Entity Framework Designer for Visual Studio 2012 - enu

Gibbo 2D

Google Chrome

Google Update Helper

HP 3D DriveGuard

HP CoolSense

HP Wireless Button Driver

IDT Audio

IIS 8.0 Express

IIS Express Application Compatibility Database for x64

IIS Express Application Compatibility Database for x86

Intel® Control Center

Intel® Display Audio Driver

Intel® Management Engine Components

Intel® Rapid Storage Technology

Intel® Trusted Connect Service Client

Kanguru

League of Legends

LocalESPC

LocalESPCui for en-us

Malwarebytes Anti-Malware version 1.75.0.1300

Microsoft .NET Framework 4 Multi-Targeting Pack

Microsoft .NET Framework 4.5 Multi-Targeting Pack

Microsoft .NET Framework 4.5 SDK

Microsoft Access MUI (English) 2013

Microsoft Access Setup Metadata MUI (English) 2013

Microsoft ASP.NET MVC 3

Microsoft ASP.NET MVC 3 - Visual Studio 2012 Tools Update

Microsoft ASP.NET MVC 4 - Visual Studio 2012 Tools

Microsoft ASP.NET MVC 4 Runtime

Microsoft ASP.NET Web Pages

Microsoft ASP.NET Web Pages - Visual Studio 2012 Tools

Microsoft ASP.NET Web Pages 2 - Visual Studio 2012 Tools

Microsoft ASP.NET Web Pages 2 Runtime

Microsoft DCF MUI (English) 2013

Microsoft Excel MUI (English) 2013

Microsoft Expression Blend 3 SDK

Microsoft Expression Blend 4

Microsoft Expression Blend SDK for .NET 4

Microsoft Expression Blend SDK for Silverlight 4

Microsoft Expression Encoder 4 Screen Capture Codec

Microsoft Expression Studio 4

Microsoft Groove MUI (English) 2013

Microsoft Help Viewer 2.0

Microsoft InfoPath MUI (English) 2013

Microsoft LightSwitch for Visual Studio 2012 Core

Microsoft LightSwitch for Visual Studio 2012 CoreRes - ENU

Microsoft Lync MUI (English) 2013

Microsoft NuGet - Visual Studio 2012

Microsoft Office 32-bit Components 2013

Microsoft Office OSM MUI (English) 2013

Microsoft Office OSM UX MUI (English) 2013

Microsoft Office Professional Plus 2013

Microsoft Office Proofing (English) 2013

Microsoft Office Proofing Tools 2013 - English

Microsoft Office Proofing Tools 2013 - Español

Microsoft Office Shared 32-bit MUI (English) 2013

Microsoft Office Shared MUI (English) 2013

Microsoft Office Shared Setup Metadata MUI (English) 2013

Microsoft OneNote MUI (English) 2013

Microsoft Outlook MUI (English) 2013

Microsoft Portable Library Multi-Targeting Pack

Microsoft Portable Library Multi-Targeting Pack Language Pack - enu

Microsoft PowerPoint MUI (English) 2013

Microsoft Publisher MUI (English) 2013

Microsoft Report Viewer Add-On for Visual Studio 2012

Microsoft Silverlight

Microsoft Silverlight 3 SDK

Microsoft Silverlight 4 SDK

Microsoft Silverlight 5 SDK

Microsoft SQL Server 2012 Command Line Utilities 

Microsoft SQL Server 2012 Data-Tier App Framework 

Microsoft SQL Server 2012 Express LocalDB 

Microsoft SQL Server 2012 Management Objects 

Microsoft SQL Server 2012 Management Objects  (x64)

Microsoft SQL Server 2012 Native Client 

Microsoft SQL Server 2012 T-SQL Language Service 

Microsoft SQL Server 2012 Transact-SQL Compiler Service 

Microsoft SQL Server 2012 Transact-SQL ScriptDom 

Microsoft SQL Server Compact 4.0 SP1 x64 ENU

Microsoft SQL Server Data Tools - enu (11.1.20627.00)

Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20627.00)

Microsoft SQL Server System CLR Types

Microsoft SQL Server System CLR Types (x64)

Microsoft System CLR Types for SQL Server 2012

Microsoft System CLR Types for SQL Server 2012 (x64)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

Microsoft Visual C++ 2012  x64 Designtime - 11.0.50727

Microsoft Visual C++ 2012 Compilers

Microsoft Visual C++ 2012 Compilers - ENU Resources

Microsoft Visual C++ 2012 Core Libraries

Microsoft Visual C++ 2012 Extended Libraries

Microsoft Visual C++ 2012 Microsoft Foundation Class Libraries

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727

Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.50727

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727

Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.50727

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727

Microsoft Visual Studio 2010 Office Developer Tools (x64)

Microsoft Visual Studio 2010 Tools for Office Runtime (x64)

Microsoft Visual Studio 2012 Devenv

Microsoft Visual Studio 2012 Devenv Resources

Microsoft Visual Studio 2012 Performance Collection Tools

Microsoft Visual Studio 2012 Performance Collection Tools - ENU

Microsoft Visual Studio 2012 Preparation

Microsoft Visual Studio 2012 SharePoint Developer Tools

Microsoft Visual Studio 2012 SharePoint Developer Tools ENU Language Pack

Microsoft Visual Studio 2012 Shell (Minimum)

Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies

Microsoft Visual Studio 2012 Shell (Minimum) Resources

Microsoft Visual Studio 2012 Tools for SQL Server Compact 4.0 SP1 ENU

Microsoft Visual Studio Professional 2012

Microsoft Visual Studio Professional 2012 - ENU

Microsoft Visual Studio Team Foundation Server 2012 Object Model

Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENU

Microsoft Visual Studio Team Foundation Server 2012 Team Explorer

Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - ENU

Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core

Microsoft Visual Studio Ultimate 2012 XAML UI Designer enu Resources

Microsoft Web Deploy 3.0

Microsoft Web Deploy dbSqlPackage Provider - enu

Microsoft Web Developer Tools - Visual Studio 2012

Microsoft Web Platform Installer 4.0

Microsoft Word MUI (English) 2013

MonoGame

OpenAL

Outils de vérification linguistique 2013 de Microsoft Office - Français

PreEmptive Analytics Visual Studio Components

Prerequisites for SSDT 

PX Profile Update

Ralink RT5390R 802.11b/g/n Wi-Fi Adapter

Realtek Ethernet Controller Driver

Realtek PCIE Card Reader

Security Update for Microsoft Lync 2013 (KB2817465) 64-Bit Edition

Security Update for Microsoft Office 2013 (KB2817491) 64-Bit Edition

SoftPaq

Synaptics Pointing Device Driver

TeamSpeak 3 Client

TeamViewer 8

The KMPlayer (remove only)

Update for  (KB2504637)

Update for Microsoft Access 2013 (KB2760350) 64-Bit Edition

Update for Microsoft Excel 2013 (KB2760339) 64-Bit Edition

Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition

Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition

Update for Microsoft Office 2013 (KB2737954) 64-Bit Edition

Update for Microsoft Office 2013 (KB2752025) 64-Bit Edition

Update for Microsoft Office 2013 (KB2752094) 64-Bit Edition

Update for Microsoft Office 2013 (KB2752101) 64-Bit Edition

Update for Microsoft Office 2013 (KB2760224) 64-Bit Edition

Update for Microsoft Office 2013 (KB2760538) 64-Bit Edition

Update for Microsoft Office 2013 (KB2760610) 64-Bit Edition

Update for Microsoft Office 2013 (KB2767845) 64-Bit Edition

Update for Microsoft Office 2013 (KB2767851) 64-Bit Edition

Update for Microsoft Office 2013 (KB2767860) 64-Bit Edition

Update for Microsoft Office 2013 (KB2768016) 64-Bit Edition

Update for Microsoft Office 2013 (KB2810010) 64-Bit Edition

Update for Microsoft Office 2013 (KB2817320) 64-Bit Edition

Update for Microsoft Office 2013 (KB2817482) 64-Bit Edition

Update for Microsoft Office 2013 (KB2817489) 64-Bit Edition

Update for Microsoft Office 2013 (KB2817492) 64-Bit Edition

Update for Microsoft OneNote 2013 (KB2817467) 64-Bit Edition

Update for Microsoft Outlook 2013 (KB2817468) 64-Bit Edition

Update for Microsoft PowerPoint 2013 (KB2726947) 64-Bit Edition

Update for Microsoft PowerPoint 2013 (KB2810006) 64-Bit Edition

Update for Microsoft SkyDrive Pro (KB2817469) 64-Bit Edition

Update for Microsoft Visio 2013 (KB2810008) 64-Bit Edition

Update for Microsoft Visio Viewer 2013 (KB2768338) 64-Bit Edition

Update for Microsoft Visual Studio 2012 (KB2781514)

Update for Microsoft Word 2013 (KB2767863) 64-Bit Edition

Update for Microsoft Word 2013 (KB2810086) 64-Bit Edition

Visual Studio 2012 Prerequisites

Visual Studio 2012 Prerequisites - ENU Language Pack

Visual Studio Extensions for Windows Library for JavaScript

WCF Data Services 5.0 (for OData v3) Primary Components

WCF Data Services Tools for Microsoft Visual Studio 2012

WCF RIA Services V1.0 SP2

Windows App Certification Kit Native Components

Windows App Certification Kit x64

Windows Runtime Intellisense Content - en-us

Windows Software Development Kit

Windows Software Development Kit DirectX x64 Remote

Windows Software Development Kit DirectX x86 Remote

Windows Software Development Kit for Windows Store Apps

Windows Software Development Kit for Windows Store Apps DirectX x64 Remote

Windows Software Development Kit for Windows Store Apps DirectX x86 Remote

WinRAR 4.20 (32-bit)

WPF Toolkit February 2010 (Version 3.5.50211.1)

.

==== Event Viewer Messages From Past Week ========

.

29/07/2013 18:34:53, Error: Service Control Manager [7030]  - The PandoraService service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

28/07/2013 15:08:15, Error: Service Control Manager [7031]  - The TeamViewer 8 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 2000 milliseconds: Restart the service.

.

==== End Of File ===========================

 

 

dds.txt :

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 

Internet Explorer: 10.0.9200.16537

Run by Luís at 17:56:25 on 2013-07-30

Microsoft Windows 8 Pro  6.2.9200.0.1252.351.1033.18.6042.4249 [GMT 1:00]

.

AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\system32\dwm.exe

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Program Files\IDT\WDM\STacSV64.exe

C:\Windows\system32\atieclxx.exe

C:\Windows\system32\Hpservice.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

c:\Program Files\Intel\iCLS Client\HeciServer.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe

C:\Program Files\Windows Defender\MsMpEng.exe

C:\Windows\System32\WUDFHost.exe

C:\Windows\system32\taskhostex.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe

C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\IDT\WDM\sttray64.exe

C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe

C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Windows\system32\wwahost.exe

C:\Windows\System32\RuntimeBroker.exe

C:\Program Files\WindowsApps\microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe\LiveComm.exe

C:\Windows\system32\taskhost.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfsvc.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\Luís\Downloads\dds.com

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

mWinlogon: Userinit = userinit.exe,

BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL

BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL

uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60

mRun: [startCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [HUAWEI E620 Data Card] C:\PROGRA~2\Kanguru\Kanguru.exe

mRun: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey

StartupFolder: C:\Users\LUS~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SENDTO~1.LNK - C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE

IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll

IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll

TCP: NameServer = 192.168.2.1

TCP: Interfaces\{3B7EDC88-C28E-49DD-870D-F9042F9C5F84} : DHCPNameServer = 192.168.2.1

TCP: Interfaces\{3B7EDC88-C28E-49DD-870D-F9042F9C5F84}\358414B4542523 : DHCPNameServer = 192.168.1.254 8.8.8.8

TCP: Interfaces\{BD6940B3-5449-42DA-9D74-ABEF8F8290E4} : DHCPNameServer = 192.168.1.254

Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL

Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL

SSODL: WebCheck - <orphaned>

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll

x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL

x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL

x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe

x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe

x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe

x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll

x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll

x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll

x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL

x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

Hosts: 212.59.16.245 www.google-analytics.com.

Hosts: 212.59.16.245 connect.facebook.net.

Hosts: 212.59.16.245 platform.twitter.com.

Hosts: 93.115.241.27 www.google-analytics.com.

Hosts: 93.115.241.27 connect.facebook.net.

.

Note: multiple HOSTS entries found. Please refer to Attach.txt

.

============= SERVICES / DRIVERS ===============

.

R0 amdkmpfd;AMD PCI Root Bus Lower Filter;C:\Windows\System32\Drivers\amdkmpfd.sys [2012-7-9 35496]

R0 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2012-9-28 650808]

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\Drivers\dtsoftbus01.sys [2013-6-28 283200]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-11-4 239616]

R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2012-9-24 31040]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-6-28 14904]

R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2013-6-28 2451456]

R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]

R2 Intel® ME Service;Intel® ME Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2013-6-28 128896]

R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2013-6-28 165760]

R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-7-30 418376]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-7-30 701512]

R2 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-6-28 4150112]

R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2013-6-28 364416]

R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\Drivers\IntcDAud.sys [2012-6-19 342528]

R3 intelkmd;intelkmd;C:\Windows\System32\Drivers\igdpmd64.sys [2012-9-4 9004384]

R3 MBAMProtector;MBAMProtector;C:\Windows\System32\Drivers\mbam.sys [2013-7-30 25928]

R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\Drivers\netr28x.sys [2013-4-15 2482960]

R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2013-6-28 690832]

R3 SmbDrvI;SmbDrvI;C:\Windows\System32\Drivers\Smb_driver_Intel.sys [2012-8-24 43832]

R3 WirelessButtonDriver;HP Wireless Button Driver Service;C:\Windows\System32\Drivers\WirelessButtonDriver64.sys [2012-8-31 20800]

S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE [2012-10-1 178824]

S3 RSP2STOR;Realtek PCIE CardReader Driver - P2;C:\Windows\System32\Drivers\RtsP2Stor.sys [2013-6-28 269968]

S3 Te.Service;Te.Service;C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [2012-7-25 126976]

S3 vmbusr;Virtual Machine Bus Provider;C:\Windows\System32\Drivers\vmbusr.sys [2012-7-26 117248]

.

=============== File Associations ===============

.

FileExt: .txt: txtfile=C:\Windows\System32\NOTEPAD.EXE %1 [userChoice]

.

=============== Created Last 30 ================

.

2013-07-30 16:56:26 -------- d-----w- C:\Users\LuÝs\AppData\Local\Microsoft

2013-07-30 16:27:45 9460976 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{182192DF-5027-469D-AE4D-74CD0B1727EB}\mpengine.dll

2013-07-30 12:56:21 9460976 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll

2013-07-30 12:35:55 -------- d-----w- C:\Users\Luís\AppData\Roaming\Malwarebytes

2013-07-30 12:35:34 -------- d-----w- C:\ProgramData\Malwarebytes

2013-07-30 12:35:33 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2013-07-30 12:35:33 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-07-29 17:34:23 -------- d-----w- C:\Program Files (x86)\The KMPlayer

2013-07-28 16:55:18 466456 ----a-w- C:\Windows\System32\wrap_oal.dll

2013-07-28 16:55:18 444952 ----a-w- C:\Windows\SysWow64\wrap_oal.dll

2013-07-28 16:55:18 122904 ----a-w- C:\Windows\System32\OpenAL32.dll

2013-07-28 16:55:18 109080 ----a-w- C:\Windows\SysWow64\OpenAL32.dll

2013-07-28 16:55:18 -------- d-----w- C:\Program Files (x86)\OpenAL

2013-07-27 10:57:16 -------- d-----w- C:\Windows\System32\MRT

2013-07-27 09:54:50 289968 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10211.bin

2013-07-26 16:52:17 -------- d-----w- C:\Users\Luís\AppData\Roaming\TS3Client

2013-07-25 19:55:10 -------- d-----w- C:\Program Files (x86)\TeamSpeak 3 Client

2013-07-16 22:25:01 997632 ----a-w- C:\Windows\System32\drivers\ndis.sys

2013-07-10 12:34:53 2035200 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\InkObj.dll

2013-07-10 12:34:52 1617920 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL

2013-07-10 12:34:52 1306112 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll

2013-07-10 12:34:52 1272320 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll

2013-07-10 12:34:51 1318912 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll

2013-07-10 12:34:50 1413632 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\InkObj.dll

2013-07-10 12:34:49 1029632 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\journal.dll

2013-07-10 12:34:05 4036096 ----a-w- C:\Windows\System32\win32k.sys

2013-07-10 12:33:31 595968 ----a-w- C:\Windows\System32\qedit.dll

2013-07-10 12:33:31 496640 ----a-w- C:\Windows\SysWow64\qedit.dll

2013-07-10 12:33:30 19187712 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll

2013-07-10 12:33:30 18523648 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll

2013-07-03 21:07:35 144384 ----a-w- C:\Windows\System32\tssdisai.dll

2013-07-01 19:52:59 9728 ----a-w- C:\Windows\SysWow64\wlanhlp.dll

2013-07-01 19:51:59 793200 ----a-w- C:\Windows\System32\mfplat.dll

2013-07-01 19:50:56 2367528 ----a-w- C:\Windows\System32\WSService.dll

2013-07-01 19:49:59 509952 ----a-w- C:\Windows\SysWow64\twinapi.dll

2013-07-01 13:17:24 78200 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-07-01 13:17:24 693112 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-07-01 13:14:16 -------- d-----r- C:\Windows\BrowserChoice

.

==================== Find3M  ====================

.

2013-06-28 15:40:38 283200 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys

2013-06-28 13:56:25 0 ----a-w- C:\Windows\ativpsrm.bin

2013-06-11 23:43:37 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll

2013-06-11 23:43:00 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll

2013-06-11 23:26:20 2241024 ----a-w- C:\Windows\System32\wininet.dll

2013-06-11 23:25:16 3958784 ----a-w- C:\Windows\System32\jscript9.dll

2013-06-01 11:54:16 194816 ----a-w- C:\Windows\System32\drivers\sdbus.sys

2013-06-01 11:54:10 125184 ----a-w- C:\Windows\System32\drivers\dumpsd.sys

2013-06-01 11:34:21 2391280 ----a-w- C:\Windows\explorer.exe

2013-06-01 11:33:13 2233600 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2013-06-01 11:29:35 337152 ----a-w- C:\Windows\System32\drivers\USBXHCI.SYS

2013-06-01 11:29:35 213248 ----a-w- C:\Windows\System32\drivers\UCX01000.SYS

2013-06-01 11:26:33 327936 ----a-w- C:\Windows\System32\drivers\volsnap.sys

2013-06-01 11:26:31 6987008 ----a-w- C:\Windows\System32\ntoskrnl.exe

2013-06-01 10:24:46 2106176 ----a-w- C:\Windows\SysWow64\explorer.exe

2013-06-01 09:25:52 364544 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll

2013-06-01 09:25:05 67584 ----a-w- C:\Windows\SysWow64\samlib.dll

2013-06-01 09:24:19 493056 ----a-w- C:\Windows\SysWow64\mscms.dll

2013-06-01 09:24:09 850944 ----a-w- C:\Windows\SysWow64\mfasfsrcsnk.dll

2013-06-01 09:24:09 1453568 ----a-w- C:\Windows\SysWow64\mfcore.dll

2013-06-01 09:23:46 1842176 ----a-w- C:\Windows\SysWow64\dwmcore.dll

2013-06-01 09:23:06 680960 ----a-w- C:\Windows\System32\vds.exe

2013-06-01 09:22:47 80896 ----a-w- C:\Windows\System32\MbaeParserTask.exe

2013-06-01 09:22:33 523264 ----a-w- C:\Windows\System32\XpsGdiConverter.dll

2013-06-01 09:22:33 446976 ----a-w- C:\Windows\System32\wwansvc.dll

2013-06-01 09:22:09 190976 ----a-w- C:\Windows\System32\vdsutil.dll

2013-06-01 09:21:39 729600 ----a-w- C:\Windows\System32\samsrv.dll

2013-06-01 09:21:39 106496 ----a-w- C:\Windows\System32\samlib.dll

2013-06-01 09:20:45 583168 ----a-w- C:\Windows\System32\mscms.dll

2013-06-01 09:20:34 1527808 ----a-w- C:\Windows\System32\mfcore.dll

2013-06-01 09:20:34 1048576 ----a-w- C:\Windows\System32\mfasfsrcsnk.dll

2013-06-01 09:20:04 2219520 ----a-w- C:\Windows\System32\dwmcore.dll

2013-06-01 09:19:58 207872 ----a-w- C:\Windows\System32\DeviceSetupManager.dll

2013-06-01 09:19:42 785408 ----a-w- C:\Windows\System32\audiosrv.dll

2013-06-01 03:08:57 37632 ----a-w- C:\Windows\System32\drivers\BthAvrcpTg.sys

2013-05-24 22:09:20 1403296 ----a-w- C:\Windows\System32\winload.efi

2013-05-24 22:09:20 1271584 ----a-w- C:\Windows\System32\winload.exe

2013-05-24 22:09:20 1217352 ----a-w- C:\Windows\System32\winresume.efi

2013-05-24 22:09:20 1093904 ----a-w- C:\Windows\System32\winresume.exe

2013-05-23 23:01:46 1300992 ----a-w- C:\Windows\System32\gdi32.dll

2013-05-23 22:27:05 1022464 ----a-w- C:\Windows\SysWow64\gdi32.dll

2013-05-15 22:37:03 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll

2013-05-15 22:35:49 53760 ----a-w- C:\Windows\System32\UXInit.dll

2013-05-15 02:25:59 888320 ----a-w- C:\Windows\System32\autochk.exe

2013-05-15 02:25:44 542208 ----a-w- C:\Windows\System32\untfs.dll

2013-05-15 02:24:10 793088 ----a-w- C:\Windows\SysWow64\autochk.exe

2013-05-15 02:24:01 482816 ----a-w- C:\Windows\SysWow64\untfs.dll

2013-05-14 13:14:01 2706432 ----a-w- C:\Windows\System32\mshtml.tlb

2013-05-14 09:23:31 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2013-05-04 07:58:17 120736 ----a-w- C:\Windows\System32\AuthHost.exe

2013-05-04 07:34:17 446720 ----a-w- C:\Windows\System32\drivers\USBHUB3.SYS

2013-05-04 07:34:15 284416 ----a-w- C:\Windows\System32\drivers\spaceport.sys

2013-05-04 06:59:56 39424 ----a-w- C:\Windows\System32\wuapp.exe

2013-05-04 06:59:51 1483776 ----a-w- C:\Windows\System32\VSSVC.exe

2013-05-04 06:59:36 812544 ----a-w- C:\Windows\System32\Magnify.exe

2013-05-04 06:59:25 98304 ----a-w- C:\Windows\System32\wudriver.dll

2013-05-04 06:59:25 251904 ----a-w- C:\Windows\System32\WUSettingsProvider.dll

2013-05-04 06:59:25 141824 ----a-w- C:\Windows\System32\wuwebv.dll

2013-05-04 06:59:24 1619968 ----a-w- C:\Windows\System32\wucltux.dll

2013-05-04 06:59:21 2842112 ----a-w- C:\Windows\System32\WMVDECOD.DLL

2013-05-04 06:59:08 13644288 ----a-w- C:\Windows\System32\Windows.UI.Xaml.dll

2013-05-04 06:58:54 328192 ----a-w- C:\Windows\System32\ubpm.dll

2013-05-04 06:58:54 10116096 ----a-w- C:\Windows\System32\twinui.dll

2013-05-04 06:58:49 173568 ----a-w- C:\Windows\System32\storewuauth.dll

2013-05-04 06:58:49 1332736 ----a-w- C:\Windows\System32\sysmain.dll

2013-05-04 06:58:48 330240 ----a-w- C:\Windows\System32\stobject.dll

2013-05-04 06:58:28 93696 ----a-w- C:\Windows\System32\psmsrv.dll

2013-05-04 06:58:02 470528 ----a-w- C:\Windows\System32\netprofmsvc.dll

2013-05-04 06:58:02 151552 ----a-w- C:\Windows\System32\netprofm.dll

2013-05-04 06:58:01 169984 ----a-w- C:\Windows\System32\netplwiz.dll

2013-05-04 06:57:59 17408 ----a-w- C:\Windows\System32\muifontsetup.dll

2013-05-04 06:57:46 560640 ----a-w- C:\Windows\System32\mfmp4srcsnk.dll

2013-05-04 06:57:31 820736 ----a-w- C:\Windows\System32\gpprefcl.dll

2013-05-04 06:57:15 501760 ----a-w- C:\Windows\System32\DevicePairing.dll

2013-05-04 06:57:05 179712 ----a-w- C:\Windows\System32\bisrv.dll

2013-05-04 06:57:05 122368 ----a-w- C:\Windows\System32\biwinrt.dll

2013-05-04 06:57:04 389120 ----a-w- C:\Windows\System32\BCP47Langs.dll

2013-05-04 06:57:04 2305024 ----a-w- C:\Windows\System32\authui.dll

2013-05-04 06:57:00 708096 ----a-w- C:\Windows\System32\AppXDeploymentExtensions.dll

2013-05-04 06:57:00 1131520 ----a-w- C:\Windows\System32\AppXDeploymentServer.dll

2013-05-04 06:56:53 419840 ----a-w- C:\Windows\System32\intl.cpl

2013-05-04 04:58:34 34304 ----a-w- C:\Windows\SysWow64\wuapp.exe

2013-05-04 04:58:14 758784 ----a-w- C:\Windows\SysWow64\Magnify.exe

2013-05-04 04:58:02 83968 ----a-w- C:\Windows\SysWow64\wudriver.dll

2013-05-04 04:58:02 125952 ----a-w- C:\Windows\SysWow64\wuwebv.dll

2013-05-04 04:57:58 2620928 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL

2013-05-04 04:57:49 10788864 ----a-w- C:\Windows\SysWow64\Windows.UI.Xaml.dll

2013-05-04 04:57:39 8857088 ----a-w- C:\Windows\SysWow64\twinui.dll

2013-05-04 04:57:39 247296 ----a-w- C:\Windows\SysWow64\ubpm.dll

2013-05-04 04:57:35 303616 ----a-w- C:\Windows\SysWow64\stobject.dll

2013-05-04 04:57:16 18432 ----a-w- C:\Windows\SysWow64\npmproxy.dll

2013-05-04 04:57:04 151040 ----a-w- C:\Windows\SysWow64\netplwiz.dll

2013-05-04 04:57:04 115712 ----a-w- C:\Windows\SysWow64\netprofm.dll

2013-05-04 04:57:02 14336 ----a-w- C:\Windows\SysWow64\muifontsetup.dll

2013-05-04 04:56:48 411136 ----a-w- C:\Windows\SysWow64\mfmp4srcsnk.dll

2013-05-04 04:56:35 582144 ----a-w- C:\Windows\SysWow64\gpprefcl.dll

2013-05-04 04:56:14 449536 ----a-w- C:\Windows\SysWow64\DevicePairing.dll

2013-05-04 04:56:06 92160 ----a-w- C:\Windows\SysWow64\biwinrt.dll

2013-05-04 04:56:05 309760 ----a-w- C:\Windows\SysWow64\BCP47Langs.dll

2013-05-04 04:56:05 2035712 ----a-w- C:\Windows\SysWow64\authui.dll

.

============= FINISH: 17:57:09,85 ===============

 

 

[MrCharlie]

Duplicate post:

http://forums.malwarebytes.org/index.php?showtopic=130247

 

This one will be closed.....MrC

[LDTate]

Since this issue is resolved I will close the thread to prevent others from posting here. If you need assistance please start your own topic and someone will be happy to assist you.