Jump to content

NewMBAM DDS GMER Logs

If.ur.so.smrt.then.yrudead
 Share

Recommended Posts

If.ur.so.smrt.then.yrudead

If.ur.so.smrt.then.yrudead

Posted
Posted

Hello,

I paid for your software on Sunday and I am very impressed with my investment. Thanks for the support you offer the community. Unfortunately, I have been plagued since October 23, especially since I am a first year law student. When you have a moment, I would greatly appreciate a response. Thanks again. You guys are some serious anti-h@x0rs.

Best Regards,

DDS (Ver_10-10-21.02) - NTFS_AMD64

Run by coryclem at 16:15:47.44 on Tue 10/26/2010

Internet Explorer: 8.0.7600.16385

Microsoft Windows 7 Professional 6.1.7600.0.1252.1.1033.18.3892.2200 [GMT -6:00]

============== Running Processes ===============

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\ibmpmsvc.exe

C:\Windows\system32\svchost.exe -k RPCSS

c:\Program Files\Microsoft Security Essentials\MsMpEng.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\Bonjour\mDNSResponder.exe

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe

C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files\MozyHome\mozybackup.exe

C:\Windows\System32\svchost.exe -k HPZ12

C:\Program Files\MozyHome\mozybackup.exe

C:\Program Files\MozyHome\mozybackup.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\System32\svchost.exe -k HPZ12

C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe

C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SmcGui.exe

C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe

C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\ProtectionUtilSurrogate.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\Internet Explorer\IELowutil.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

C:\Users\coryclem\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\coryclem\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\coryclem\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\coryclem\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\coryclem\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\SysWOW64\NOTEPAD.EXE

C:\Users\coryclem\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe

C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

C:\Windows\system32\svchost.exe -k HsfXAudioService

C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

C:\Windows\system32\sppsvc.exe

c:\Program Files (x86)\Lenovo\System Update\SUService.exe

C:\Users\coryclem\Downloads\dds.scr

C:\Windows\system32\conhost.exe

C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/

uDefault_Page_URL = hxxp://lenovo.msn.com

uInternet Settings,ProxyOverride = *.local

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File

uRun: [CoSign Desktop] C:\Program Files (x86)\ARX\ARX CoSign Client\coscntrl.exe /WMIN

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

StartupFolder: C:\Users\coryclem\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105

IE: Send To CaseMap - C:\Windows\system32\lnToCM.htm

IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm

IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

Trusted Zone: live.com\cid-16b4f445e6e97035.office

DPF: {4D2D3A17-9B46-483C-A5F4-1DC471080009} - hxxps://nac2.app.byu.edu/auth/taweb.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

LSA: Notification Packages = scecli ACGina

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL

BHO-X64: URLRedirectionBHO - No File

TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File

IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm

============= SERVICES / DRIVERS ===============

R0 DzHDD64;DzHDD64;C:\Windows\System32\drivers\DZHDD64.SYS [2010-8-9 30320]

R0 TPDIGIMN;TPDIGIMN;C:\Windows\System32\drivers\ApsHM64.sys [2009-10-9 23592]

R1 lenovo.smi;Lenovo System Interface Driver;C:\Windows\System32\drivers\smiifx64.sys [2010-4-23 15400]

R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2010-3-25 173984]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

R2 HsfXAudioService;HsfXAudioService;C:\Windows\system32\svchost.exe -k HsfXAudioService [2009-7-13 27136]

R2 LENOVO.CAMMUTE;Lenovo Camera Mute;C:\Program Files\Lenovo\Communications Utility\CamMute.exe [2010-8-9 50536]

R2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [2010-8-9 74088]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2010-10-23 304464]

R2 rimspci;rimspci;C:\Windows\System32\drivers\rimspe64.sys [2010-8-9 61952]

R2 Symantec AntiVirus;Symantec Endpoint Protection;C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe [2010-4-26 1822296]

R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2009-9-29 12728]

R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-8-9 2320920]

R3 CAXHWAZL;CAXHWAZL;C:\Windows\System32\drivers\CAXHWAZL.sys [2010-8-9 292864]

R3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K;C:\Windows\System32\drivers\e1k62x64.sys [2010-10-24 295600]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-10-15 132656]

R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-8-9 56344]

R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-8-9 151936]

R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-8-9 244736]

R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2010-10-23 24664]

R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\Windows\System32\drivers\rtl8192se.sys [2010-8-9 1111144]

R3 TVTI2C;Lenovo SM bus driver;C:\Windows\System32\drivers\tvti2c.sys [2009-10-8 41536]

S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2010-8-9 35104]

S3 DozeSvc;Lenovo Doze Mode Service;C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [2010-8-9 164200]

S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2010-10-23 48488]

S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]

S3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\System32\drivers\MpNWMon.sys [2010-3-25 40832]

S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]

S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]

S3 PCDSRVC{127174DC-C366ED8B-06020000}_0;PCDSRVC{127174DC-C366ED8B-06020000}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\PC-Doctor\pcdsrvc_x64.pkms [2010-5-7 24560]

S3 pmxdrv;pmxdrv;C:\Windows\System32\drivers\pmxdrv.sys [2010-8-9 31152]

S3 Power Manager DBC Service;Power Manager DBC Service;C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe [2010-8-9 75112]

S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]

S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]

S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]

S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]

S3 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-9-29 126392]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2010-4-19 50688]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-8-19 1255736]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files (x86)\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

=============== Created Last 30 ================

2010-10-26 19:27:38 552960 ----a-w- C:\Windows\System32\msdri.dll

2010-10-26 19:27:37 961024 ----a-w- C:\Windows\System32\CPFilters.dll

2010-10-26 19:27:37 641536 ----a-w- C:\Windows\SysWow64\CPFilters.dll

2010-10-26 19:27:34 288256 ----a-w- C:\Windows\System32\MSNP.ax

2010-10-26 19:27:34 204288 ----a-w- C:\Windows\SysWow64\MSNP.ax

2010-10-26 19:27:32 258560 ----a-w- C:\Windows\System32\mpg2splt.ax

2010-10-26 19:27:32 199680 ----a-w- C:\Windows\SysWow64\mpg2splt.ax

2010-10-26 19:27:14 27008 ----a-w- C:\Windows\System32\drivers\Diskdump.sys

2010-10-26 19:22:59 8006480 ----a-w- C:\PROGRA~3\Microsoft\Microsoft Antimalware\Definition Updates\{942EE62F-5B88-44E9-8CB3-E64DC64B7C30}\mpengine.dll

2010-10-24 21:44:32 345800 ----a-w- C:\Windows\System32\PROUnstl.exe

2010-10-24 21:44:14 295600 ----a-w- C:\Windows\System32\drivers\e1k62x64.sys

2010-10-24 21:43:28 -------- d-----w- C:\Program Files (x86)\Cisco

2010-10-24 21:42:30 222720 ----a-w- C:\Windows\System32\wwanconn.dll

2010-10-24 20:50:24 -------- d-----w- C:\Users\coryclem\AppData\Local\ElevatedDiagnostics

2010-10-24 20:50:14 -------- d-----w- C:\Windows\pss

2010-10-24 16:10:22 -------- d-----w- C:\Users\coryclem\AppData\Local\Microsoft Corporation

2010-10-24 15:59:24 8006480 ----a-w- C:\PROGRA~3\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2010-10-24 14:09:06 -------- d-----w- C:\Program Files (x86)\FileASSASSIN

2010-10-24 12:47:48 -------- d-----w- C:\DRIVERS

2010-10-24 04:46:00 -------- d-----w- C:\Program Files (x86)\Microsoft Antimalware

2010-10-24 04:45:56 -------- d-----w- C:\Program Files\Microsoft Security Essentials

2010-10-24 02:54:00 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys

2010-10-24 01:24:43 -------- d-----w- C:\Users\coryclem\AppData\Roaming\Malwarebytes

2010-10-24 01:24:32 24664 ----a-w- C:\Windows\System32\drivers\mbam.sys

2010-10-24 01:24:32 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2010-10-24 01:24:32 -------- d-----w- C:\PROGRA~3\Malwarebytes

2010-10-23 22:53:05 -------- d-sh--w- C:\Users\coryclem\AppData\Roaming\Smart Engine

2010-10-23 22:53:05 -------- d-sh--w- C:\PROGRA~3\SMWIE

2010-10-23 22:52:31 -------- d-sh--w- C:\PROGRA~3\7c3316

2010-10-23 22:06:55 -------- d-----w- C:\Users\coryclem\AppData\Roaming\Windows Live Writer

2010-10-23 22:06:55 -------- d-----w- C:\Users\coryclem\AppData\Local\Windows Live Writer

2010-10-23 20:27:05 -------- d-----w- C:\Program Files (x86)\LinkedIn

2010-10-23 20:26:23 -------- d-----w- C:\Windows\en

2010-10-23 20:24:06 48488 ----a-w- C:\Windows\System32\drivers\fssfltr.sys

2010-10-23 20:22:41 69464 ----a-w- C:\Windows\SysWow64\XAPOFX1_3.dll

2010-10-23 20:22:41 523088 ----a-w- C:\Windows\System32\d3dx10_42.dll

2010-10-23 20:22:41 515416 ----a-w- C:\Windows\SysWow64\XAudio2_5.dll

2010-10-23 20:22:41 453456 ----a-w- C:\Windows\SysWow64\d3dx10_42.dll

2010-10-23 20:22:01 1164800 ----a-w- C:\Windows\SysWow64\UIRibbonRes.dll

2010-10-23 20:22:01 1164800 ----a-w- C:\Windows\System32\UIRibbonRes.dll

2010-10-23 20:22:00 3860992 ----a-w- C:\Windows\System32\UIRibbon.dll

2010-10-23 20:22:00 2983424 ----a-w- C:\Windows\SysWow64\UIRibbon.dll

2010-10-23 20:19:36 -------- d-----w- C:\Users\coryclem\AppData\Local\Windows Live

2010-10-22 09:33:03 -------- d-----w- C:\Users\coryclem\AppData\Roaming\ThomsonWest

2010-10-22 09:31:39 -------- d-----w- C:\Program Files (x86)\StudySmartFirstYear

2010-10-21 08:10:39 -------- d-----w- C:\Users\coryclem\AppData\Roaming\FileOpen

2010-10-21 08:10:39 -------- d-----w- C:\PROGRA~3\FileOpen

2010-10-21 08:08:38 -------- d-----w- C:\Program Files (x86)\FileOpen

2010-10-21 04:52:37 -------- d-----w- C:\FormOver

2010-10-18 09:08:35 171880 ----a-w- C:\PROGRA~3\Microsoft\Windows\Sqm\Manifest\Sqm10134.bin

2010-10-13 17:20:38 148992 ----a-w- C:\Windows\System32\t2embed.dll

2010-10-13 17:20:37 109056 ----a-w- C:\Windows\SysWow64\t2embed.dll

2010-10-13 17:20:36 4582912 ----a-w- C:\Program Files\Windows NT\Accessories\wordpad.exe

2010-10-13 17:20:35 2085376 ----a-w- C:\Windows\System32\ole32.dll

2010-10-13 17:20:34 4247040 ----a-w- C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe

2010-10-13 17:20:34 1413632 ----a-w- C:\Windows\SysWow64\ole32.dll

2010-10-13 17:20:27 483840 ----a-w- C:\Windows\System32\StructuredQuery.dll

2010-10-13 17:20:26 363520 ----a-w- C:\Windows\SysWow64\StructuredQuery.dll

2010-10-13 17:20:25 340992 ----a-w- C:\Windows\System32\schannel.dll

2010-10-13 17:20:25 224256 ----a-w- C:\Windows\SysWow64\schannel.dll

2010-10-13 17:20:23 633856 ----a-w- C:\Windows\System32\comctl32.dll

2010-10-13 17:20:22 530432 ----a-w- C:\Windows\SysWow64\comctl32.dll

2010-10-13 17:14:21 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe

2010-10-13 17:14:21 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe

2010-10-13 17:14:19 12625920 ----a-w- C:\Windows\System32\wmploc.DLL

2010-10-13 17:14:19 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL

2010-10-13 17:14:00 463360 ----a-w- C:\Windows\System32\drivers\srv.sys

2010-10-13 17:14:00 402944 ----a-w- C:\Windows\System32\drivers\srv2.sys

2010-10-13 17:13:59 236032 ----a-w- C:\Windows\System32\srvsvc.dll

2010-10-13 17:13:59 161792 ----a-w- C:\Windows\System32\drivers\srvnet.sys

2010-10-13 17:13:58 9728 ----a-w- C:\Windows\SysWow64\sscore.dll

2010-10-13 17:13:58 3125248 ----a-w- C:\Windows\System32\win32k.sys

2010-10-12 13:28:46 -------- d-----w- C:\Users\coryclem\AppData\Roaming\webex

2010-10-12 13:28:30 -------- d-----w- C:\PROGRA~3\WebEx

2010-10-12 13:27:22 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2010-10-08 04:04:05 -------- d-----w- C:\Users\coryclem\AppData\Local\Amazon

2010-10-06 04:55:10 -------- d-----w- C:\PROGRA~3\Cisco Systems

2010-09-30 16:03:57 30296 ----a-w- C:\Windows\System32\iprntzppd.dll

2010-09-30 16:03:57 28248 ----a-w- C:\Windows\SysWow64\iprntzppd.dll

2010-09-30 14:30:26 184832 ----a-w- C:\Windows\System32\drivers\usbvideo.sys

2010-09-30 14:30:25 243712 ----a-w- C:\Windows\System32\drivers\ks.sys

2010-09-29 15:12:51 467456 ------w- C:\Windows\SysWow64\cm8batch.dll

2010-09-29 15:12:51 453632 ------w- C:\Windows\SysWow64\stdvcl40.dll

2010-09-29 15:12:51 397856 ------w- C:\Windows\SysWow64\XceedZip.dll

2010-09-29 15:12:51 3631104 ------w- C:\Windows\SysWow64\SendToCM.dll

2010-09-29 15:12:51 2768896 ------w- C:\Windows\SysWow64\CMEmlHelper.dll

2010-09-29 15:12:51 2101248 ------w- C:\Windows\SysWow64\csacropi.dll

2010-09-29 15:12:51 1007616 ------w- C:\Windows\SysWow64\cm8adins.dll

2010-09-29 15:12:50 621568 ------w- C:\Windows\SysWow64\LNToCM2.dll

2010-09-29 15:12:50 102400 ------w- C:\Windows\SysWow64\LNToCMCrypt.dll

2010-09-29 15:05:03 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

2010-09-29 15:05:03 2048 ----a-w- C:\Windows\System32\tzres.dll

2010-09-29 15:04:59 13312 ----a-w- C:\Program Files\Internet Explorer\iecompat.dll

2010-09-29 15:04:59 13312 ----a-w- C:\Program Files (x86)\Internet Explorer\iecompat.dll

2010-09-27 21:57:08 -------- d-----w- C:\Users\coryclem\AppData\Roaming\CaseSoft

2010-09-27 21:56:43 -------- d-----w- C:\Users\coryclem\AppData\Local\CaseSoft

2010-09-27 21:56:34 -------- d-----w- C:\PROGRA~3\LexisNexis

2010-09-27 21:56:33 801792 ----a-w- C:\Windows\SysWow64\csactv.dll

2010-09-27 21:56:33 622080 ----a-w- C:\Windows\SysWow64\LNTotalLitNav.dll

2010-09-27 21:56:33 35840 ------w- C:\Windows\SysWow64\FHPopup.ocx

2010-09-27 21:56:33 -------- d-----w- C:\Program Files (x86)\CaseSoft

2010-09-27 21:56:33 -------- d-----w- C:\PROGRA~3\CaseSoft

==================== Find3M ====================

2010-10-19 20:51:33 270720 ------w- C:\Windows\System32\MpSigStub.exe

2010-09-23 06:47:28 49016 ----a-w- C:\Windows\SysWow64\sirenacm.dll

2010-09-23 06:32:56 301936 ----a-w- C:\Windows\WLXPGSS.SCR

2010-09-21 20:49:02 252800 ----a-w- C:\Windows\System32\LIVESSP.DLL

2010-09-21 20:03:14 208768 ----a-w- C:\Windows\SysWow64\LIVESSP.DLL

2010-09-10 05:35:44 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll

2010-09-10 05:35:43 347648 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll

2010-09-08 17:17:46 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx

2010-09-08 17:17:46 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts

2010-09-08 05:36:17 1192960 ----a-w- C:\Windows\System32\wininet.dll

2010-09-08 05:34:34 57856 ----a-w- C:\Windows\System32\licmgr10.dll

2010-09-08 04:30:04 978432 ----a-w- C:\Windows\SysWow64\wininet.dll

2010-09-08 04:28:15 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll

2010-09-08 04:16:38 482816 ----a-w- C:\Windows\System32\html.iec

2010-09-08 03:35:30 1638912 ----a-w- C:\Windows\System32\mshtml.tlb

2010-09-08 03:22:31 386048 ----a-w- C:\Windows\SysWow64\html.iec

2010-09-08 02:48:16 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2010-08-31 04:32:30 954752 ----a-w- C:\Windows\SysWow64\mfc40.dll

2010-08-31 04:32:30 954288 ----a-w- C:\Windows\SysWow64\mfc40u.dll

2010-08-21 06:38:47 1024512 ----a-w- C:\Windows\System32\wmpmde.dll

2010-08-21 06:29:47 558592 ----a-w- C:\Windows\System32\spoolsv.exe

2010-08-21 05:36:33 738816 ----a-w- C:\Windows\SysWow64\wmpmde.dll

2010-08-19 23:18:20 172592 ------w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS

2010-08-11 04:35:44 66040 ----a-w- C:\Windows\System32\drivers\mozy.sys

2010-08-10 02:38:21 612352 ------w- C:\Windows\System32\vbscript.dll

2010-08-10 02:38:21 427520 ------w- C:\Windows\SysWow64\vbscript.dll

2010-08-10 02:36:51 96768 ------w- C:\Windows\SysWow64\sspicli.dll

2010-08-10 02:36:51 22016 ------w- C:\Windows\SysWow64\secur32.dll

2010-08-10 02:36:51 153160 ------w- C:\Windows\System32\drivers\ksecpkg.sys

2010-08-10 02:36:51 1446912 ------w- C:\Windows\System32\lsasrv.dll

2010-08-10 02:36:35 286720 ------w- C:\Windows\System32\drivers\mrxsmb10.sys

2010-08-10 02:36:35 157696 ------w- C:\Windows\System32\drivers\mrxsmb.sys

2010-08-10 02:36:35 125952 ------w- C:\Windows\System32\drivers\mrxsmb20.sys

2010-08-10 02:36:06 139264 ------w- C:\Windows\System32\cabview.dll

2010-08-10 02:36:06 132608 ------w- C:\Windows\SysWow64\cabview.dll

2010-08-10 02:34:53 51712 ------w- C:\Windows\System32\drivers\usbehci.sys

2010-08-10 02:34:53 343040 ------w- C:\Windows\System32\drivers\usbhub.sys

2010-08-10 02:34:42 613888 ----a-w- C:\Windows\System32\psisdecd.dll

2010-08-10 02:34:42 465408 ----a-w- C:\Windows\SysWow64\psisdecd.dll

2010-08-10 02:34:28 389632 ------w- C:\Windows\System32\winlogon.exe

2010-08-10 02:34:28 2870272 ------w- C:\Windows\explorer.exe

2010-08-10 02:34:28 2614272 ------w- C:\Windows\SysWow64\explorer.exe

2010-08-10 02:34:10 14336 ------w- C:\Windows\System32\drivers\sffp_sd.sys

2010-08-10 02:34:10 109056 ------w- C:\Windows\System32\drivers\sdbus.sys

2010-08-10 02:32:42 70656 ------w- C:\Windows\SysWow64\fontsub.dll

2010-08-10 02:32:42 100864 ------w- C:\Windows\System32\fontsub.dll

2010-08-10 02:32:25 334424 ------w- C:\Windows\System32\drivers\acpi.sys

2010-08-10 02:31:03 1444 ------w- C:\Windows\MFGCLEAN.CMD

2010-08-10 02:05:51 129784 ------w- C:\Windows\SysWow64\pxafs.dll

2010-08-10 02:05:51 118520 ------w- C:\Windows\SysWow64\pxinsi64.exe

2010-08-10 02:05:51 116472 ------w- C:\Windows\SysWow64\pxcpyi64.exe

2010-08-10 01:47:07 31152 ------w- C:\Windows\System32\drivers\pmxdrv.sys

2010-07-29 06:30:34 82944 ------w- C:\Windows\SysWow64\iccvid.dll

============= FINISH: 16:18:05.78 ===============

mbam_dds_gmer.zip

Link to post
Share on other sites
kahdah

kahdah

Posted
Posted

Hello If.ur.so.smrt.then.yrudead

Welcome to Malwarebytes.

=====================

  • Download OTL to your desktop.
  • Double click on OTL to run it.
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    :Files
    C:\Users\coryclem\AppData\Roaming\Smart Engine
    C:\PROGRA~3\SMWIE
    C:\PROGRA~3\7c3316

    :Commands
    [emptytemp]


  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done
  • It will produce a log for you on reboot, please post that log in your next reply.

=====================

* Go here to run an online scannner from ESET.

  • Note: You will need to use Internet explorer for this scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Check next options: Remove found threats and Scan unwanted applications.
  • Click Scan
  • Wait for the scan to finish
  • Use notepad to open the logfile located at C:\Program Files\ESET\ESET Online Scanner\log.txt
  • Copy and paste that log as a reply to this topic

Link to post
Share on other sites
  • 3 weeks later...
LDTate

LDTate

Posted
Posted

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.