Jump to content

Cannot find or get rid of malware


Recommended Posts

Hi,

I'm having a bit of a nightmare with my computer. A couple of weeks ago internet explorer 8 started acting strangly. Sometimes it would not open at all and other times it was fine. Also when i clicked to add a new tab the tab just gets stuck on connecting and i am unable to close it or access it. once this tab has been opened i am unable to close ie8 without going through the task manager. When ie8 doesn't open it is still in the task manager and i cannot open another browser until i've closed it via task manager. I've also tried using google chrome with similar results (opening). Intially i thought this was an error with ie8 so updated to ie9 beta but still the same problem and then i started being redirected to random websites from url links on the search pages (google, bing, & yahoo).

I initally did all of the scans with spybot, adaware, superantispyware, malwarebytes, AVG free, and microsoft essentials in normal mode and also safe mode. I came up with lots of malware/spyware and it "cleaned" it. However, the problem is still there. I'm at my wits-end with it now and don't really want to reinstall windows so really hoping someone can help me.

thank you in advance for your help.

The log files are as follows:

Malwarebytes:

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

Database version: 5044

Windows 6.1.7600

Internet Explorer 8.0.7600.16385

06/11/2010 12:59:25

mbam-log-2010-11-06 (12-59-25).txt

Scan type: Quick scan

Objects scanned: 144025

Time elapsed: 3 minute(s), 18 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

DDS:

DDS (Ver_10-11-05.01) - NTFS_AMD64

Run by Loz at 12:39:58.94 on 06/11/2010

Internet Explorer: 8.0.7600.16385

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.44.1033.18.4086.2499 [GMT 0:00]

SP: SUPERAntiSpyware *enabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}

============== Running Processes ===============

C:\PROGRA~2\AVG\AVG10\avgchsva.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\atieclxx.exe

C:\Windows\system32\WUDFHost.exe

C:\Program Files\Protector Suite\upeksvr.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe

C:\Program Files (x86)\Bonjour\mDNSResponder.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt

C:\Windows\System32\svchost.exe -k HPZ12

C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe

C:\Windows\SysWOW64\NLSSRV32.EXE

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\SysWOW64\PnkBstrA.exe

C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files (x86)\AVG\AVG10\avgtray.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\svchost.exe -k HPService

C:\Program Files (x86)\Trusteer\Rapport\bin\RapportLaunService64.exe

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files (x86)\AVG\AVG10\avgnsa.exe

C:\Program Files (x86)\AVG\AVG10\avgemca.exe

C:\Windows\system32\conhost.exe

C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\DllHost.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10k_ActiveX.exe

C:\Windows\system32\sppsvc.exe

C:\Users\Loz\Desktop\Defogger.exe

C:\Windows\system32\conhost.exe

C:\PROGRA~2\AVG\AVG10\avgrsa.exe

C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Users\Loz\Desktop\dds.scr

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uSearch Bar = Preserve

uStart Page = hxxp://www.yahoo.co.uk/

uDefault_Page_URL = hxxp://www.pcspecialist.co.uk/search/

uInternet Settings,ProxyOverride = *.local

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File

BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll

BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File

EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll

uRun: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

uRun: [Google Update] "C:\Users\Loz\AppData\Local\Google\Update\GoogleUpdate.exe" /c

mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe

mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} - hxxp://assets.photobox.com/assets/aurigma/ImageUploader5.cab?20100805101937

DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.71.0.cab

DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

LSA: Notification Packages = scecli C:\Program Files\Protector Suite\psqlpwd.dll

mASetup: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache

BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll

BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File

EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File

mRun-x64: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

============= SERVICES / DRIVERS ===============

R0 AVGIDSEH;AVGIDSEH;C:\Windows\System32\drivers\AVGIDSEH.sys [2010-9-13 27216]

R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2010-9-7 30288]

R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2010-9-7 305232]

R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2010-9-7 41040]

R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2010-9-7 381008]

R1 RapportKE64;RapportKE64;C:\Program Files (x86)\Trusteer\Rapport\bin\RapportKE64.sys [2010-10-3 63472]

R1 RapportPG64;RapportPG64;C:\Program Files (x86)\Trusteer\Rapport\bin\RapportPG64.sys [2010-10-3 56816]

R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2010-2-17 14920]

R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2010-2-17 12360]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-14 59904]

R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2010-6-29 128752]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-7-7 203264]

R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2010-10-11 6104656]

R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [2010-9-10 265400]

R2 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool;C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe [2010-6-24 341312]

R2 nlsX86cc;NLS Service;C:\Windows\SysWOW64\NLSSRV32.EXE [2010-6-24 65856]

R2 RapportMgmtService;Rapport Management Service;C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2010-10-3 767208]

R3 amdkmdag;amdkmdag;C:\Windows\System32\drivers\atikmdag.sys [2010-7-7 7195648]

R3 amdkmdap;amdkmdap;C:\Windows\System32\drivers\atikmpag.sys [2010-7-7 265728]

R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\AVGIDSDriver.sys [2010-8-19 157264]

R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\System32\drivers\AVGIDSFilter.sys [2010-8-19 35920]

R3 btusbflt;Bluetooth USB Filter;C:\Windows\System32\drivers\btusbflt.sys [2010-4-14 54824]

R3 enecir;ENE CIR Receiver;C:\Windows\System32\drivers\enecir.sys [2009-6-28 70656]

R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);C:\Windows\System32\drivers\L1C62x64.sys [2009-6-10 57344]

R3 RapportLaunService;Rapport Launching Service;C:\Program Files (x86)\Trusteer\Rapport\bin\RapportLaunService64.exe [2010-10-3 526320]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2010-10-19 48488]

S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-22 1493352]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-7-21 231968]

S3 RTL8023x64;Realtek 10/100 NIC Family NDIS x64 Driver;C:\Windows\System32\drivers\Rtnic64.sys [2009-6-10 51712]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2010-4-19 50688]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-7-23 1255736]

=============== Created Last 30 ================

2010-11-04 22:30:28 -------- d-----w- C:\Users\Loz\AppData\Local\Sunbelt Software

2010-11-03 23:03:13 -------- d-----w- C:\Users\Loz\AppData\Roaming\Malwarebytes

2010-11-03 23:03:08 -------- d-----w- C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE

2010-11-03 23:03:05 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys

2010-11-03 23:03:04 -------- d-----w- C:\PROGRA~3\Malwarebytes

2010-11-03 23:03:02 24664 ----a-w- C:\Windows\System32\drivers\mbam.sys

2010-11-03 23:03:02 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2010-11-02 23:00:36 -------- d--h--w- C:\$AVG

2010-11-02 22:35:54 -------- d-----w- C:\Users\Loz\AppData\Roaming\AVG10

2010-11-02 22:34:13 -------- d--h--w- C:\PROGRA~3\Common Files

2010-11-02 22:34:05 -------- d-----w- C:\Windows\SysWow64\drivers\AVG

2010-11-02 22:33:21 -------- d-----w- C:\Windows\System32\drivers\AVG

2010-11-02 22:33:21 -------- d-----w- C:\PROGRA~3\AVG10

2010-11-02 22:32:25 -------- d-----w- C:\Program Files (x86)\AVG

2010-11-02 22:29:09 -------- d-----w- C:\PROGRA~3\MFAData

2010-11-02 22:07:57 15256 ----a-w- C:\Users\Loz\AppData\Roaming\Microsoft\IdentityCRL\Production\ppcrlconfig.dll

2010-10-31 14:08:45 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy

2010-10-31 14:08:45 -------- d-----w- C:\PROGRA~3\Spybot - Search & Destroy

2010-10-31 14:03:53 -------- d-----w- C:\Users\Loz\AppData\Local\Google

2010-10-31 14:02:50 -------- d-----w- C:\Users\Loz\AppData\Local\Deployment

2010-10-31 14:02:50 -------- d-----w- C:\Users\Loz\AppData\Local\Apps

2010-10-31 12:19:58 -------- d-----w- C:\Users\Loz\AppData\Roaming\SUPERAntiSpyware.com

2010-10-31 12:19:58 -------- d-----w- C:\PROGRA~3\SUPERAntiSpyware.com

2010-10-31 12:19:49 -------- d-----w- C:\PROGRA~3\!SASCORE

2010-10-31 12:19:46 -------- d-----w- C:\Program Files\SUPERAntiSpyware

2010-10-31 11:41:35 1863680 ----a-w- C:\Windows\System32\ExplorerFrame.dll

2010-10-31 11:41:35 1495040 ----a-w- C:\Windows\SysWow64\ExplorerFrame.dll

2010-10-31 11:41:04 -------- d-----w- C:\Program Files (x86)\Feedback Tool

2010-10-29 13:53:04 -------- d-----w- C:\CM60S

2010-10-29 13:52:52 305152 ----a-w- C:\Windows\IsUninst.exe

2010-10-28 14:37:15 737280 ----a-w- C:\Windows\iun6002.exe

2010-10-28 14:37:14 -------- d-----w- C:\Program Files (x86)\AndreaMosaic

2010-10-27 09:23:09 961024 ----a-w- C:\Windows\System32\CPFilters.dll

2010-10-27 09:23:09 641536 ----a-w- C:\Windows\SysWow64\CPFilters.dll

2010-10-27 09:23:09 552960 ----a-w- C:\Windows\System32\msdri.dll

2010-10-27 09:23:08 288256 ----a-w- C:\Windows\System32\MSNP.ax

2010-10-27 09:23:08 258560 ----a-w- C:\Windows\System32\mpg2splt.ax

2010-10-27 09:23:08 204288 ----a-w- C:\Windows\SysWow64\MSNP.ax

2010-10-27 09:23:08 199680 ----a-w- C:\Windows\SysWow64\mpg2splt.ax

2010-10-27 09:22:59 27008 ----a-w- C:\Windows\System32\drivers\Diskdump.sys

2010-10-20 21:08:56 -------- d-----w- C:\Users\Loz\.dvdcss

2010-10-20 19:55:05 -------- d-----w- C:\Program Files (x86)\PS3 Media Server

2010-10-19 21:16:54 -------- d-----w- C:\Windows\en

2010-10-19 21:14:25 48488 ----a-w- C:\Windows\System32\drivers\fssfltr.sys

2010-10-19 21:12:35 69464 ----a-w- C:\Windows\SysWow64\XAPOFX1_3.dll

2010-10-19 21:12:35 515416 ----a-w- C:\Windows\SysWow64\XAudio2_5.dll

2010-10-19 21:12:34 523088 ----a-w- C:\Windows\System32\d3dx10_42.dll

2010-10-19 21:12:34 453456 ----a-w- C:\Windows\SysWow64\d3dx10_42.dll

2010-10-19 21:12:26 469256 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\527057d21cb6fd209\InstallManager_WLE_WLE.exe

2010-10-19 21:12:20 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\505c1d5b1cb6fd208\DSETUP.dll

2010-10-19 21:12:20 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\505c1d5b1cb6fd208\DXSETUP.exe

2010-10-19 21:12:20 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\505c1d5b1cb6fd208\dsetup32.dll

2010-10-19 21:12:18 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\4ec2b0ac1cb6fd207\DSETUP.dll

2010-10-19 21:12:18 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\4ec2b0ac1cb6fd207\DXSETUP.exe

2010-10-19 21:12:18 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\4ec2b0ac1cb6fd207\dsetup32.dll

2010-10-19 21:12:01 -------- d-----w- C:\Users\Loz\AppData\Local\Windows Live

2010-10-19 21:11:29 257024 ----a-w- C:\Windows\System32\mfreadwrite.dll

2010-10-19 21:11:29 206848 ----a-w- C:\Windows\System32\mfps.dll

2010-10-19 21:11:29 196608 ----a-w- C:\Windows\SysWow64\mfreadwrite.dll

2010-10-19 21:11:28 1619456 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL

2010-10-19 21:11:27 4068864 ----a-w- C:\Windows\System32\mf.dll

2010-10-19 21:11:27 1888256 ----a-w- C:\Windows\System32\WMVDECOD.DLL

2010-10-19 21:11:26 3181568 ----a-w- C:\Windows\SysWow64\mf.dll

2010-10-19 20:54:23 -------- d-----w- C:\Users\Loz\AppData\Roaming\IObit

2010-10-19 20:54:22 -------- d-----w- C:\Program Files (x86)\IObit

2010-10-19 19:57:59 -------- d-----w- C:\Program Files (x86)\Audacity

2010-10-15 20:11:56 3123712 ----a-w- C:\Windows\System32\win32k.sys

2010-10-10 20:04:54 -------- d-----w- C:\Program Files\iPod

2010-10-10 20:04:50 -------- d-----w- C:\Program Files\iTunes

2010-10-10 20:02:35 -------- d-----w- C:\Program Files\Bonjour

2010-10-10 20:02:35 -------- d-----w- C:\Program Files (x86)\Bonjour

==================== Find3M ====================

2010-10-30 16:28:32 233960 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr

2010-10-30 16:28:26 233960 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe

2010-10-19 20:51:33 270720 ------w- C:\Windows\System32\MpSigStub.exe

2010-09-22 23:47:28 49016 ----a-w- C:\Windows\SysWow64\sirenacm.dll

2010-09-22 23:32:56 301936 ----a-w- C:\Windows\WLXPGSS.SCR

2010-09-21 13:49:02 252800 ----a-w- C:\Windows\System32\LIVESSP.DLL

2010-09-21 13:03:14 208768 ----a-w- C:\Windows\SysWow64\LIVESSP.DLL

2010-09-20 19:23:28 127808 ----a-w- C:\Windows\SysWow64\MSWINSCK.ocx

2010-09-15 03:50:37 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2010-09-13 16:28:00 27216 ----a-w- C:\Windows\System32\drivers\AVGIDSEH.sys

2010-09-10 05:35:44 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll

2010-09-10 05:35:43 347648 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll

2010-09-08 10:17:46 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx

2010-09-08 10:17:46 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts

2010-09-08 05:36:17 1192960 ----a-w- C:\Windows\System32\wininet.dll

2010-09-08 05:34:34 57856 ----a-w- C:\Windows\System32\licmgr10.dll

2010-09-08 04:30:04 978432 ----a-w- C:\Windows\SysWow64\wininet.dll

2010-09-08 04:28:15 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll

2010-09-08 04:16:38 482816 ----a-w- C:\Windows\System32\html.iec

2010-09-08 03:35:30 1638912 ----a-w- C:\Windows\System32\mshtml.tlb

2010-09-08 03:22:31 386048 ----a-w- C:\Windows\SysWow64\html.iec

2010-09-08 02:48:16 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2010-09-07 03:48:58 381008 ----a-w- C:\Windows\System32\drivers\avgtdia.sys

2010-09-07 03:48:56 41040 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys

2010-09-07 03:48:52 305232 ----a-w- C:\Windows\System32\drivers\avgldx64.sys

2010-09-07 03:48:50 30288 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys

2010-09-01 05:12:09 12625920 ----a-w- C:\Windows\System32\wmploc.DLL

2010-09-01 04:23:49 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL

2010-08-31 04:32:30 954752 ----a-w- C:\Windows\SysWow64\mfc40.dll

2010-08-31 04:32:30 954288 ----a-w- C:\Windows\SysWow64\mfc40u.dll

2010-08-27 06:14:02 236032 ----a-w- C:\Windows\System32\srvsvc.dll

2010-08-27 05:46:48 9728 ----a-w- C:\Windows\SysWow64\sscore.dll

2010-08-27 03:38:04 463360 ----a-w- C:\Windows\System32\drivers\srv.sys

2010-08-27 03:37:48 402944 ----a-w- C:\Windows\System32\drivers\srv2.sys

2010-08-27 03:37:26 161792 ----a-w- C:\Windows\System32\drivers\srvnet.sys

2010-08-26 05:27:28 148992 ----a-w- C:\Windows\System32\t2embed.dll

2010-08-26 04:39:58 109056 ----a-w- C:\Windows\SysWow64\t2embed.dll

2010-08-24 15:43:43 75064 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe

2010-08-21 06:38:47 1024512 ----a-w- C:\Windows\System32\wmpmde.dll

2010-08-21 06:36:49 340992 ----a-w- C:\Windows\System32\schannel.dll

2010-08-21 06:31:06 633856 ----a-w- C:\Windows\System32\comctl32.dll

2010-08-21 06:29:47 558592 ----a-w- C:\Windows\System32\spoolsv.exe

2010-08-21 05:36:33 738816 ----a-w- C:\Windows\SysWow64\wmpmde.dll

2010-08-21 05:36:24 224256 ----a-w- C:\Windows\SysWow64\schannel.dll

2010-08-21 05:33:24 530432 ----a-w- C:\Windows\SysWow64\comctl32.dll

2010-08-19 21:42:38 35920 ----a-w- C:\Windows\System32\drivers\AVGIDSFilter.sys

2010-08-19 21:42:38 157264 ----a-w- C:\Windows\System32\drivers\AVGIDSDriver.sys

2010-08-16 06:50:45 1137664 ----a-w- C:\Windows\System32\FntCache.dll

2010-08-16 06:50:43 1543168 ----a-w- C:\Windows\System32\DWrite.dll

2010-08-16 06:50:42 899072 ----a-w- C:\Windows\System32\d2d1.dll

2010-08-16 06:50:42 320512 ----a-w- C:\Windows\System32\d3d10_1core.dll

2010-08-16 06:50:42 1844224 ----a-w- C:\Windows\System32\d3d10warp.dll

2010-08-16 06:14:36 1076224 ----a-w- C:\Windows\SysWow64\DWrite.dll

2010-08-16 06:14:24 737280 ----a-w- C:\Windows\SysWow64\d2d1.dll

2010-08-16 06:14:24 218624 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll

2010-08-16 06:14:24 1172480 ----a-w- C:\Windows\SysWow64\d3d10warp.dll

2009-06-10 21:23:22 1169224 ----a-w- C:\Program Files (x86)\rst32i.exe

============= FINISH: 12:40:53.54 ===============

Attach.zip

Link to post
Share on other sites

Glad we could help. :P

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.