Jump to content

Recommended Posts

I'll have a log report up soon, but this thing has been causing me anxiety of the past 2 weeks of not being able to remove the dang thing

if anyone wants the zip file of the folder in the C:/windows/temp section that I created for this purpose, then I can attach it in an edit, or just now since there's a 48 hour response time for this

in the attached file, you pro's may recognize this nasty file

currently scanning again with MBAM though, logs up in a bit

**please help me, it doesn't leave no matter what I do =[**

Link to post
Share on other sites

  • Staff

Hi and welcome to Malwarebytes.

Please update MBAM, run a Quick Scan, and post its log.

Next, download DDS by sUBs and save it to your Desktop.

Double-click on the DDS icon and let the scan run. When it has run two logs will be produced, please post only DDS.txt directly into your reply.

Link to post
Share on other sites

ok, here's the logs, MBAM can't detect anything of this virus, and only other scanners can. So advice I've had before about removing all other scanners may do me in with this. AVG has done a fine job of detecting it however, but the malware likes to disable all my firewalls

MBAM log:

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

Database version: 6507

Windows 6.1.7600

Internet Explorer 8.0.7600.16385

5/4/2011 10:19:22 PM

mbam-log-2011-05-04 (22-19-22).txt

Scan type: Quick scan

Objects scanned: 171395

Time elapsed: 2 minute(s), 44 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

and now the DDS

.

DDS (Ver_11-03-05.01) - NTFSx86

Run by Allan at 21:53:54.70 on Wed 05/04/2011

Internet Explorer: 8.0.7600.16385

Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.3071.1524 [GMT -4:00]

.

AV: AVG Internet Security 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Internet Security 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: IObit Security 360 *Disabled/Outdated* {FAE2835A-B90A-9E7A-85DA-82DBDA7C1E3A}

FW: AVG Firewall *Disabled* {621CC794-9486-F902-D092-0484E8EA828B}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\taskhost.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe

C:\Program Files\NETGEAR\WN311B\Utility\WN311B.exe

C:\Windows\System32\nvraidservice.exe

C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Real\RealPlayer\Update\realsched.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\DivX\DivX Update\DivXUpdate.exe

C:\Program Files\AVG\AVG10\avgtray.exe

C:\Program Files\IObit\IObit Security 360\is360tray.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Steam\Steam.exe

C:\Program Files\Logitech\Vid HD\Vid.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\AVG\AVG10\avgfws.exe

C:\Program Files\AVG\AVG10\avgwdsvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe

C:\Program Files\IObit\IObit Security 360\IS360srv.exe

C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe

C:\Program Files\Microsoft\BingBar\SeaPort.EXE

C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Windows\system32\WN311BFCS.exe

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\AVG\AVG10\avgam.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\AVG\AVG10\avgnsx.exe

C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe

C:\Program Files\AVG\AVG10\avgemcx.exe

C:\Windows\system32\conhost.exe

C:\Program Files\AVG\AVG10\avgcsrvx.exe

C:\Program Files\AVG\AVG10\avgchsvx.exe

C:\Program Files\AVG\AVG10\avgrsx.exe

C:\Program Files\AVG\AVG10\avgcsrvx.exe

C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\iPod\bin\iPodService.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\WUDFHost.exe

C:\Program Files\Common Files\Steam\SteamService.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Windows\system32\rundll32.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Users\Allan\Downloads\dds.scr

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.bing.com/?pc=ZUGO&form=ZGAPHP

uSearch Bar = Preserve

mDefault_Page_URL = hxxp://www.yahoo.com

mStart Page = hxxp://www.yahoo.com

uInternet Settings,ProxyOverride = *.local

uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg10\toolbar\IEToolbar.dll

mURLSearchHooks: Runescape Toolbar: {a8864317-e18b-4292-99d9-e6e65ab905d3} - c:\program files\runescape\tbRune.dll

mURLSearchHooks: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - c:\program files\bittorrentbar\tbBit1.dll

mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg10\toolbar\IEToolbar.dll

BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\programdata\real\realplayer

\browserrecordplugin\ie\rpbrowserrecordplugin.dll

BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngin0.dll

BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\npdivx32.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dll

BHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - c:\program files\divx\divx plus web player\npdivx32.dll

BHO: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - c:\program files\bittorrentbar\tbBit1.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live

\WindowsLiveLogin.dll

BHO: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - c:\program files\search toolbar\SearchToolbar.dll

BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg10\toolbar\IEToolbar.dll

BHO: Runescape Toolbar: {a8864317-e18b-4292-99d9-e6e65ab905d3} - c:\program files\runescape\tbRune.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll

BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "c:\program files\microsoft\bingbar\BingExt.dll"

BHO: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

TB: Runescape Toolbar: {a8864317-e18b-4292-99d9-e6e65ab905d3} - c:\program files\runescape\tbRune.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - c:\program files\bittorrentbar\tbBit1.dll

TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngin0.dll

TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll

TB: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - c:\program files\search toolbar\SearchToolbar.dll

TB: Veoh Web Player Video Finder: {0fbb9689-d3d7-4f7a-a2e2-585b10099bfc} - c:\program files\veoh networks\veohwebplayer\VeohIEToolbar.dll

TB: Veoh Video Compass: {52836eb0-631a-47b1-94a6-61f9d9112dae} - c:\program files\veoh networks\veoh video compass\SearchRecsPlugin.dll

TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar\BingExt.dll"

TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg10\toolbar\IEToolbar.dll

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [steam] "c:\program files\steam\Steam.exe" -silent

uRun: [bitTorrent] "c:\program files\bittorrent\BitTorrent.exe"

uRun: [VeohPlugin] "c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe"

uRun: [Logitech Vid] "c:\program files\logitech\vid hd\Vid.exe" -bootmode

uRun: [ManyCam] "c:\program files\manycam\bin\ManyCam.exe" /silent

mRun: [AS00_WN311B] c:\program files\netgear\wn311b\utility\WN311B.exe /hide

mRun: [NVRaidService] c:\windows\system32\nvraidservice.exe

mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [switchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe

mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin

mRun: [AdobeCS4ServiceManager] "c:\program files\common files\adobe\cs4servicemanager\CS4ServiceManager.exe" -launchedbylogin

mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript

mRun: [LWS] c:\program files\logitech\lws\webcam software\LWS.exe -hide

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW

mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe

mRun: [iObit Security 360] "c:\program files\iobit\iobit security 360\IS360tray.exe" /autostart

StartupFolder: c:\users\allan\appdata\roaming\micros~1\windows\startm~1\programs\startup\frostw~1.lnk - c:\program files\frostwire\FrostWire.exe

StartupFolder: c:\users\allan\appdata\roaming\micros~1\windows\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\ereg\eReg.exe

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} - hxxp://utilities.pcpitstop.com/Optimize3/pcpitstop2.dll

Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\avg\avg10\toolbar\IEToolbar.dll

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

.

============= SERVICES / DRIVERS ===============

.

R?2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia updatus\daemonu.exe [2011-4-19 2218600]

R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-2-22 22992]

R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-1-19 32464]

R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [2011-4-27 16184]

R1 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwd6x.sys [2010-7-12 54112]

R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-1-7 248656]

R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-3-1 34896]

R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-2-10 296400]

R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]

R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656]

R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128]

R2 avgfws;AVG Firewall;c:\program files\avg\avg10\avgfws.exe [2011-2-8 2707512]

R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [2011-2-15 7421280]

R2 avgwd;AVG WatchDog;c:\program files\avg\avg10\avgwdsvc.exe [2011-2-8 269520]

R2 IS360service;IS360service;c:\program files\iobit\iobit security 360\is360srv.exe [2011-4-27 312152]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2009-7-14 239648]

R2 WN311BFCS;Netgear WN311B Wireless Control Service;c:\windows\system32\WN311BFCS.exe [2010-9-20 393216]

R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-3-30 134480]

R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-2-10 24144]

R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-2-10 21968]

R3 NETGEAR;Netgear 802.11 Network Adapter Driver;c:\windows\system32\drivers\WN311B.SYS [2010-9-20 1187320]

R3 SrvHsfPCI;SrvHsfPCI;c:\windows\system32\drivers\VSTBS23.SYS [2009-7-13 266752]

R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]

R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504]

S2 Adobe Licensing Console;Adobe Licensing Console;c:\windows\system32\msvfd32.exe [2011-4-14 818087]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-9-21 136176]

S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg10\toolbar\ToolbarBroker.exe [2011-4-22 947528]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]

S3 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-2-28 183560]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-9-21 136176]

S3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\system32\svchost.exe -k nosGetPlusHelper [2009-7-13 20992]

S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]

S3 SwitchBoard;Adobe SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]

S3 USBPNPA;USB PnP Sound Device Interface;c:\windows\system32\drivers\CM108.sys [2007-6-28 1310720]

S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-9-22 1343400]

.

=============== Created Last 30 ================

.

2011-05-04 22:09:47 -------- d-----w- c:\users\allan\appdata\roaming\SUPERAntiSpyware.com

2011-05-03 05:10:31 539968 ----a-w- c:\progra~2\microsoft\ehome\packages\mcespotlight\mcespotlight-2\SpotlightResources.dll

2011-05-02 23:58:01 -------- d-----w- c:\program files\SUPERAntiSpyware

2011-05-02 06:20:39 -------- d-----w- c:\windows\.jagex_cache_32

2011-04-28 06:45:05 -------- d-----w- C:\VundoFix Backups

2011-04-28 00:24:31 -------- d-----w- c:\progra~2\IObit

2011-04-28 00:23:38 29008 ----a-w- c:\windows\system32\SmartDefragBootTime.exe

2011-04-28 00:23:36 -------- d-----w- c:\users\allan\appdata\roaming\IObit

2011-04-28 00:23:35 16184 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys

2011-04-28 00:21:47 -------- d-----w- c:\program files\IObit

2011-04-28 00:19:19 -------- d-----w- c:\users\allan\appdata\roaming\Auslogics

2011-04-28 00:18:09 -------- d-----w- c:\program files\Auslogics

2011-04-28 00:17:28 -------- d-----w- c:\program files\CCleaner

2011-04-27 21:42:49 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-04-27 21:42:45 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-04-27 21:42:45 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-04-26 00:02:38 -------- d-----w- c:\program files\Tag

2011-04-25 22:18:17 -------- d-----w- c:\program files\Ace of Spades

2011-04-22 17:46:59 -------- d-----w- c:\users\allan\appdata\roaming\AVG

2011-04-22 16:00:54 -------- d--h--w- C:\$AVG

2011-04-22 15:33:21 -------- d-----w- c:\users\allan\appdata\roaming\AVG10

2011-04-22 15:28:23 -------- d--h--w- c:\progra~2\Common Files

2011-04-22 15:28:16 -------- d-----w- c:\progra~2\AVG Security Toolbar

2011-04-22 15:26:36 -------- d-----w- c:\windows\system32\drivers\AVG

2011-04-22 15:26:35 -------- d-----w- c:\progra~2\AVG10

2011-04-22 15:25:48 -------- d-----w- c:\program files\AVG

2011-04-22 15:23:26 -------- d-----w- c:\progra~2\MFAData

2011-04-22 00:59:44 7071056 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{693049f4-c65d-4c6d-93a6-4a4dc83fd62f}\mpengine.dll

2011-04-22 00:17:43 -------- d-----w- c:\progra~2\SUPERAntiSpyware.com

2011-04-19 05:37:49 -------- d-----w- c:\progra~2\NVIDIA Corporation

2011-04-19 05:37:32 944232 ----a-w- c:\windows\system32\nvdispco3220140.dll

2011-04-19 05:37:32 855656 ----a-w- c:\windows\system32\nvgenco322060.dll

2011-04-19 05:37:32 57960 ----a-w- c:\windows\system32\OpenCL.dll

2011-04-19 05:37:32 5180824 ----a-w- c:\windows\system32\nvcuda.dll

2011-04-19 05:37:32 2765928 ----a-w- c:\windows\system32\nvcuvid.dll

2011-04-19 05:37:32 2074216 ----a-w- c:\windows\system32\nvcuvenc.dll

2011-04-19 05:37:32 15227496 ----a-w- c:\windows\system32\nvoglv32.dll

2011-04-19 05:37:32 13007464 ----a-w- c:\windows\system32\nvcompiler.dll

2011-04-19 05:37:32 10690024 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys

2011-04-19 05:15:35 -------- d-----w- c:\users\allan\appdata\roaming\.minecraft

2011-04-16 10:48:29 -------- d-----w- c:\users\allan\appdata\local\DDMSettings

2011-04-16 10:46:54 -------- d-----w- c:\program files\common files\PX Storage Engine

2011-04-16 10:46:23 -------- d-----w- c:\program files\common files\DivX Shared

2011-04-16 10:45:37 -------- d-----w- c:\program files\DivX

2011-04-16 10:45:02 -------- d-----w- c:\progra~2\DivX

2011-04-14 23:31:02 311296 ----a-w- c:\windows\system32\drivers\srv.sys

2011-04-14 23:31:02 309760 ----a-w- c:\windows\system32\drivers\srv2.sys

2011-04-14 23:31:02 113664 ----a-w- c:\windows\system32\drivers\srvnet.sys

2011-04-14 23:31:01 428032 ----a-w- c:\windows\system32\vbscript.dll

2011-04-14 04:53:20 -------- d-----w- c:\program files\a-squared Anti-Dialer

2011-04-14 04:37:52 -------- d-----w- c:\program files\ASIO4ALL v2

2011-04-14 04:37:10 225280 ----a-w- c:\windows\system32\rewire.dll

2011-04-14 04:36:55 1554944 ----a-w- c:\windows\system32\vorbis.acm

2011-04-14 04:36:43 -------- d-----w- c:\program files\VstPlugins

2011-04-14 04:36:40 -------- d-----w- c:\program files\Outsim

2011-04-14 04:35:27 -------- d-----w- c:\program files\Image-Line

2011-04-14 04:33:51 818087 ----a-w- c:\windows\system32\msvfd32.exe

2011-04-08 02:45:08 580200 ----a-w- c:\windows\system32\easyUpdatusAPIU.dll

2011-04-08 02:45:06 612456 ----a-w- c:\windows\system32\nvvsvc.exe

2011-04-08 02:45:06 111208 ----a-w- c:\windows\system32\nvmctray.dll

2011-04-08 02:44:58 3701352 ----a-w- c:\windows\system32\nvcpl.dll

2011-04-08 02:44:48 2565224 ----a-w- c:\windows\system32\nvsvc.dll

.

==================== Find3M ====================

.

2011-04-08 05:14:00 2034280 ----a-w- c:\windows\system32\nvapi.dll

2011-04-08 05:14:00 10071656 ----a-w- c:\windows\system32\nvd3dum.dll

2011-03-16 19:55:49 499712 ----a-w- c:\windows\system32\msvcp71.dll

2011-03-16 19:55:49 348160 ----a-w- c:\windows\system32\msvcr71.dll

2011-03-12 11:31:58 442880 ----a-w- c:\windows\system32\XpsPrint.dll

2011-03-11 05:40:24 1164288 ----a-w- c:\windows\system32\mfc42u.dll

2011-03-11 05:40:24 1137664 ----a-w- c:\windows\system32\mfc42.dll

2011-03-11 05:39:35 1686016 ----a-w- c:\windows\system32\esent.dll

2011-03-11 05:37:34 74240 ----a-w- c:\windows\system32\fsutil.exe

2011-03-08 05:38:13 740864 ----a-w- c:\windows\system32\inetcomm.dll

2011-03-03 05:29:23 132608 ----a-w- c:\windows\system32\dnsrslvr.dll

2011-03-03 05:27:30 28672 ----a-w- c:\windows\system32\dnscacheugc.exe

2011-03-03 03:31:32 2331136 ----a-w- c:\windows\system32\win32k.sys

2011-02-26 05:33:07 2614784 ----a-w- c:\windows\explorer.exe

2011-02-24 05:32:52 288256 ----a-w- c:\windows\system32\XpsGdiConverter.dll

2011-02-24 05:32:44 981504 ----a-w- c:\windows\system32\wininet.dll

2011-02-24 05:30:16 44544 ----a-w- c:\windows\system32\licmgr10.dll

2011-02-24 04:23:48 386048 ----a-w- c:\windows\system32\html.iec

2011-02-24 03:50:26 1638912 ----a-w- c:\windows\system32\mshtml.tlb

2011-02-19 05:33:11 802304 ----a-w- c:\windows\system32\FntCache.dll

2011-02-19 05:32:48 1074176 ----a-w- c:\windows\system32\DWrite.dll

2011-02-19 05:32:35 739840 ----a-w- c:\windows\system32\d2d1.dll

2011-02-19 05:32:08 34304 ----a-w- c:\windows\system32\atmlib.dll

2011-02-19 03:37:02 294912 ----a-w- c:\windows\system32\atmfd.dll

2011-02-18 05:33:29 31232 ----a-w- c:\windows\system32\prevhost.exe

2011-02-12 05:30:49 191488 ----a-w- c:\windows\system32\FXSCOVER.exe

.

============= FINISH: 21:54:39.64 ===============

Link to post
Share on other sites

based on the lack of support I've received from this thread, I searched a decent amount to find another on these forums that suffered the same virus as I and followed the advice they received. So far, the malware has not regenerated or shown up in any processes so I think ComboFix did a right well job of destroying it. I may update here if it shows up again, but I think I'm finally in the clear.

after just about 2-3 days of no response I took my own gamble and decided to go on other support.

I do know you're busy and not getting payed for this, but I was a wee bit disappointed with my no responses =[

Link to post
Share on other sites

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.