Help I'm infected

[Guest egliz58]

I'm running Windows XP.My computer starts up very slow.I need help removing viruses and malwarebytes can't find any viruses.I have 2gig of ram and I have a AMD semtron processor.

Thank you for your help.

[screen317]

Hi and welcome to Malwarebytes.

Please update MBAM, run a Quick Scan, and post its log.

Next, download DDS by sUBs and save it to your Desktop.

Double-click on the DDS icon and let the scan run. When it has run two logs will be produced, please post only DDS.txt directly into your reply.

[Guest egliz58]

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_26

Run by John at 0:37:20 on 2011-09-06

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2014.1191 [GMT -7:00]

.

AV: Defender Pro Antivirus *Enabled/Updated* {6C4BB89C-B0ED-4F41-A29C-4373888923BB}

FW: Defender Pro Firewall *Enabled*

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\Program Files\Defender Pro\Defender Pro 5-in-1\vsserv.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\WINDOWS\system32\LEXBCES.EXE

C:\WINDOWS\system32\spoolsv.exe

svchost.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program Files\Defender Pro\Defender Pro 5-in-1\updatesrv.exe

C:\WINDOWS\system32\SearchIndexer.exe

C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

C:\Program Files\Defender Pro\Defender Pro 5-in-1\downloader.exe

C:\Program Files\Defender Pro\Defender Pro 5-in-1\bdagent.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\WINDOWS\system32\lexpps.exe

C:\Program Files\Messenger\msmsgs.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Lexmark 1200 Series\lxczbmon.exe

C:\Program Files\Windows Desktop Search\WindowsSearch.exe

c:\program files\aol toolbar\aoltbServer.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\WINDOWS\system32\SearchProtocolHost.exe

C:\Program Files\Internet Explorer\iexplore.exe

.

============== Pseudo HJT Report ===============

.

uWindow Title = Windows Internet Explorer provided by Yahoo!

uStart Page = hxxp://aol.com/

uDefault_Page_URL = hxxp://www.yahoo.com/?fr=fp-yie8

uURLSearchHooks: YTNavAssist.YTNavAssistPlugin Class: {81017ea9-9aa8-4a6a-9734-7af40e7d593f} - c:\program files\yahoo!\companion\installs\cpn0\YTNavAssist.dll

mURLSearchHooks: AOL Toolbar Search Class: {f0e98552-8e47-4c6c-9b3a-11ab0549f94d} - c:\program files\aol toolbar\aoltb.dll

BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll

BHO: AOL Toolbar Loader: {3ef64538-8b54-4573-b48f-4d34b0238ab2} - c:\program files\aol toolbar\aoltb.dll

BHO: {6f6a5334-78e9-4d9b-8182-8b41ea8c39ef} - AppGraffiti

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn0\YTSingleInstance.dll

TB: Defender Pro Toolbar: {381ffde8-2394-4f90-b10d-fc6124a40f8c} - c:\program files\defender pro\defender pro 5-in-1\IEToolbar.dll

TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll

TB: AOL Toolbar: {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - c:\program files\aol toolbar\aoltb.dll

TB: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File

TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File

uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [nwiz] nwiz.exe /install

mRun: [Defender Pro Antiphishing Helper] "c:\program files\defender pro\defender pro 5-in-1\ieshow.exe"

mRun: [bDAgent] "c:\program files\defender pro\defender pro 5-in-1\bdagent.exe"

mRun: [Advanced System Protector] "c:\program files\systweak\advanced system protector\ASP.exe" /autorun

mRun: [Lexmark 1200 Series] "c:\program files\lexmark 1200 series\lxczbmgr.exe"

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab

DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1313775164437

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

TCP: DhcpNameServer = 209.18.47.61 209.18.47.62

TCP: Interfaces\{38E09EAC-4BD5-4C7A-8777-5BD4787C3842} : DhcpNameServer = 209.18.47.61 209.18.47.62

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll

mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,launchinfsectionex c:\program files\internet explorer\clrtour.inf,DefaultInstall.ResetTour,,12

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\john\application data\mozilla\firefox\profiles\n8kz4l7x.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.aol.com/search/search?query={searchTerms}&invocationType=tb50-ff-aol-chromesbox-en-us&tb_uuid=20110816152455578&tb_oid=16-08-2011&tb_mrud=17-08-2011

FF - prefs.js: browser.search.selectedEngine - Inbox Search

FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/

FF - prefs.js: keyword.URL - hxxp://toolbar.inbox.com/search/dispatcher.aspx?tp=sf&tbid=80501&language=en&qkw=

FF - prefs.js: network.proxy.type - 0

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdnupdater2.dll

.

---- FIREFOX POLICIES ----

FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false

.

============= SERVICES / DRIVERS ===============

.

R1 BdRawPr;BdRawPr;c:\windows\system32\drivers\bdrawpr.sys [2011-8-12 12960]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-8-12 366640]

R2 Updatesrv;BitDefender Desktop Update Service;c:\program files\defender pro\defender pro 5-in-1\updatesrv.exe [2010-8-20 43424]

R3 BDFM;BDFM;c:\windows\system32\drivers\bdfm.sys [2010-4-22 149520]

R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;c:\program files\common files\defender pro\defender pro firewall\bdfndisf.sys [2010-6-18 111696]

R3 CardReaderFilter;Card Reader Filter;c:\windows\system32\drivers\USBCRFT.SYS [2011-8-12 17408]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-8-12 22712]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S3 BCASPROT;Advanced System Protector;\??\c:\program files\systweak\advanced system protector\sasprot32.sys --> c:\program files\systweak\advanced system protector\sasprot32.sys [?]

S3 Update Server;BitDefender Update Server v2;c:\program files\common files\defender pro\defender pro arrakis server\bin\arrakis3.exe [2010-7-23 307544]

S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2004-8-4 14336]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

S4 avc3;avc3;c:\windows\system32\drivers\avc3.sys [2010-6-28 633424]

S4 avckf;avckf;c:\windows\system32\drivers\avckf.sys [2010-6-28 970320]

.

=============== Created Last 30 ================

.

2011-09-04 22:35:04 -------- d-----w- c:\windows\system32\winrm

2011-09-04 22:34:58 -------- dc-h--w- c:\windows\$968930Uinstall_KB968930$

2011-09-02 14:56:57 -------- d--h--w- c:\windows\PIF

2011-09-01 01:51:31 -------- d-----w- c:\windows\system32\wbem\repository\FS

2011-09-01 01:51:31 -------- d-----w- c:\windows\system32\wbem\Repository

2011-09-01 01:22:26 -------- d-----w- c:\windows\NV10201268.TMP

2011-08-29 21:14:30 -------- d-----w- c:\documents and settings\all users\application data\Dumps

2011-08-29 11:03:25 -------- d-----w- c:\windows\NV28402968.TMP

2011-08-29 10:56:38 -------- d-----w- c:\windows\NV11202692.TMP

2011-08-29 10:43:08 647929 ----a-r- c:\windows\system32\drivers\IntelC52.sys

2011-08-29 10:43:08 61157 ----a-r- c:\windows\system32\drivers\IntelC53.sys

2011-08-29 10:43:08 53248 ----a-r- c:\windows\system32\mhwt.dll

2011-08-29 10:43:08 37048 ----a-r- c:\windows\system32\drivers\mohfilt.sys

2011-08-29 10:43:08 172032 ----a-r- c:\windows\system32\intelmoh.dll

2011-08-29 10:43:07 1233525 ----a-r- c:\windows\system32\drivers\IntelC51.sys

2011-08-28 22:00:02 -------- d-----w- c:\program files\common files\Windows Live

2011-08-28 21:49:41 -------- d-----w- c:\windows\system32\XPSViewer

2011-08-28 21:48:36 89088 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll

2011-08-28 21:48:07 117760 ------w- c:\windows\system32\prntvpt.dll

2011-08-28 21:48:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll

2011-08-28 21:48:06 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe

2011-08-28 21:48:06 597504 ------w- c:\windows\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe

2011-08-28 21:48:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll

2011-08-28 21:48:06 575488 ------w- c:\windows\system32\xpsshhdr.dll

2011-08-28 21:48:05 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll

2011-08-28 21:48:05 1676288 ------w- c:\windows\system32\xpssvcs.dll

2011-08-28 21:48:04 -------- d-----w- C:\861d20dc1211ec781bc77d584e8172

2011-08-28 21:17:23 -------- d-----w- c:\windows\pss

2011-08-28 17:24:29 -------- d-----w- c:\documents and settings\john\local settings\application data\ApplicationHistory

2011-08-28 17:21:42 -------- d-----w- c:\windows\system32\URTTEMP

2011-08-26 07:45:07 -------- d-----w- c:\documents and settings\john\application data\AppGraffiti

2011-08-22 15:45:37 -------- d--h--w- c:\windows\msdownld.tmp

2011-08-22 15:39:27 -------- d-----w- C:\30e4d17275d57e3ddd

2011-08-21 19:24:26 73728 ----a-w- c:\windows\system32\javacpl.cpl

2011-08-21 19:24:26 476904 ----a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll

2011-08-21 19:24:26 472808 ----a-w- c:\windows\system32\deployJava1.dll

2011-08-21 15:30:20 709968 ----a-w- c:\windows\isRS-000.tmp

2011-08-20 15:00:28 -------- d-----w- C:\026ca392960398ea7164ef

2011-08-20 14:54:59 274288 ----a-w- c:\windows\system32\mucltui.dll

2011-08-20 14:54:59 16736 ----a-w- c:\windows\system32\mucltui.dll.mui

2011-08-19 12:16:04 -------- d-----w- c:\documents and settings\john\application data\Windows Search

2011-08-19 12:15:52 -------- d-----w- c:\documents and settings\john\application data\Windows Desktop Search

2011-08-19 12:14:36 -------- d-----w- c:\program files\Windows Desktop Search

2011-08-19 12:14:35 -------- d-----w- c:\windows\system32\GroupPolicy

2011-08-19 12:13:22 98304 -c----w- c:\windows\system32\dllcache\nlhtml.dll

2011-08-19 12:13:22 29696 -c----w- c:\windows\system32\dllcache\mimefilt.dll

2011-08-19 12:13:22 192000 -c----w- c:\windows\system32\dllcache\offfilt.dll

2011-08-19 12:12:26 7680 -c----w- c:\windows\system32\dllcache\iecompat.dll

2011-08-17 15:23:39 -------- d-----w- c:\program files\AOL Toolbar

2011-08-17 15:23:29 -------- d-----w- c:\program files\common files\Software Update Utility

2011-08-17 01:34:57 194560 ----a-r- c:\windows\system32\NEWB.tmp

2011-08-17 01:34:57 194560 ----a-r- c:\windows\system32\fdco1.dll

2011-08-17 01:34:56 54400 ----a-r- c:\windows\system32\drivers\NVENETFD.sys

2011-08-17 01:34:53 356352 ----a-w- c:\windows\system32\nvunrm.exe

2011-08-17 01:30:06 9216 ----a-w- c:\windows\system32\bdco1.dll

2011-08-17 01:30:06 36864 ----a-w- c:\windows\system32\nvconrm.dll

2011-08-17 01:30:05 886912 ----a-r- c:\windows\system32\drivers\nvnrm.sys

2011-08-17 01:30:05 22016 ----a-r- c:\windows\system32\drivers\nvnetbus.sys

2011-08-16 14:18:25 -------- d-----w- c:\documents and settings\john\local settings\application data\Google

2011-08-16 03:21:02 304128 ----a-w- c:\windows\IsUninst.exe

2011-08-15 13:32:41 -------- d-----w- c:\program files\Yahoo!

2011-08-15 04:37:27 -------- d-----w- c:\documents and settings\all users\application data\FileCure

2011-08-14 19:22:20 -------- d-----w- c:\program files\Windows Media Connect 2

2011-08-14 19:21:04 -------- d-----w- c:\windows\system32\LogFiles

2011-08-14 03:18:00 78336 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\LXCZPP5C.DLL

2011-08-14 03:18:00 73728 ----a-w- c:\windows\system32\lxczpwr.dll

2011-08-14 03:18:00 69632 ----a-w- c:\windows\system32\LXCZCU.DLL

2011-08-14 03:18:00 40960 ----a-w- c:\windows\system32\lxczvs.dll

2011-08-14 03:18:00 40960 ----a-w- c:\windows\system32\INSTMON.EXE

2011-08-14 03:18:00 311296 ----a-w- c:\windows\system32\LEXBCES.EXE

2011-08-14 03:18:00 201216 ----a-w- c:\windows\system32\LEXP2P32.DLL

2011-08-14 03:18:00 198144 ----a-w- c:\windows\system32\LEX2KUSB.DLL

2011-08-14 03:18:00 174592 ----a-w- c:\windows\system32\LEXPPS.EXE

2011-08-14 03:18:00 155648 ----a-w- c:\windows\system32\LEXPING.EXE

2011-08-14 03:18:00 147456 ----a-w- c:\windows\system32\LEXBCE.DLL

2011-08-14 03:16:55 -------- d-----w- C:\Lexmark

2011-08-14 03:11:00 907456 -c--a-w- c:\windows\system32\dllcache\hcf_msft.sys

2011-08-14 03:11:00 907456 ----a-w- c:\windows\system32\drivers\HCF_MSFT.sys

2011-08-14 02:54:32 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll

2011-08-14 02:54:26 456320 -c----w- c:\windows\system32\dllcache\mrxsmb.sys

2011-08-14 02:54:16 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll

2011-08-14 02:53:41 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys

2011-08-14 02:53:14 139656 -c----w- c:\windows\system32\dllcache\rdpwd.sys

2011-08-14 02:53:13 105472 -c----w- c:\windows\system32\dllcache\mup.sys

2011-08-14 02:52:01 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys

2011-08-14 02:51:45 45568 -c----w- c:\windows\system32\dllcache\wab.exe

2011-08-13 17:26:56 7168 -c--a-w- c:\windows\system32\dllcache\f3ahvoas.dll

2011-08-13 17:24:49 56623 ------w- c:\windows\system32\drivers\ati1btxx.sys

2011-08-13 17:23:42 19569 ----a-w- c:\windows\002576_.tmp

2011-08-13 17:23:36 -------- d-----w- c:\windows\system32\ReinstallBackups

2011-08-13 17:20:51 -------- d-----w- c:\windows\EHome

2011-08-13 16:43:28 8192 -c--a-w- c:\windows\system32\dllcache\kbdkor.dll

2011-08-13 16:43:28 8192 ----a-w- c:\windows\system32\kbdkor.dll

2011-08-13 16:43:27 8704 -c--a-w- c:\windows\system32\dllcache\kbdjpn.dll

2011-08-13 16:43:27 8704 ----a-w- c:\windows\system32\kbdjpn.dll

2011-08-13 16:43:27 6144 -c--a-w- c:\windows\system32\dllcache\kbd106.dll

2011-08-13 16:43:27 6144 -c--a-w- c:\windows\system32\dllcache\kbd101c.dll

2011-08-13 16:43:27 6144 ----a-w- c:\windows\system32\kbd106.dll

2011-08-13 16:43:27 6144 ----a-w- c:\windows\system32\kbd101c.dll

2011-08-13 16:43:27 5632 -c--a-w- c:\windows\system32\dllcache\kbd103.dll

2011-08-13 16:43:27 5632 ----a-w- c:\windows\system32\kbd103.dll

2011-08-13 16:43:25 6144 -c--a-w- c:\windows\system32\dllcache\kbd101b.dll

2011-08-13 16:43:25 6144 ----a-w- c:\windows\system32\kbd101b.dll

2011-08-13 16:34:40 -------- d-----w- c:\documents and settings\john\application data\MSNInstaller

2011-08-13 15:48:23 -------- d-----w- c:\windows\ServicePackFiles

2011-08-13 15:47:23 -------- d-----w- c:\windows\ie8updates

2011-08-13 11:30:01 -------- d-----w- c:\documents and settings\john\local settings\application data\AOL Toolbar

2011-08-13 11:29:54 -------- d-----w- c:\documents and settings\all users\application data\AOL Toolbar

2011-08-13 11:27:58 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-08-13 11:26:24 -------- d-sh--w- c:\documents and settings\john\IECompatCache

2011-08-13 10:23:30 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe

2011-08-13 10:21:51 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll

2011-08-13 10:21:31 272128 -c----w- c:\windows\system32\dllcache\bthport.sys

2011-08-13 10:21:19 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll

2011-08-13 10:21:03 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll

2011-08-13 10:21:03 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll

2011-08-13 10:18:42 5120 ----a-w- c:\windows\system32\xpsp4res.dll

2011-08-13 10:18:41 218112 -c----w- c:\windows\system32\dllcache\wordpad.exe

2011-08-13 10:00:17 -------- d-----w- c:\windows\system32\PreInstall

2011-08-13 03:42:56 210944 ----a-w- c:\windows\Msvcrt10.dll

2011-08-13 03:26:09 90112 ----a-w- c:\windows\Dit.exe

2011-08-13 03:26:09 61440 ----a-w- c:\windows\DitExp.exe

2011-08-13 03:26:09 290816 ------r- c:\windows\Dit.DLL

2011-08-13 03:26:09 17408 ----a-w- c:\windows\system32\drivers\USBCRFT.SYS

2011-08-13 03:25:59 729088 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iKernel.dll

2011-08-13 03:25:59 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\ctor.dll

2011-08-13 03:25:59 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\DotNetInstaller.exe

2011-08-13 03:25:59 266240 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iscript.dll

2011-08-13 03:25:59 192512 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iuser.dll

2011-08-13 03:25:50 311428 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\setup.dll

2011-08-13 03:25:50 188548 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iGdi.dll

2011-08-13 03:23:52 210944 ----a-w- c:\program files\windows nt\accessories\Msvcrt10.dll

2011-08-13 03:17:43 86016 ----a-w- c:\windows\unvise32.exe

2011-08-13 02:55:02 -------- d-----w- c:\program files\ZipCentral

2011-08-13 02:44:49 86016 -c----w- c:\windows\system32\dllcache\cabview.dll

2011-08-13 02:31:15 -------- d-----w- c:\windows\system32\SoftwareDistribution

2011-08-13 02:28:15 -------- d-----w- c:\program files\Jasc Software Inc

2011-08-13 02:27:29 -------- d-----w- c:\program files\common files\SWF Studio

2011-08-13 02:24:49 -------- d-----w- c:\documents and settings\john\local settings\application data\Identities

2011-08-13 02:11:02 -------- d-----w- c:\documents and settings\john\application data\Malwarebytes

2011-08-13 02:10:59 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-08-13 02:10:59 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes

2011-08-13 02:10:56 22712 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-08-13 02:10:56 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-08-13 02:03:08 -------- d-sh--w- c:\documents and settings\john\PrivacIE

2011-08-13 02:02:09 -------- d-sh--w- c:\documents and settings\john\IETldCache

.

==================== Find3M ====================

.

2011-08-13 01:47:20 60062 ----a-w- c:\documents and settings\all users\application data\bdinstall.bin

2011-08-13 01:41:51 306104 ----a-w- c:\windows\system32\drivers\trufos.sys

2011-08-13 01:24:16 315392 ----a-w- c:\windows\HideWin.exe

2011-07-15 13:29:31 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys

2011-07-08 14:02:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys

2011-06-24 14:10:36 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys

2011-06-23 18:36:30 916480 ----a-w- c:\windows\system32\wininet.dll

2011-06-23 18:36:30 43520 ----a-w- c:\windows\system32\licmgr10.dll

2011-06-23 18:36:30 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2011-06-23 12:05:13 385024 ----a-w- c:\windows\system32\html.iec

2011-06-20 17:44:52 293376 ----a-w- c:\windows\system32\winsrv.dll

.

============= FINISH: 0:38:43.53 ===============

[screen317]

Hi,

Please update MBAM, run a Quick Scan, and post its log.

Next, please visit this webpage for instructions for running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

• When the tool is finished, it will produce a report for you.
  
• Please post the C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.

-screen317

[screen317]

Are you still with us? This topic will be closed in a few days if we do not hear back from you.

[AdvancedSetup]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!