Jump to content

I clicked on a link I should not have and I believe I'm infected


Recommended Posts

I unfortunately clicked on a adobe attachement within an email which took me to a known malware site. I have Malwarebytes Pro running and I have run the scan a number of times with zero positive hits, so maybe the Malware was blocked but I need to be sure.

Can you help me?

Respectfully

Joe13468

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421

Run by Joe at 15:45:10 on 2011-11-01

Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.12279.8770 [GMT -4:00]

.

AV: ZoneAlarm Antivirus *Enabled/Updated* {DE038A5B-9EDD-18A9-2361-FF7D98D43730}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: ZoneAlarm Anti-Spyware *Enabled/Updated* {65626BBF-B8E7-1727-19D1-C40FE3537D8D}

FW: ZoneAlarm Firewall *Enabled* {E6380B7E-D4B2-19F1-083E-56486607704B}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\WUDFHost.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe

C:\Windows\system32\nvvsvc.exe

C:\Program Files\Protector Suite\upeksvr.exe

C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k WbioSvcGroup

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\Advanced System Optimizer 3\ASO3DefragSrv64.exe

C:\Program Files (x86)\Bonjour\mDNSResponder.exe

C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe

C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe

C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe

C:\Program Files (x86)\LG Electronics\LGE LTE Driver\LGVL600SVC.exe

C:\Program Files (x86)\Hotkey\PowerBiosServer.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\SolarWinds\Toolset\SWBrowserIntegration.exe

C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\taskhost.exe

C:\Program Files\CheckPoint\ZAForceField\ForceField.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files (x86)\BisonCam\BisonHK.exe

C:\Program Files (x86)\BisonCam\DeLay.exe

C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files\Protector Suite\psqltray.exe

C:\Windows\WindowsMobile\wmdc.exe

C:\Program Files\Zune\ZuneLauncher.exe

C:\Windows\system32\svchost.exe -k WindowsMobile

C:\Program Files (x86)\Advanced System Optimizer 3\ASO3.exe

C:\Program Files (x86)\Hotkey\Hotkey.exe

C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe

C:\Program Files (x86)\Password Safe\pwsafe.exe

C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\Advanced System Optimizer 3\systemprotector.exe

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\PROGRA~2\CHECKP~1\ZONEAL~1\MAILFR~1\mantispm.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe

C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\RegServe\RSListener.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Windows\splwow64.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\DllHost.exe

.

============== Pseudo HJT Report ===============

.

uInternet Settings,ProxyOverride = *.local

uURLSearchHooks: ZoneAlarm Extreme Security Toolbar: {a94e8dc9-07aa-45a7-8af2-a0375473a5cd} - C:\Program Files (x86)\ZoneAlarm_Extreme_Security\prxtbZone.dll

mURLSearchHooks: ZoneAlarm Extreme Security Toolbar: {a94e8dc9-07aa-45a7-8af2-a0375473a5cd} - C:\Program Files (x86)\ZoneAlarm_Extreme_Security\prxtbZone.dll

mWinlogon: Userinit=userinit.exe,

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Conduit Engine : {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\prxConduitEngin.dll

BHO: ZoneAlarm Security Engine Registrar: {8a4a36c2-0535-4d2c-bd3d-496cb7eed6e3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll

BHO: ZoneAlarm Extreme Security Toolbar: {a94e8dc9-07aa-45a7-8af2-a0375473a5cd} - C:\Program Files (x86)\ZoneAlarm_Extreme_Security\prxtbZone.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB: ZoneAlarm Security Engine: {ee2ac4e5-b0b0-4ec6-88a9-bca1a32ab107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll

TB: ZoneAlarm Extreme Security Toolbar: {a94e8dc9-07aa-45a7-8af2-a0375473a5cd} - C:\Program Files (x86)\ZoneAlarm_Extreme_Security\prxtbZone.dll

TB: Conduit Engine : {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\prxConduitEngin.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

mRun: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

mRun: [MaxMenuMgr] "C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe"

mRun: [solarWindsToolsetIntegrationTrayApp] "C:\Program Files (x86)\SolarWinds\Toolset\\ToolsetIntegrationTray.exe" /autostart"

mRun: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"

mRun: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"

mRun: [RemoteControl8] "C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe"

mRun: [PDVD8LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe"

mRun: [updatePSTShortCut] "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [ZoneAlarm] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

StartupFolder: C:\Users\Joe\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\PASSWO~1.LNK - C:\Program Files (x86)\Password Safe\pwsafe.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\Hotkey.lnk - C:\Program Files (x86)\Hotkey\Hotkey.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableLUA = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

mPolicies-system: PromptOnSecureDesktop = 0 (0x0)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html

IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://juniper.net/dana-cached/sc/JuniperSetupClient.cab

TCP: DhcpNameServer = 68.87.73.246 68.87.71.230

TCP: Interfaces\{300B7FA1-9446-48A6-B8FA-7DA78D5D01E6} : DhcpNameServer = 68.87.73.246 68.87.71.230

TCP: Interfaces\{49D75268-0909-45E6-9AF2-B1EC23D0CCDE} : DhcpNameServer = 66.174.95.44 66.174.92.14

TCP: Interfaces\{56F193AA-D1B4-4657-B5D9-DAA0D24246E3} : DhcpNameServer = 69.78.134.231 69.78.80.231

TCP: Interfaces\{B71366B7-5AE7-499E-BD4A-244D2FA8179C} : DhcpNameServer = 69.78.134.231 69.78.80.231

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL

Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll

LSA: Notification Packages = scecli C:\Program Files\Protector Suite\psqlpwd.dll

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: Conduit Engine : {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngin.dll

BHO-X64: Conduit Engine - No File

BHO-X64: ZoneAlarm Security Engine Registrar: {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll

BHO-X64: ZoneAlarm Security Engine Registrar - No File

BHO-X64: ZoneAlarm Extreme Security Toolbar: {a94e8dc9-07aa-45a7-8af2-a0375473a5cd} - C:\Program Files (x86)\ZoneAlarm_Extreme_Security\prxtbZone.dll

BHO-X64: ZoneAlarm Extreme Security - No File

BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

BHO-X64: URLRedirectionBHO - No File

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB-X64: ZoneAlarm Security Engine: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll

TB-X64: ZoneAlarm Extreme Security Toolbar: {a94e8dc9-07aa-45a7-8af2-a0375473a5cd} - C:\Program Files (x86)\ZoneAlarm_Extreme_Security\prxtbZone.dll

TB-X64: Conduit Engine : {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngin.dll

TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

mRun-x64: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

mRun-x64: [MaxMenuMgr] "C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe"

mRun-x64: [solarWindsToolsetIntegrationTrayApp] "C:\Program Files (x86)\SolarWinds\Toolset\\ToolsetIntegrationTray.exe" /autostart"

mRun-x64: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"

mRun-x64: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"

mRun-x64: [RemoteControl8] "C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe"

mRun-x64: [PDVD8LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe"

mRun-x64: [updatePSTShortCut] "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun-x64: [ZoneAlarm] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe

mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

.

============= SERVICES / DRIVERS ===============

.

R1 kl2;kl2;C:\Windows\system32\DRIVERS\kl2.sys --> C:\Windows\system32\DRIVERS\kl2.sys [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]

R2 ASO3DiskOptimizer;ASO3DiskOptimizer;C:\Program Files (x86)\Advanced System Optimizer 3\ASO3DefragSrv64.exe [2011-1-18 263480]

R2 FreeAgentGoNext Service;Seagate Service;C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe [2009-9-26 189736]

R2 ISWKL;ZoneAlarm ForceField ISWKL;C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [2010-8-27 33672]

R2 IswSvc;ZoneAlarm ForceField IswSvc;C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe [2010-8-27 827520]

R2 LGE NDIS Connection Service;LGE NDIS Connection Service;C:\Program Files (x86)\LG Electronics\LGE LTE Driver\LGVL600SVC.exe [2010-11-12 140224]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-9-14 366152]

R2 PowerBiosServer;PowerBiosServer;C:\Program Files (x86)\Hotkey\PowerBiosServer.exe [2010-6-24 32256]

R2 SWBrowserIntegration;SolarWinds Orion Toolset Integration Service;C:\Program Files (x86)\Solarwinds\Toolset\SWBrowserIntegration.exe [2010-5-6 44168]

R3 icsak;icsak;C:\Program Files\CheckPoint\ZAForceField\AK\icsak.sys [2010-8-27 45448]

R3 itecir;ITECIR Infrared Receiver;C:\Windows\system32\DRIVERS\itecir.sys --> C:\Windows\system32\DRIVERS\itecir.sys [?]

R3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys --> C:\Windows\system32\DRIVERS\jmcr.sys [?]

R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits);C:\Windows\system32\DRIVERS\JME.sys --> C:\Windows\system32\DRIVERS\JME.sys [?]

R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]

R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]

R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]

R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\Windows\system32\DRIVERS\rtl8192se.sys --> C:\Windows\system32\DRIVERS\rtl8192se.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-1-8 136176]

S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-1-8 136176]

S3 LGELTEBus;LGE Composite Device;C:\Windows\system32\DRIVERS\LGELTEBus.sys --> C:\Windows\system32\DRIVERS\LGELTEBus.sys [?]

S3 LGELTEmdm;LGE LTE USB Device for Modem Communication;C:\Windows\system32\DRIVERS\LGELTEmdm.sys --> C:\Windows\system32\DRIVERS\LGELTEmdm.sys [?]

S3 LGELTEMux;LGE LTE Mux Enumerator ;C:\Windows\system32\DRIVERS\LGELTEMux.sys --> C:\Windows\system32\DRIVERS\LGELTEMux.sys [?]

S3 LGELTENdis;LGE USB NDIS Miniport Ethernet Adapter Service;C:\Windows\system32\DRIVERS\LGELTENdis.sys --> C:\Windows\system32\DRIVERS\LGELTENdis.sys [?]

S3 LGELTEprt;LGE USB Device for Serial Communication;C:\Windows\system32\DRIVERS\LGELTEprt.sys --> C:\Windows\system32\DRIVERS\LGELTEprt.sys [?]

S3 nosGetPlusHelper;getPlus® Helper 3004;C:\Windows\System32\svchost.exe -k nosGetPlusHelper [2009-7-13 20992]

S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?]

S3 SolarWinds SFTP Server 1.0.0.19;SolarWinds SFTP/SCP Server;C:\Program Files (x86)\Solarwinds\SftpServer\SolarWindsSftpServer.exe [2010-1-21 31232]

S3 SolarWinds TFTP Server;SolarWinds TFTP Server;C:\Program Files (x86)\Solarwinds\Toolset\SolarWinds TFTP Server.exe [2010-5-6 54784]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

S3 WMZuneComm;Zune Windows Mobile Connectivity Service;C:\Program Files\Zune\WMZuneComm.exe [2011-8-5 306400]

.

=============== File Associations ===============

.

cmdfile=NOTEPAD.EXE %1

JSEFile=NOTEPAD.EXE %1

VBSFile=NOTEPAD.EXE %1

.

=============== Created Last 30 ================

.

2011-11-01 08:21:20 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EFF9FCD3-5B09-4FB6-898E-8EE57B52D69D}\offreg.dll

2011-11-01 08:21:19 8570192 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EFF9FCD3-5B09-4FB6-898E-8EE57B52D69D}\mpengine.dll

2011-10-28 17:18:49 173656 ----a-w- C:\Windows\System32\drivers\jmcr.sys

2011-10-12 19:32:24 3138048 ----a-w- C:\Windows\System32\win32k.sys

2011-10-12 19:31:53 75776 ----a-w- C:\Windows\SysWow64\psisrndr.ax

2011-10-12 19:31:53 613888 ----a-w- C:\Windows\System32\psisdecd.dll

2011-10-12 19:31:53 465408 ----a-w- C:\Windows\SysWow64\psisdecd.dll

2011-10-12 19:31:53 108032 ----a-w- C:\Windows\System32\psisrndr.ax

2011-10-12 19:19:55 861696 ----a-w- C:\Windows\System32\oleaut32.dll

2011-10-12 19:19:55 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll

2011-10-12 19:19:55 331776 ----a-w- C:\Windows\System32\oleacc.dll

2011-10-12 19:19:55 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll

2011-10-03 21:27:26 -------- d-----w- C:\Users\Joe\AppData\Local\WinZip

.

==================== Find3M ====================

.

2011-10-28 17:23:51 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2011-10-28 17:22:24 1796 ----a-w- C:\Windows\System32\ASOROSet.bin

2011-09-01 05:24:07 2309120 ----a-w- C:\Windows\System32\jscript9.dll

2011-09-01 05:17:57 1389056 ----a-w- C:\Windows\System32\wininet.dll

2011-09-01 05:12:04 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2011-09-01 02:35:59 1798144 ----a-w- C:\Windows\SysWow64\jscript9.dll

2011-09-01 02:28:15 1126912 ----a-w- C:\Windows\SysWow64\wininet.dll

2011-09-01 02:22:54 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2011-08-31 21:00:50 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys

2011-08-17 14:24:02 0 ----a-w- C:\Windows\SysWow64\ConduitEngine.tmp

2011-08-05 23:46:24 354304 ----a-w- C:\Windows\System32\ZuneCoInst.dll

2011-08-05 23:46:14 405504 ----a-w- C:\Windows\System32\ZuneNetProxy.dll

2011-08-05 23:46:10 67072 ----a-w- C:\Windows\System32\ZuneTcp2Udp.dll

2011-08-05 23:46:10 45568 ----a-w- C:\Windows\System32\ZunePTDNS.dll

2011-08-05 23:46:08 60928 ----a-w- C:\Windows\System32\ZuneRegUtil.dll

2011-08-05 23:46:06 249344 ----a-w- C:\Windows\System32\ZuneMTPZ.dll

2011-08-05 23:46:06 149504 ----a-w- C:\Windows\System32\ZuneUsbTransport.dll

2011-08-05 23:46:06 1093632 ----a-w- C:\Windows\System32\drivers\UMDF\ZuneDriver.dll

2011-01-06 15:18:14 7537882 ----a-w- C:\Program Files (x86)\pwsafe-3.24.1.exe

.

============= FINISH: 15:46:02.00 ===============

Attach.zip

DDS.txt

Link to post
Share on other sites

Hello and welcome to the forums

I'm not seeing anything bad in the DDS scan

http://www.eset.eu/online-scanner

Go here to run an online scannner from ESET.

Click the green ESET Online Scanner button.

Read the End User License Agreement and check the box: YES, I accept the Terms of Use.

Click on the Start button next to it.

You may receive an alert on the address bar that "This site might require the following ActiveX control...Click here to install...". Click on that alert and then click Insall ActiveX component.

A new window will appear asking "Do you want to install this software?"".

Answer Yes to download and install the ActiveX controls that allows the scan to run.

Click Start.

Check Remove found threats and Scan potentially unwanted applications.

Click Scan to begin.

If offered the option to get information or buy software. Just close the window.

Wait for the scan to finish

Use notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt

Copy and paste that log as a reply to this topic.

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.