Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

plz.....help

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

plz.....help

Unread postby benston » December 23rd, 2011, 1:32 pm

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_29
Run by varsha_2 at 22:51:15 on 2011-12-23
.
============== Running Processes ===============
.
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.babylon.com/?AF=100478&ba ... 1644763332
uURLSearchHooks: H - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - No File
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll
BHO: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - No File
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - No File
TB: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - No File
uRun: [Advanced SystemCare 5] "c:\program files\iobit\advanced systemcare 5\ASCTray.exe" /AutoStart
mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe
mRun: [KBD] c:\hp\kbd\KbdStub.EXE
mRun: [OsdMaestro] "c:\program files\hewlett-packard\on-screen osd indicator\OSD.exe"
mRun: [IAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [<NO NAME>]
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [vProt] "c:\program files\avg secure search\vprot.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [iolo Startup] "c:\program files\iolo\common\lib\ioloLManager.exe"
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [IObit Malware Fighter] "c:\program files\iobit\iobit malware fighter\IMF.exe" /autostart
mRun: [SearchSettings] "c:\program files\common files\spigot\search settings\SearchSettings.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe
mRunOnce: [PCDrProfiler] c:\program files\pc-doctor 5 for windows\RunProfiler.exe -r
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{245E6FCB-7E4C-4A66-BACF-BFC8178B4820} : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{58841B97-BB84-436F-A8E8-15F1E8F1AF92} : DhcpNameServer = 192.168.2.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\8.0.1\ViProtocol.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\progra~1\imesha~1\mediabar\datamngr\datamngr.dll c:\progra~1\imesha~1\mediabar\datamngr\IEBHO.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\varsha_2\appdata\roaming\mozilla\firefox\profiles\gxu3s79v.default\
FF - prefs.js: browser.startup.homepage - hxxp://search.google.com
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: keyword.URL - hxxp://in.search.yahoo.com/search?fr=gr ... =380920&p=
FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
.
---- FIREFOX POLICIES ----
FF - user.js: app.update.lastUpdateTime.addon-background-update-timer - 1322837489
FF - user.js: app.update.lastUpdateTime.background-update-timer - 1322837729
FF - user.js: app.update.lastUpdateTime.blocklist-background-update-timer - 1322837609
FF - user.js: app.update.lastUpdateTime.places-maintenance-timer - 1322748881
FF - user.js: app.update.lastUpdateTime.search-engine-update-timer - 1322916523
FF - user.js: browser.bookmarks.restore_default_bookmarks - false
FF - user.js: browser.cache.disk.capacity - 1048576
FF - user.js: browser.cache.disk.smart_size.first_run - false
FF - user.js: browser.cache.disk.smart_size_cached_value - 1048576
FF - user.js: browser.migration.version - 5
FF - user.js: browser.places.smartBookmarksVersion - 2
FF - user.js: browser.rights.3.shown - true
FF - user.js: browser.startup.homepage - hxxp://search.google.com
FF - user.js: browser.startup.homepage_override.buildID - 20111122192043
FF - user.js: browser.startup.homepage_override.mstone - rv:9.0
FF - user.js: browser.syncPromoViewsLeft - 1
FF - user.js: extensions.blocklist.pingCountTotal - 2
FF - user.js: extensions.blocklist.pingCountVersion - 2
FF - user.js: extensions.bootstrappedAddons - {}
FF - user.js: extensions.databaseSchema - 6
FF - user.js: extensions.enabledAddons - testpilot@labs.mozilla.com:1.2,{972ce4c6-7e08-4474-a285-3208198ce6fd}:9.0
FF - user.js: extensions.installCache - [{\name\:\winreg-app-global\,\addons\:{\{1e73965b-8b48-48be-9c8d-68b920abc1c4}\:{\descriptor\:\c:\\\\program files\\\\avg\\\\avg2012\\\\firefox4\,\mtime\:1322144009340},\{20a82645-c095-46ed-80e3-08825760534b}\:{\descriptor\:\c:\\\\windows\\\\microsoft.net\\\\framework\\\\v3.5\\\\windows presentation foundation\\\\dotnetassistantextension\,\mtime\:1322381050665}}},{\name\:\app-global\,\addons\:{\{1fd91a9c-410c-4090-bbcc-55d3450ef433}\:{\descriptor\:\c:\\\\program files\\\\imesh applications\\\\mediabar\\\\datamngr\\\\firefoxextension\,\mtime\:1321505370106},\{972ce4c6-7e08-4474-a285-3208198ce6fd}\:{\descriptor\:\c:\\\\program files\\\\mozilla firefox 4.0 beta 6\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\,\mtime\:1322749046537},\{cafeefac-0016-0000-0029-abcdeffedcba}\:{\descriptor\:\c:\\\\program files\\\\mozilla firefox 4.0 beta 6\\\\extensions\\\\{cafeefac-0016-0000-0029-abcdeffedcba}\,\mtime\:1322808847592}}},{\name\:\app-profile\,\addons\:{\testpilot@labs.mozilla.com\:{\descriptor\:\c:\\\\users\\\\varsha_2\\\\appdata\\\\roaming\\\\mozilla\\\\firefox\\\\profiles\\\\gxu3s79v.default\\\\extensions\\\\testpilot@labs.mozilla.com.xpi\,\mtime\:1322749087529}}}]
FF - user.js: extensions.installedDistroAddon.testpil ... ozilla.com - true
FF - user.js: extensions.lastAppVersion - 9.0
FF - user.js: extensions.lastPlatformVersion - 9.0
FF - user.js: extensions.pendingOperations - false
FF - user.js: extensions.shownSelectionUI - true
FF - user.js: extensions.testpilot.deploymentRandomizer.sample1 - 13
FF - user.js: extensions.testpilot.taskstatus.1 - 9
FF - user.js: extensions.testpilot.taskstatus.100 - 9
FF - user.js: extensions.testpilot.taskstatus.101 - 9
FF - user.js: extensions.testpilot.taskstatus.3 - 9
FF - user.js: extensions.testpilot.taskstatus.4 - 9
FF - user.js: extensions.testpilot.taskstatus.5 - 9
FF - user.js: extensions.testpilot.taskstatus.6 - 9
FF - user.js: extensions.testpilot.taskstatus.8 - 9
FF - user.js: extensions.testpilot.taskstatus.account_password_survey - 9
FF - user.js: extensions.testpilot.taskstatus.basic_panel_survey_2 - 3
FF - user.js: extensions.testpilot.taskstatus.beta_perception_survey_1 - 9
FF - user.js: extensions.testpilot.taskstatus.broken_extensions_survey - 3
FF - user.js: extensions.testpilot.taskstatus.firefox_apps_usage_survey - 3
FF - user.js: extensions.testpilot@labs.mozilla.com.install-event-fired - true
FF - user.js: extensions.{1E73965B-8B48-48be-9C8D-68B920ABC1C4}.install-event-fired - true
FF - user.js: extensions.{1FD91A9C-410C-4090-BBCC-55D3450EF433}.install-event-fired - true
FF - user.js: extensions.{20a82645-c095-46ed-80e3-08825760534b}.install-event-fired - true
FF - user.js: extensions.{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}.install-event-fired - true
FF - user.js: gfx.blacklist.direct2d - 2
FF - user.js: gfx.blacklist.layers.direct3d10 - 2
FF - user.js: gfx.blacklist.layers.direct3d10-1 - 2
FF - user.js: idle.lastDailyNotification - 1322920395
FF - user.js: intl.charsetmenu.browser.cache - windows-1252, ISO-8859-1, UTF-8
FF - user.js: keyword.URL - hxxp://dts.search-results.com/sr?src=ff ... =1&sr=0&q=
FF - user.js: network.cookie.prefsMigrated - true
FF - user.js: places.database.lastMaintenance - 1322920395
FF - user.js: places.history.expiration.transient_current_max_pages - 53414
FF - user.js: places.history.expiration.transient_optimal_database_size - 85462220
FF - user.js: privacy.sanitize.migrateFx3Prefs - true
FF - user.js: services.sync.clients.lastSync - 0
FF - user.js: services.sync.migrated - true
FF - user.js: services.sync.tabs.lastSync - 0
FF - user.js: storage.vacuum.last.index - 0
FF - user.js: storage.vacuum.last.places.sqlite - 1322920395
FF - user.js: toolkit.telemetry.enabled - true
FF - user.js: toolkit.telemetry.prompted - 2
FF - user.js: urlclassifier.keyupdatetime.hxxps://sb-ssl.google.com/safebrowsing/newkey - 1325340550
FF - user.js: xpinstall.whitelist.add -
FF - user.js: xpinstall.whitelist.add.36 -
.
============= SERVICES / DRIVERS ===============
.
R? avgfws;AVG Firewall
R? AVGIDSAgent;AVGIDSAgent
R? avgwd;AVG WatchDog
R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
R? gupdate;Google Update Service (gupdate)
R? gupdatem;Google Update Service (gupdatem)
R? HPBtnSrv;HP Chasis Button Service
R? ioloSystemService;iolo System Service
R? MpKsl140d154b;MpKsl140d154b
R? MpKsl383d5f34;MpKsl383d5f34
R? MpKsl45ab98d9;MpKsl45ab98d9
R? MpKsl5e44e26c;MpKsl5e44e26c
R? MpKsl7f875fed;MpKsl7f875fed
R? MpKsl8477fcea;MpKsl8477fcea
R? MpKslc1ecceca;MpKslc1ecceca
R? MpKslc7a88b2a;MpKslc7a88b2a
R? MpKslcf484463;MpKslcf484463
R? MpNWMon;Microsoft Malware Protection Network Driver
R? Revoflt;Revoflt
R? sbwtis;sbwtis
R? vToolbarUpdater;vToolbarUpdater
R? WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0
S? AdvancedSystemCareService5;Advanced SystemCare Service 5
S? Application Updater;Application Updater
S? aswFsBlk;aswFsBlk
S? aswMonFlt;aswMonFlt
S? aswSnx;aswSnx
S? aswSP;aswSP
S? avast! Antivirus;avast! Antivirus
S? Avgfwfd;AVG network filter service
S? AVGIDSDriver;AVGIDSDriver
S? AVGIDSEH;AVGIDSEH
S? AVGIDSFilter;AVGIDSFilter
S? AVGIDSShim;AVGIDSShim
S? Avgldx86;AVG AVI Loader Driver
S? Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield
S? Avgrkx86;AVG Anti-Rootkit Driver
S? Avgtdix;AVG TDI Driver
S? FileMonitor;FileMonitor
S? IMFservice;IMF Service
S? MpFilter;Microsoft Malware Protection Driver
S? MpKsl9fba3fd9;MpKsl9fba3fd9
S? netr73;USB Wireless 802.11 b/g Adaptor Driver for Vista
S? NisDrv;Microsoft Network Inspection System
S? NisSrv;Microsoft Network Inspection
S? PfFilter;PfFilter
S? RegFilter;RegFilter
S? sbapifs;sbapifs
S? SBRE;SBRE
S? SmartDefragDriver;SmartDefragDriver
S? UrlFilter;UrlFilter
.
=============== Created Last 30 ================
.
2011-12-23 17:04:20 29904 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{d6d0db9b-9266-4528-af1d-712f6eef85da}\MpKsl9fba3fd9.sys
2011-12-23 17:04:17 56200 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{d6d0db9b-9266-4528-af1d-712f6eef85da}\offreg.dll
2011-12-23 13:33:49 6823496 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{d6d0db9b-9266-4528-af1d-712f6eef85da}\mpengine.dll
2011-12-23 12:46:54 -------- d-----w- c:\users\varsha_2\appdata\roaming\WinPatrol
2011-12-18 12:05:36 98304 ----a-w- c:\windows\system32\redmonnt.dll
2011-12-18 12:05:20 -------- d-----w- c:\program files\FoxTabPDFConverter
2011-12-18 06:44:18 -------- d-----w- c:\program files\common files\Hewlett-Packard
2011-12-18 06:22:23 729088 ----a-w- c:\windows\system32\hpowiax7.dll
2011-12-18 06:22:23 581632 ----a-w- c:\windows\system32\hpotscl6.dll
2011-12-18 06:22:23 372736 ----a-w- c:\windows\system32\hppldcoi.dll
2011-12-18 06:22:23 303104 ----a-w- c:\windows\system32\hpovst15.dll
2011-12-16 16:13:58 388096 ----a-r- c:\users\varsha_2\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2011-12-16 16:13:44 -------- d-----w- c:\program files\Trend Micro
2011-12-15 16:01:28 -------- d-----w- c:\program files\IObit Toolbar
2011-12-15 16:01:28 -------- d-----w- c:\program files\common files\Spigot
2011-12-15 16:01:28 -------- d-----w- c:\program files\Application Updater
2011-12-15 16:01:09 -------- d-----w- c:\users\varsha_2\appdata\local\Adobe
2011-12-15 15:37:41 -------- d-----w- c:\users\varsha_2\appdata\local\PackageAware
2011-12-13 04:21:18 -------- d-----w- c:\users\varsha_2\appdata\roaming\Sammsoft
2011-12-11 18:17:40 -------- d-----w- c:\users\varsha_2\appdata\roaming\MusicNet
2011-12-11 18:17:39 -------- d-----w- c:\programdata\2731F
2011-12-11 10:11:38 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-12-11 10:11:37 55128 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-12-11 10:10:37 41184 ----a-w- c:\windows\avastSS.scr
2011-12-11 10:09:51 -------- d-----w- c:\programdata\AVAST Software
2011-12-11 10:09:51 -------- d-----w- c:\program files\AVAST Software
2011-12-11 08:33:34 -------- d-----w- c:\users\varsha_2\appdata\roaming\TuneUp Software
2011-12-11 08:32:56 -------- d-----w- c:\programdata\TuneUp Software
2011-12-11 08:32:49 -------- d-sh--w- c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2011-12-11 08:15:27 -------- d-----w- c:\users\varsha_2\appdata\roaming\Babylon
2011-12-11 08:15:27 -------- d-----w- c:\users\varsha_2\appdata\local\Babylon
2011-12-11 08:15:27 -------- d-----w- c:\programdata\Babylon
2011-12-09 12:33:23 6823496 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2011-12-08 08:11:16 25944 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
2011-12-08 08:11:16 15672 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
2011-12-08 07:27:32 703824 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{139cdf96-d004-43b9-afe9-abb6bc6b216f}\gapaengine.dll
2011-12-08 07:15:28 -------- d-----w- c:\programdata\BlueSprig
2011-12-08 07:15:19 -------- d-----w- c:\program files\BlueSprig
2011-12-08 06:32:16 -------- d-----w- C:\b87b7da2e70d3c3e82
2011-12-08 06:30:33 231936 ----a-w- c:\windows\system32\msshsq.dll
2011-12-06 12:49:17 -------- d-----w- c:\users\varsha_2\appdata\local\Apple Computer
2011-12-06 12:18:27 -------- d--h--w- C:\$AVG
2011-12-04 13:09:58 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2011-12-04 13:09:58 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2011-12-03 18:16:30 2048 ----a-w- c:\windows\system32\winrsmgr.dll
2011-12-03 17:55:59 12800 ----a-w- c:\windows\system32\wsmprovhost.exe
2011-12-03 17:55:51 20480 ----a-w- c:\windows\system32\winrshost.exe
2011-12-03 17:55:43 40448 ----a-w- c:\windows\system32\winrs.exe
2011-12-03 17:55:30 10240 ----a-w- c:\windows\system32\wsmplpxy.dll
2011-12-03 17:55:26 10240 ----a-w- c:\windows\system32\winrssrv.dll
2011-12-03 17:49:51 56320 ----a-w- c:\windows\system32\wecapi.dll
2011-12-03 17:49:43 79872 ----a-w- c:\windows\system32\wecutil.exe
2011-12-03 17:49:35 81408 ----a-w- c:\windows\system32\wevtfwd.dll
2011-12-03 17:49:27 146944 ----a-w- c:\windows\system32\wecsvc.dll
2011-12-03 17:49:19 54272 ----a-w- c:\windows\system32\WsmRes.dll
2011-12-03 17:48:47 41472 ----a-w- c:\windows\system32\pwrshplugin.dll
2011-12-03 17:39:05 201184 ----a-w- c:\windows\system32\winrm.vbs
2011-12-03 17:38:55 145408 ----a-w- c:\windows\system32\WsmAuto.dll
2011-12-03 17:38:39 214016 ----a-w- c:\windows\system32\WsmWmiPl.dll
2011-12-03 17:38:31 241152 ----a-w- c:\windows\system32\winrscmd.dll
2011-12-03 17:38:23 252416 ----a-w- c:\windows\system32\WSManMigrationPlugin.dll
2011-12-03 17:38:15 246272 ----a-w- c:\windows\system32\WSManHTTPConfig.exe
2011-12-03 17:38:07 1181696 ----a-w- c:\windows\system32\WsmSvc.dll
2011-12-03 14:25:55 20312 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2011-12-03 13:33:29 -------- d-----w- c:\programdata\IObit
2011-12-03 13:07:18 -------- d-----w- c:\users\varsha_2\appdata\roaming\IObit
2011-12-03 13:07:03 -------- d-----w- c:\program files\IObit
2011-12-03 12:56:38 18904 ----a-w- c:\windows\system32\StructuredQuerySchemaTrivial.bin
2011-12-03 12:56:38 11776 ----a-w- c:\windows\system32\msshooks.dll
2011-12-03 12:56:38 106605 ----a-w- c:\windows\system32\StructuredQuerySchema.bin
2011-12-03 12:55:01 34816 ----a-w- c:\windows\system32\msscb.dll
2011-12-03 12:54:50 87552 ----a-w- c:\windows\system32\mssitlb.dll
2011-12-03 12:54:42 87552 ----a-w- c:\windows\system32\SearchFilterHost.exe
2011-12-03 12:54:39 71680 ----a-w- c:\windows\system32\propdefs.dll
2011-12-03 12:54:26 44032 ----a-w- c:\windows\system32\msstrc.dll
2011-12-03 12:54:10 32768 ----a-w- c:\windows\system32\mssprxy.dll
2011-12-03 12:54:02 754176 ----a-w- c:\windows\system32\propsys.dll
2011-12-03 12:53:59 313344 ----a-w- c:\windows\system32\thawbrkr.dll
2011-12-03 12:53:50 143872 ----a-w- c:\windows\system32\korwbrkr.dll
2011-12-03 12:53:37 301568 ----a-w- c:\windows\system32\srchadmin.dll
2011-12-03 12:53:33 38400 ----a-w- c:\windows\system32\rtffilt.dll
2011-12-03 12:53:21 29184 ----a-w- c:\windows\system32\wsepno.dll
2011-12-03 12:53:13 40448 ----a-w- c:\windows\system32\mimefilt.dll
2011-12-03 12:53:04 194560 ----a-w- c:\windows\system32\offfilt.dll
2011-12-03 12:52:56 136704 ----a-w- c:\windows\system32\nlhtml.dll
2011-12-03 12:52:48 56320 ----a-w- c:\windows\system32\xmlfilter.dll
2011-12-03 12:52:40 60416 ----a-w- c:\windows\system32\msscntrs.dll
2011-12-03 12:52:32 1671680 ----a-w- c:\windows\system32\chsbrkr.dll
2011-12-03 12:52:29 6103040 ----a-w- c:\windows\system32\chtbrkr.dll
2011-12-03 12:52:20 184832 ----a-w- c:\windows\system32\SearchProtocolHost.exe
2011-12-03 12:52:07 439808 ----a-w- c:\windows\system32\SearchIndexer.exe
2011-12-03 12:51:59 1582592 ----a-w- c:\windows\system32\tquery.dll
2011-12-03 12:51:55 1418240 ----a-w- c:\windows\system32\mssrch.dll
2011-12-03 12:51:43 670208 ----a-w- c:\windows\system32\mssvp.dll
2011-12-03 12:51:40 350208 ----a-w- c:\windows\system32\mssph.dll
2011-12-03 12:51:27 203776 ----a-w- c:\windows\system32\mssphtb.dll
2011-12-03 12:38:46 80896 ----a-w- c:\windows\system32\MSNP.ax
2011-12-03 12:35:35 293376 ----a-w- c:\windows\system32\psisdecd.dll
2011-12-03 12:32:32 217088 ----a-w- c:\windows\system32\psisrndr.ax
2011-12-03 12:21:13 603648 ----a-w- c:\windows\system32\schedsvc.dll
2011-12-03 12:20:40 357376 ----a-w- c:\windows\system32\taskschd.dll
2011-12-03 12:20:04 345088 ----a-w- c:\windows\system32\wmicmiplugin.dll
2011-12-03 12:19:37 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-12-03 12:19:29 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2011-12-03 12:19:20 297808 ----a-w- c:\windows\system32\mscoree.dll
2011-12-03 12:19:03 171520 ----a-w- c:\windows\system32\taskeng.exe
2011-12-03 12:18:59 49472 ----a-w- c:\windows\system32\netfxperf.dll
2011-12-03 12:18:51 1130824 ----a-w- c:\windows\system32\dfshim.dll
2011-12-03 12:18:31 270336 ----a-w- c:\windows\system32\taskcomp.dll
2011-12-02 16:38:01 -------- d-----w- c:\programdata\GFI Software
2011-12-02 16:36:49 -------- d-----w- c:\windows\system32\drivers\VDD
2011-12-02 16:27:41 168960 ----a-w- c:\program files\windows media player\wmplayer.exe
2011-12-02 16:27:40 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2011-12-02 16:27:25 409600 ----a-w- c:\windows\system32\odbc32.dll
2011-12-02 16:27:23 708608 ----a-w- c:\program files\common files\system\ado\msado15.dll
2011-12-02 16:27:21 253952 ----a-w- c:\program files\common files\system\ado\msadox.dll
2011-12-02 16:27:21 241664 ----a-w- c:\program files\common files\system\ado\msadomd.dll
2011-12-02 16:27:20 57344 ----a-w- c:\program files\common files\system\msadc\msadcs.dll
2011-12-02 16:27:20 180224 ----a-w- c:\program files\common files\system\msadc\msadco.dll
2011-12-02 16:21:54 3548048 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-12-02 16:21:53 3600272 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-12-02 16:21:53 1205080 ----a-w- c:\windows\system32\ntdll.dll
2011-12-02 16:04:01 125952 ----a-w- c:\windows\system32\srvsvc.dll
2011-12-02 16:04:00 17920 ----a-w- c:\windows\system32\netevent.dll
2011-12-02 16:03:43 501760 ----a-w- c:\windows\system32\usp10.dll
2011-12-02 16:03:39 66048 ----a-w- c:\program files\windows mail\wabmig.exe
2011-12-02 16:03:39 515584 ----a-w- c:\program files\windows mail\wab.exe
2011-12-02 16:03:39 33280 ----a-w- c:\program files\windows mail\wabfind.dll
2011-12-02 16:03:24 292864 ----a-w- c:\windows\system32\atmfd.dll
2011-12-02 16:03:23 72704 ----a-w- c:\windows\system32\fontsub.dll
2011-12-02 16:03:23 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-12-02 15:56:20 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
2011-12-02 15:54:29 75264 ----a-w- c:\windows\system32\drivers\dfsc.sys
2011-12-02 15:49:28 1161728 ----a-w- c:\windows\system32\mfc42u.dll
2011-12-02 15:49:28 1136640 ----a-w- c:\windows\system32\mfc42.dll
2011-12-02 15:49:19 1616384 ----a-w- c:\program files\windows mail\msoe.dll
2011-12-02 15:49:16 81920 ----a-w- c:\windows\system32\iccvid.dll
2011-12-02 15:49:13 72192 ----a-w- c:\windows\system32\drivers\pacer.sys
2011-12-02 15:49:13 15360 ----a-w- c:\windows\system32\pacerprf.dll
2011-12-02 15:49:05 304640 ----a-w- c:\windows\system32\drivers\srv.sys
2011-12-02 15:47:32 1169408 ----a-w- c:\windows\system32\sdclt.exe
2011-12-02 15:47:27 10926592 ----a-w- c:\program files\movie maker\MOVIEMK.dll
2011-12-02 15:47:24 150016 ----a-w- c:\program files\movie maker\MOVIEMK.exe
2011-12-02 15:47:15 146432 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-12-02 15:47:15 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-12-02 15:47:09 766464 ----a-w- c:\program files\common files\microsoft shared\vgx\VGX.dll
2011-12-02 15:44:55 -------- d-----w- c:\users\varsha_2\appdata\local\VS Revo Group
2011-12-02 15:42:09 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL
2011-12-02 15:42:08 430080 ----a-w- c:\windows\system32\vbscript.dll
2011-12-02 15:42:04 563200 ----a-w- c:\windows\system32\oleaut32.dll
2011-12-02 15:41:17 954752 ----a-w- c:\windows\system32\mfc40.dll
2011-12-02 15:41:17 954288 ----a-w- c:\windows\system32\mfc40u.dll
2011-12-02 15:38:48 36352 ----a-w- c:\windows\system32\rtutils.dll
2011-12-02 15:30:08 866816 ----a-w- c:\windows\system32\wmpmde.dll
2011-12-02 15:30:04 429056 ----a-w- c:\windows\system32\EncDec.dll
2011-12-02 15:30:03 323072 ----a-w- c:\windows\system32\sbe.dll
2011-12-02 15:30:03 177664 ----a-w- c:\windows\system32\mpg2splt.ax
2011-12-02 15:30:03 153088 ----a-w- c:\windows\system32\sbeio.dll
2011-12-02 15:29:42 1314816 ----a-w- c:\windows\system32\quartz.dll
2011-12-02 15:26:36 738816 ----a-w- c:\windows\system32\inetcomm.dll
2011-12-02 15:26:34 81920 ----a-w- c:\windows\system32\consent.exe
2011-12-02 14:52:27 1257472 ----a-w- c:\windows\system32\msxml3.dll
2011-12-02 14:52:24 147456 ----a-w- c:\windows\system32\Faultrep.dll
2011-12-02 14:52:24 125952 ----a-w- c:\windows\system32\wersvc.dll
2011-12-02 14:52:22 625152 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2011-12-02 14:52:22 565248 ----a-w- c:\windows\system32\emdmgmt.dll
2011-12-02 14:52:22 45056 ----a-w- c:\windows\system32\dataclen.dll
2011-12-02 14:52:22 36864 ----a-w- c:\windows\system32\cdd.dll
2011-12-02 14:52:22 148480 ----a-w- c:\windows\system32\drivers\nwifi.sys
2011-12-02 14:52:16 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-02 14:50:45 90112 ----a-w- c:\windows\system32\wshext.dll
2011-12-02 14:50:45 135168 ----a-w- c:\windows\system32\wshom.ocx
2011-12-02 14:50:44 180224 ----a-w- c:\windows\system32\scrobj.dll
2011-12-02 14:50:44 172032 ----a-w- c:\windows\system32\scrrun.dll
2011-12-02 14:50:44 155648 ----a-w- c:\windows\system32\wscript.exe
2011-12-02 14:50:44 135168 ----a-w- c:\windows\system32\cscript.exe
2011-12-02 14:50:38 49152 ----a-w- c:\windows\system32\csrsrv.dll
2011-12-02 14:50:38 375808 ----a-w- c:\windows\system32\winsrv.dll
2011-12-02 14:48:58 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-12-02 14:48:57 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-12-02 14:48:54 98192 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2011-12-02 14:48:54 902032 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-12-02 14:48:54 438272 ----a-w- c:\windows\system32\IKEEXT.DLL
2011-12-02 14:48:54 220040 ----a-w- c:\windows\system32\drivers\netio.sys
2011-12-02 14:48:53 595456 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2011-12-02 14:48:53 328704 ----a-w- c:\windows\system32\BFE.DLL
2011-12-02 14:48:49 531968 ----a-w- c:\windows\system32\comctl32.dll
2011-12-02 14:46:18 276992 ----a-w- c:\windows\system32\schannel.dll
2011-12-02 06:54:49 -------- d-----w- c:\programdata\Ask
2011-12-02 06:53:59 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-12-01 15:46:12 -------- d-----w- c:\users\varsha_2\appdata\roaming\iolo
2011-12-01 14:58:37 -------- d-----w- c:\users\varsha_2\appdata\roaming\uTorrent
2011-12-01 14:58:37 -------- d-----w- c:\users\varsha_2\appdata\local\uTorrent
2011-12-01 14:48:20 511328 ----a-w- c:\program files\common files\microsoft shared\capicom\CAPICOM.DLL
2011-12-01 14:48:18 2084488 ----a-w- c:\windows\system32\Incinerator32.dll
2011-12-01 14:47:57 29696 ----a-w- c:\windows\system32\iolobtdfg.exe
2011-12-01 14:47:57 11776 ----a-w- c:\windows\system32\smrgdf.exe
2011-12-01 14:47:55 56200 ----a-w- c:\windows\system32\offreg.dll
2011-12-01 14:47:49 -------- d-----w- c:\program files\iolo
2011-12-01 14:41:06 74703 ----a-w- c:\windows\system32\mfc45.dll
2011-12-01 14:41:06 -------- d-----w- c:\programdata\iolo
2011-12-01 14:09:03 -------- d-----w- c:\users\varsha_2\appdata\local\Mozilla
2011-11-29 11:58:58 -------- d-----w- c:\users\varsha_2\appdata\local\Apple
2011-11-28 18:48:27 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-11-28 18:41:59 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll
2011-11-28 18:24:39 -------- d--h--w- c:\windows\msdownld.tmp
2011-11-28 18:24:38 -------- d-----w- c:\windows\system32\directx
2011-11-28 17:58:14 -------- d-----w- c:\programdata\E296
2011-11-28 17:48:21 -------- d-----w- c:\program files\Microsoft Security Client
2011-11-28 17:39:59 208896 ----a-w- c:\windows\system32\d3d10_1core.dll
2011-11-28 17:38:59 93696 ----a-w- c:\windows\system32\vssadmin.exe
2011-11-28 17:37:59 9216 ----a-w- c:\windows\system32\LogonUI.exe
2011-11-28 17:36:58 218624 ----a-w- c:\windows\system32\wdscore.dll
2011-11-28 17:36:58 130560 ----a-w- c:\windows\system32\PkgMgr.exe
2011-11-28 17:36:49 35328 ----a-w- c:\windows\system32\mspatcha.dll
2011-11-28 17:36:49 305152 ----a-w- c:\windows\system32\msdelta.dll
2011-11-28 17:36:49 258560 ----a-w- c:\windows\system32\dpx.dll
2011-11-28 17:36:49 246784 ----a-w- c:\windows\system32\drvstore.dll
2011-11-28 17:36:44 6656 ----a-w- c:\windows\system32\kbd106.dll
2011-11-28 05:37:11 17280 ----a-w- c:\windows\system32\roboot.exe
.
==================== Find3M ====================
.
2011-12-02 07:32:16 101888 ----a-w- c:\windows\system32\ifxcardm.dll
2011-12-02 07:32:09 82432 ----a-w- c:\windows\system32\axaltocm.dll
2011-11-19 11:49:11 378368 ----a-w- c:\windows\system32\winhttp.dll
2011-11-19 11:48:37 269312 ----a-w- c:\windows\system32\es.dll
2011-11-19 11:41:57 36864 ----a-w- c:\windows\system32\drivers\en-us\http.sys.mui
2011-11-17 15:23:44 23552 ----a-w- c:\windows\system32\lpk.dll
2011-11-17 15:23:44 10240 ----a-w- c:\windows\system32\dciman32.dll
2011-11-17 15:22:45 72704 ----a-w- c:\windows\system32\admparse.dll
2011-11-17 15:22:41 48128 ----a-w- c:\windows\system32\mshtmler.dll
2011-11-17 15:20:11 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2011-11-17 15:20:10 68096 ----a-w- c:\windows\system32\wlanhlp.dll
2011-11-17 15:20:10 64512 ----a-w- c:\windows\system32\wlanapi.dll
2011-11-17 15:20:10 513024 ----a-w- c:\windows\system32\wlansvc.dll
2011-11-17 15:20:10 302592 ----a-w- c:\windows\system32\wlansec.dll
2011-11-17 15:20:10 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2011-11-17 15:20:10 15181 ----a-w- c:\windows\system32\gatherWirelessInfo.vbs
2011-11-17 15:19:54 2048 ----a-w- c:\windows\system32\msxml3r.dll
2011-11-17 15:19:53 2048 ----a-w- c:\windows\system32\msxml6r.dll
2011-11-17 15:19:53 1399296 ----a-w- c:\windows\system32\msxml6.dll
2011-11-17 15:19:37 213504 ----a-w- c:\windows\system32\msv1_0.dll
2011-11-17 15:19:08 98816 ----a-w- c:\windows\system32\mfps.dll
2011-11-17 15:19:08 53248 ----a-w- c:\windows\system32\rrinstaller.exe
2011-11-17 15:19:08 2868224 ----a-w- c:\windows\system32\mf.dll
2011-11-17 15:19:08 24576 ----a-w- c:\windows\system32\mfpmp.exe
2011-11-17 15:19:08 2048 ----a-w- c:\windows\system32\mferror.dll
2011-11-17 15:18:24 71680 ----a-w- c:\windows\system32\atl.dll
2011-11-17 15:18:16 296960 ----a-w- c:\windows\system32\gdi32.dll
2011-11-17 15:17:41 562176 ----a-w- c:\windows\system32\msdtcprx.dll
2011-11-17 15:17:41 38912 ----a-w- c:\windows\system32\xolehlp.dll
2011-11-17 15:17:33 160256 ----a-w- c:\windows\system32\wkssvc.dll
2011-11-17 15:17:23 53248 ----a-w- c:\windows\system32\tsgqec.dll
2011-11-17 15:17:23 136192 ----a-w- c:\windows\system32\aaclient.dll
2011-11-17 15:17:13 303616 ----a-w- c:\windows\system32\wmpeffects.dll
2011-11-17 15:16:57 714240 ----a-w- c:\windows\system32\timedate.cpl
2011-11-17 15:16:06 69632 ----a-w- c:\windows\system32\Mpeg2Data.ax
2011-11-17 15:16:06 57856 ----a-w- c:\windows\system32\MSDvbNP.ax
2011-11-17 15:15:27 329216 ----a-w- c:\windows\system32\msdrm.dll
2011-11-17 15:15:26 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2011-11-17 15:15:26 151040 ----a-w- c:\windows\system32\secproc_ssp.dll
2011-11-17 15:15:25 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2011-11-17 15:15:25 151040 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2011-11-17 15:15:23 472064 ----a-w- c:\windows\system32\secproc.dll
2011-11-17 15:15:22 511488 ----a-w- c:\windows\system32\RMActivate.exe
2011-11-17 15:15:19 523776 ----a-w- c:\windows\system32\RMActivate_isv.exe
2011-11-17 15:15:18 472576 ----a-w- c:\windows\system32\secproc_isv.dll
2011-11-17 15:15:01 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2011-11-17 15:14:58 1695744 ----a-w- c:\windows\system32\gameux.dll
2011-11-17 15:14:50 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2011-11-17 15:14:38 281600 ----a-w- c:\windows\system32\raschap.dll
2011-11-17 15:14:38 244224 ----a-w- c:\windows\system32\rastls.dll
2011-11-14 16:38:13 2421760 ----a-w- c:\windows\system32\wucltux.dll
2011-11-14 16:38:07 87552 ----a-w- c:\windows\system32\wudriver.dll
2011-11-14 16:38:03 33792 ----a-w- c:\windows\system32\wuapp.exe
2011-11-14 16:38:03 171608 ----a-w- c:\windows\system32\wuwebv.dll
2011-11-14 04:26:44 636928 ----a-w- c:\windows\system32\localspl.dll
2011-11-14 04:26:24 2927104 ----a-w- c:\windows\explorer.exe
2011-11-14 04:26:12 9728 ----a-w- c:\windows\system32\lsass.exe
2011-11-14 04:26:12 72704 ----a-w- c:\windows\system32\secur32.dll
2011-11-14 04:26:12 499712 ----a-w- c:\windows\system32\kerberos.dll
2011-11-14 04:26:12 439896 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2011-11-14 04:26:12 175104 ----a-w- c:\windows\system32\wdigest.dll
2011-11-14 04:26:12 1256448 ----a-w- c:\windows\system32\lsasrv.dll
2011-11-14 04:24:55 62464 ----a-w- c:\windows\system32\l3codeca.acm
2011-11-14 04:24:55 220672 ----a-w- c:\windows\system32\l3codecp.acm
2011-11-14 04:24:41 25088 ----a-w- c:\windows\system32\drivers\tunnel.sys
2011-11-14 04:24:41 190464 ----a-w- c:\windows\system32\iphlpsvc.dll
2011-11-14 04:24:41 15360 ----a-w- c:\windows\system32\drivers\TUNMP.SYS
2011-11-14 04:24:27 40960 ----a-w- c:\windows\apppatch\apihex86.dll
2011-11-14 04:24:27 24064 ----a-w- c:\windows\system32\amxread.dll
2011-11-14 04:24:27 13824 ----a-w- c:\windows\system32\apilogen.dll
2011-11-14 04:24:19 712704 ----a-w- c:\windows\system32\WindowsCodecs.dll
2011-11-14 04:24:19 425472 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2011-11-14 04:24:18 347136 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2011-11-14 04:24:02 443392 ----a-w- c:\windows\system32\win32spl.dll
2011-11-14 04:24:02 37888 ----a-w- c:\windows\system32\printcom.dll
2011-11-14 04:23:54 14848 ----a-w- c:\windows\system32\wshrm.dll
2011-11-14 04:23:54 113664 ----a-w- c:\windows\system32\drivers\rmcast.sys
2011-11-14 04:23:38 43520 ----a-w- c:\windows\system32\msdxm.tlb
2011-11-14 04:23:38 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2011-11-14 04:23:38 18432 ----a-w- c:\windows\system32\amcompat.tlb
2011-11-14 04:03:01 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-13 21:48:54 996352 ----a-w- c:\windows\system32\WMNetMgr.dll
2011-11-13 21:48:54 94720 ----a-w- c:\windows\system32\logagent.exe
2011-11-13 21:48:43 84480 ----a-w- c:\windows\system32\INETRES.dll
2011-11-13 21:48:37 61440 ----a-w- c:\windows\system32\msasn1.dll
2011-11-13 21:48:32 1645568 ----a-w- c:\windows\system32\connect.dll
2011-11-13 21:48:13 31232 ----a-w- c:\windows\system32\httpapi.dll
2011-11-13 21:48:12 411136 ----a-w- c:\windows\system32\drivers\http.sys
2011-11-13 21:48:12 24064 ----a-w- c:\windows\system32\nshhttp.dll
2011-11-13 21:31:53 171520 ----a-w- c:\windows\system32\wintrust.dll
2011-11-13 21:31:51 98304 ----a-w- c:\windows\system32\cabview.dll
2011-10-31 19:12:10 11632 ----a-w- c:\windows\system32\drivers\vdd\apvdd.dll
2011-10-31 19:12:02 42864 ----a-w- c:\windows\system32\sbbd.exe
2011-10-31 18:38:14 72312 ----a-w- c:\windows\system32\drivers\sbwtis.sys
2011-10-26 10:10:02 101112 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-10-07 00:53:48 230608 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2011-10-04 00:51:16 16720 ----a-w- c:\windows\system32\drivers\AVGIDSShim.sys
.
============= FINISH: 22:54:54.56 ===============
benston
Member+
 
Posts: 6
Joined: December 15th, 2011, 11:53 am
Advertisement
Register to Remove

Re: plz.....help

Unread postby Cypher » December 23rd, 2011, 3:27 pm

By posting just a DDS log without any supporting symptoms or explanation it is likely that your log will be passed by and you will not receive the help you're looking for.

No need to go into minute detail, but a few words about the type of difficulties you're experiencing will narrow down what we're looking for.

If you've received any messages or error codes please include them.

This thread will now be closed.

If you still need help, please start a new thread with:-
  • DDS.txt
  • Attach.txt
  • Details of your problems.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns


Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 59 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware