Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

trojan..?..help

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

trojan..?..help

Unread postby benston » January 13th, 2012, 8:25 am

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_29
Run by varsha_2 at 17:49:23 on 2012-01-13
.
============== Running Processes ===============
.
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.babylon.com/?AF=100478&ba ... 1644763332
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: {30F9B915-B755-4826-820B-08FBA6BD249D} - No File
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: {95B7759C-8C7F-4BF1-B163-73684A933233} - No File
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe" /MINIMIZED
mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe
mRun: [OsdMaestro] "c:\program files\hewlett-packard\on-screen osd indicator\OSD.exe"
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [COMODO] c:\program files\comodo\comodo geekbuddy\CLPSLA.exe
mRun: [CPA] c:\program files\comodo\comodo geekbuddy\VALA.exe
mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h
mRun: [IAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"
mRun: [iolo Startup] c:\program files\iolo\common\lib\iololmanager.exe
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{245E6FCB-7E4C-4A66-BACF-BFC8178B4820} : NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{58841B97-BB84-436F-A8E8-15F1E8F1AF92} : NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{58841B97-BB84-436F-A8E8-15F1E8F1AF92} : DhcpNameServer = 192.168.2.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\9.0.1\ViProtocol.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\progra~1\imesha~1\mediabar\datamngr\datamngr.dll c:\progra~1\imesha~1\mediabar\datamngr\iebho.dll c:\windows\system32\guard32.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\varsha_2\appdata\roaming\mozilla\firefox\profiles\gxu3s79v.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://search.google.com
FF - prefs.js: keyword.URL - hxxp://dts.search-results.com/sr?src=ff ... =1&sr=0&q=
FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
.
---- FIREFOX POLICIES ----
FF - user.js: app.update.lastUpdateTime.addon-background-update-timer - 1322837489
FF - user.js: app.update.lastUpdateTime.background-update-timer - 1322837729
FF - user.js: app.update.lastUpdateTime.blocklist-background-update-timer - 1322837609
FF - user.js: app.update.lastUpdateTime.places-maintenance-timer - 1322748881
FF - user.js: app.update.lastUpdateTime.search-engine-update-timer - 1322916523
FF - user.js: browser.bookmarks.restore_default_bookmarks - false
FF - user.js: browser.cache.disk.capacity - 1048576
FF - user.js: browser.cache.disk.smart_size.first_run - false
FF - user.js: browser.cache.disk.smart_size_cached_value - 1048576
FF - user.js: browser.migration.version - 5
FF - user.js: browser.places.smartBookmarksVersion - 2
FF - user.js: browser.rights.3.shown - true
FF - user.js: browser.startup.homepage - hxxp://search.google.com
FF - user.js: browser.startup.homepage_override.buildID - 20111122192043
FF - user.js: browser.startup.homepage_override.mstone - rv:9.0
FF - user.js: browser.syncPromoViewsLeft - 1
FF - user.js: extensions.blocklist.pingCountTotal - 2
FF - user.js: extensions.blocklist.pingCountVersion - 2
FF - user.js: extensions.bootstrappedAddons - {}
FF - user.js: extensions.databaseSchema - 6
FF - user.js: extensions.enabledAddons - testpilot@labs.mozilla.com:1.2,{972ce4c6-7e08-4474-a285-3208198ce6fd}:9.0
FF - user.js: extensions.installCache - [{\name\:\winreg-app-global\,\addons\:{\{1e73965b-8b48-48be-9c8d-68b920abc1c4}\:{\descriptor\:\c:\\\\program files\\\\avg\\\\avg2012\\\\firefox4\,\mtime\:1322144009340},\{20a82645-c095-46ed-80e3-08825760534b}\:{\descriptor\:\c:\\\\windows\\\\microsoft.net\\\\framework\\\\v3.5\\\\windows presentation foundation\\\\dotnetassistantextension\,\mtime\:1322381050665}}},{\name\:\app-global\,\addons\:{\{1fd91a9c-410c-4090-bbcc-55d3450ef433}\:{\descriptor\:\c:\\\\program files\\\\imesh applications\\\\mediabar\\\\datamngr\\\\firefoxextension\,\mtime\:1321505370106},\{972ce4c6-7e08-4474-a285-3208198ce6fd}\:{\descriptor\:\c:\\\\program files\\\\mozilla firefox 4.0 beta 6\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\,\mtime\:1322749046537},\{cafeefac-0016-0000-0029-abcdeffedcba}\:{\descriptor\:\c:\\\\program files\\\\mozilla firefox 4.0 beta 6\\\\extensions\\\\{cafeefac-0016-0000-0029-abcdeffedcba}\,\mtime\:1322808847592}}},{\name\:\app-profile\,\addons\:{\testpilot@labs.mozilla.com\:{\descriptor\:\c:\\\\users\\\\varsha_2\\\\appdata\\\\roaming\\\\mozilla\\\\firefox\\\\profiles\\\\gxu3s79v.default\\\\extensions\\\\testpilot@labs.mozilla.com.xpi\,\mtime\:1322749087529}}}]
FF - user.js: extensions.installedDistroAddon.testpil ... ozilla.com - true
FF - user.js: extensions.lastAppVersion - 9.0
FF - user.js: extensions.lastPlatformVersion - 9.0
FF - user.js: extensions.pendingOperations - false
FF - user.js: extensions.shownSelectionUI - true
FF - user.js: extensions.testpilot.deploymentRandomizer.sample1 - 13
FF - user.js: extensions.testpilot.taskstatus.1 - 9
FF - user.js: extensions.testpilot.taskstatus.100 - 9
FF - user.js: extensions.testpilot.taskstatus.101 - 9
FF - user.js: extensions.testpilot.taskstatus.3 - 9
FF - user.js: extensions.testpilot.taskstatus.4 - 9
FF - user.js: extensions.testpilot.taskstatus.5 - 9
FF - user.js: extensions.testpilot.taskstatus.6 - 9
FF - user.js: extensions.testpilot.taskstatus.8 - 9
FF - user.js: extensions.testpilot.taskstatus.account_password_survey - 9
FF - user.js: extensions.testpilot.taskstatus.basic_panel_survey_2 - 3
FF - user.js: extensions.testpilot.taskstatus.beta_perception_survey_1 - 9
FF - user.js: extensions.testpilot.taskstatus.broken_extensions_survey - 3
FF - user.js: extensions.testpilot.taskstatus.firefox_apps_usage_survey - 3
FF - user.js: extensions.testpilot@labs.mozilla.com.install-event-fired - true
FF - user.js: extensions.{1E73965B-8B48-48be-9C8D-68B920ABC1C4}.install-event-fired - true
FF - user.js: extensions.{1FD91A9C-410C-4090-BBCC-55D3450EF433}.install-event-fired - true
FF - user.js: extensions.{20a82645-c095-46ed-80e3-08825760534b}.install-event-fired - true
FF - user.js: extensions.{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}.install-event-fired - true
FF - user.js: gfx.blacklist.direct2d - 2
FF - user.js: gfx.blacklist.layers.direct3d10 - 2
FF - user.js: gfx.blacklist.layers.direct3d10-1 - 2
FF - user.js: idle.lastDailyNotification - 1322920395
FF - user.js: intl.charsetmenu.browser.cache - windows-1252, ISO-8859-1, UTF-8
FF - user.js: keyword.URL - hxxp://dts.search-results.com/sr?src=ff ... =1&sr=0&q=
FF - user.js: network.cookie.prefsMigrated - true
FF - user.js: places.database.lastMaintenance - 1322920395
FF - user.js: places.history.expiration.transient_current_max_pages - 53414
FF - user.js: places.history.expiration.transient_optimal_database_size - 85462220
FF - user.js: privacy.sanitize.migrateFx3Prefs - true
FF - user.js: services.sync.clients.lastSync - 0
FF - user.js: services.sync.migrated - true
FF - user.js: services.sync.tabs.lastSync - 0
FF - user.js: storage.vacuum.last.index - 0
FF - user.js: storage.vacuum.last.places.sqlite - 1322920395
FF - user.js: toolkit.telemetry.enabled - true
FF - user.js: toolkit.telemetry.prompted - 2
FF - user.js: urlclassifier.keyupdatetime.hxxps://sb-ssl.google.com/safebrowsing/newkey - 1325340550
FF - user.js: xpinstall.whitelist.add -
FF - user.js: xpinstall.whitelist.add.36 -
.
============= SERVICES / DRIVERS ===============
.
R? AVGIDSDriver;AVGIDSDriver
R? AVGIDSFilter;AVGIDSFilter
R? AVGIDSShim;AVGIDSShim
R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
R? gupdate;Google Update Service (gupdate)
R? gupdatem;Google Update Service (gupdatem)
R? HPBtnSrv;HP Chasis Button Service
R? MpKsl140d154b;MpKsl140d154b
R? MpKsl355c8a55;MpKsl355c8a55
R? MpKsl383d5f34;MpKsl383d5f34
R? MpKsl45ab98d9;MpKsl45ab98d9
R? MpKsl5e44e26c;MpKsl5e44e26c
R? MpKsl7f875fed;MpKsl7f875fed
R? MpKsl8477fcea;MpKsl8477fcea
R? MpKslc1ecceca;MpKslc1ecceca
R? MpKslc7a88b2a;MpKslc7a88b2a
R? MpKslcf484463;MpKslcf484463
R? sbwtis;sbwtis
R? vToolbarUpdater;vToolbarUpdater
R? WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0
S? aswFsBlk;aswFsBlk
S? aswMonFlt;aswMonFlt
S? aswSnx;aswSnx
S? aswSP;aswSP
S? avast! Antivirus;avast! Antivirus
S? Avgfwfd;AVG network filter service
S? AVGIDSEH;AVGIDSEH
S? Avgldx86;AVG AVI Loader Driver
S? Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield
S? Avgrkx86;AVG Anti-Rootkit Driver
S? Avgtdix;AVG TDI Driver
S? CLPSLS;COMODO livePCsupport Service
S? cmdGuard;COMODO Internet Security Sandbox Driver
S? cmdHlp;COMODO Internet Security Helper Driver
S? MBAMProtector;MBAMProtector
S? MBAMService;MBAMService
S? netr73;USB Wireless 802.11 b/g Adaptor Driver for Vista
S? sbapifs;sbapifs
S? SBRE;SBRE
S? SmartDefragDriver;SmartDefragDriver
.
=============== Created Last 30 ================
.
2012-01-02 17:09:31 -------- d-----w- c:\windows\pss
2011-12-26 13:49:57 -------- d-----w- c:\programdata\CPA_VA
2011-12-26 13:27:41 -------- d-----w- c:\programdata\Comodo
2011-12-26 13:27:23 -------- d-----w- c:\program files\Comodo
2011-12-25 10:53:34 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-12-25 10:53:33 55128 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-12-25 10:53:05 41184 ----a-w- c:\windows\avastSS.scr
2011-12-24 08:45:21 -------- d-----w- c:\users\varsha_2\appdata\roaming\Malwarebytes
2011-12-24 08:43:20 -------- d-----w- c:\programdata\Malwarebytes
2011-12-24 08:43:12 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-12-24 08:43:12 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-12-24 08:07:48 -------- d-----w- c:\programdata\AVG Secure Search
2011-12-23 12:46:54 -------- d-----w- c:\users\varsha_2\appdata\roaming\WinPatrol
2011-12-19 13:29:06 38616 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2011-12-19 13:29:04 491816 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2011-12-19 13:29:04 19600 ----a-w- c:\windows\system32\drivers\cmderd.sys
2011-12-19 13:28:58 33984 ----a-w- c:\windows\system32\cmdcsr.dll
2011-12-19 13:28:56 301224 ----a-w- c:\windows\system32\guard32.dll
2011-12-18 12:05:36 98304 ----a-w- c:\windows\system32\redmonnt.dll
2011-12-18 12:05:20 -------- d-----w- c:\program files\FoxTabPDFConverter
2011-12-18 06:44:18 -------- d-----w- c:\program files\common files\Hewlett-Packard
2011-12-18 06:22:23 729088 ----a-w- c:\windows\system32\hpowiax7.dll
2011-12-18 06:22:23 581632 ----a-w- c:\windows\system32\hpotscl6.dll
2011-12-18 06:22:23 372736 ----a-w- c:\windows\system32\hppldcoi.dll
2011-12-18 06:22:23 303104 ----a-w- c:\windows\system32\hpovst15.dll
2011-12-16 16:13:58 388096 ----a-r- c:\users\varsha_2\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2011-12-16 16:13:44 -------- d-----w- c:\program files\Trend Micro
2011-12-15 16:01:09 -------- d-----w- c:\users\varsha_2\appdata\local\Adobe
2011-12-15 15:37:41 -------- d-----w- c:\users\varsha_2\appdata\local\PackageAware
.
==================== Find3M ====================
.
2011-12-02 07:32:16 101888 ----a-w- c:\windows\system32\ifxcardm.dll
2011-12-02 07:32:09 82432 ----a-w- c:\windows\system32\axaltocm.dll
2011-12-02 06:53:34 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-12-01 14:41:06 74703 ----a-w- c:\windows\system32\mfc45.dll
2011-11-19 11:49:11 378368 ----a-w- c:\windows\system32\winhttp.dll
2011-11-19 11:48:37 269312 ----a-w- c:\windows\system32\es.dll
2011-11-19 11:41:57 36864 ----a-w- c:\windows\system32\drivers\en-us\http.sys.mui
2011-11-17 15:23:44 23552 ----a-w- c:\windows\system32\lpk.dll
2011-11-17 15:23:44 10240 ----a-w- c:\windows\system32\dciman32.dll
2011-11-17 15:22:45 72704 ----a-w- c:\windows\system32\admparse.dll
2011-11-17 15:22:41 48128 ----a-w- c:\windows\system32\mshtmler.dll
2011-11-17 15:20:11 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2011-11-17 15:20:10 68096 ----a-w- c:\windows\system32\wlanhlp.dll
2011-11-17 15:20:10 64512 ----a-w- c:\windows\system32\wlanapi.dll
2011-11-17 15:20:10 513024 ----a-w- c:\windows\system32\wlansvc.dll
2011-11-17 15:20:10 302592 ----a-w- c:\windows\system32\wlansec.dll
2011-11-17 15:20:10 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2011-11-17 15:20:10 15181 ----a-w- c:\windows\system32\gatherWirelessInfo.vbs
2011-11-17 15:19:54 2048 ----a-w- c:\windows\system32\msxml3r.dll
2011-11-17 15:19:53 2048 ----a-w- c:\windows\system32\msxml6r.dll
2011-11-17 15:19:53 1399296 ----a-w- c:\windows\system32\msxml6.dll
2011-11-17 15:19:37 213504 ----a-w- c:\windows\system32\msv1_0.dll
2011-11-17 15:19:08 98816 ----a-w- c:\windows\system32\mfps.dll
2011-11-17 15:19:08 53248 ----a-w- c:\windows\system32\rrinstaller.exe
2011-11-17 15:19:08 2868224 ----a-w- c:\windows\system32\mf.dll
2011-11-17 15:19:08 24576 ----a-w- c:\windows\system32\mfpmp.exe
2011-11-17 15:19:08 2048 ----a-w- c:\windows\system32\mferror.dll
2011-11-17 15:18:24 71680 ----a-w- c:\windows\system32\atl.dll
2011-11-17 15:18:16 296960 ----a-w- c:\windows\system32\gdi32.dll
2011-11-17 15:17:41 562176 ----a-w- c:\windows\system32\msdtcprx.dll
2011-11-17 15:17:41 38912 ----a-w- c:\windows\system32\xolehlp.dll
2011-11-17 15:17:33 160256 ----a-w- c:\windows\system32\wkssvc.dll
2011-11-17 15:17:23 53248 ----a-w- c:\windows\system32\tsgqec.dll
2011-11-17 15:17:23 136192 ----a-w- c:\windows\system32\aaclient.dll
2011-11-17 15:17:13 303616 ----a-w- c:\windows\system32\wmpeffects.dll
2011-11-17 15:16:57 714240 ----a-w- c:\windows\system32\timedate.cpl
2011-11-17 15:16:06 69632 ----a-w- c:\windows\system32\Mpeg2Data.ax
2011-11-17 15:16:06 57856 ----a-w- c:\windows\system32\MSDvbNP.ax
2011-11-17 15:15:27 329216 ----a-w- c:\windows\system32\msdrm.dll
2011-11-17 15:15:26 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2011-11-17 15:15:26 151040 ----a-w- c:\windows\system32\secproc_ssp.dll
2011-11-17 15:15:25 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2011-11-17 15:15:25 151040 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2011-11-17 15:15:23 472064 ----a-w- c:\windows\system32\secproc.dll
2011-11-17 15:15:22 511488 ----a-w- c:\windows\system32\RMActivate.exe
2011-11-17 15:15:19 523776 ----a-w- c:\windows\system32\RMActivate_isv.exe
2011-11-17 15:15:18 472576 ----a-w- c:\windows\system32\secproc_isv.dll
2011-11-17 15:15:01 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2011-11-17 15:14:58 1695744 ----a-w- c:\windows\system32\gameux.dll
2011-11-17 15:14:50 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2011-11-17 15:14:38 281600 ----a-w- c:\windows\system32\raschap.dll
2011-11-17 15:14:38 244224 ----a-w- c:\windows\system32\rastls.dll
2011-11-14 16:38:13 2421760 ----a-w- c:\windows\system32\wucltux.dll
2011-11-14 16:38:07 87552 ----a-w- c:\windows\system32\wudriver.dll
2011-11-14 16:38:03 33792 ----a-w- c:\windows\system32\wuapp.exe
2011-11-14 16:38:03 171608 ----a-w- c:\windows\system32\wuwebv.dll
2011-11-14 04:26:44 636928 ----a-w- c:\windows\system32\localspl.dll
2011-11-14 04:26:24 2927104 ----a-w- c:\windows\explorer.exe
2011-11-14 04:26:12 9728 ----a-w- c:\windows\system32\lsass.exe
2011-11-14 04:26:12 72704 ----a-w- c:\windows\system32\secur32.dll
2011-11-14 04:26:12 499712 ----a-w- c:\windows\system32\kerberos.dll
2011-11-14 04:26:12 439896 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2011-11-14 04:26:12 175104 ----a-w- c:\windows\system32\wdigest.dll
2011-11-14 04:26:12 1256448 ----a-w- c:\windows\system32\lsasrv.dll
2011-11-14 04:24:55 62464 ----a-w- c:\windows\system32\l3codeca.acm
2011-11-14 04:24:55 220672 ----a-w- c:\windows\system32\l3codecp.acm
2011-11-14 04:24:41 25088 ----a-w- c:\windows\system32\drivers\tunnel.sys
2011-11-14 04:24:41 190464 ----a-w- c:\windows\system32\iphlpsvc.dll
2011-11-14 04:24:41 15360 ----a-w- c:\windows\system32\drivers\TUNMP.SYS
2011-11-14 04:24:27 40960 ----a-w- c:\windows\apppatch\apihex86.dll
2011-11-14 04:24:27 24064 ----a-w- c:\windows\system32\amxread.dll
2011-11-14 04:24:27 13824 ----a-w- c:\windows\system32\apilogen.dll
2011-11-14 04:24:19 712704 ----a-w- c:\windows\system32\WindowsCodecs.dll
2011-11-14 04:24:19 425472 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2011-11-14 04:24:18 347136 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2011-11-14 04:24:02 443392 ----a-w- c:\windows\system32\win32spl.dll
2011-11-14 04:24:02 37888 ----a-w- c:\windows\system32\printcom.dll
2011-11-14 04:23:54 14848 ----a-w- c:\windows\system32\wshrm.dll
2011-11-14 04:23:54 113664 ----a-w- c:\windows\system32\drivers\rmcast.sys
2011-11-14 04:23:38 43520 ----a-w- c:\windows\system32\msdxm.tlb
2011-11-14 04:23:38 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2011-11-14 04:23:38 18432 ----a-w- c:\windows\system32\amcompat.tlb
2011-11-14 04:03:01 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-13 21:48:54 996352 ----a-w- c:\windows\system32\WMNetMgr.dll
2011-11-13 21:48:54 94720 ----a-w- c:\windows\system32\logagent.exe
2011-11-13 21:48:43 84480 ----a-w- c:\windows\system32\INETRES.dll
2011-11-13 21:48:37 61440 ----a-w- c:\windows\system32\msasn1.dll
2011-11-13 21:48:32 1645568 ----a-w- c:\windows\system32\connect.dll
2011-11-13 21:48:13 31232 ----a-w- c:\windows\system32\httpapi.dll
2011-11-13 21:48:12 411136 ----a-w- c:\windows\system32\drivers\http.sys
2011-11-13 21:48:12 24064 ----a-w- c:\windows\system32\nshhttp.dll
2011-11-13 21:31:53 171520 ----a-w- c:\windows\system32\wintrust.dll
2011-11-13 21:31:51 98304 ----a-w- c:\windows\system32\cabview.dll
2011-10-31 19:12:10 11632 ----a-w- c:\windows\system32\drivers\vdd\apvdd.dll
2011-10-31 19:12:02 42864 ----a-w- c:\windows\system32\sbbd.exe
2011-10-31 18:38:14 72312 ----a-w- c:\windows\system32\drivers\sbwtis.sys
2011-10-26 10:10:02 101112 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-10-19 16:46:02 20312 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
.
============= FINISH: 17:52:05.19 ===============

.
==== Installed Programs ======================
.
µTorrent
32 Bit HP CIO Components Installer
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 8.1.0
Apple Application Support
Apple Mobile Device Support
Apple Software Update
avast! Free Antivirus
AVG 2012
Bonjour
BufferChm
Cards_Calendar_OrderGift_DoMorePlugout
CCleaner
Comodo Dragon
COMODO GeekBuddy
COMODO Internet Security
Conduit Engine
Copy
CustomerResearchQFolder
CyberLink DVD Suite Deluxe
Destination Component
DeviceDiscovery
DeviceManagementQFolder
DJ_AIO_03_F4200_Software
DJ_AIO_03_F4200_Software_Min
Enhanced Multimedia Keyboard Solution
eSupportQFolder
FVDIEPlugin
Google Chrome
Google Update Helper
GPBaseService
Hardware Diagnostic Tools
Hewlett-Packard Active Check
Hewlett-Packard Asset Agent for Health Check
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Active Support Library
HP Customer Experience Enhancements
HP Customer Feedback
HP Customer Participation Program 11.0
HP Deskjet F4200 All-In-One Driver Software 11.0 Rel .3
HP Easy Setup - Frontend
HP Imaging Device Functions 11.0
HP On-Screen Cap/Num/Scroll Lock Indicator
HP Photosmart Essential 2.5
HP Photosmart Essential 3.0
HP Picasso Media Center Add-In
HP Smart Web Printing
HP Solution Center 11.0
HP Update
HPPhotoSmartPhotobookWebPack1
HPProductAssistant
HPSSupply
Intel(R) Graphics Media Accelerator Driver
Intel(R) Matrix Storage Manager
Java Auto Updater
Java(TM) 6 Update 29
Java(TM) SE Runtime Environment 6 Update 1
LabelPrint
LightScribe System Software 1.10.16.1
Malwarebytes' Anti-Malware version 1.51.2.1300
MarketResearch
MediaRing Talk
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Works
Mozilla Firefox 8.0.1 (x86 en-US)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
muvee autoProducer 6.1
Power2Go
PowerDirector
PSSWCORE
Python 2.5
Realtek High Definition Audio Driver
Scan
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Shop for HP Supplies
Smart Defrag 2
SmartWebPrinting
SolutionCenter
Status
Toolbox
TrayApp
TuneUp Utilities Language Pack (en-US)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
VideoToolkit01
VIPRE Antivirus
VLC media player 1.0.5
WebReg
Wincore MediaBar
WinRAR archiver
.
==== End Of File ===========================
benston
Member+
 
Posts: 6
Joined: December 15th, 2011, 11:53 am
Advertisement
Register to Remove

Re: trojan..?..help

Unread postby Wingman » January 14th, 2012, 1:21 pm

This is not the first time you have posted for help on our forum.
Your topic is being closed for one (or more) of the following reasons:

  • Repeated use of P2P software, despite warnings of their use and requests for removal.
  • Repeated use of cracked, illegal or pirated software.
  • Use of outdated or unpatched versions of Windows, after previously agreeing to update as a condition for receiving help on our forum.
  • Returning for help with no Anti-virus software installed, despite being advised to install.
  • Continued practice of unsafe surfing.
  • Posting for help for many different computers, repair tech.
  • Continuing to post in multiple malware removal forums, for the same computer issue.
  • Repeatedly failing to reply to your topic within the necessary time frames.
  • Repeatedly posting without the required information.

This topic is now closed.
User avatar
Wingman
Admin/Teacher
Admin/Teacher
 
Posts: 14112
Joined: July 1st, 2008, 1:34 pm
Location: East Coast, USA


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 26 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware