Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Malware cause temp folder files to keep on multiplying

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Malware cause temp folder files to keep on multiplying

Unread postby huteh » March 20th, 2014, 10:16 am

Hi there, I am having some malware problem as my antivirus keep prompting on new virus found on my TEMP folder and it keep on multiplying. No matter how much I clear the files from the folder, it keep on coming back. I also try scanning using bitdefender boot up version, malwarebytes anti-malware and clamav boot up but to no avail. Hope I can get help from here. Here is the DDS and ATTACH files , thanks in advance :)

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16521
Run by user at 21:41:39 on 2014-03-20
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.65.1033.18.8095.4808 [GMT 8:00]
.
AV: Bitdefender Antivirus *Enabled/Updated* {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AV: Symantec Endpoint Protection *Enabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
AV: Advanced SystemCare Ultimate *Disabled/Updated* {1C304DC4-1D72-5DB9-B33A-43B638ECFD30}
SP: Bitdefender Antispyware *Enabled/Updated* {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Symantec Endpoint Protection *Enabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
FW: Bitdefender Firewall *Enabled* {A23392FD-84B9-F933-2C71-81E751F6EF46}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\ASCService.exe
C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
C:\windows\system32\WLANExt.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe
C:\windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
C:\windows\SysWOW64\vmnat.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\SysWOW64\vmnetdhcp.exe
C:\windows\system32\taskhost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\windows\system32\taskeng.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\ASCTray.exe
C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\Garena Plus\ggdllhost.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\Monitor.exe
C:\Program Files\TOSHIBA\FlashCards\Hotkey\TcrdKBB.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe
C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Microsoft Office\Office15\MsoSync.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SavUI.exe
C:\Program Files\Bitdefender\Bitdefender\seccenter.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\windows\system32\sppsvc.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Bitdefender\Bitdefender\downloader.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\cscript.exe
C:\Program Files (x86)\Common Files\Symantec Shared\COH\coh64.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://sg.search.yahoo.com/?type=714647 ... got-yhp-ie
mStart Page = about:blank
uProxyServer = hxxp=127.0.0.1:8555;https=127.0.0.1:8555
uProxyOverride = 127.0.0.1;localhost;10.*;192.168.*;127.0.0.1:895;127.0.0.1:896;<local>
uSearchAssistant = hxxp://www.google.com
mURLSearchHooks: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - <orphaned>
mWinlogon: Userinit = userinit.exe
BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
BHO: {074C1DC5-9320-4A9A-947D-C042949C6216} - <orphaned>
BHO: Bitdefender Wallet: {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxie.dll
BHO: {4ADBABBD-E1CA-4f11-BD01-73B0B6E4B5BA} - <orphaned>
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL
BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL
BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\Toshiba\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>
uRun: [Advanced SystemCare Ultimate] "C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\ASCTray.exe" /Auto
uRun: [uTorrent] "C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
uRun: [TCrdMain.exe] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
uRun: [Bitdefender Wallet Agent] "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
uRun: [Bitdefender Wallet Application Agent] "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"
mRun: [ccApp] "C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe"
dRun: [Bitdefender Wallet Agent] "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
dRun: [Bitdefender Wallet] "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
dRun: [Bitdefender Wallet Application Agent] "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
LSP: %windir%\system32\vsocklib.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {4EFA317A-8569-4788-B175-5BAF9731A549} - hxxp://vsrcm5.vlab.elementk.com/rcm/web ... Client.cab
DPF: {8B0F07E1-00F9-4B1B-9A2F-456DC0F54EBF} - hxxp://khse.vlab.elementk.com/vlab/webc ... Tester.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/Me ... b56907.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{0E4FAFE2-96EF-4526-8F5B-281FAF203A0A} : DHCPNameServer = 10.1.31.7
TCP: Interfaces\{4C7D8237-2401-42F9-BE8C-E5FCD4621834} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{A4C101B9-D936-4A72-B3ED-6B7F87C0CF37} : DHCPNameServer = 172.20.10.1
TCP: Interfaces\{ADBA9F04-CE46-4E2E-B708-5703F2163045} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{ADBA9F04-CE46-4E2E-B708-5703F2163045}\6457A4961647723702960586F6E656 : DHCPNameServer = 172.20.10.1
TCP: Interfaces\{ADBA9F04-CE46-4E2E-B708-5703F2163045}\75962756C656373704357487 : DHCPNameServer = 10.138.0.1
TCP: Interfaces\{ADBA9F04-CE46-4E2E-B708-5703F2163045}\E637373545554454E445 : DHCPNameServer = 10.1.31.7
TCP: Interfaces\{CC97DE0C-DC6D-4B5A-8530-921E9093DA78} : DHCPNameServer = 192.168.45.2
TCP: Interfaces\{E6299E01-556A-421F-8A4F-9D6DFD6B824D} : DHCPNameServer = 10.1.31.7
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
x64-mStart Page = about:blank
x64-BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll
x64-BHO: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
x64-BHO: Bitdefender Wallet : {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - <orphaned>
x64-TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>
x64-Run: [Bdagent] "C:\Program Files\Bitdefender\Bitdefender\bdagent.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-DPF: {4EFA317A-8569-4788-B175-5BAF9731A549} - hxxp://vsrcm5.vlab.elementk.com/rcm/web ... Client.cab
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\wvdvdud9.default\
FF - prefs.js: browser.startup.homepage - hxxp://sg.search.yahoo.com/?type=714647 ... got-yhp-ff
.
---- FIREFOX POLICIES ----
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: content.notify.ontimer - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.switch.threshold - 750000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
============= SERVICES / DRIVERS ===============
.
R0 avc3;avc3;C:\windows\System32\drivers\avc3.sys [2014-3-16 893440]
R0 gzflt;gzflt;C:\windows\System32\drivers\gzflt.sys [2014-3-15 150256]
R0 nvpciflt;nvpciflt;C:\windows\System32\drivers\nvpciflt.sys [2012-5-24 28992]
R0 PxHlpa64;PxHlpa64;C:\windows\System32\drivers\PxHlpa64.sys [2012-4-15 55280]
R0 SmartDefragDriver;SmartDefragDriver;C:\windows\System32\drivers\SmartDefragDriver.sys [2014-1-21 21184]
R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\windows\System32\drivers\tos_sps64.sys [2011-12-10 482384]
R0 vsock;vSockets Driver;C:\windows\System32\drivers\vsock.sys [2013-11-1 73296]
R1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [2014-3-15 93600]
R1 bdfwfpf;bdfwfpf;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2014-3-15 103504]
R1 BDVEDISK;BDVEDISK;C:\windows\System32\drivers\bdvedisk.sys [2014-3-15 76944]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\windows\System32\drivers\dtsoftbus01.sys [2011-12-29 279616]
R1 HssDRV6;Hotspot Shield Routing Driver 6;C:\windows\System32\drivers\hssdrv6.sys [2013-11-4 44744]
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7;C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\ASCService.exe [2013-12-16 886592]
R2 cfWiMAXService;ConfigFree WiMAX Service;C:\Program Files (x86)\Toshiba\ConfigFree\CFIWmxSvcs64.exe [2010-1-29 249200]
R2 ConfigFree Service;ConfigFree Service;C:\Program Files (x86)\Toshiba\ConfigFree\CFSvcs.exe [2009-3-11 46448]
R2 IDMWFP;IDMWFP;C:\windows\System32\drivers\idmwfp.sys [2012-12-14 165112]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2014-3-15 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2014-3-15 701512]
R2 rimspci;rimspci;C:\windows\System32\drivers\rimspe64.sys [2011-6-1 73216]
R2 risdxc;risdxc;C:\windows\System32\drivers\risdxc64.sys [2011-4-22 101376]
R2 rixdpcie;rixdpcie;C:\windows\System32\drivers\rixdpe64.sys [2011-4-26 53760]
R2 SafeBox;SafeBox;C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe [2014-3-15 94624]
R2 Symantec AntiVirus;Symantec Endpoint Protection;C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe [2010-12-22 1839776]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\System32\drivers\TVALZFL.sys [2009-6-20 14472]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-12-10 2656280]
R2 UPDATESRV;Bitdefender Desktop Update Service;C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [2014-3-15 67320]
R3 avchv;avchv Function Driver;C:\windows\System32\drivers\avchv.sys [2014-3-15 261056]
R3 avckf;avckf;C:\windows\System32\drivers\avckf.sys [2014-3-15 635392]
R3 BtFilter;Bluetooth LowerFilter Class Filter Driver;C:\windows\System32\drivers\btfilter.sys [2011-12-10 42096]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-3-16 137648]
R3 hidshim;Service for HID-KMDF Shim layer;C:\windows\System32\drivers\hidshim.sys [2011-3-10 6656]
R3 IntcDAud;Intel(R) Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2010-10-15 317440]
R3 MBAMProtector;MBAMProtector;C:\windows\System32\drivers\mbam.sys [2014-3-15 25928]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\windows\System32\drivers\nusb3hub.sys [2011-2-11 82432]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\windows\System32\drivers\nusb3xhc.sys [2011-2-11 181760]
R3 nuvotonhidcir;Nuvoton HID CIR Receiver;C:\windows\System32\drivers\nuvotonhidcir.sys [2011-3-10 32256]
R3 nuvotonir;Nuvoton CIR Transceiver;C:\windows\System32\drivers\nuvotonir.sys [2009-9-1 68096]
R3 PGEffect;Pangu effect driver;C:\windows\System32\drivers\PGEffect.sys [2011-12-10 38096]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
R3 taphss6;Anchorfree HSS VPN Adapter;C:\windows\System32\drivers\taphss6.sys [2013-4-25 42184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 KMService;KMService;C:\windows\System32\srvany.exe --> C:\windows\System32\srvany.exe [?]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
S3 bdfwfpf_pc;bdfwfpf_pc;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [2014-3-15 121928]
S3 BDSandBox;BDSandBox;C:\windows\System32\drivers\bdsandbox.sys [2014-3-15 82824]
S3 cpudrv64;cpudrv64;C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [2011-6-2 17864]
S3 fssfltr;fssfltr;C:\windows\System32\drivers\fssfltr.sys [2012-4-14 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
S3 FunshionSvr;FSServicePlatform;C:\windows\System32\svchost.exe -k FunshionServiceTools [2011-5-19 27648]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2014-3-12 111616]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\windows\System32\drivers\netaapl64.sys [2013-7-25 23040]
S3 npggsvc;nProtect GameGuard Service;C:\windows\System32\GameMon.des -service --> C:\windows\System32\GameMon.des -service [?]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-1-23 178760]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\windows\System32\drivers\rdpvideominiport.sys [2012-12-17 19456]
S3 ser2at;ATEN USB to Serial port driver;C:\windows\System32\drivers\ser2at64.sys [2009-10-15 96256]
S3 TMachInfo;TMachInfo;C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe [2011-12-10 54136]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-12-9 137632]
S3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2011-4-6 828336]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2014-2-14 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2012-12-17 30208]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 VBoxUSB;VirtualBox USB;C:\windows\System32\drivers\VBoxUSB.sys [2013-3-15 106256]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2011-12-16 1255736]
S4 ASCAntivirusSrv;AdvancedSystemCareAntivirus;C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\ASCAvSvc.exe [2013-12-16 647488]
S4 BdDesktopParental;Bitdefender Desktop Parental Control;C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [2014-3-15 77632]
S4 hshld;Hotspot Shield Service;C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [2013-11-2 906024]
S4 HssWd;Hotspot Shield Monitoring Service;C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [2013-11-2 555304]
S4 IObitUnlocker;IObitUnlocker;C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [2013-11-16 35256]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-7-22 61976]
S4 RsFx0105;RsFx0105 Driver;C:\windows\System32\drivers\RsFx0105.sys [2011-9-22 311144]
S4 Seagate Dashboard Services;Seagate Dashboard Services;C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [2013-5-30 16000]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2011-9-22 431464]
S4 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S4 TeamViewer9;TeamViewer 9;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-1-29 5341536]
S4 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2011-4-8 294328]
S4 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2013-10-9 905272]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
.
=============== File Associations ===============
.
ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5.5\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2014-03-19 22:59:07 -------- d-sh--w- C:\$RECYCLE.BIN
2014-03-19 12:50:36 98816 ----a-w- C:\windows\sed.exe
2014-03-19 12:50:36 256000 ----a-w- C:\windows\PEV.exe
2014-03-19 12:50:36 208896 ----a-w- C:\windows\MBR.exe
2014-03-18 22:25:22 -------- d-----w- C:\found.000
2014-03-18 04:40:59 -------- d---a-w- C:\TRK-INFECTED
2014-03-17 07:22:45 -------- d-----w- C:\NBRT
2014-03-16 14:28:56 -------- d---a-w- C:\bd_logs
2014-03-16 13:28:02 -------- d-----w- C:\windows\System32\drivers\NBRTWizardx64\0600000.04A
2014-03-16 13:28:02 -------- d-----w- C:\windows\System32\drivers\NBRTWizardx64
2014-03-16 13:28:00 -------- d-----w- C:\Program Files (x86)\Norton Bootable Recovery Tool Wizard
2014-03-16 13:27:00 -------- d-----w- C:\Program Files (x86)\NortonInstaller
2014-03-16 11:37:32 -------- d-----w- C:\Users\user\AppData\Local\NPE
2014-03-16 05:50:28 893440 ------w- C:\windows\System32\drivers\avc3.sys
2014-03-16 05:08:17 -------- d---a-w- C:\MyRegBack
2014-03-15 14:56:38 -------- d-----w- C:\ProgramData\BDLogging
2014-03-15 14:56:27 76944 ------w- C:\windows\System32\drivers\bdvedisk.sys
2014-03-15 14:56:24 93600 ----a-w- C:\windows\System32\drivers\BdfNdisf6.sys
2014-03-15 14:56:24 82824 ------w- C:\windows\System32\drivers\bdsandbox.sys
2014-03-15 14:56:24 74512 ----a-w- C:\windows\SysWow64\bdsandboxuiskin32.dll
2014-03-15 14:56:24 511328 ----a-w- C:\windows\capicom.dll
2014-03-15 14:56:08 635392 ------w- C:\windows\System32\drivers\avckf.sys
2014-03-15 14:54:54 -------- d-----w- C:\Users\user\AppData\Roaming\Bitdefender
2014-03-15 14:54:50 3271472 ---ha-w- C:\bdr-bz01
2014-03-15 14:53:11 84848 ----a-w- C:\windows\System32\BDSandBoxUISkin.dll
2014-03-15 14:53:11 74512 ----a-w- C:\windows\System32\bdsandboxuiskin32.dll
2014-03-15 14:53:11 34384 ----a-w- C:\windows\System32\BDSandBoxUH.dll
2014-03-15 14:53:11 150256 ------w- C:\windows\System32\drivers\gzflt.sys
2014-03-15 14:53:11 -------- d-----w- C:\ProgramData\Bitdefender
2014-03-15 14:53:10 389240 ------w- C:\windows\System32\drivers\trufos.sys
2014-03-15 14:51:45 -------- d-----w- C:\Program Files\Common Files\Bitdefender
2014-03-15 14:51:27 -------- d-----w- C:\Program Files (x86)\Common Files\Bitdefender
2014-03-15 14:45:59 261056 ------w- C:\windows\System32\drivers\avchv.sys
2014-03-15 14:41:00 -------- d-----w- C:\Program Files\Bitdefender
2014-03-15 14:32:54 8199504 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2014-03-15 14:32:42 10536864 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{42DE3200-6AA4-4B8C-961D-84109439EB49}\mpengine.dll
2014-03-15 14:30:17 -------- d-----w- C:\ProgramData\QvodPlayer
2014-03-15 14:25:42 25928 ------w- C:\windows\System32\drivers\mbam.sys
2014-03-15 12:47:59 -------- d-----w- C:\Users\user\AppData\Roaming\QuickScan
2014-03-14 12:02:04 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-12 14:59:00 228864 ----a-w- C:\windows\System32\wwansvc.dll
2014-03-12 14:56:28 624128 ----a-w- C:\windows\System32\qedit.dll
2014-03-12 14:56:28 509440 ----a-w- C:\windows\SysWow64\qedit.dll
2014-03-12 14:56:27 1424384 ----a-w- C:\windows\System32\WindowsCodecs.dll
2014-03-12 14:56:27 1230336 ----a-w- C:\windows\SysWow64\WindowsCodecs.dll
2014-03-10 15:10:13 -------- d-----w- C:\Users\user\AppData\Local\{5210D51B-DF8F-4621-AEFE-91668BD8A8AD}
2014-03-07 11:02:44 -------- d-----w- C:\Users\user\.VirtualBox
2014-03-01 13:59:50 -------- d-----w- C:\Program Files\iPod
2014-03-01 13:59:48 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-01 13:59:48 -------- d-----w- C:\Program Files\iTunes
2014-03-01 13:59:48 -------- d-----w- C:\Program Files (x86)\iTunes
2014-03-01 13:55:05 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin5.dll
2014-03-01 13:55:05 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin4.dll
2014-03-01 13:55:05 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin3.dll
2014-03-01 13:55:05 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin2.dll
2014-03-01 13:55:05 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin.dll
2014-02-26 07:28:59 6574592 ----a-w- C:\windows\System32\mstscax.dll
2014-02-26 07:28:59 5694464 ----a-w- C:\windows\SysWow64\mstscax.dll
.
==================== Find3M ====================
.
2014-03-01 05:17:02 2724864 ----a-w- C:\windows\System32\mshtml.tlb
2014-03-01 05:16:26 4096 ----a-w- C:\windows\System32\ieetwcollectorres.dll
2014-03-01 04:52:55 66048 ----a-w- C:\windows\System32\iesetup.dll
2014-03-01 04:51:59 48640 ----a-w- C:\windows\System32\ieetwproxystub.dll
2014-03-01 04:33:52 139264 ----a-w- C:\windows\System32\ieUnatt.exe
2014-03-01 04:33:34 111616 ------w- C:\windows\System32\ieetwcollector.exe
2014-03-01 04:32:59 708608 ----a-w- C:\windows\System32\jscript9diag.dll
2014-03-01 04:23:49 940032 ----a-w- C:\windows\System32\MsSpellCheckingFacility.exe
2014-03-01 04:11:20 2724864 ----a-w- C:\windows\SysWow64\mshtml.tlb
2014-03-01 03:54:33 5768704 ----a-w- C:\windows\System32\jscript9.dll
2014-03-01 03:52:43 61952 ----a-w- C:\windows\SysWow64\iesetup.dll
2014-03-01 03:51:53 51200 ----a-w- C:\windows\SysWow64\ieetwproxystub.dll
2014-03-01 03:38:26 112128 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2014-03-01 03:37:35 553472 ----a-w- C:\windows\SysWow64\jscript9diag.dll
2014-03-01 03:35:11 2041856 ----a-w- C:\windows\System32\inetcpl.cpl
2014-03-01 03:14:15 4244480 ------w- C:\windows\SysWow64\jscript9.dll
2014-03-01 03:10:28 2334208 ----a-w- C:\windows\System32\wininet.dll
2014-03-01 03:00:08 1964032 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2014-03-01 02:32:16 1820160 ----a-w- C:\windows\SysWow64\wininet.dll
2014-02-21 06:13:33 71048 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-21 06:13:33 692616 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2014-02-07 01:23:30 3156480 ----a-w- C:\windows\System32\win32k.sys
2014-02-03 05:20:54 270496 ------w- C:\windows\System32\MpSigStub.exe
2014-01-29 02:32:18 484864 ----a-w- C:\windows\System32\wer.dll
2014-01-29 02:06:47 381440 ----a-w- C:\windows\SysWow64\wer.dll
2014-01-23 08:05:00 1683112 ------w- C:\windows\System32\FM20.DLL
2014-01-17 08:24:12 94208 ----a-w- C:\windows\SysWow64\QuickTimeVR.qtx
2014-01-17 08:24:12 69632 ----a-w- C:\windows\SysWow64\QuickTime.qts
2014-01-08 07:54:02 121856 ------w- C:\windows\System32\IObitSmartDefragExtension.dll
2013-12-24 23:09:41 1987584 ----a-w- C:\windows\SysWow64\d3d10warp.dll
2013-12-24 22:48:32 2565120 ----a-w- C:\windows\System32\d3d10warp.dll
2013-12-24 02:40:32 21184 ------w- C:\windows\System32\drivers\SmartDefragDriver.sys
2013-12-21 09:53:45 548864 ----a-w- C:\windows\System32\vbscript.dll
2013-12-21 08:56:47 454656 ----a-w- C:\windows\SysWow64\vbscript.dll
.
============= FINISH: 21:53:54.12 ===============

ATTACH.TXT
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 9/12/2011 5:10:36 PM
System Uptime: 20/3/2014 9:29:14 PM (0 hours ago)
.
Motherboard: TOSHIBA | | Portable PC
Processor: Intel(R) Core(TM) i7-2670QM CPU @ 2.20GHz | Socket rPGA988B | 2201/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 582 GiB total, 352.408 GiB free.
D: is CDROM (CDFS)
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: VirtualBox Host-Only Ethernet Adapter
Device ID: ROOT\NET\0001
Manufacturer: Oracle Corporation
Name: VirtualBox Host-Only Ethernet Adapter
PNP Device ID: ROOT\NET\0001
Service: VBoxNetAdp
.
==== System Restore Points ===================
.
RP567: 16/3/2014 7:05:40 PM - Windows Update
RP568: 16/3/2014 8:13:43 PM - Manual Restore Point
RP569: 16/3/2014 8:14:06 PM - Norton_Power_Eraser_20140316201406743
RP606: 20/3/2014 8:57:17 PM - Manual Restore Point
.
==== Installed Programs ======================
.
µTorrent
7-Zip 9.20
7-Zip 9.20 (x64 edition)
Adobe AIR
Adobe Community Help
Adobe Content Viewer
Adobe Flash Player 12 ActiveX
Adobe Flash Player 12 Plugin
Adobe Reader X (10.1.9)
Adobe Story
Advanced SystemCare Ultimate 7
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Atheros Bluetooth Filter Driver Package
Atheros Driver Installation Program
Bitdefender Total Security
Bluetooth Stack for Windows by Toshiba
Bonjour
CCleaner
Cisco EAP-FAST ECP Module
Cisco Packet Tracer 5.3.3
Crystal Reports for Visual Studio
D3DX10
DAEMON Tools Lite
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition
Dota 2
DownloadX ActiveX Download Control 1.6.7
Dungeon Defenders
FATE - The Traitor Soul
Freemake Video Converter version 4.1.3
Garena Plus
Google Chrome
Google Update Helper
GunZ 2: The Second Duel
HDMI Control Manager
Hotfix for Microsoft Team Foundation Server 2010 Object Model - ENU (KB2890573)
Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2529927)
Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2542054)
Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2548139)
Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2549864)
Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2635973)
Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2890573)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2280741)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2284668)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2295689)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2420513)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2452649)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2455033)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2485545)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982517)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982721)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB983233)
Hotspot Shield 3.19
Intel(R) Management Engine Components
Intel(R) Processor Graphics
Intel(R) Rapid Storage Technology
Internet Download Manager
IObit Uninstaller
IObit Unlocker
iTunes
Junk Mail filter update
K-Lite Codec Pack 10.2.0 Full
LiveUpdate 3.3 (Symantec Corporation)
Malwarebytes Anti-Malware version 1.75.0.1300
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft ASP.NET MVC 2
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Help Viewer 1.1
Microsoft Office 32-bit Components 2013
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Office 32-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office OSM MUI (English) 2013
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Proofing (English) 2013
Microsoft Office Proofing Tools 2013 - English
Microsoft Office Proofing Tools 2013 - Español
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 32-bit MUI (English) 2010
Microsoft Office Shared 32-bit MUI (English) 2013
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared MUI (English) 2013
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2013
Microsoft Office Word MUI (English) 2010
Microsoft Primary Interoperability Assemblies 2005
Microsoft Project MUI (English) 2013
Microsoft Project Professional 2013
Microsoft Silverlight
Microsoft Silverlight 3 SDK
Microsoft Silverlight 4 SDK
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2008 (64-bit)
Microsoft SQL Server 2008 Browser
Microsoft SQL Server 2008 Common Files
Microsoft SQL Server 2008 Database Engine Services
Microsoft SQL Server 2008 Database Engine Shared
Microsoft SQL Server 2008 Native Client
Microsoft SQL Server 2008 R2 Data-Tier Application Framework
Microsoft SQL Server 2008 R2 Data-Tier Application Project
Microsoft SQL Server 2008 R2 Management Objects
Microsoft SQL Server 2008 R2 Management Objects (x64)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service
Microsoft SQL Server 2008 RsFx Driver
Microsoft SQL Server 2008 Setup Support Files
Microsoft SQL Server Compact 3.5 SP1 Design Tools English
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft SQL Server Compact 3.5 SP2 x64 ENU
Microsoft SQL Server Database Publishing Wizard 1.4
Microsoft SQL Server System CLR Types
Microsoft SQL Server System CLR Types (x64)
Microsoft SQL Server VSS Writer
Microsoft Sync Framework Runtime v1.0 SP1 (x64)
Microsoft Sync Framework SDK v1.0 SP1
Microsoft Sync Framework Services v1.0 SP1 (x64)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64)
Microsoft Team Foundation Server 2010 Object Model - ENU
Microsoft Visual C++ Compilers 2010 Standard - enu - x64
Microsoft Visual C++ Compilers 2010 Standard - enu - x86
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
Microsoft Visual F# 2.0 Runtime
Microsoft Visual J# 2.0 Redistributable Package - SE (x64)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
Microsoft Visual Studio 2010 Office Developer Tools (x64)
Microsoft Visual Studio 2010 Professional - ENU
Microsoft Visual Studio 2010 Service Pack 1
Microsoft Visual Studio 2010 SharePoint Developer Tools
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
Microsoft Visual Studio Macro Tools
Microsoft_VC80_ATL_x86
Microsoft_VC80_ATL_x86_x64
Microsoft_VC80_CRT_x86
Microsoft_VC80_CRT_x86_x64
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFC_x86_x64
Microsoft_VC80_MFCLOC_x86
Microsoft_VC80_MFCLOC_x86_x64
Microsoft_VC90_ATL_x86
Microsoft_VC90_ATL_x86_x64
Microsoft_VC90_CRT_x86
Microsoft_VC90_CRT_x86_x64
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFC_x86_x64
Microsoft_VC90_MFCLOC_x86
Microsoft_VC90_MFCLOC_x86_x64
Mozilla Firefox 23.0.1 (x86 en-US)
MSVCRT
MSVCRT_amd64
Norton Bootable Recovery Tool Wizard
Nuvoton CIR Device Drivers
NVIDIA Control Panel 301.42
NVIDIA Graphics Driver 301.42
NVIDIA Install Application
NVIDIA Optimus 1.8.15
NVIDIA PhysX
NVIDIA Update Components
NyxLauncherIS
Oracle VM VirtualBox 4.2.10
Outils de vérification linguistique 2013 de Microsoft Office - Français
Pando Media Booster
PDF Settings CS5
PL-2303 Vista Driver Installer-ATEN
PxMergeModule
QuickTime 7
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Renesas Electronics USB 3.0 Host Controller Driver
RICOH Media Driver v2.13.17.01
Sanctum
Seagate Dashboard 2.0
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft Excel 2010 (KB2826033) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2553284) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2826023) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2826035) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 64-Bit Edition
Security Update for Microsoft Visual Studio 2010 Professional - ENU (KB2644980)
Security Update for Microsoft Visual Studio 2010 Professional - ENU (KB2645410)
Security Update for Microsoft Visual Studio Macro Tools (KB2669970)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition
Service Pack 3 for SQL Server 2008 (KB2546951) (64-bit)
Skype™ 6.11
Smart Defrag 3
SpeedFan (remove only)
Sql Server Customer Experience Improvement Program
Steam
Surfing Protection
Symantec Endpoint Protection
Synaptics Pointing Device Driver
System Requirements Lab for Intel
TeamViewer 9
Tera Term 4.79
tools-linux
TOSHIBA Blu-ray Disc Player
TOSHIBA ConfigFree
TOSHIBA Disc Creator
TOSHIBA eco Utility
TOSHIBA HDD/SSD Alert
TOSHIBA Media Controller
TOSHIBA Media Controller Plug-in
TOSHIBA PC Health Monitor
TOSHIBA Recovery Media Creator
TOSHIBA ReelTime
TOSHIBA Remote Control Manager
TOSHIBA Resolution+ Plug-in for Windows Media Player
TOSHIBA Service Station
TOSHIBA Sleep Utility
TOSHIBA Speech System Applications
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Value Added Package
TOSHIBA Web Camera Application
TOSHIBA Wireless LAN Indicator
TrueCrypt
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2837594) 64-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817396) 64-Bit Edition
Update for Microsoft Lync 2013 (KB2863908) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition
Update for Microsoft Office 2010 (KB2863818) 64-Bit Edition
Update for Microsoft Office 2010 (KB2878225) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition
Update for Microsoft Outlook 2013 (KB2863911) 64-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 64-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2775360) 64-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition
Update for Microsoft Visio 2010 (KB2878227) 64-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 64-Bit Edition
Update for Microsoft Word 2010 (KB2837593) 64-Bit Edition
VideoPad Video Editor
Virtual Villagers 4 - The Tree of Life
Visual Studio 2010 Prerequisites - English
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
VLC media player 2.1.2
VMware Player
VMware vSphere Client 5.5
Warcraft III
WCF RIA Services V1.0 SP1
Web Deployment Tool
Win7codecs
Windows 7 USB/DVD Download Tool
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinPcap 4.1.2
WinRAR 4.10 beta 5 (64-bit)
Wireshark 1.6.7 (64-bit)
.
==== Event Viewer Messages From Past Week ========
.
20/3/2014 9:35:13 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.
20/3/2014 9:34:33 PM, Error: Service Control Manager [7038] - The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: Logon failure: the specified account password has expired. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
20/3/2014 9:34:33 PM, Error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The service did not start due to a logon failure.
20/3/2014 9:33:07 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
20/3/2014 9:33:07 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.
20/3/2014 9:28:36 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the VSSERV service.
20/3/2014 6:52:02 AM, Error: Service Control Manager [7022] - The Windows Search service hung on starting.
20/3/2014 6:48:51 AM, Error: Service Control Manager [7022] - The Security Center service hung on starting.
20/3/2014 6:42:01 AM, Error: volmgr [46] - Crash dump initialization failed!
20/3/2014 6:40:11 AM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
19/3/2014 9:31:18 PM, Error: Service Control Manager [7034] - The Diagnostic System Host service terminated unexpectedly. It has done this 1 time(s).
19/3/2014 9:31:18 PM, Error: Service Control Manager [7031] - The WLAN AutoConfig service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
19/3/2014 9:31:18 PM, Error: Service Control Manager [7031] - The Windows Audio Endpoint Builder service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
19/3/2014 9:31:18 PM, Error: Service Control Manager [7031] - The Superfetch service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
19/3/2014 9:31:18 PM, Error: Service Control Manager [7031] - The Program Compatibility Assistant Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
19/3/2014 9:31:18 PM, Error: Service Control Manager [7031] - The Network Connections service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
19/3/2014 9:31:18 PM, Error: Service Control Manager [7031] - The Human Interface Device Access service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
19/3/2014 9:31:18 PM, Error: Service Control Manager [7031] - The HomeGroup Listener service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
19/3/2014 9:31:18 PM, Error: Service Control Manager [7031] - The Distributed Link Tracking Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
19/3/2014 9:31:18 PM, Error: Service Control Manager [7031] - The Desktop Window Manager Session Manager service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
19/3/2014 9:19:00 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
19/3/2014 9:18:59 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
19/3/2014 8:50:40 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service VSS with arguments "" in order to run the server: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
19/3/2014 8:48:01 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service NVSvc with arguments "" in order to run the server: {DCAB0989-1301-4319-BE5F-ADE89F88581C}
19/3/2014 8:47:31 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
19/3/2014 8:47:30 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
19/3/2014 8:47:25 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
19/3/2014 8:47:21 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\windows\system32\athihvs.dll Error Code: 21
19/3/2014 8:47:17 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
19/3/2014 8:47:09 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: avc3 BDVEDISK discache eeCtrl gzflt spldr SRTSP SRTSPX Tosrfcom truecrypt trufos VBoxDrv VBoxUSBMon Wanarpv6
19/3/2014 6:31:33 AM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
19/3/2014 6:31:30 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
19/3/2014 6:31:30 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
19/3/2014 6:31:04 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD avc3 BdfNdisf bdfwfpf BDVEDISK DfsC discache eeCtrl gzflt HssDRV6 NetBIOS NetBT nsiproxy Psched rdbss spldr SRTSP SRTSPX tdx Tosrfcom truecrypt trufos VBoxDrv VBoxUSBMon vwififlt Wanarpv6 WfpLwf ws2ifsl
19/3/2014 6:31:02 AM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
19/3/2014 6:31:02 AM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
.
==== End Of File ===========================
huteh
Active Member
 
Posts: 1
Joined: March 20th, 2014, 9:40 am
Advertisement
Register to Remove

Re: Malware cause temp folder files to keep on multiplying

Unread postby Gary R » March 21st, 2014, 2:14 am

Your logs indicate that you connect to multiple private networks, which strongly suggests that this is not a machine for personal use, and is one that is being used for either business or educational purposes.

May I draw your attention to ALL USERS OF THIS FORUM MUST READ THIS FIRST topic, which you should have read before posting for help.

The sections here and here explain why we do not offer help for such computers. Thank you for your understanding.


This topic is now closed
User avatar
Gary R
Administrator
Administrator
 
Posts: 21871
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 29 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware