Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Windows 7 has slowed down - malware?

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Windows 7 has slowed down - malware?

Unread postby jumanj1 » August 1st, 2014, 12:29 pm

Hi,

My machine has slowed down completely and I am suspecting malware:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16561 BrowserJavaVersion: 10.65.2
Run by jc at 17:14:21 on 2014-08-01
Microsoft Windows 7 Enterprise 6.1.7601.1.1252.44.1033.18.8073.5164 [GMT 1:00]
.
AV: Symantec Endpoint Protection *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Symantec Endpoint Protection *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Symantec Endpoint Protection *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k HsfXAudioService
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\DRIVERS\o2flash.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k regsvc
C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\CCM\CcmExec.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\CCM\RemCtrl\CmRcService.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Microsoft Policy Platform\policyHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\CCM\SCNotification.exe
C:\ProgramData\App-V\D24C3BDD-8FAD-44D3-998C-933F8F053682\FA0011EA-B771-4F35-A11C-6070B7AAD884\Root\Office15\lync.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\mobsync.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskmgr.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\App-V\D24C3BDD-8FAD-44D3-998C-933F8F053682\FA0011EA-B771-4F35-A11C-6070B7AAD884\Root\Office15\UcMapi.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\ProgramData\App-V\D24C3BDD-8FAD-44D3-998C-933F8F053682\FA0011EA-B771-4F35-A11C-6070B7AAD884\Root\Office15\OCHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\ProgramData\App-V\D24C3BDD-8FAD-44D3-998C-933F8F053682\FA0011EA-B771-4F35-A11C-6070B7AAD884\Root\Office15\URLREDIR.DLL
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\ProgramData\App-V\D24C3BDD-8FAD-44D3-998C-933F8F053682\FA0011EA-B771-4F35-A11C-6070B7AAD884\Root\Office15\GROOVEEX.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
EB: Developer Tools: {1A6FE369-F28C-4AD9-A3E6-2BCB50807CF1} - C:\Program Files (x86)\Internet Explorer\iedvtool.dll
mRun: [ccApp] "C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\VPNGUI~1.LNK - C:\Windows\Installer\{467D5E81-8349-4892-9E81-C3674ED8E451}\Icon09DB8A851.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
uPolicies-Windows\System: ExcludeProfileDirs = downloads;My Documents;Application Data\Microsoft\Office\Live Meeting\Quicksilver;Application Data\Sun;workspace;OutlookPST;AppData\Roaming\Apple Computer\iTunes\iPad Software Updates;AppData\Roaming\Apple Computer\iTunes\iPhone Software Updates;AppData\Roaming\Apple Computer\iTunes\iPod Software Updates
mPolicies-Explorer: NoWelcomeScreen = dword:1
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-Windows\System: UserProfileMinTransferRate = dword:20000
mPolicies-Windows\System: SlowLinkTimeOut = dword:50
mPolicies-Windows\System: SlowLinkUIEnabled = dword:1
mPolicies-Windows\System: AddAdminGroupToRUP = dword:1
IE: E&xport to Microsoft Excel - C:\Users\jc\AppData\Local\Microsoft\AppV\Client\Integration\D24C3BDD-8FAD-44D3-998C-933F8F053682\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\ProgramData\App-V\D24C3BDD-8FAD-44D3-998C-933F8F053682\FA0011EA-B771-4F35-A11C-6070B7AAD884\Root\Office15\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\ProgramData\App-V\D24C3BDD-8FAD-44D3-998C-933F8F053682\FA0011EA-B771-4F35-A11C-6070B7AAD884\Root\Office15\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\ProgramData\App-V\D24C3BDD-8FAD-44D3-998C-933F8F053682\FA0011EA-B771-4F35-A11C-6070B7AAD884\Root\Office15\ONBttnIELinkedNotes.dll
Trusted Zone: cfer.com
Trusted Zone: globalcrossing.com
Trusted Zone: livemeeting.com
Trusted Zone: microsoftonline.com
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/ ... ontrol.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
TCP: NameServer = 172.18.0.77 172.18.0.52
TCP: Interfaces\{1DAC514A-F66C-4DA9-B6AF-0767EE108C6A}\244584572633D283A573D4 : DHCPNameServer = 192.168.1.254 192.168.1.254
TCP: Interfaces\{1DAC514A-F66C-4DA9-B6AF-0767EE108C6A}\D4D47402759464940284F4453505F445 : DHCPNameServer = 208.67.222.220 208.67.222.222
TCP: Interfaces\{87A47B8B-0ED0-4BC7-85F9-832A6D2E83F1} : DHCPNameServer = 172.18.0.77 172.18.0.52
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\ProgramData\App-V\D24C3BDD-8FAD-44D3-998C-933F8F053682\FA0011EA-B771-4F35-A11C-6070B7AAD884\Root\Office15\MSOSB.DLL
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\ProgramData\App-V\D24C3BDD-8FAD-44D3-998C-933F8F053682\FA0011EA-B771-4F35-A11C-6070B7AAD884\Root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\ProgramData\App-V\D24C3BDD-8FAD-44D3-998C-933F8F053682\FA0011EA-B771-4F35-A11C-6070B7AAD884\Root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\ProgramData\App-V\D24C3BDD-8FAD-44D3-998C-933F8F053682\FA0011EA-B771-4F35-A11C-6070B7AAD884\Root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\ProgramData\App-V\D24C3BDD-8FAD-44D3-998C-933F8F053682\FA0011EA-B771-4F35-A11C-6070B7AAD884\Root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\ProgramData\App-V\D24C3BDD-8FAD-44D3-998C-933F8F053682\FA0011EA-B771-4F35-A11C-6070B7AAD884\Root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\ProgramData\App-V\D24C3BDD-8FAD-44D3-998C-933F8F053682\FA0011EA-B771-4F35-A11C-6070B7AAD884\Root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Trusted Zone: cer.com
x64-Trusted Zone: cfer.com
x64-Trusted Zone: globalcrossing.com
x64-Trusted Zone: livemeeting.com
x64-Trusted Zone: microsoftonline.com
x64-Trusted Zone: yps.pqe
x64-Trusted Zone: yps.pqe
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\jc\AppData\Roaming\Mozilla\Firefox\Profiles\0j5rd2qu.default\
FF - prefs.js: browser.search.selectedEngine - Google Default
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: network.proxy.type - 4
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrlui.dll
FF - plugin: C:\ProgramData\App-V\D24C3BDD-8FAD-44D3-998C-933F8F053682\FA0011EA-B771-4F35-A11C-6070B7AAD884\Root\Office15\NPSPWRAP.DLL
FF - plugin: C:\ProgramData\App-V\D24C3BDD-8FAD-44D3-998C-933F8F053682\FA0011EA-B771-4F35-A11C-6070B7AAD884\Root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll
FF - plugin: C:\Users\jc\AppData\Roaming\Mozilla\plugins\npatgpc.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll
.
============= SERVICES / DRIVERS ===============
.
R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\System32\drivers\stdcfltn.sys [2012-7-6 21616]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2012-7-6 89600]
R2 AppVClient;Microsoft App-V Client;C:\Program Files\Microsoft Application Virtualization\Client\AppVClient.exe [2013-3-29 685208]
R2 CmRcService;Configuration Manager Remote Control;C:\Windows\CCM\RemCtrl\CmRcService.exe [2013-9-11 577720]
R2 HsfXAudioService;HsfXAudioService;C:\Windows\System32\svchost.exe -k HsfXAudioService [2009-7-14 27136]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-7-30 1809720]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-7-30 860472]
R2 Symantec AntiVirus;Symantec Endpoint Protection;C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe [2011-3-28 1839888]
R3 Acceler;Accelerometer Service;C:\Windows\System32\drivers\Accelern.sys [2012-7-6 27760]
R3 AppvStrm;AppvStrm;C:\Windows\System32\drivers\AppvStrm.sys [2013-3-29 104616]
R3 AppvVemgr;AppvVemgr;C:\Windows\System32\drivers\AppvVemgr.sys [2013-3-29 175256]
R3 AppvVfs;AppvVfs;C:\Windows\System32\drivers\AppvVfs.sys [2013-3-29 141480]
R3 CAXHWAZL;CAXHWAZL;C:\Windows\System32\drivers\CAXHWAZL.sys [2012-7-6 292864]
R3 cvusbdrv;Dell ControlVault;C:\Windows\System32\drivers\cvusbdrv.sys [2012-7-6 38440]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-6-10 142128]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-7-6 317440]
R3 lpasvc;Microsoft Policy Platform Local Authority;C:\Program Files\Microsoft Policy Platform\policyHost.exe [2012-8-2 50280]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-7-30 25816]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-7-30 122584]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-7-30 63704]
R3 O2MDFRDR;O2MDFRDR;C:\Windows\System32\drivers\o2mdfw7x64.sys [2012-7-6 72808]
R3 O2SDJRDR;O2SDJRDR;C:\Windows\System32\drivers\o2sdjw7x64.sys [2012-7-6 75240]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 dc21x4vm;dc21x4vm;C:\Windows\System32\drivers\dc21x4vm.sys [2009-6-10 57344]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 lppsvc;Microsoft Policy Platform Processor;C:\Program Files\Microsoft Policy Platform\policyHost.exe [2012-8-2 50280]
S3 netvsc;netvsc;C:\Windows\System32\drivers\netvsc60.sys [2010-11-21 168448]
S3 O2MDRRDR;O2MDRRDR;C:\Windows\System32\drivers\O2MDRw7x64.sys [2012-7-6 74984]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-21 20992]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2010-11-21 88960]
S3 SynthVid;SynthVid;C:\Windows\System32\drivers\VMBusVideoM.sys [2010-11-21 22528]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2010-11-21 34816]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-10-3 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
.
=============== File Associations ===============
.
ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS3\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2014-08-01 15:50:02 20080 ----a-w- C:\Program Files (x86)\Mozilla Firefox\AccessibleMarshal.dll
2014-08-01 15:50:01 75376 ----a-w- C:\Program Files (x86)\Mozilla Firefox\breakpadinjector.dll
2014-08-01 15:50:01 46704 ----a-w- C:\Program Files (x86)\Mozilla Firefox\browser\components\browsercomps.dll
2014-08-01 15:50:01 2106216 ----a-w- C:\Program Files (x86)\Mozilla Firefox\D3DCompiler_43.dll
2014-07-31 14:30:37 -------- d-sh--w- C:\$RECYCLE.BIN
2014-07-31 13:37:26 -------- d-s---w- C:\ComboFix
2014-07-30 14:25:38 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-07-30 14:24:53 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-07-30 14:24:53 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-07-30 14:24:53 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-07-30 14:24:53 -------- d-----w- C:\ProgramData\Malwarebytes
2014-07-30 14:24:53 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-24 08:33:29 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-07-23 13:18:07 588496 ----a-w- C:\ProgramData\Microsoft\ClickToRun\{D24C3BDD-8FAD-44d3-998C-933F8F053682}\Integrator.exe
2014-07-23 13:08:27 98880 ----a-w- C:\ProgramData\Microsoft\AppV\Client\Integration\D24C3BDD-8FAD-44D3-998C-933F8F053682\Root\Office15\TaxonomyControl.dll
2014-07-16 11:01:37 588496 ----a-w- C:\Users\jc\AppData\Roaming\Microsoft\ClickToRun\{D24C3BDD-8FAD-44d3-998C-933F8F053682}\Integrator.exe
2014-07-15 12:59:14 -------- d-----w- C:\ProgramData\App-V
2014-07-14 09:50:59 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
2014-07-14 09:47:39 449024 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\tabskb.dll
2014-07-14 09:47:38 692736 ----a-w- C:\Windows\System32\osk.exe
2014-07-14 09:47:38 646144 ----a-w- C:\Windows\SysWow64\osk.exe
2014-07-14 09:47:38 3157504 ----a-w- C:\Windows\System32\win32k.sys
2014-07-14 09:47:28 624128 ----a-w- C:\Windows\System32\qedit.dll
2014-07-14 09:47:27 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2014-07-14 09:43:40 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-07-14 09:43:40 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-07-14 09:43:39 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-07-14 09:01:50 -------- d-----w- C:\Program Files\Microsoft Application Virtualization
2014-07-14 09:01:23 -------- d-----w- C:\ProgramData\Package Cache
2014-07-11 09:34:59 -------- d-----w- C:\ux-framework-new
.
==================== Find3M ====================
.
2014-07-14 11:17:08 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-14 11:17:08 699056 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-06-07 02:59:53 2339328 ----a-w- C:\Windows\System32\jscript9.dll
2014-06-07 02:51:22 1494016 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-06-07 02:51:06 1392128 ----a-w- C:\Windows\System32\wininet.dll
2014-06-07 02:45:37 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-06-07 02:45:17 599040 ----a-w- C:\Windows\System32\vbscript.dll
2014-06-07 02:40:25 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2014-06-07 02:39:40 12800 ----a-w- C:\Windows\System32\mshta.exe
2014-06-06 23:12:01 1810432 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-06-06 23:03:02 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-06-06 23:02:16 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-06-06 22:57:04 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-06-06 22:56:20 421376 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-06-06 22:52:42 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-06-06 22:51:59 11776 ----a-w- C:\Windows\SysWow64\mshta.exe
2014-05-14 16:21:04 2620928 ----a-w- C:\Windows\System32\wucltux.dll
2014-05-14 16:20:45 97792 ----a-w- C:\Windows\System32\wudriver.dll
2014-05-14 16:17:10 92672 ----a-w- C:\Windows\SysWow64\wudriver.dll
2014-05-14 08:23:04 198600 ----a-w- C:\Windows\System32\wuwebv.dll
2014-05-14 08:23:04 179656 ----a-w- C:\Windows\SysWow64\wuwebv.dll
2014-05-14 08:20:46 36864 ----a-w- C:\Windows\System32\wuapp.exe
2014-05-14 08:17:14 33792 ----a-w- C:\Windows\SysWow64\wuapp.exe
2014-05-08 09:32:02 1112064 ----a-w- C:\Windows\System32\rdpcorets.dll
.
============= FINISH: 17:20:08.79 ===============
jumanj1
Active Member
 
Posts: 1
Joined: August 1st, 2014, 12:20 pm
Advertisement
Register to Remove

Re: Windows 7 has slowed down - malware?

Unread postby Cypher » August 2nd, 2014, 5:50 am

Business Use / Business Networked Computer
It appears you are using your computer for business purposes or connecting to a business network.

May I draw your attention to the topic: ALL USERS OF THIS FORUM MUST READ THIS FIRST, which you should have read before posting for help.

The section here explains why we do not offer help for such computers. Thank you for your understanding.


This topic is now closed.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 45 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware