Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

CDRom, Printer, dbghelp.dll file and other crazy things happ

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

CDRom, Printer, dbghelp.dll file and other crazy things happ

Unread postby Fiber-1 » September 11th, 2015, 12:51 pm

Hello, I need some assistance in the smarts department. I believe I might have an infection of some kind or I wrecked my system.
First signs of this was my CDROM/DVD player/burner was ghost activating, and then it was robbing windows explorer of resources causing it to hang and crash.
I disabled the CDROM by unhooking the wire harness(s) that supply it. That enabled windows to stop from hanging.
I then installed a spy bot search and destroy and it found a few minor issues, I ran a whole scan and quarantined all threats.
I have a shared computer, and my better half needed help viewing a video file from her mother and it was in mp4 platform, my computer would not play it, I forgot I disabled flash player, and installed a mp4 down load Cole2kmedia-Codec pack (advanced) 8.0.2.
After un-installing the Cole2kmedia program the dbghelp.dll error message arrived at boot up on reboot, and would not allow the computer to boot up.
I ran a "run as admin." command line prompt using sfc/scannow, it replaced the dbghelp.dll file, and I was able to boot up.
So every time I try to un-install the Cole2kmedia program I receive the dbghelp.dll file is missing or corrupted error message on reboot every time.
Every time I hook back up the CDROM it hangs windows as all the data is going there and is ghost running, now my printer is turning on and off and is printing out ink cartridge realignment pages until I turn it off manually.
Before any of that happened above my CPU usage was way over and the cooling fans would run at full speed until they went down to 0-5%. I cracked the computer case and did a thorough vacuum cleaning, removing years of dust, that helped with the CPU usage and fan speed operation is normal again.
I noticed several items installed on my system that we did not approve of or was tricked to installing them through bundled software the free stuff 99% of the time.
So if you think my system is wasted and not worth the time and effort of checking it for malware I'll understand completely.
If you decide to take on this system, I'll pray for you.
Best regards Roger l Reid.

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16696 BrowserJavaVersion: 11.45.2
Run by roger at 11:54:35 on 2015-09-11
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2942.1249 [GMT -4:00]
.
AV: AVG AntiVirus Free Edition 2015 *Enabled/Updated* {4D41356F-32AD-7C42-C820-63775EE4F413}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: AVG AntiVirus Free Edition 2015 *Enabled/Updated* {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG Internet Security 2015 *Disabled* {757AB44A-78C2-7D1A-E37F-CA42A037B368}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\System32\LEXBCES.EXE
C:\Windows\System32\LEXPPS.EXE
C:\Windows\System32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware2\SASCORE.EXE
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\AVG\AVG2015\avgidsagent.exe
C:\Program Files\AVG\AVG2015\avgwdsvc.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\AVG\AVG2015\avgcsrvx.exe
C:\Program Files\Malwarebytes Anti-Exploit\mbae-svc.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files\AVG\AVG2015\avgnsx.exe
C:\Program Files\AVG\AVG2015\avgemcx.exe
C:\Program Files\AVG\AVG2015\avgrsx.exe
C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\40.1.6\ToolbarUpdater.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\40.1.6\loggingserver.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files\Google\Update\1.3.28.13\GoogleCrashHandler.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Program Files\AVG\AVG2015\avgui.exe
C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files\AVG Web TuneUp\vprot.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Windows\system32\ctfmon.exe
C:\Program Files\AVG Web TuneUp\avgcefrend.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Users\roger\Desktop\CCleaner\CCleaner.exe
C:\Program Files\HP\Digital Imaging\bin\hpqKYGRP.exe
C:\Program Files\HP\Digital Imaging\bin\hpqKYGRP.exe
C:\Program Files\HP\Digital Imaging\Bin\hpqdstcp.exe
C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Program Files\AVG\AVG2015\avgui.exe
C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files\AVG Web TuneUp\vprot.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\system32\ctfmon.exe
C:\Program Files\AVG Web TuneUp\avgcefrend.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k HPZ12
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.yahoo.com/?fr=hp-avast&type=agc511
uWindow Title = Windows Internet Explorer provided by Yahoo!
uSearch Page = hxxps://search.yahoo.com/yhs/search?typ ... yhs-001&p={searchTerms}
uDefault_Page_URL = hxxp://www.yahoo.com/?fr=fp-yie8
mStart Page = hxxps://www.yahoo.com/?fr=hp-avast&type=agc511
mSearch Bar = hxxps://www.yahoo.com/?fr=hp-avast&type=agc511
mSearch Page = hxxps://search.yahoo.com/yhs/search?typ ... yhs-001&p={searchTerms}
uSearchAssistant = hxxp://www.google.com
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.8.0_45\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AVG Web TuneUp: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg web tuneup\4.1.6.294\AVG Web TuneUp.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre1.8.0_45\bin\jp2ssv.dll
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [AVG_UI] "c:\program files\avg\avg2015\avgui.exe" /TRAYONLY
mRun: [Malwarebytes Anti-Exploit] c:\program files\malwarebytes anti-exploit\mbae.exe
mRun: [SDTray] "c:\program files\spybot - search & destroy 2\SDTray.exe"
mRun: [vProt] "c:\program files\avg web tuneup\vprot.exe"
mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: SoftwareSASGeneration = dword:1
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net ... plugin.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 192.168.254.254
TCP: Interfaces\{5A7565AE-22B9-469D-B456-2F2EAD521EBD} : DHCPNameServer = 192.168.254.254
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
Notify: SDWinLogon - SDWinLogon.dll
SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware2\SASSEH.DLL
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
mASetup: {981b174d-7733-4e7f-b89d-6545a7c21838} - c:\program files\amazon\amazon1buttonapp\Amazon1ButtonTaskbarApp.exe /pin:
mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,launchinfsectionex c:\program files\internet explorer\clrtour.inf,DefaultInstall.ResetTour,,12
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\roger\appdata\roaming\mozilla\firefox\profiles\6f1mdaf5.default-1426000468977\
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.28.13\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre1.8.0_45\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre1.8.0_45\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.40728.0\npctrlui.dll
FF - plugin: c:\program files\wildtangent games\app\browserintegration\registered\0\NP_wtapp.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_18_0_0_232.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2015-5-12 190944]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2015-5-7 290272]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2015-6-10 170464]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2015-3-20 35808]
R1 Avgdiskx;AVG Disk Driver;c:\windows\system32\drivers\avgdiskx.sys [2015-3-11 132576]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2015-6-26 231856]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2015-5-14 29664]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2015-6-16 207328]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2015-5-12 213984]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit;c:\program files\malwarebytes anti-exploit\mbae.sys [2015-5-24 47928]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware2\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware2\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware2\SASCORE.EXE [2013-5-23 142648]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2015\avgidsagent.exe [2015-7-7 3518376]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2015\avgwdsvc.exe [2015-7-7 314304]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 MbaeSvc;Malwarebytes Anti-Exploit Service;c:\program files\malwarebytes anti-exploit\mbae-svc.exe [2015-5-24 713016]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\spybot - search & destroy 2\SDFSSvc.exe [2015-8-31 1738168]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\spybot - search & destroy 2\SDUpdSvc.exe [2015-8-31 2088408]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\spybot - search & destroy 2\SDWSCSvc.exe [2015-8-31 171928]
R2 vToolbarUpdater40.1.6;vToolbarUpdater40.1.6;c:\program files\common files\avg secure search\vtoolbarupdater\40.1.6\ToolbarUpdater.exe [2015-9-9 1874320]
R2 WtuSystemSupport;WtuSystemSupport;c:\program files\avg web tuneup\WtuSystemSupport.exe [2015-9-9 1205136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2014-4-11 103608]
S3 GamesAppIntegrationService;GamesAppIntegrationService;c:\program files\wildtangent games\app\GamesAppIntegrationService.exe [2015-6-25 349728]
S3 GamesAppService;GamesAppService;c:\program files\wildtangent games\app\GamesAppService.exe [2015-6-25 209952]
S3 PCD5SRVC{BD6912E3-AC9D80E8-05040000};PCD5SRVC{BD6912E3-AC9D80E8-05040000} - PCDR Kernel Mode Service Helper Driver;c:\progra~1\pc-doc~1\PCD5SRVC.pkms [2008-9-9 20640]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2015-8-31 27192]
S3 SWDUMon;SWDUMon;c:\windows\system32\drivers\SWDUMon.sys [2014-3-27 13464]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2014-4-11 772296]
.
=============== Created Last 30 ================
.
2015-09-09 15:50:14 304640 ----a-w- c:\windows\system32\drivers\srv.sys
2015-09-09 15:50:14 102912 ----a-w- c:\windows\system32\drivers\srvnet.sys
2015-09-09 15:49:36 1402368 ----a-w- c:\windows\system32\msxml6.dll
2015-09-09 15:49:36 1253376 ----a-w- c:\windows\system32\msxml3.dll
2015-09-09 15:47:53 985600 ----a-w- c:\program files\windows journal\JNTFiltr.dll
2015-09-09 15:47:53 967680 ----a-w- c:\program files\windows journal\JNWDRV.dll
2015-09-09 15:47:53 940032 ----a-w- c:\program files\common files\microsoft shared\ink\journal.dll
2015-09-09 15:47:53 1850880 ----a-w- c:\program files\windows journal\Journal.exe
2015-09-09 15:47:53 1220608 ----a-w- c:\program files\windows journal\NBDoc.DLL
2015-09-09 15:47:34 34304 ----a-w- c:\windows\system32\atmlib.dll
2015-09-09 15:47:34 297472 ----a-w- c:\windows\system32\atmfd.dll
2015-09-09 15:47:34 2067456 ----a-w- c:\windows\system32\win32k.sys
2015-09-09 15:47:12 602112 ----a-w- c:\windows\system32\schedsvc.dll
2015-09-09 12:46:57 -------- d-----w- c:\users\roger\appdata\local\AVG Web TuneUp
2015-09-09 07:51:56 -------- d-----w- c:\programdata\AVG Security Toolbar
2015-09-09 07:51:39 -------- d-----w- c:\programdata\AVG Secure Search
2015-09-09 07:51:39 -------- d-----w- c:\program files\common files\AVG Secure Search
2015-09-09 07:51:33 -------- d-----w- c:\programdata\AVG Web TuneUp
2015-09-08 12:25:51 -------- d-----w- c:\users\roger\appdata\roaming\TuneUp Software
2015-09-06 02:55:00 -------- d-----w- c:\windows\system32\C2MP
2015-09-06 02:52:07 -------- d-----w- c:\program files\mp4player_setup
2015-08-31 18:10:31 2048 ----a-w- c:\windows\system32\tzres.dll
2015-08-31 16:30:48 -------- d-----w- c:\program files\common files\AV
2015-08-31 16:13:31 18968 ----a-w- c:\windows\system32\sdnclean.exe
2015-08-31 16:13:29 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2015-08-31 16:13:24 -------- d-----w- c:\program files\Spybot - Search & Destroy 2
2015-08-31 06:06:15 27192 ----a-w- c:\windows\system32\drivers\revoflt.sys
2015-08-31 06:06:15 -------- d-----w- c:\programdata\VS Revo Group
2015-08-31 02:00:55 -------- d-----w- c:\programdata\VIPRE
2015-08-31 01:37:51 -------- d-----w- c:\users\roger\appdata\roaming\ParetoLogic
2015-08-31 01:37:38 -------- d-----w- c:\programdata\ParetoLogic
2015-08-28 18:10:14 -------- d-----w- c:\users\roger\appdata\roaming\Business Logic
2015-08-28 18:10:10 -------- d-----w- c:\program files\Business Logic Corporation
2015-08-23 05:03:12 -------- d-----w- c:\program files\Coupons
2015-08-16 14:40:56 36568 ----a-w- c:\windows\system32\uxtuneup.dll
2015-08-13 07:04:08 56256 ----a-w- c:\windows\system32\drivers\mountmgr.sys
2015-08-13 07:04:08 49664 ----a-w- c:\windows\system32\csrsrv.dll
2015-08-13 07:04:08 140224 ----a-w- c:\windows\system32\drivers\ecache.sys
2015-08-13 07:04:07 564224 ----a-w- c:\windows\system32\emdmgmt.dll
2015-08-13 07:04:07 3605440 ----a-w- c:\windows\system32\ntkrnlpa.exe
2015-08-13 07:04:07 1206192 ----a-w- c:\windows\system32\ntdll.dll
2015-08-13 07:04:07 10752 ----a-w- c:\windows\system32\msmmsp.dll
2015-08-13 07:04:06 3553216 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-08-13 07:03:44 103120 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-13 07:03:15 2067968 ----a-w- c:\windows\system32\mstscax.dll
2015-08-13 07:02:30 68608 ----a-w- c:\windows\system32\basesrv.dll
2015-08-13 07:01:08 486400 ----a-w- c:\windows\system32\d3d10level9.dll
2015-08-13 07:01:08 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2015-08-13 07:01:08 189952 ----a-w- c:\windows\system32\d3d10core.dll
2015-08-13 07:01:08 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2015-08-13 07:01:08 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2015-08-13 07:01:07 802304 ----a-w- c:\windows\system32\FntCache.dll
2015-08-13 07:01:07 682496 ----a-w- c:\windows\system32\d2d1.dll
2015-08-13 07:01:07 1072640 ----a-w- c:\windows\system32\DWrite.dll
2015-08-13 07:01:07 1029120 ----a-w- c:\windows\system32\d3d10.dll
.
==================== Find3M ====================
.
2015-09-07 16:42:45 98520 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-08-17 17:18:19 1814016 ----a-w- c:\windows\system32\jscript9.dll
2015-08-17 17:14:56 367616 ----a-w- c:\windows\system32\html.iec
2015-08-17 17:12:06 1129472 ----a-w- c:\windows\system32\wininet.dll
2015-08-17 17:11:04 422400 ----a-w- c:\windows\system32\vbscript.dll
2015-08-17 17:11:02 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2015-08-17 17:10:36 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2015-08-17 17:10:08 11776 ----a-w- c:\windows\system32\mshta.exe
2015-08-17 17:09:58 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2015-08-12 17:49:18 778440 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-08-12 17:49:18 142536 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-08-05 04:03:08 877152 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2015-08-05 04:03:08 538208 ----a-w- c:\windows\system32\msvcp120_clr0400.dll
2015-08-04 12:25:52 37080 ----a-w- c:\windows\system32\TURegOpt.exe
2015-08-04 12:25:42 25816 ----a-w- c:\windows\system32\authuitu.dll
2015-07-09 14:25:55 151040 ----a-w- c:\windows\system32\notepad.exe
2015-07-09 14:25:55 151040 ----a-w- c:\windows\notepad.exe
2015-07-03 16:04:03 1316864 ----a-w- c:\windows\system32\ole32.dll
2015-07-01 15:57:27 199680 ----a-w- c:\windows\system32\WebClnt.dll
2015-06-27 16:03:22 783872 ----a-w- c:\windows\system32\rpcrt4.dll
2015-06-27 16:02:55 218112 ----a-w- c:\windows\system32\msv1_0.dll
2015-06-27 16:02:34 501248 ----a-w- c:\windows\system32\kerberos.dll
2015-06-27 16:01:58 801280 ----a-w- c:\windows\system32\advapi32.dll
2015-06-27 14:21:13 217088 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2015-06-27 14:21:10 81408 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2015-06-26 13:49:36 231856 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2015-06-18 12:41:50 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-06-18 12:41:42 94936 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-06-18 12:41:36 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-06-17 16:50:20 2264576 ----a-w- c:\windows\system32\msi.dll
2015-06-17 15:09:17 73216 ----a-w- c:\windows\system32\msiexec.exe
2015-06-16 19:54:52 207328 ----a-w- c:\windows\system32\drivers\avgldx86.sys
.
============= FINISH: 11:55:23.76 ===============
Fiber-1
Active Member
 
Posts: 2
Joined: September 10th, 2015, 11:34 am
Advertisement
Register to Remove

Re: CDRom, Printer, dbghelp.dll file and other crazy things

Unread postby MWR 3 day Mod » September 15th, 2015, 2:59 pm

Hi,

We are sorry to see your topic is over three days old and no one has yet been able to respond and offer help.

If you still require assistance, please post a link to your topic in our Waiting for help with malware removal? forum, and our staff will make an effort to assist you as promptly as possible. Only post a LINK to this topic, DO NOT post your DDS log!

Please do not reply to this topic.

If you haven't posted within two days in the "Waiting for help with malware removal?" forum, we will assume you have been able to get assistance in other ways and this topic will be closed.
MWR 3 day Mod
MRU Undergrad
MRU Undergrad
 
Posts: 2534
Joined: April 4th, 2008, 8:40 am

Re: CDRom, Printer, dbghelp.dll file and other crazy things

Unread postby NonSuch » September 19th, 2015, 6:39 pm

Due to a lack of response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
NonSuch
Administrator
Administrator
 
Posts: 28747
Joined: February 23rd, 2005, 7:08 am
Location: California


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 316 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware