Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Weird Infection

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Weird Infection

Unread postby TxnerT » November 2nd, 2013, 11:16 pm

I had an infection with a weird name it got deleted by spybot and then again by malwarebytes but keeps coming, i dont know where its hiding now. Its disabled connection to internet to a lot of my programs, rendered my AV useless as it broke it. I cant watch videos because i get a plugin crash every second. and i dont know what else to do.

LOGS..

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 3/19/2013 2:59:13 AM
System Uptime: 11/2/2013 5:30:56 PM (1 hours ago)
.
Motherboard: Alienware | |
Processor: Intel(R) Core(TM)2 Extreme CPU Q9300 @ 2.53GHz | Socket 479 | 2534/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 170 GiB total, 107.649 GiB free.
D: is FIXED (NTFS) - 48 GiB total, 33.992 GiB free.
E: is CDROM ()
F: is CDROM ()
G: is Removable
H: is FIXED (NTFS) - 932 GiB total, 819.478 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Description: facap, FastAccess Video Capture
Device ID: ROOT\IMAGE\0000
Manufacturer: Sensible Vision
Name: facap, FastAccess Video Capture
PNP Device ID: ROOT\IMAGE\0000
Service: FACAP
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Broadcom 802.11n Network Adapter
Device ID: PCI\VEN_14E4&DEV_432B&SUBSYS_04B114E4&REV_01\4&1A0E379B&0&00B0
Manufacturer: Broadcom
Name: Broadcom 802.11n Network Adapter
PNP Device ID: PCI\VEN_14E4&DEV_432B&SUBSYS_04B114E4&REV_01\4&1A0E379B&0&00B0
Service: BCM43XX
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Image File Execution Options =============
.
IFEO: dashboard.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO: displayagent.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO: driverscanner.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO: dw20.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO: excel.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO: mc_client_preferences.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO: msaccess.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO: msoxmled.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO: mspview.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO: mstore.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO: ois.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO: pcdlauncher.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO: powerpnt.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO: proflwiz.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO: steam.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO: unins000.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO: vz in-home agent_uninst.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO: winword.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
x64-IFEO: dashboard.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
x64-IFEO: displayagent.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
x64-IFEO: driverscanner.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
x64-IFEO: dw20.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
x64-IFEO: excel.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
x64-IFEO: mc_client_preferences.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
x64-IFEO: msaccess.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
x64-IFEO: msoxmled.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
x64-IFEO: mspview.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
x64-IFEO: mstore.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
x64-IFEO: ois.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
x64-IFEO: pcdlauncher.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
x64-IFEO: powerpnt.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
x64-IFEO: proflwiz.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
x64-IFEO: steam.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
x64-IFEO: unins000.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
x64-IFEO: vz in-home agent_uninst.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
x64-IFEO: winword.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
.
==== Installed Programs ======================
.
Acunetix Web Vulnerability Scanner 8.0
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.05)
Adobe Shockwave Player 12.0
AlienAutopsy
AVG PC TuneUp 2014
AVG PC TuneUp 2014 (en-US)
BitComet 1.35 64-bit
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
CCleaner
Command Center
Compatibility Pack for the 2007 Office system
CuteFTP 9
Dell System Detect
Dell System Detect Bootstrapper
Driver Magician 3.9
EaseUS Data Recovery Wizard 6.0
Eudemons Online
Facebook Video Calling 1.2.0.287
FileHippo.com Update Checker
GOM Player
Google Chrome
Google Update Helper
IHA_MessageCenter
InfraRecorder
Java 7 Update 25 (64-bit)
Java 7 Update 45
Java Auto Updater
Java SE Development Kit 7 Update 17 (64-bit)
lightshot-4.4.2.10
Magical Jelly Bean KeyFinder
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Office File Validation Add-In
Microsoft Office Professional Edition 2003
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
mIRC
MozBackup 1.5.1
Mozilla Firefox 24.0 (x86 en-US)
Mozilla Maintenance Service
Mozilla Thunderbird 24.1.0 (x86 en-US)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Netsparker - Web Application Security Scanner (2.3.0.0)
Notepad++
NVIDIA 3D Vision Controller Driver
NVIDIA 3D Vision Controller Driver 280.19
NVIDIA 3D Vision Driver 280.26
NVIDIA Control Panel 280.26
NVIDIA Drivers
NVIDIA Graphics Driver 280.26
NVIDIA Install Application
NVIDIA PhysX
NVIDIA Update 1.4.28
NVIDIA Update Components
PowerISO
Revo Uninstaller Pro 3.0.7
RICOH Media Driver
Seagate Dashboard 2.0
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)
Skype™ 6.9
Spybot - Search & Destroy
Steam
swMSM
Synaptics Pointing Device Driver
System Requirements Lab CYRI
System Requirements Lab for Intel
TeamViewer 8
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3)
Uplay
USB 2.0 Monitor 0.0.0
Visual Studio 2010 x64 Redistributables
Visual Studio 2012 x64 Redistributables
Visual Studio 2012 x86 Redistributables
VLC media player 2.0.8
VyprVPN
Vz In-Home Agent
WhoCrashed 4.01
Windows 7 Codec Pack 2.5.0
Windows Driver Package - ITE Tech.Inc. (itecir) HIDClass (05/01/2009 5.1.0000.1)
WinRAR archiver
Xvid Video Codec
.
==== Event Viewer Messages From Past Week ========
.
11/2/2013 5:31:51 PM, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-2147024891
11/2/2013 5:31:50 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
11/2/2013 5:31:27 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.
11/2/2013 5:31:27 PM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.
11/2/2013 5:31:27 PM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.
11/2/2013 4:17:52 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Alienware Fusion Service service to connect.
11/2/2013 4:17:52 PM, Error: Service Control Manager [7000] - The Alienware Fusion Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/2/2013 4:15:26 PM, Error: Service Control Manager [7024] - The AVG Firewall service terminated with service-specific error %%-536805289.
11/2/2013 4:15:25 PM, Error: Service Control Manager [7038] - The netprofm service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
11/2/2013 4:15:25 PM, Error: Service Control Manager [7024] - The Power service terminated with service-specific error The operation completed successfully..
11/2/2013 4:15:25 PM, Error: Service Control Manager [7000] - The Network List Service service failed to start due to the following error: The service did not start due to a logon failure.
11/2/2013 4:15:25 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1069" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
11/2/2013 4:15:23 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Interactive Services Detection service to connect.
11/2/2013 4:15:23 PM, Error: Service Control Manager [7000] - The Interactive Services Detection service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/2/2013 3:12:18 PM, Error: Service Control Manager [7034] - The AVG Firewall service terminated unexpectedly. It has done this 2 time(s).
11/2/2013 3:12:12 PM, Error: Service Control Manager [7031] - The AVG WatchDog service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
11/2/2013 3:11:57 PM, Error: Service Control Manager [7034] - The AVG Firewall service terminated unexpectedly. It has done this 1 time(s).
11/2/2013 1:35:48 PM, Error: Schannel [36888] - The following fatal alert was generated: 10. The internal error state is 10.
11/1/2013 3:01:32 PM, Error: nvstor64 [4] - Command to device was aborted. Device: \Device\RaidPort0 Model: ST9250421ASG Firmware Version: DE17 Serial Number: 5TH0M4NB Port: 0
11/1/2013 2:52:30 PM, Error: Service Control Manager [7001] - The Windows Image Acquisition (WIA) service depends on the Shell Hardware Detection service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
11/1/2013 2:52:30 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service stisvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
10/30/2013 8:29:55 AM, Error: Service Control Manager [7024] - The AVGIDSAgent service terminated with service-specific error %%-536753627.
10/30/2013 7:22:02 AM, Error: Service Control Manager [7034] - The AVG PC TuneUp Service service terminated unexpectedly. It has done this 2 time(s).
10/30/2013 7:21:22 AM, Error: Service Control Manager [7034] - The AVG PC TuneUp Service service terminated unexpectedly. It has done this 1 time(s).
10/30/2013 4:17:07 AM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-2147024891
10/30/2013 4:16:31 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Avgldx64
10/28/2013 2:45:36 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Seagate Dashboard Services service to connect.
10/27/2013 7:09:22 AM, Error: Microsoft-Windows-WLAN-AutoConfig [10003] - WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\bcmihvsrv64.dll
10/26/2013 4:38:56 AM, Error: Service Control Manager [7031] - The TeamViewer 8 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 2000 milliseconds: Restart the service.
10/26/2013 4:38:41 AM, Error: Service Control Manager [7034] - The Seagate Dashboard Services service terminated unexpectedly. It has done this 1 time(s).
.
==== End Of File ===========================


DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16720 BrowserJavaVersion: 10.45.2
Run by TxnerT at 18:27:55 on 2013-11-02
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8190.5511 [GMT -4:00]
.
AV: AVG Internet Security 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG Internet Security 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2013 *Enabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2014\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\Acunetix\Web Vulnerability Scanner 8\WVSScheduler.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Alienware\Command Center\AlienFusionService.exe
C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
C:\Program Files\OSD\Service1.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtlService.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
C:\Windows\system32\UI0Detect.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
C:\Program Files\Alienware\Command Center\AlienFusionController.exe
C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtWlan.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
C:\Program Files\OSD\Launch_CC.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\TxnerT\AppData\Local\Skillbrains\lightshot\4.4.2.10\LightShot.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe
C:\Program Files\OSD\OSD_Main.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Flash Player\flashplayer_update.exe
C:\Program Files\Alienware\Command Center\AlienSense\FATrayAlert.exe
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
C:\Program Files\Alienware\Command Center\AlienFXHook32Mngr.exe
C:\Program Files\Alienware\Command Center\AlienFXHook64Mngr.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\sysWOW64\wbem\wmiprvse.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.google.com.do/?gws_rd=cr&ei ... 9QS694GYDw
uDefault_Page_URL = hxxp://www.dell.com
mStart Page = hxxp://www.google.com
mWinlogon: Userinit = userinit.exe,
BHO: BitComet Helper: {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: SSOIEAddonBHO Class: {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files\Alienware\Command Center\AlienSense\FAIESSO.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [USB 2.0] C:\Program Files (x86)\Windows NT\usb2.0.exe
uRun: [LightShot] C:\Users\TxnerT\AppData\Local\Skillbrains\lightshot\LightShot.exe Flags: uninsdeletevalue
uRun: [Launch_CC] c:\Program Files\OSD\Launch_CC.exe
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [Uploader] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
mRun: [OSD] c:\Program Files\OSD\Launch.exe
mRun: [FATrayAlert] C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe
mRun: [DBAgent] "C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe" /WinStart
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
mRun: [FAStartup] <no file>
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: HideSCAHealth = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll/206
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/s ... wflash.cab
TCP: NameServer = 10.0.0.1
TCP: Interfaces\{62C0D2E2-E787-4D21-8178-27121C96333C} : DHCPNameServer = 196.3.81.5 200.88.127.22
TCP: Interfaces\{62C0D2E2-E787-4D21-8178-27121C96333C}\34C41425F48483244513 : DHCPNameServer = 10.0.0.1
TCP: Interfaces\{62C0D2E2-E787-4D21-8178-27121C96333C}\3536F6F6269656 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{62C0D2E2-E787-4D21-8178-27121C96333C}\75966496D2255607561647562713 : DHCPNameServer = 192.168.100.1
TCP: Interfaces\{62C0D2E2-E787-4D21-8178-27121C96333C}\D456C69672370224162697 : DHCPNameServer = 190.124.65.245 190.124.65.246
TCP: Interfaces\{C7328B24-C3A6-4F70-B5D6-CD1E64EF9317} : DHCPNameServer = 10.0.0.1
TCP: Interfaces\{C7328B24-C3A6-4F70-B5D6-CD1E64EF9317}\4586F6D637F6E6736303433303 : DHCPNameServer = 196.3.81.5 200.88.127.22
TCP: Interfaces\{C7328B24-C3A6-4F70-B5D6-CD1E64EF9317}\75966496D2255607561647562713 : DHCPNameServer = 192.168.100.1
TCP: Interfaces\{C7328B24-C3A6-4F70-B5D6-CD1E64EF9317}\D4162757B616 : DHCPNameServer = 192.168.100.1
TCP: Interfaces\{C7328B24-C3A6-4F70-B5D6-CD1E64EF9317}\D456C69672370224162697 : DHCPNameServer = 172.20.10.1
TCP: Interfaces\{C7328B24-C3A6-4F70-B5D6-CD1E64EF9317}\D494649402139323 : DHCPNameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{C7328B24-C3A6-4F70-B5D6-CD1E64EF9317}\F6074796D657D677966696 : DHCPNameServer = 10.243.255.72 10.243.255.73
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Notify: FastAccess - C:\Program Files\Alienware\Command Center\AlienSense\FALogNot.dll
AppInit_DLLs= {DLL_Str}
SSODL: WebCheck - <orphaned>
LSA: Notification Packages = scecli FAPassSync
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
mASetup: {RE47KN7B-G326-33WQ-47F5-X11544PLN71S} - c:\directory\MS Sounds\install\mssounds.exe
IFEO: dashboard.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO: displayagent.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO: driverscanner.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO: dw20.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO: excel.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [AlienFX Controller] "C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe"
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-IFEO: dashboard.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
x64-IFEO: displayagent.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
x64-IFEO: driverscanner.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
x64-IFEO: dw20.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
x64-IFEO: excel.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
.
Note: multiple IFEO entries found. Please refer to Attach.txt
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\TxnerT\AppData\Roaming\Mozilla\Firefox\Profiles\4rr3eg8j.default\
FF - prefs.js: network.proxy.gopher -
FF - prefs.js: network.proxy.gopher_port - 0
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
FF - ExtSQL: 2013-10-19 16:49; {4093c4de-454a-4329-8aff-c6b0b123c386}; C:\Users\TxnerT\AppData\Roaming\Mozilla\Firefox\Profiles\4rr3eg8j.default\extensions\{4093c4de-454a-4329-8aff-c6b0b123c386}.xpi
.
============= SERVICES / DRIVERS ===============
.
R0 amdkmpfd;AMD PCI Root Bus Lower Filter;C:\Windows\System32\drivers\amdkmpfd.sys [2013-7-13 35936]
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-9-2 192824]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-9-2 294712]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-8-20 123704]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-9-8 31544]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2013-5-7 20024]
R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\drivers\avgdiska.sys [2013-9-25 148792]
R1 Avgfwfd;AVG network filter service;C:\Windows\System32\drivers\avgfwd6a.sys [2012-9-4 57144]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-9-2 241464]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-9-2 212280]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-8-1 251192]
R2 AcuWVSSchedulerv8;Acunetix WVS Scheduler v8;C:\Program Files (x86)\Acunetix\Web Vulnerability Scanner 8\WVSScheduler.exe [2013-10-20 1006112]
R2 AlienFusionService;Alienware Fusion Service;C:\Program Files\Alienware\Command Center\AlienFusionService.exe [2010-5-21 14648]
R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [2013-9-25 1358944]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2013-10-3 3538480]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2013-9-25 301152]
R2 CustomSvc;Vista Session Launcher Service;C:\Program Files\OSD\Service1.exe [2013-3-19 13312]
R2 FAService;FAService;C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe [2010-4-4 2409800]
R2 RealtekCU;RealtekCU;C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtlService.exe [2013-3-25 36864]
R2 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-4-3 5087584]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2013-9-23 2099512]
R3 RtlWlanu;Realtek Wireless LAN 802.11n USB 2.0 Network Adapter;C:\Windows\System32\drivers\RTWlanU.sys [2013-8-9 2355416]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [2013-9-18 14112]
R3 WinRing0_1_2_0;WinRing0_1_2_0;C:\Program Files\OSD\WinRing0x64.sys [2013-3-19 14544]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
S3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;C:\Program Files\BitComet\tools\BitCometService.exe -service --> C:\Program Files\BitComet\tools\BitCometService.exe -service [?]
S3 cpudrv64;cpudrv64;C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [2011-6-2 17864]
S3 DrvAgent64;DrvAgent64;C:\Windows\SysWOW64\drivers\DrvAgent64.SYS [2013-7-13 21712]
S3 FACAP;facap, FastAccess Video Capture;C:\Windows\System32\drivers\facap.sys [2008-9-24 238848]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-2-11 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-2-11 180736]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-3-19 19456]
S3 Revoflt;Revoflt;C:\Windows\System32\drivers\revoflt.sys [2013-9-6 31800]
S3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter;C:\Windows\System32\drivers\RTL8192cu.sys [2013-3-26 806400]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-3-19 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-3-19 30208]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-3-19 1255736]
S4 IHA_MessageCenter;IHA_MessageCenter;C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [2012-8-3 350792]
S4 Seagate Dashboard Services;Seagate Dashboard Services;C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [2013-5-30 16000]
.
=============== Created Last 30 ================
.
2013-11-02 21:20:23 -------- d-----w- C:\Users\TxnerT\AppData\Roaming\Malwarebytes
2013-11-02 21:20:15 -------- d-----w- C:\ProgramData\Malwarebytes
2013-11-02 21:20:14 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-11-02 21:20:14 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-02 20:29:49 -------- d-----w- C:\AdwCleaner
2013-11-02 20:19:05 -------- d-----w- C:\Users\TxnerT\AppData\Local\Avg2014
2013-11-02 20:18:45 -------- d-----w- C:\Windows\7zSCC63.tmp
2013-11-02 19:02:08 -------- d-----w- C:\Users\TxnerT\AppData\Roaming\Explorer
2013-11-02 18:57:39 188416 ----a-r- C:\Users\TxnerT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\zpyemhvct.exe
2013-11-02 18:57:37 -------- d-sh--w- C:\Users\TxnerT\AppData\Roaming\msgr
2013-11-02 18:36:26 47 ----a-w- C:\Users\TxnerT\AppData\Roaming\r58Ies.tmp
2013-11-02 18:36:24 -------- d-----w- C:\Users\TxnerT\AppData\Roaming\vertex
2013-11-02 06:54:56 -------- d-----w- C:\Users\TxnerT\AppData\Local\BSQLGUI
2013-10-30 11:41:37 -------- d--h--w- C:\$AVG
2013-10-30 11:41:37 -------- d-----w- C:\ProgramData\AVG2014
2013-10-30 11:24:43 -------- d-----w- C:\Users\TxnerT\AppData\Roaming\TuneUp Software
2013-10-30 11:20:34 40248 ----a-w- C:\Windows\System32\TURegOpt.exe
2013-10-30 11:20:33 29496 ----a-w- C:\Windows\System32\authuitu.dll
2013-10-30 11:20:33 25400 ----a-w- C:\Windows\SysWow64\authuitu.dll
2013-10-30 11:20:16 -------- d-----w- C:\Users\TxnerT\AppData\Roaming\AVG
2013-10-30 11:19:47 -------- d-----w- C:\Program Files (x86)\AVG
2013-10-30 11:18:21 -------- d-----w- C:\ProgramData\AVG
2013-10-30 11:18:10 -------- d-sh--w- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2013-10-28 07:01:18 294912 ----a-w- C:\Windows\System32\browserchoice.exe
2013-10-27 07:00:33 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2013-10-26 07:21:40 -------- d-----w- C:\Users\TxnerT\AppData\Local\gtk-2.0
2013-10-26 07:21:22 -------- d-----w- C:\Users\TxnerT\.thumbnails
2013-10-26 07:20:12 -------- d-----w- C:\Users\TxnerT\AppData\Local\gegl-0.2
2013-10-26 07:20:12 -------- d-----w- C:\Users\TxnerT\.gimp-2.8
2013-10-26 06:30:32 -------- d-----w- C:\Program Files (x86)\GRETECH
2013-10-26 06:24:31 -------- d-----w- C:\Windows\SysWow64\Adobe
2013-10-26 06:02:49 -------- d-----w- C:\Users\TxnerT\AppData\Roaming\Serif
2013-10-25 04:03:38 -------- d-----w- C:\Program Files (x86)\VyprVPN
2013-10-25 03:32:40 -------- d-----w- C:\Program Files (x86)\Common Files\PC SOFT
2013-10-20 06:40:05 -------- d-----w- C:\BlindCat
2013-10-16 01:32:23 -------- d-----w- C:\ProgramData\Oracle
2013-10-16 01:32:09 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-16 01:23:02 -------- d-----w- C:\Users\TxnerT\.ssh
2013-10-16 01:23:01 -------- d-----w- C:\Users\TxnerT\.sshterm
2013-10-15 05:28:09 -------- d-----w- C:\Users\TxnerT\AppData\Local\4A Games
2013-10-11 23:21:51 -------- d-----w- C:\Users\TxnerT\AppData\Roaming\Mavituna Security Ltd
2013-10-10 09:33:50 633856 ----a-w- C:\Windows\System32\comctl32.dll
2013-10-09 20:29:13 -------- d-----w- C:\ProgramData\Citrix
2013-10-09 20:28:50 -------- d-----w- C:\Program Files (x86)\Citrix
2013-10-09 20:28:42 -------- d-----w- C:\Users\TxnerT\AppData\Local\Citrix
2013-10-09 20:28:41 103832 ----a-w- C:\Users\TxnerT\GoToAssistDownloadHelper.exe
2013-10-07 22:08:21 -------- d-----w- C:\ProgramData\Globalscape
2013-10-07 22:08:19 -------- d-----w- C:\Users\TxnerT\AppData\Local\Globalscape
2013-10-07 22:07:13 77824 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\engine\6\Intel 32\ctor.dll
2013-10-07 22:07:13 614532 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\engine\6\Intel 32\IKernel.exe
2013-10-07 22:07:13 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\engine\6\Intel 32\objectps.dll
2013-10-07 22:07:13 176128 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\engine\6\Intel 32\iuser.dll
2013-10-07 22:07:11 -------- d-----w- C:\Program Files (x86)\Globalscape
2013-10-05 19:04:46 -------- d-----w- C:\Users\TxnerT\AppData\Local\EA Games
.
==================== Find3M ====================
.
2013-10-26 06:21:09 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-26 06:21:09 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-09-26 13:44:54 57144 ----a-w- C:\Windows\System32\drivers\avgfwd6a.sys
2013-09-26 01:07:30 148792 ----a-w- C:\Windows\System32\drivers\avgdiska.sys
2013-09-22 23:28:06 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-09-22 23:27:49 2876928 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-09-22 23:27:48 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-09-22 23:27:48 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-09-22 22:55:10 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-09-22 22:54:51 3959296 ----a-w- C:\Windows\System32\jscript9.dll
2013-09-22 22:54:50 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-09-22 22:54:50 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-09-21 03:38:39 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-09-21 03:30:24 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-09-21 02:48:36 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-09-21 02:39:47 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-09-14 01:10:19 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
2013-09-09 03:56:19 282696 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2013-09-09 03:56:19 282696 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2013-09-09 03:40:09 282696 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2013-09-09 02:11:42 31544 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys
2013-09-08 02:30:37 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-09-08 02:27:14 327168 ----a-w- C:\Windows\System32\mswsock.dll
2013-09-08 02:03:58 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll
2013-09-02 14:59:14 212280 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
2013-09-02 14:29:18 294712 ----a-w- C:\Windows\System32\drivers\avgloga.sys
2013-09-02 14:26:50 192824 ----a-w- C:\Windows\System32\drivers\avgidsha.sys
2013-09-02 14:26:42 241464 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
2013-08-29 02:17:48 5549504 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-08-29 02:16:35 1732032 ----a-w- C:\Windows\System32\ntdll.dll
2013-08-29 02:16:28 243712 ----a-w- C:\Windows\System32\wow64.dll
2013-08-29 02:16:14 859648 ----a-w- C:\Windows\System32\tdh.dll
2013-08-29 02:13:28 878080 ----a-w- C:\Windows\System32\advapi32.dll
2013-08-29 01:51:45 3969472 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-08-29 01:51:45 3914176 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-08-29 01:50:31 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-08-29 01:50:30 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll
2013-08-29 01:50:16 619520 ----a-w- C:\Windows\SysWow64\tdh.dll
2013-08-29 01:48:17 640512 ----a-w- C:\Windows\SysWow64\advapi32.dll
2013-08-29 01:48:15 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2013-08-29 00:49:53 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-08-29 00:49:52 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-08-29 00:49:52 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-08-29 00:49:49 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-08-28 01:21:06 3155968 ----a-w- C:\Windows\System32\win32k.sys
2013-08-28 01:12:33 461312 ----a-w- C:\Windows\System32\scavengeui.dll
2013-08-21 02:53:58 123704 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys
2013-08-19 05:59:49 29800 ----a-w- C:\Windows\System32\drivers\nvsmu.sys
2013-08-19 05:59:49 239720 ----a-w- C:\Windows\System32\NVCOSMU.DLL
2013-08-19 05:57:27 96560 ----a-w- C:\Windows\System32\bcmwlcoi.dll
2013-08-19 05:57:27 6544080 ----a-w- C:\Windows\System32\drivers\BCMWL664.SYS
2013-08-19 05:57:27 4395520 ----a-w- C:\Windows\System32\bcmihvsrv64.dll
2013-08-19 05:57:27 3659264 ----a-w- C:\Windows\System32\bcmihvui64.dll
2013-08-09 05:13:08 2355416 ----a-w- C:\Windows\System32\drivers\RTWlanU.sys
2013-08-09 00:52:41 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2013-08-05 02:25:45 155584 ----a-w- C:\Windows\System32\drivers\ataport.sys
.
============= FINISH: 18:28:13.93 ===============
TxnerT
Active Member
 
Posts: 5
Joined: November 2nd, 2013, 11:09 pm
Advertisement
Register to Remove

Re: Weird Infection

Unread postby TxnerT » November 3rd, 2013, 4:48 pm

Please remove this post. thank you.
TxnerT
Active Member
 
Posts: 5
Joined: November 2nd, 2013, 11:09 pm

Re: Weird Infection

Unread postby deltalima » November 3rd, 2013, 5:19 pm

This topic is now locked.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 287 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware