Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

I think I'm infected help please

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

I think I'm infected help please

Unread postby rmrrar » December 10th, 2014, 9:09 am

Hello, I think I am infected with malware at least prolly more I don't no. I have noticed that when I go to restart my pc it always has background process that are running that I have to force closed. Also I have noticed odd email addresses in my that are remembered when I go to log onto my email and such. Thank you for any help. rmrrar.


DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17496
Run by Robert at 7:03:45 on 2014-12-10
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3836.2328 [GMT -6:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k HsfXAudioService
C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files\TOSHIBA\TECO\TecoService.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
C:\windows\system32\atieclxx.exe
C:\windows\system32\vssvc.exe
C:\windows\System32\svchost.exe -k swprv
C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\TOSHIBA\TECO\Teco.exe
C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\TOSHIBA\Toshiba App Place\ToshibaAppPlace.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\windows\system32\wbem\unsecapp.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://google.com/
uDefault_Page_URL = hxxp://start.toshiba.com/
uProxyOverride = <local>
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
mRun: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
mRun: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
mRun: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" UNATTENDED
mRun: [ToshibaAppPlace] "C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe"
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
dRunOnce: [SPReview] "C:\windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{01E389AE-F7B8-4E6A-98ED-E570511F399C} : DHCPNameServer = 192.168.1.254
SSODL: WebCheck - <orphaned>
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
x64-Run: [HSON] C:\Program Files (x86)\TOSHIBA\TBS\HSON.exe
x64-Run: [SmoothView] C:\Program Files (x86)\Toshiba\SmoothView\SmoothView.exe
x64-Run: [00TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
x64-Run: [Teco] "C:\Program Files (x86)\TOSHIBA\TECO\Teco.exe" /r
x64-Run: [TosWaitSrv] C:\Program Files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
x64-Run: [SmartFaceVWatcher] C:\Program Files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
x64-Run: [TosNC] C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exe
x64-Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\windows\System32\drivers\aswRvrt.sys [2014-9-19 65776]
R0 aswVmm;avast! VM Monitor;C:\windows\System32\drivers\aswVmm.sys [2014-9-19 267632]
R1 aswSnx;aswSnx;C:\windows\System32\drivers\aswsnx.sys [2014-9-19 1050432]
R1 aswSP;aswSP;C:\windows\System32\drivers\aswsp.sys [2014-9-19 436624]
R2 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2014-9-19 202752]
R2 aswHwid;avast! HardwareID;C:\windows\System32\drivers\aswHwid.sys [2014-9-19 29208]
R2 aswMonFlt;aswMonFlt;C:\windows\System32\drivers\aswMonFlt.sys [2014-9-19 83280]
R2 aswStm;aswStm;C:\windows\System32\drivers\aswStm.sys [2014-9-19 116728]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-11-26 50344]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]
R2 HsfXAudioService;HsfXAudioService;C:\windows\System32\svchost.exe -k HsfXAudioService [2009-7-13 27136]
R2 regi;regi;C:\windows\System32\drivers\regi.sys [2014-9-19 14112]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2010-4-6 258928]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\System32\drivers\TVALZFL.sys [2009-6-19 14472]
R2 VBoxAswDrv;VBoxAsw Support Driver;C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2014-11-26 271752]
R3 AvastVBoxSvc;AvastVBox COM Service;C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2014-11-26 4012248]
R3 CAXHWAZL;CAXHWAZL;C:\windows\System32\drivers\CAXHWAZL.sys [2009-2-12 292864]
R3 PGEffect;Pangu effect driver;C:\windows\System32\drivers\PGEffect.sys [2014-9-19 35008]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2014-9-19 325152]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\windows\System32\drivers\rtl8192ce.sys [2014-9-19 932384]
R3 Sftfs;Sftfs;C:\windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]
R3 Sftplay;Sftplay;C:\windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]
R3 Sftredir;Sftredir;C:\windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]
R3 Sftvol;Sftvol;C:\windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]
R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2014-9-19 54136]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560]
R3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2010-2-23 835952]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 Norton PC Checkup Application Launcher;Toshiba Laptop Checkup Application Launcher;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\SymcPCCULaunchSvc.exe /s --> C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\SymcPCCULaunchSvc.exe [?]
S2 PCCUJobMgr;Common Client Job Manager Service;"C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe" /s "PCCUJobMgr" /m "C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\diMaster.dll" /prefetch:1 --> C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe [?]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2014-12-9 114688]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2014-9-19 232992]
S3 SrvHsfHDA;SrvHsfHDA;C:\windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 taphss6;Anchorfree HSS VPN Adapter;C:\windows\System32\drivers\taphss6.sys [2014-5-16 42184]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2014-9-21 59392]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2014-9-24 1255736]
.
=============== Created Last 30 ================
.
2014-12-10 09:14:55 -------- d-----w- C:\windows\System32\appraiser
2014-12-10 09:01:48 55808 ----a-w- C:\windows\System32\rrinstaller.exe
2014-12-10 09:01:48 24576 ----a-w- C:\windows\System32\mfpmp.exe
2014-12-10 09:01:48 23040 ----a-w- C:\windows\SysWow64\mfpmp.exe
2014-12-10 09:01:48 2048 ----a-w- C:\windows\SysWow64\mferror.dll
2014-12-10 09:01:48 2048 ----a-w- C:\windows\System32\mferror.dll
2014-12-10 09:01:47 50176 ----a-w- C:\windows\SysWow64\rrinstaller.exe
2014-12-10 09:01:47 3209728 ----a-w- C:\windows\SysWow64\mf.dll
2014-12-10 09:01:47 206848 ----a-w- C:\windows\System32\mfps.dll
2014-12-10 09:01:47 103424 ----a-w- C:\windows\SysWow64\mfps.dll
2014-12-10 09:01:46 4121600 ----a-w- C:\windows\System32\mf.dll
2014-12-10 05:50:05 -------- d-----w- C:\Users\Robert\AppData\Local\Deployment
2014-12-10 05:50:05 -------- d-----w- C:\Users\Robert\AppData\Local\Apps
2014-12-10 04:51:59 742400 ----a-w- C:\Program Files\Internet Explorer\ieproxy.dll
2014-12-10 04:48:06 11632448 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{040CCE9A-DFF1-4FCF-B2EA-34E058F722A2}\mpengine.dll
2014-11-26 15:20:41 -------- d-----w- C:\windows\SysWow64\vbox
2014-11-26 15:20:39 -------- d-----w- C:\windows\System32\vbox
2014-11-26 15:09:07 43152 ----a-w- C:\windows\avastSS.scr
2014-11-23 05:03:38 -------- d-----w- C:\Users\Robert\AppData\Roaming\PFStaticIP
2014-11-23 05:01:36 -------- d-----w- C:\Users\Robert\AppData\Roaming\PortForward.com
2014-11-23 05:01:17 -------- d-----w- C:\Users\Robert\AppData\Local\Downloaded Installations
2014-11-18 23:00:32 728064 ----a-w- C:\windows\System32\kerberos.dll
2014-11-18 23:00:32 241152 ----a-w- C:\windows\System32\pku2u.dll
2014-11-18 23:00:32 186880 ----a-w- C:\windows\SysWow64\pku2u.dll
2014-11-18 23:00:31 550912 ----a-w- C:\windows\SysWow64\kerberos.dll
2014-11-15 16:54:02 -------- d-----w- C:\Users\Robert\AppData\Local\ElevatedDiagnostics
2014-11-15 16:36:10 -------- d-sh--w- C:\Users\Robert\AppData\Local\EmieBrowserModeList
2014-11-12 06:32:48 683520 ----a-w- C:\windows\System32\termsrv.dll
2014-11-12 06:32:48 681984 ----a-w- C:\windows\System32\adtschema.dll
2014-11-12 06:32:48 155064 ----a-w- C:\windows\System32\drivers\ksecpkg.sys
2014-11-12 06:32:47 681984 ----a-w- C:\windows\SysWow64\adtschema.dll
2014-11-12 06:32:47 22016 ----a-w- C:\windows\SysWow64\secur32.dll
2014-11-12 06:32:47 146432 ----a-w- C:\windows\SysWow64\msaudite.dll
2014-11-12 06:32:47 146432 ----a-w- C:\windows\System32\msaudite.dll
2014-11-12 06:32:47 1460736 ----a-w- C:\windows\System32\lsasrv.dll
2014-11-12 06:32:45 96768 ----a-w- C:\windows\SysWow64\sspicli.dll
2014-11-11 11:24:18 195272 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\LICLUA.EXE
.
==================== Find3M ====================
.
2014-12-04 02:50:55 413184 ----a-w- C:\windows\System32\generaltel.dll
2014-12-04 02:50:45 741376 ----a-w- C:\windows\System32\invagent.dll
2014-12-04 02:50:40 396800 ----a-w- C:\windows\System32\devinv.dll
2014-12-04 02:50:38 830976 ----a-w- C:\windows\System32\appraiser.dll
2014-12-04 02:50:37 227328 ----a-w- C:\windows\System32\aepdu.dll
2014-12-04 02:50:37 192000 ----a-w- C:\windows\System32\aepic.dll
2014-12-04 02:44:48 1083392 ----a-w- C:\windows\System32\aeinv.dll
2014-12-01 23:28:44 1232040 ----a-w- C:\windows\System32\aitstatic.exe
2014-11-26 15:09:46 1050432 ----a-w- C:\windows\System32\drivers\aswsnx.sys
2014-11-26 15:09:12 65776 ----a-w- C:\windows\System32\drivers\aswRvrt.sys
2014-11-26 15:09:12 267632 ----a-w- C:\windows\System32\drivers\aswVmm.sys
2014-11-26 15:09:12 116728 ----a-w- C:\windows\System32\drivers\aswStm.sys
2014-11-26 15:09:11 93568 ----a-w- C:\windows\System32\drivers\aswRdr2.sys
2014-11-26 15:09:11 83280 ----a-w- C:\windows\System32\drivers\aswMonFlt.sys
2014-11-26 15:09:11 29208 ----a-w- C:\windows\System32\drivers\aswHwid.sys
2014-11-22 03:06:23 2724864 ----a-w- C:\windows\System32\mshtml.tlb
2014-11-22 03:06:11 4096 ----a-w- C:\windows\System32\ieetwcollectorres.dll
2014-11-22 02:50:39 66560 ----a-w- C:\windows\System32\iesetup.dll
2014-11-22 02:50:10 580096 ----a-w- C:\windows\System32\vbscript.dll
2014-11-22 02:49:54 48640 ----a-w- C:\windows\System32\ieetwproxystub.dll
2014-11-22 02:48:20 88064 ----a-w- C:\windows\System32\MshtmlDac.dll
2014-11-22 02:35:43 144384 ----a-w- C:\windows\System32\ieUnatt.exe
2014-11-22 02:35:29 114688 ----a-w- C:\windows\System32\ieetwcollector.exe
2014-11-22 02:34:51 814080 ----a-w- C:\windows\System32\jscript9diag.dll
2014-11-22 02:34:07 6039552 ----a-w- C:\windows\System32\jscript9.dll
2014-11-22 02:26:31 968704 ----a-w- C:\windows\System32\MsSpellCheckingFacility.exe
2014-11-22 02:20:44 2724864 ----a-w- C:\windows\SysWow64\mshtml.tlb
2014-11-22 02:14:16 77824 ----a-w- C:\windows\System32\JavaScriptCollectionAgent.dll
2014-11-22 02:07:43 501248 ----a-w- C:\windows\SysWow64\vbscript.dll
2014-11-22 02:07:17 62464 ----a-w- C:\windows\SysWow64\iesetup.dll
2014-11-22 02:06:32 47616 ----a-w- C:\windows\SysWow64\ieetwproxystub.dll
2014-11-22 02:05:02 64000 ----a-w- C:\windows\SysWow64\MshtmlDac.dll
2014-11-22 01:55:16 115712 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2014-11-22 01:54:30 620032 ----a-w- C:\windows\SysWow64\jscript9diag.dll
2014-11-22 01:47:10 1359360 ----a-w- C:\windows\System32\mshtmlmedia.dll
2014-11-22 01:46:58 2125312 ----a-w- C:\windows\System32\inetcpl.cpl
2014-11-22 01:40:04 60416 ----a-w- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-22 01:29:26 4299264 ----a-w- C:\windows\SysWow64\jscript9.dll
2014-11-22 01:28:21 2358272 ----a-w- C:\windows\System32\wininet.dll
2014-11-22 01:22:49 2052096 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2014-11-22 01:21:57 1155072 ----a-w- C:\windows\SysWow64\mshtmlmedia.dll
2014-11-22 01:00:20 1888256 ----a-w- C:\windows\SysWow64\wininet.dll
2014-11-11 03:09:06 1424384 ----a-w- C:\windows\System32\WindowsCodecs.dll
2014-11-11 02:44:45 1230336 ----a-w- C:\windows\SysWow64\WindowsCodecs.dll
2014-11-11 01:46:26 119296 ----a-w- C:\windows\System32\drivers\tdx.sys
2014-11-08 03:16:08 2048 ----a-w- C:\windows\System32\tzres.dll
2014-11-08 02:45:09 2048 ----a-w- C:\windows\SysWow64\tzres.dll
2014-11-04 20:30:58 275080 ------w- C:\windows\System32\MpSigStub.exe
2014-10-30 02:04:21 1480192 ----a-w- C:\windows\System32\crypt32.dll
2014-10-30 02:03:43 165888 ----a-w- C:\windows\System32\charmap.exe
2014-10-30 01:46:24 1174528 ----a-w- C:\windows\SysWow64\crypt32.dll
2014-10-30 01:45:43 155136 ----a-w- C:\windows\SysWow64\charmap.exe
2014-10-25 01:57:59 77824 ----a-w- C:\windows\System32\packager.dll
2014-10-25 01:32:37 67584 ----a-w- C:\windows\SysWow64\packager.dll
2014-10-18 02:05:23 861696 ----a-w- C:\windows\System32\oleaut32.dll
2014-10-18 01:33:18 571904 ----a-w- C:\windows\SysWow64\oleaut32.dll
2014-10-14 02:13:00 3241984 ----a-w- C:\windows\System32\msi.dll
2014-10-14 01:50:41 2363904 ----a-w- C:\windows\SysWow64\msi.dll
2014-10-10 00:57:42 3198976 ----a-w- C:\windows\System32\win32k.sys
2014-10-03 02:12:23 310272 ----a-w- C:\windows\System32\WsmWmiPl.dll
2014-10-03 02:12:23 2020352 ----a-w- C:\windows\System32\WsmSvc.dll
2014-10-03 02:12:22 346624 ----a-w- C:\windows\System32\WSManMigrationPlugin.dll
2014-10-03 02:12:22 181248 ----a-w- C:\windows\System32\WsmAuto.dll
2014-10-03 02:12:00 500224 ----a-w- C:\windows\System32\AUDIOKSE.dll
2014-10-03 02:11:54 284672 ----a-w- C:\windows\System32\EncDump.dll
2014-10-03 02:11:51 680960 ----a-w- C:\windows\System32\audiosrv.dll
2014-10-03 02:11:51 440832 ----a-w- C:\windows\System32\AudioEng.dll
2014-10-03 02:11:51 296448 ----a-w- C:\windows\System32\AudioSes.dll
2014-10-03 02:11:49 266240 ----a-w- C:\windows\System32\WSManHTTPConfig.exe
2014-10-03 01:45:03 248832 ----a-w- C:\windows\SysWow64\WSManMigrationPlugin.dll
2014-10-03 01:45:03 214016 ----a-w- C:\windows\SysWow64\WsmWmiPl.dll
2014-10-03 01:45:03 145920 ----a-w- C:\windows\SysWow64\WsmAuto.dll
2014-10-03 01:45:03 1177088 ----a-w- C:\windows\SysWow64\WsmSvc.dll
2014-10-03 01:44:42 442880 ----a-w- C:\windows\SysWow64\AUDIOKSE.dll
2014-10-03 01:44:26 374784 ----a-w- C:\windows\SysWow64\AudioEng.dll
2014-10-03 01:44:26 195584 ----a-w- C:\windows\SysWow64\AudioSes.dll
2014-10-03 01:44:25 198656 ----a-w- C:\windows\SysWow64\WSManHTTPConfig.exe
2014-09-26 19:19:01 878080 ----a-w- C:\windows\System32\advapi32.dll
2014-09-26 19:19:01 859648 ----a-w- C:\windows\System32\tdh.dll
2014-09-26 19:19:01 640512 ----a-w- C:\windows\SysWow64\advapi32.dll
2014-09-26 19:19:01 619520 ----a-w- C:\windows\SysWow64\tdh.dll
2014-09-26 19:19:01 1732032 ----a-w- C:\windows\System32\ntdll.dll
2014-09-26 19:19:01 1292192 ----a-w- C:\windows\SysWow64\ntdll.dll
2014-09-26 19:18:15 327168 ----a-w- C:\windows\System32\mswsock.dll
2014-09-26 19:18:15 231424 ----a-w- C:\windows\SysWow64\mswsock.dll
2014-09-26 19:12:29 1887232 ----a-w- C:\windows\System32\d3d11.dll
2014-09-26 19:12:29 1505280 ----a-w- C:\windows\SysWow64\d3d11.dll
2014-09-25 02:08:38 371712 ----a-w- C:\windows\System32\qdvd.dll
2014-09-25 01:40:50 519680 ----a-w- C:\windows\SysWow64\qdvd.dll
2014-09-22 11:33:44 152576 ----a-w- C:\windows\SysWow64\msclmd.dll
2014-09-22 11:33:43 175616 ----a-w- C:\windows\System32\msclmd.dll
2014-09-20 01:01:42 0 ----a-w- C:\windows\ativpsrm.bin
2014-09-19 09:42:52 210944 ----a-w- C:\windows\System32\wdigest.dll
2014-09-19 09:42:51 86528 ----a-w- C:\windows\System32\TSpkg.dll
2014-09-19 09:42:49 342016 ----a-w- C:\windows\System32\schannel.dll
2014-09-19 09:42:47 314880 ----a-w- C:\windows\System32\msv1_0.dll
2014-09-19 09:42:47 309760 ----a-w- C:\windows\System32\ncrypt.dll
2014-09-19 09:42:41 22016 ----a-w- C:\windows\System32\credssp.dll
2014-09-19 09:23:55 172032 ----a-w- C:\windows\SysWow64\wdigest.dll
2014-09-19 09:23:52 65536 ----a-w- C:\windows\SysWow64\TSpkg.dll
.
============= FINISH: 7:04:14.48 ===============


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 9/19/2014 6:41:57 PM
System Uptime: 12/10/2014 3:16:01 AM (4 hours ago)
.
Motherboard: TOSHIBA | | NALAE
Processor: AMD Turion(tm) II P540 Dual-Core Processor | Socket M2/S1G1 | 2400/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 286 GiB total, 207.614 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP42: 11/11/2014 2:15:59 AM - Windows Update
RP43: 11/12/2014 3:00:20 AM - Windows Update
RP44: 11/18/2014 2:14:48 AM - Windows Update
RP45: 11/18/2014 4:02:07 AM - Removed Toshiba Book Place
RP46: 11/19/2014 3:00:19 AM - Windows Update
RP47: 11/25/2014 5:54:56 AM - Windows Update
RP48: 11/26/2014 8:52:07 AM - avast! antivirus system restore point
RP49: 12/2/2014 6:35:13 AM - Windows Update
RP50: 12/9/2014 10:46:59 PM - Windows Update
RP51: 12/10/2014 3:00:14 AM - Windows Update
.
==== Installed Programs ======================
.
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.3
ATI Catalyst Install Manager
Avast Free Antivirus
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center Localization All
ccc-core-static
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Corel WinDVD
Google Chrome
Google Update Helper
HDAUDIO Soft Data Fax Modem with SmartCP
Java(TM) 6 Update 17
Label@Once 1.0
Microsoft .NET Framework 4.5.1
Microsoft Office 2010
Microsoft Office Click-to-Run 2010
Microsoft Office Starter 2010 - English
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
MSXML 4.0 SP3 Parser (KB2758694)
MSXML 4.0 SP3 Parser (KB973685)
PlayReady PC Runtime amd64
Quickbooks Financial Center
Realtek Ethernet Controller Driver For Windows 7
Realtek HDMI Audio Driver for ATI
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
Realtek WLAN Driver
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)
Security Update for Microsoft .NET Framework 4.5.1 (KB2978128)
Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)
Skype Launcher
Synaptics Pointing Device Driver
Toshiba App Place
TOSHIBA Application Installer
TOSHIBA Assist
TOSHIBA Bulletin Board
TOSHIBA Disc Creator
TOSHIBA eco Utility
TOSHIBA Face Recognition
TOSHIBA Flash Cards Support Utility
TOSHIBA Hardware Setup
TOSHIBA HDD/SSD Alert
Toshiba Laptop Checkup
TOSHIBA Media Controller
TOSHIBA Media Controller Plug-in
Toshiba Online Backup
TOSHIBA PC Health Monitor
TOSHIBA Quality Application
TOSHIBA Recovery Media Creator
TOSHIBA ReelTime
TOSHIBA Service Station
TOSHIBA Supervisor Password
TOSHIBA Value Added Package
TOSHIBA Web Camera Application
ToshibaRegistration
Utility Common Driver
V.92 Modem On Hold
.
==== Event Viewer Messages From Past Week ========
.
12/8/2014 11:18:04 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR2.
12/8/2014 11:17:05 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.
12/10/2014 3:20:30 AM, Error: Service Control Manager [7023] - The Windows Defender service terminated with the following error: %%-2147023113
12/10/2014 3:17:21 AM, Error: Service Control Manager [7000] - The Toshiba Laptop Checkup Application Launcher service failed to start due to the following error: The system cannot find the file specified.
12/10/2014 3:17:21 AM, Error: Service Control Manager [7000] - The Common Client Job Manager Service service failed to start due to the following error: The system cannot find the file specified.
.
==== End Of File ===========================
rmrrar
Regular Member
 
Posts: 105
Joined: May 19th, 2013, 8:09 am
Advertisement
Register to Remove

Re: I think I'm infected help please

Unread postby Gary R » December 10th, 2014, 10:35 am

Double post .... viewtopic.php?f=11&t=63325

This topic is closed.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 119 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware