Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Board index Malware Removal ForumsInfected? Virus, malware, adware, ransomware, oh my!

Melware and others

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.
Topic locked

Melware and others

Unread postby JohnIDK » December 14th, 2013, 10:04 am

did use K but no longer. Delated. But know Welware and others.

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 8.0.7601.17514
Run by AMD at 7:40:49 on 2013-12-14
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.4093.2424 [GMT -6:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\D-Link\DWA-121 revA\ANIWConnService.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\D-Link\DWA-121 revA\AirNCFG.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\taskhost.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe
C:\Program Files (x86)\Secunia\PSI\PSIA.exe
C:\Program Files (x86)\Secunia\PSI\PSI_TRAY.exe
C:\Program Files (x86)\Secunia\PSI\sua.exe
C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\BitTorrent Sync\BTSync.exe
c:\prf578~1\optimi~1\OptProCrash.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\ProgramData\Updater\Updater.exe
C:\ProgramData\RHelpers\ChromeHelper\ChromeHelper.exe
C:\ProgramData\RHelpers\FirefoxHelper\FirefoxHelper.exe
C:\ProgramData\RHelpers\IeHelper\IeHelper.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
C:\Windows\system32\notepad.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\explorer.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.findwide.com/?guid={311554F3-C832-449A-827D-7659A4068DAC}&serpv=22
uDefault_Page_URL = hxxp://search.findwide.com/?guid={311554F3-C832-449A-827D-7659A4068DAC}&serpv=22
mWinlogon: Userinit = userinit.exe
BHO: TidyNetwork: {37F59143-6C43-3C2F-DFDE-75850C5D17E9} - C:\Program Files (x86)\TidyNetwork\petn.dll
BHO: Tube Dimmer: {44ed99e2-16a6-4b89-80d6-5b21cf42e78b} - C:\ProgramData\TubeDimmer\IE\common.dll
BHO: MyWordTool: {45470599-8237-486D-87B5-E89CD6AED154} - C:\Users\AMD\AppData\Roaming\MyWordTool\temp.dat
TB: FindWide Toolbar: {2579646A-9CB3-4AEE-A94E-9FFF8815D28D} - C:\Users\AMD\AppData\Local\TNT2\Profiles\10743\passport.dll
TB: FindWide Toolbar: {2579646A-9CB3-4AEE-A94E-9FFF8815D28D} - C:\Users\AMD\AppData\Local\TNT2\Profiles\10743\passport.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [BitTorrent Sync] "C:\Program Files (x86)\BitTorrent Sync\BTSync.exe" /MINIMIZED
uRun: [Optimizer Pro] C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe
uRun: [Updater] C:\ProgramData\Updater\Updater.exe
uRun: [KSS] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe" /autorun
mRun: [D-Link D-Link DWA-121] C:\Program Files (x86)\D-Link\DWA-121 revA\AirNCFG.exe
mRun: [Updater] C:\ProgramData\Updater\Updater.exe
StartupFolder: C:\PRB5D9~1\MICROS~1\Windows\STARTM~1\Programs\Startup\SECUNI~1.LNK - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:221
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/s ... wflash.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{2101A8BC-B32D-41B9-8CFE-285C2313FE02} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{2101A8BC-B32D-41B9-8CFE-285C2313FE02}\E4F4B4941402C457D6961602932303F523536353 : DHCPNameServer = 192.168.137.1
TCP: Interfaces\{94E5D300-4038-4EC1-9C9D-A10AE3A7FB7C} : DHCPNameServer = 192.168.0.1
AppInit_DLLs= c:\prf578~1\optimi~1\optpro~1.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: TidyNetwork: {37F59143-6C43-3C2F-DFDE-75850C5D17E9} - C:\Program Files (x86)\TidyNetwork\petn64.dll
x64-TB: FindWide Toolbar: {2579646A-9CB3-4AEE-A94E-9FFF8815D28D} - C:\Users\AMD\AppData\Local\TNT2\Profiles\10743\passport64.dll
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-9-27 248240]
R1 anodlwf;ANOD Network Security Filter driver;C:\Windows\System32\drivers\anodlwfx.sys [2013-11-30 15872]
R2 70e6ca8c;Optimizer Pro Crash Monitor;C:\prf578~1\optimi~1\OptProCrash.exe [2013-12-13 143488]
R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2008-12-19 759072]
R2 D_Link_DWA-121_WPS;D_Link_DWA-121_WPS Service;C:\Program Files (x86)\D-Link\DWA-121 revA\ANIWConnService.exe [2013-11-30 53248]
R2 KSS;Kaspersky Security Scan Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [2012-12-7 202328]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-9-27 134944]
R2 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2013-11-4 1228504]
R2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2013-11-4 660184]
R3 DRTL8192cu;D-Link DWA Wireless N USB Adapter;C:\Windows\System32\drivers\RTL8192cu.sys [2013-11-30 748648]
R3 MHIKEY10;MHIKEY10;C:\Windows\System32\drivers\MHIKEY10x64.sys [2010-9-15 60288]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]
R3 PSI;PSI;C:\Windows\System32\drivers\psi_mf_amd64.sys [2013-11-4 18456]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-6-10 187392]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-8 123856]
S2 WiseBootAssistant;Wise Boot Assistant;C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [2013-12-13 580232]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2013-11-30 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
.
=============== Created Last 30 ================
.
2013-12-14 06:59:10 -------- d-----w- C:\ProgramData\Kaspersky Lab
2013-12-14 06:59:10 -------- d-----w- C:\Program Files (x86)\Kaspersky Lab
2013-12-14 06:07:58 75888 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{57BAD1DD-FAF3-4265-8F8A-CA0268E8FEFA}\offreg.dll
2013-12-14 06:07:11 10285968 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{57BAD1DD-FAF3-4265-8F8A-CA0268E8FEFA}\mpengine.dll
2013-12-14 05:51:23 -------- d-----w- C:\Users\AMD\AppData\Local\ABBYY
2013-12-14 05:48:07 -------- d-----w- C:\Program Files (x86)\ABBYY FineReader 9.0 Express Edition
2013-12-14 05:48:06 -------- d-----w- C:\ProgramData\ABBYY
2013-12-14 05:48:06 -------- d-----w- C:\Program Files (x86)\Common Files\ABBYY
2013-12-14 05:37:15 17408 ----a-w- C:\Windows\System32\esxcdev.dll
2013-12-14 05:37:15 128392 ----a-w- C:\Windows\System32\esdevapp.exe
2013-12-14 05:37:14 84992 ----a-w- C:\Windows\System32\esxwia8b.dll
2013-12-14 05:37:14 65793 ----a-w- C:\Windows\System32\esfw8b.bin
2013-12-14 05:37:14 4608 ----a-w- C:\Windows\System32\esxwiaml.dll
2013-12-14 05:37:14 207360 ----a-w- C:\Windows\System32\esxuin8b.dll
2013-12-14 05:37:14 204800 ----a-w- C:\Windows\SysWow64\esint8b.dll
2013-12-14 05:37:14 -------- d-----w- C:\Program Files (x86)\epson
2013-12-14 02:55:15 -------- d-----w- C:\ProgramData\Longbow Digital Arts
2013-12-14 02:38:51 -------- d-----w- C:\Users\AMD\AppData\Roaming\IrfanView
2013-12-14 02:38:49 -------- d-----w- C:\Program Files (x86)\IrfanView
2013-12-14 02:32:52 -------- d-----w- C:\Users\AMD\AppData\Roaming\LibreOffice
2013-12-14 02:31:02 -------- d-----w- C:\Program Files (x86)\LibreOffice 4
2013-12-14 02:21:54 -------- d-----w- C:\Users\AMD\AppData\Roaming\OpenOffice
2013-12-14 02:20:09 -------- d-----w- C:\Program Files (x86)\OpenOffice 4
2013-12-13 22:55:49 -------- d-----w- C:\Users\AMD\AppData\Roaming\Optimizer Pro
2013-12-13 22:52:32 -------- d-----w- C:\Users\AMD\AppData\Roaming\Maxthon3
2013-12-13 22:52:16 -------- d-----w- C:\Program Files (x86)\Maxthon
2013-12-13 22:50:54 -------- d-----w- C:\ProgramData\RHelpers
2013-12-13 22:50:53 -------- d-----w- C:\ProgramData\Updater
2013-12-13 22:50:51 -------- d-----w- C:\ProgramData\TubeDimmer
2013-12-13 22:50:39 -------- d-----w- C:\Users\AMD\AppData\Local\TNT2
2013-12-13 22:50:30 -------- d-----w- C:\Program Files (x86)\Optimizer Pro
2013-12-13 22:50:11 -------- d-----w- C:\Users\AMD\AppData\Roaming\MyWordTool
2013-12-13 22:50:09 -------- d-----w- C:\Users\AMD\AppData\Local\TidyNetwork
2013-12-13 22:50:09 -------- d-----w- C:\Program Files (x86)\TidyNetwork
2013-12-13 22:39:30 -------- d-----w- C:\Users\AMD\Sync
2013-12-13 22:39:01 -------- d-----w- C:\Program Files (x86)\BitTorrent Sync
2013-12-13 22:38:41 -------- d-----w- C:\Users\AMD\AppData\Roaming\BitTorrent Sync
2013-12-13 22:33:25 -------- d-----w- C:\Users\AMD\AppData\Local\Google
2013-12-13 22:33:08 -------- d-----w- C:\Users\AMD\AppData\Local\Apps
2013-12-13 22:33:07 -------- d-----w- C:\Users\AMD\AppData\Local\Deployment
2013-12-13 22:24:27 -------- d-----w- C:\Users\AMD\AppData\Local\Microsoft Games
2013-12-13 22:23:55 -------- d-----w- C:\Program Files\Microsoft Games
2013-12-13 22:22:16 -------- d-----w- C:\Windows\System32\appmgmt
2013-12-13 20:50:15 -------- d-----w- C:\Users\AMD\AppData\Local\Secunia PSI
2013-12-13 20:50:05 -------- d-----w- C:\Program Files (x86)\Secunia
2013-12-13 20:47:56 -------- d-----w- C:\Users\AMD\AppData\Local\Diagnostics
2013-12-13 18:55:15 -------- d-----w- C:\Users\AMD\AppData\Roaming\2BrightSparks
2013-12-13 18:55:03 -------- d-----w- C:\Users\AMD\AppData\Local\2BrightSparks
2013-12-13 18:55:00 -------- d-----w- C:\Program Files (x86)\2BrightSparks
2013-12-13 18:25:27 -------- d-----w- C:\Users\AMD\AppData\Roaming\Wise Care 365
2013-12-13 18:24:52 -------- d-----w- C:\Program Files (x86)\Wise
2013-12-13 18:24:25 -------- d-----w- C:\Users\AMD\AppData\Local\Programs
2013-12-13 18:22:55 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-13 18:22:55 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-12-13 17:58:19 965000 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{98263B45-CAF7-4CA9-A194-F3401C8F3289}\gapaengine.dll
2013-12-13 17:58:14 10285968 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-12-13 17:56:50 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2013-12-13 17:56:47 -------- d-----w- C:\Program Files\Microsoft Security Client
2013-12-13 17:17:30 8199504 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2013-12-13 17:17:26 10285968 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D4BEFFED-B898-4B95-9C28-16842397587C}\mpengine.dll
2013-12-13 17:12:07 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2013-12-10 22:01:20 36864 ----a-w- C:\Windows\System32\wuapp.exe
2013-12-10 22:01:20 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2013-12-01 16:37:12 -------- d-sh--w- C:\Windows\Installer
2013-12-01 16:24:20 124112 ----a-w- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2013-12-01 16:24:20 102608 ----a-w- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2013-12-01 03:53:54 96768 ----a-w- C:\Windows\System32\fsutil.exe
2013-12-01 03:53:54 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe
2013-12-01 03:53:52 27008 ----a-w- C:\Windows\System32\drivers\amdxata.sys
2013-12-01 03:53:52 2565632 ----a-w- C:\Windows\System32\esent.dll
2013-12-01 03:53:52 1699328 ----a-w- C:\Windows\SysWow64\esent.dll
2013-12-01 03:53:52 107904 ----a-w- C:\Windows\System32\drivers\amdsata.sys
2013-12-01 03:53:49 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys
2013-12-01 03:53:49 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys
2013-12-01 03:53:49 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys
2013-12-01 03:51:39 9216 ----a-w- C:\Windows\SysWow64\ftlx0411.dll
2013-12-01 03:51:39 9216 ----a-w- C:\Windows\System32\ftlx0411.dll
2013-12-01 03:51:39 296960 ----a-w- C:\Windows\winhlp32.exe
2013-12-01 03:51:39 195072 ----a-w- C:\Windows\SysWow64\ftsrch.dll
2013-12-01 03:51:39 195072 ----a-w- C:\Windows\System32\ftsrch.dll
2013-12-01 03:51:39 10240 ----a-w- C:\Windows\SysWow64\ftlx041e.dll
2013-12-01 03:51:39 10240 ----a-w- C:\Windows\System32\ftlx041e.dll
2013-12-01 03:49:35 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll
2013-12-01 03:49:34 496128 ----a-w- C:\Windows\System32\drivers\afd.sys
2013-12-01 03:49:34 376768 ----a-w- C:\Windows\System32\drivers\netio.sys
2013-12-01 03:49:34 327168 ----a-w- C:\Windows\System32\mswsock.dll
2013-12-01 03:49:34 288192 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2013-12-01 03:49:34 1896896 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-12-01 03:41:43 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2013-12-01 03:41:43 2048 ----a-w- C:\Windows\System32\tzres.dll
2013-12-01 03:39:54 155584 ----a-w- C:\Windows\System32\drivers\ataport.sys
2013-12-01 03:37:37 461312 ----a-w- C:\Windows\System32\scavengeui.dll
2013-12-01 03:35:22 141824 ----a-w- C:\Windows\System32\drivers\mrxdav.sys
2013-12-01 03:35:21 89088 ----a-w- C:\Windows\SysWow64\davclnt.dll
2013-12-01 03:35:21 264704 ----a-w- C:\Windows\System32\WebClnt.dll
2013-12-01 03:35:21 209408 ----a-w- C:\Windows\SysWow64\WebClnt.dll
2013-12-01 03:35:21 110592 ----a-w- C:\Windows\System32\davclnt.dll
2013-12-01 03:33:11 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2013-12-01 03:33:11 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2013-12-01 03:31:02 800768 ----a-w- C:\Windows\System32\usp10.dll
2013-12-01 03:31:02 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
2013-12-01 03:24:17 48640 ----a-w- C:\Windows\System32\wwanprotdim.dll
2013-12-01 03:24:17 230400 ----a-w- C:\Windows\System32\wwansvc.dll
2013-12-01 03:21:47 30720 ----a-w- C:\Windows\System32\cryptdlg.dll
2013-12-01 03:21:47 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll
2013-12-01 03:19:41 223752 ----a-w- C:\Windows\System32\drivers\fvevol.sys
2013-12-01 03:17:27 111976 ----a-w- C:\Windows\System32\consent.exe
2013-12-01 03:17:16 70656 ----a-w- C:\Windows\System32\appinfo.dll
2013-12-01 03:17:11 1931776 ----a-w- C:\Windows\System32\authui.dll
2013-12-01 03:17:11 1796096 ----a-w- C:\Windows\SysWow64\authui.dll
2013-12-01 03:13:07 68608 ----a-w- C:\Windows\System32\taskhost.exe
2013-12-01 03:07:47 55296 ----a-w- C:\Windows\SysWow64\cero.rs
2013-12-01 03:06:53 30720 ----a-w- C:\Windows\SysWow64\usk.rs
2013-12-01 03:06:53 30720 ----a-w- C:\Windows\System32\usk.rs
2013-12-01 03:06:47 441856 ----a-w- C:\Windows\System32\Wpc.dll
2013-12-01 03:06:46 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll
2013-12-01 03:01:14 45568 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys
2013-12-01 03:01:13 18944 ----a-w- C:\Windows\SysWow64\netevent.dll
2013-12-01 03:01:13 18944 ----a-w- C:\Windows\System32\netevent.dll
2013-12-01 03:01:06 569344 ----a-w- C:\Windows\System32\iphlpsvc.dll
2013-12-01 03:01:06 246272 ----a-w- C:\Windows\System32\netcorehc.dll
2013-12-01 03:01:06 175104 ----a-w- C:\Windows\SysWow64\netcorehc.dll
2013-12-01 02:59:17 503808 ----a-w- C:\Windows\System32\srcore.dll
2013-12-01 02:59:17 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
2013-12-01 02:56:07 245760 ----a-w- C:\Windows\System32\OxpsConverter.exe
2013-12-01 02:53:14 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2013-12-01 02:52:25 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2013-12-01 02:52:24 362496 ----a-w- C:\Windows\System32\wow64win.dll
2013-12-01 02:50:36 302080 ----a-w- C:\Windows\lwd.exe
2013-12-01 02:50:24 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys
2013-12-01 02:50:23 41472 ----a-w- C:\Windows\System32\drivers\RNDISMP.sys
2013-12-01 02:49:59 1887232 ----a-w- C:\Windows\System32\d3d11.dll
2013-12-01 02:49:59 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll
2013-12-01 02:48:38 366592 ----a-w- C:\Windows\System32\qdvd.dll
2013-12-01 02:48:37 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2013-12-01 02:48:31 15872 ----a-w- C:\Windows\System32\drivers\anodlwfx.sys
2013-12-01 02:48:28 748648 ----a-w- C:\Windows\System32\drivers\RTL8192cu.sys
2013-12-01 02:48:28 -------- d-----w- C:\Program Files (x86)\D-Link
2013-12-01 02:46:01 3216384 ----a-w- C:\Windows\System32\msi.dll
2013-12-01 02:46:01 2342400 ----a-w- C:\Windows\SysWow64\msi.dll
2013-12-01 02:44:21 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2013-12-01 02:44:20 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2013-12-01 02:44:13 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2013-12-01 02:44:13 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2013-12-01 02:44:12 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2013-12-01 02:44:10 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2013-12-01 02:44:10 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2013-12-01 02:42:27 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2013-12-01 02:37:25 515584 ----a-w- C:\Windows\System32\timedate.cpl
2013-12-01 02:37:25 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl
2013-12-01 02:33:52 67072 ----a-w- C:\Windows\splwow64.exe
2013-12-01 02:29:59 509952 ----a-w- C:\Windows\System32\ntshrui.dll
2013-12-01 02:29:59 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll
2013-12-01 02:26:25 40448 ----a-w- C:\Windows\System32\drivers\modem.sys
2013-12-01 02:26:25 321536 ----a-w- C:\Windows\System32\unimdm.tsp
2013-12-01 02:26:25 281088 ----a-w- C:\Windows\SysWow64\unimdm.tsp
2013-12-01 02:20:21 64512 ----a-w- C:\Windows\SysWow64\devobj.dll
2013-12-01 02:20:21 44544 ----a-w- C:\Windows\SysWow64\devrtl.dll
2013-12-01 02:20:21 252928 ----a-w- C:\Windows\SysWow64\drvinst.exe
2013-12-01 02:20:21 145920 ----a-w- C:\Windows\SysWow64\cfgmgr32.dll
2013-12-01 02:20:18 404480 ----a-w- C:\Windows\System32\umpnpmgr.dll
2013-12-01 02:16:38 27520 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
2013-12-01 02:14:03 142336 ----a-w- C:\Windows\System32\poqexec.exe
2013-12-01 02:14:03 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe
2013-12-01 02:12:15 2871808 ----a-w- C:\Windows\explorer.exe
2013-12-01 02:12:15 2616320 ----a-w- C:\Windows\SysWow64\explorer.exe
2013-12-01 02:10:07 31232 ----a-w- C:\Windows\SysWow64\prevhost.exe
2013-12-01 02:10:07 31232 ----a-w- C:\Windows\System32\prevhost.exe
2013-12-01 02:08:01 20352 ----a-w- C:\Windows\System32\kdusb.dll
2013-12-01 02:08:01 17792 ----a-w- C:\Windows\System32\kdcom.dll
2013-12-01 02:08:00 642944 ----a-w- C:\Windows\System32\winload.efi
2013-12-01 02:08:00 605552 ----a-w- C:\Windows\System32\winload.exe
2013-12-01 02:08:00 19328 ----a-w- C:\Windows\System32\kd1394.dll
2013-12-01 02:07:59 566208 ----a-w- C:\Windows\System32\winresume.efi
2013-12-01 02:07:53 518672 ----a-w- C:\Windows\System32\winresume.exe
2013-12-01 01:46:41 0 ----a-w- C:\Windows\ativpsrm.bin
2013-12-01 01:42:02 -------- d-----w- C:\Windows\Panther
2013-12-01 01:40:26 3159040 ----a-w- C:\Windows\System32\win32k.sys
2013-12-01 01:38:43 983488 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2013-12-01 01:38:43 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2013-12-01 01:38:43 144384 ----a-w- C:\Windows\System32\cdd.dll
2013-12-01 01:33:04 100864 ----a-w- C:\Windows\System32\drivers\usbcir.sys
2013-12-01 01:31:21 9728 ----a-w- C:\Windows\System32\Wdfres.dll
2013-12-01 01:31:21 785624 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2013-12-01 01:31:21 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
2013-12-01 01:29:33 633856 ----a-w- C:\Windows\System32\comctl32.dll
2013-12-01 01:29:33 530432 ----a-w- C:\Windows\SysWow64\comctl32.dll
2013-12-01 01:27:25 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-12-01 01:27:25 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2013-12-01 01:27:25 139776 ----a-w- C:\Windows\System32\cryptnet.dll
2013-12-01 01:27:25 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-12-01 01:27:19 224256 ----a-w- C:\Windows\System32\wintrust.dll
2013-12-01 01:27:19 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll
2013-12-01 01:27:19 1472512 ----a-w- C:\Windows\System32\crypt32.dll
2013-12-01 01:27:19 1166848 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-12-01 01:25:37 42496 ----a-w- C:\Windows\System32\drivers\usbscan.sys
2013-12-01 01:25:37 32896 ----a-w- C:\Windows\System32\drivers\hidparse.sys
2013-12-01 01:25:36 76800 ----a-w- C:\Windows\System32\drivers\hidclass.sys
2013-12-01 01:23:57 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2013-12-01 01:23:57 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
2013-12-01 01:23:57 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2013-12-01 01:23:57 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2013-12-01 01:23:56 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2013-12-01 01:23:56 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2013-12-01 01:20:44 663552 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2013-12-01 01:20:44 1217024 ----a-w- C:\Windows\System32\rpcrt4.dll
2013-12-01 01:19:11 314880 ----a-w- C:\Program Files\Windows Defender\MpCommu.dll
2013-12-01 01:19:09 9216 ----a-w- C:\Program Files (x86)\Windows Defender\MpAsDesc.dll
2013-12-01 01:19:09 54784 ----a-w- C:\Program Files (x86)\Windows Defender\MpOAV.dll
2013-12-01 01:19:09 392704 ----a-w- C:\Program Files (x86)\Windows Defender\MpClient.dll
2013-12-01 01:19:08 4608 ----a-w- C:\Program Files (x86)\Windows Defender\MsMpLics.dll
2013-12-01 01:19:07 571904 ----a-w- C:\Program Files\Windows Defender\MpClient.dll
2013-12-01 01:19:07 1011712 ----a-w- C:\Program Files\Windows Defender\MpSvc.dll
2013-12-01 01:17:51 70656 ----a-w- C:\Windows\SysWow64\fontsub.dll
2013-12-01 01:17:51 46080 ----a-w- C:\Windows\System32\atmlib.dll
2013-12-01 01:17:51 41472 ----a-w- C:\Windows\System32\lpk.dll
2013-12-01 01:17:51 368128 ----a-w- C:\Windows\System32\atmfd.dll
2013-12-01 01:17:51 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2013-12-01 01:17:51 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2013-12-01 01:17:51 25600 ----a-w- C:\Windows\SysWow64\lpk.dll
2013-12-01 01:17:51 14336 ----a-w- C:\Windows\System32\dciman32.dll
2013-12-01 01:17:51 10240 ----a-w- C:\Windows\SysWow64\dciman32.dll
2013-12-01 01:17:51 100864 ----a-w- C:\Windows\System32\fontsub.dll
2013-12-01 01:16:34 624128 ----a-w- C:\Windows\System32\qedit.dll
2013-12-01 01:16:34 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2013-12-01 01:15:16 1686888 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2013-12-01 01:13:53 751104 ----a-w- C:\Windows\System32\win32spl.dll
2013-12-01 01:13:53 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll
2013-12-01 01:12:22 936448 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2013-12-01 01:12:22 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2013-12-01 01:12:22 1393152 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2013-12-01 01:12:20 1732608 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2013-12-01 01:12:20 1367040 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2013-12-01 01:08:04 52224 ----a-w- C:\Windows\System32\certenc.dll
2013-12-01 01:08:04 43008 ----a-w- C:\Windows\SysWow64\certenc.dll
2013-12-01 01:08:02 903168 ----a-w- C:\Windows\SysWow64\certutil.exe
2013-12-01 01:08:02 1192448 ----a-w- C:\Windows\System32\certutil.exe
2013-12-01 01:06:04 44032 ----a-w- C:\Windows\System32\tsgqec.dll
2013-12-01 01:06:04 158720 ----a-w- C:\Windows\System32\aaclient.dll
2013-12-01 01:06:03 36864 ----a-w- C:\Windows\SysWow64\tsgqec.dll
2013-12-01 01:06:03 131584 ----a-w- C:\Windows\SysWow64\aaclient.dll
2013-12-01 01:05:57 3217408 ----a-w- C:\Windows\SysWow64\mstscax.dll
2013-12-01 01:05:56 3717632 ----a-w- C:\Windows\System32\mstscax.dll
2013-12-01 01:04:34 19968 ----a-w- C:\Windows\System32\drivers\usb8023.sys
2013-12-01 01:01:41 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2013-12-01 01:01:41 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2013-12-01 01:00:18 478208 ----a-w- C:\Windows\System32\dpnet.dll
2013-12-01 01:00:18 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll
2013-12-01 00:54:58 2002432 ----a-w- C:\Windows\System32\msxml6.dll
2013-12-01 00:54:58 1882624 ----a-w- C:\Windows\System32\msxml3.dll
2013-12-01 00:54:58 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll
2013-12-01 00:54:58 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2013-12-01 00:53:39 715776 ----a-w- C:\Windows\System32\kerberos.dll
2013-12-01 00:53:39 542208 ----a-w- C:\Windows\SysWow64\kerberos.dll
2013-12-01 00:52:19 95744 ----a-w- C:\Windows\System32\synceng.dll
2013-12-01 00:52:19 78336 ----a-w- C:\Windows\SysWow64\synceng.dll
2013-12-01 00:51:00 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2013-12-01 00:51:00 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2013-12-01 00:48:30 59392 ----a-w- C:\Windows\System32\browcli.dll
2013-12-01 00:48:30 41984 ----a-w- C:\Windows\SysWow64\browcli.dll
2013-12-01 00:48:30 136704 ----a-w- C:\Windows\System32\browser.dll
2013-12-01 00:44:44 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2013-12-01 00:43:29 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2013-12-01 00:41:15 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2013-12-01 00:41:15 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
2013-12-01 00:41:15 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2013-12-01 00:39:11 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll
2013-12-01 00:39:11 634880 ----a-w- C:\Windows\System32\msvcrt.dll
2013-12-01 00:38:21 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2013-12-01 00:38:21 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2013-12-01 00:38:21 5120 ----a-w- C:\Windows\System32\wmi.dll
2013-12-01 00:38:21 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2013-12-01 00:38:21 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2013-12-01 00:35:22 1572864 ----a-w- C:\Windows\System32\quartz.dll
2013-12-01 00:35:21 1328128 ----a-w- C:\Windows\SysWow64\quartz.dll
2013-12-01 00:34:24 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2013-12-01 00:34:23 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2013-12-01 00:34:23 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2013-12-01 00:32:14 886784 ----a-w- C:\Program Files\Common Files\System\wab32.dll
2013-12-01 00:32:13 708608 ----a-w- C:\Program Files (x86)\Common Files\System\wab32.dll
2013-12-01 00:31:13 723456 ----a-w- C:\Windows\System32\EncDec.dll
2013-12-01 00:31:13 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll
2013-12-01 00:29:12 395776 ----a-w- C:\Windows\System32\webio.dll
2013-12-01 00:29:12 314880 ----a-w- C:\Windows\SysWow64\webio.dll
2013-12-01 00:28:12 77312 ----a-w- C:\Windows\System32\packager.dll
2013-12-01 00:28:12 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2013-12-01 00:27:14 613888 ----a-w- C:\Windows\System32\psisdecd.dll
2013-12-01 00:27:13 75776 ----a-w- C:\Windows\SysWow64\psisrndr.ax
2013-12-01 00:27:13 465408 ----a-w- C:\Windows\SysWow64\psisdecd.dll
2013-12-01 00:27:13 108032 ----a-w- C:\Windows\System32\psisrndr.ax
2013-12-01 00:25:22 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2013-12-01 00:25:22 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2013-12-01 00:25:22 331776 ----a-w- C:\Windows\System32\oleacc.dll
2013-12-01 00:25:22 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll
2013-12-01 00:24:17 94208 ----a-w- C:\Program Files (x86)\Common Files\System\Ole DB\msdaosp.dll
2013-12-01 00:24:17 86016 ----a-w- C:\Windows\SysWow64\odbccu32.dll
2013-12-01 00:24:17 81920 ----a-w- C:\Windows\SysWow64\odbccr32.dll
2013-12-01 00:24:17 319488 ----a-w- C:\Windows\SysWow64\odbcjt32.dll
2013-12-01 00:24:17 163840 ----a-w- C:\Windows\SysWow64\odbctrac.dll
2013-12-01 00:24:17 163840 ----a-w- C:\Windows\System32\odbccp32.dll
2013-12-01 00:24:17 126976 ----a-w- C:\Program Files\Common Files\System\Ole DB\msdaosp.dll
2013-12-01 00:24:17 122880 ----a-w- C:\Windows\SysWow64\odbccp32.dll
2013-12-01 00:24:17 106496 ----a-w- C:\Windows\System32\odbccu32.dll
2013-12-01 00:24:17 106496 ----a-w- C:\Windows\System32\odbccr32.dll
2013-12-01 00:24:16 212992 ----a-w- C:\Windows\System32\odbctrac.dll
2013-12-01 00:22:21 976896 ----a-w- C:\Windows\System32\inetcomm.dll
2013-12-01 00:22:21 741376 ----a-w- C:\Windows\SysWow64\inetcomm.dll
2013-12-01 00:20:24 168448 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2013-12-01 00:17:42 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys
2013-12-01 00:16:52 30208 ----a-w- C:\Windows\System32\dnscacheugc.exe
2013-12-01 00:16:52 28672 ----a-w- C:\Windows\SysWow64\dnscacheugc.exe
2013-12-01 00:16:51 183296 ----a-w- C:\Windows\System32\dnsrslvr.dll
2013-12-01 00:15:52 1395712 ----a-w- C:\Windows\System32\mfc42.dll
2013-12-01 00:15:51 1359872 ----a-w- C:\Windows\System32\mfc42u.dll
2013-12-01 00:15:51 1164288 ----a-w- C:\Windows\SysWow64\mfc42u.dll
2013-12-01 00:15:51 1137664 ----a-w- C:\Windows\SysWow64\mfc42.dll
2013-12-01 00:13:16 267776 ----a-w- C:\Windows\System32\FXSCOVER.exe
.
==================== Find3M ====================
.
2013-11-19 10:21:41 267936 ------w- C:\Windows\System32\MpSigStub.exe
2013-11-04 12:42:02 18456 ----a-w- C:\Windows\System32\drivers\psi_mf_amd64.sys
2013-10-24 23:05:06 773968 ----a-w- C:\Windows\SysWow64\msvcr100.dll
2013-10-24 23:05:06 421200 ----a-w- C:\Windows\SysWow64\msvcp100.dll
2013-09-27 15:53:06 248240 ----a-w- C:\Windows\System32\drivers\MpFilter.sys
2013-09-27 15:53:06 134944 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys
.
============= FINISH: 7:41:18.75 ===============

Help Ps
JohnIDK
Active Member
 
Posts: 3
Joined: December 14th, 2013, 9:28 am
Top
Advertisement
Register to Remove

Re: Melware and others

Unread postby JohnIDK » December 14th, 2013, 11:14 am

Kaspersky is what I meant.

I had a stroke and lost my Hearing, Can't remember much, Can't talk very well, I can type slowly, very slowly when I can remember. Can't use my right arm and very little of right leg.
JohnIDK
Active Member
 
Posts: 3
Joined: December 14th, 2013, 9:28 am
Top

Re: Melware and others

Unread postby JohnIDK » December 15th, 2013, 3:28 am

I now have either a Processor or the Motherboard go out on me.

So, I have to go to the tech.

I appreciate your help. Thank You,
JohnIDK
Active Member
 
Posts: 3
Joined: December 14th, 2013, 9:28 am
Top

Re: Melware and others

Unread postby Gary R » December 15th, 2013, 7:14 am

Sorry to hear that you've got hardware problems, since they almost always cost money to resolve. Thanks for letting us know, so we can close this topic.

Gary R

This topic is now closed.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire
Top
Advertisement
Register to Remove
Topic locked

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 235 guests

The teamDelete all board cookiesAll times are UTC - 5 hours [ DST ]

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware

Board index