Results 1 to 5 of 5

Thread: Virus that replicates files

  1. #1
    Junior Member
    Join Date
    Feb 2013
    Posts
    2

    Post

    Good day, this virus has been taking up space which is located in the C drive. I did several virus scans, but nothing was found. Is there anyway I can locate this virus?

    DDS (Ver_2012-11-20.01) - NTFS_x86
    Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.11.2
    Run by Kenneth at 22:53:57 on 2013-02-06
    Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.2.1033.18.2037.969 [GMT -5:00]
    .
    AV: avast! Internet Security *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
    AV: Advanced SystemCare Ultimate *Disabled/Updated* {1C304DC4-1D72-5DB9-B33A-43B638ECFD30}
    SP: avast! Internet Security *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
    .
    ============== Running Processes ================
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\SLsvc.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Hotspot Shield\bin\openvpnas.exe
    C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
    C:\Program Files\Hotspot Shield\bin\hsswd.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\System32\WUDFHost.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\IObit\Advanced SystemCare Ultimate\Suo10_SmartRAM.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Hide My IP\HideMyIpSrv.exe
    C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    C:\Windows\system32\wuauclt.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\conime.exe
    C:\Windows\notepad.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k rpcss
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\system32\svchost.exe -k HPService
    .
    ============== Pseudo HJT Report ===============
    .
    BHO: Coupon Companion Plugin: {11111111-1111-1111-1111-110211181104} - c:\program files\coupon companion plugin\Coupon Companion Plugin.dll
    BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
    BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
    BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Wajam: {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - c:\program files\wajam\ie\priam_bho.dll
    BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
    BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - c:\program files\iobit\advanced systemcare ultimate\browerprotect\ASCPlugin_Protection.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
    BHO: Hotspot Shield Class: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - c:\program files\hotspot shield\hssie\HssIE.dll
    TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
    uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
    uRun: [SmartRAM] "c:\program files\iobit\advanced systemcare ultimate\Suo10_SmartRAM.exe" /m
    uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
    mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
    mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000
    IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
    LSP: c:\windows\system32\HMIPCore.dll
    TCP: Interfaces\{D6BAE132-5F16-467F-8ACB-A277EBD91AE6} : DHCPNameServer = 64.71.255.204 64.71.255.198
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
    Notify: igfxcui - igfxdev.dll
    LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\24.0.1312.57\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\users\kenneth\appdata\roaming\mozilla\firefox\profiles\5klgpfks.default\
    FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL
    FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL
    FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
    FF - plugin: c:\programdata\nexonus\ngm\npNxGameUS.dll
    FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_135.dll
    FF - ExtSQL: 2012-12-27 21:23; ; c:\program files\fiddler2\FiddlerHook
    FF - ExtSQL: 2012-12-31 20:42; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
    FF - ExtSQL: 2013-01-04 22:05; ; c:\program files\mozilla firefox\extensions\afurladvisor@anchorfree.com
    FF - ExtSQL: 2013-02-01 16:51; ; c:\users\kenneth\appdata\roaming\mozilla\firefox\profiles\5klgpfks.default\extensions\ascsurfingprotection@iobit.com
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\drivers\aswNdis.sys [2013-2-6 12112]
    R0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys [2013-2-6 199320]
    R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [2013-1-27 15672]
    R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2013-2-6 20624]
    R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2013-2-6 738504]
    R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2013-2-6 361032]
    R1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\drivers\hssdrv6.sys [2013-1-10 36040]
    R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2013-2-6 21256]
    R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-2-6 58680]
    R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2013-2-6 44808]
    R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
    R2 hshld;Hotspot Shield Service;c:\program files\hotspot shield\bin\openvpnas.exe [2013-1-10 533288]
    R2 HssWd;Hotspot Shield Monitoring Service;c:\program files\hotspot shield\bin\hsswd.exe [2013-1-10 389928]
    R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\drivers\taphss6.sys [2013-1-10 37064]
    RUnknown HideMyIpSRV;HideMyIpSRV; [x]
    S1 aswFW;avast! TDI Firewall driver;c:\windows\system32\drivers\aswFW.sys [2013-2-6 106560]
    S2 avast! Firewall;avast! Firewall;c:\program files\avast software\avast\afwServ.exe [2013-2-6 133912]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;"c:\program files\logmein hamachi\hamachi-2.exe" -s --> c:\program files\logmein hamachi\hamachi-2.exe [?]
    S2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-1-23 398184]
    S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-1-23 682344]
    S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-1-8 161536]
    S3 CGVPNCliSrvc;CyberGhost VPN Client;c:\program files\cyberghost vpn\CGVPNCliService.exe [2013-1-6 2438696]
    S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-1-23 21104]
    S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2013-1-23 40776]
    S3 WajamUpdater;WajamUpdater;c:\program files\wajam\updater\WajamUpdater.exe [2012-10-5 109064]
    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
    .
    =============== Created Last 30 ================
    .
    2013-02-07 03:26:11 -------- d-----w- c:\program files\ESET
    2013-02-07 02:17:01 6991832 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{759b644f-e610-467a-a882-48f8f381f93d}\mpengine.dll
    2013-02-07 02:02:47 106560 ----a-w- c:\windows\system32\drivers\aswFW.sys
    2013-02-07 02:02:23 199320 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
    2013-02-07 02:02:22 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
    2013-02-07 02:02:22 20624 ----a-w- c:\windows\system32\drivers\aswKbd.sys
    2013-02-07 02:02:20 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
    2013-02-07 02:01:29 41224 ----a-w- c:\windows\avastSS.scr
    2013-02-07 02:01:29 12112 ----a-w- c:\windows\system32\drivers\aswNdis.sys
    2013-02-07 02:00:37 -------- d-----w- c:\programdata\AVAST Software
    2013-02-07 02:00:37 -------- d-----w- c:\program files\AVAST Software
    2013-02-07 00:24:43 -------- d-----w- c:\users\kenneth\appdata\local\Razer
    2013-02-02 02:54:17 353096 ----a-w- c:\windows\system32\drivers\bdfsfltr.sys
    2013-02-02 02:51:59 340624 ----a-w- c:\windows\system32\drivers\trufos.sys
    2013-02-01 20:59:21 -------- d-----w- c:\programdata\Nexon
    2013-02-01 19:19:40 -------- d-----w- c:\programdata\NexonEU
    2013-01-31 03:17:43 -------- d-----w- c:\windows\system32\Hotspot Shield
    2013-01-29 03:35:29 -------- d-----r- c:\program files\Skype
    2013-01-29 03:10:03 -------- d-----w- c:\users\kenneth\Tracing
    2013-01-29 03:08:18 -------- d-----w- c:\program files\Microsoft
    2013-01-29 03:08:02 -------- d-----w- c:\program files\Windows Live SkyDrive
    2013-01-29 03:04:32 -------- d-----w- c:\program files\common files\Windows Live
    2013-01-27 19:35:19 29528 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
    2013-01-27 19:34:39 15672 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
    2013-01-27 19:16:34 -------- d-----w- c:\programdata\{D76294E6-03B8-4971-AF2E-3F846161A690}
    2013-01-27 19:16:30 -------- d-----w- c:\programdata\{5A85B23A-4B58-47D1-9B9C-DFBD7866099F}
    2013-01-27 19:16:29 -------- d-----w- c:\users\kenneth\appdata\roaming\IObit
    2013-01-27 19:16:29 -------- d-----w- c:\programdata\IObit
    2013-01-27 19:16:19 -------- d-----w- c:\program files\IObit
    2013-01-27 18:21:10 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
    2013-01-26 22:31:01 -------- d-----w- c:\users\kenneth\appdata\roaming\.minecraft
    2013-01-24 18:02:01 876032 ----a-w- c:\windows\system32\XpsPrint.dll
    2013-01-24 18:02:00 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
    2013-01-24 18:02:00 1069056 ----a-w- c:\windows\system32\DWrite.dll
    2013-01-24 18:01:59 683008 ----a-w- c:\windows\system32\d2d1.dll
    2013-01-24 18:01:59 160768 ----a-w- c:\windows\system32\d3d10_1.dll
    2013-01-24 18:01:59 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
    2013-01-24 03:08:32 -------- d-----w- c:\program files\Windows Portable Devices
    2013-01-23 22:33:07 92672 ----a-w- c:\windows\system32\UIAnimation.dll
    2013-01-23 22:33:07 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
    2013-01-23 22:33:07 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
    2013-01-23 22:16:22 5120 ----a-w- c:\windows\system32\wmi.dll
    2013-01-23 22:16:22 157696 ----a-w- c:\windows\system32\imagehlp.dll
    2013-01-23 22:16:22 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys
    2013-01-23 22:00:34 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2013-01-23 21:48:46 979456 ----a-w- c:\windows\system32\MFH264Dec.dll
    2013-01-23 21:47:23 -------- d-----w- c:\windows\pss
    2013-01-23 21:42:43 -------- d-----w- c:\users\kenneth\appdata\roaming\Malwarebytes
    2013-01-23 21:42:32 -------- d-----w- c:\programdata\Malwarebytes
    2013-01-23 21:42:31 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
    2013-01-23 21:42:31 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2013-01-23 21:23:38 9728 ----a-w- c:\windows\system32\Wdfres.dll
    2013-01-23 21:23:37 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
    2013-01-23 21:23:37 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
    2013-01-23 21:23:37 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
    2013-01-23 21:23:37 16896 ----a-w- c:\windows\system32\winusb.dll
    2013-01-23 21:23:37 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
    2013-01-23 21:23:36 613888 ----a-w- c:\windows\system32\WUDFx.dll
    2013-01-23 21:23:36 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
    2013-01-23 21:23:36 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
    2013-01-23 21:23:36 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
    2013-01-23 21:23:36 196608 ----a-w- c:\windows\system32\WUDFHost.exe
    2013-01-23 21:23:10 -------- d-----w- c:\program files\MSXML 4.0
    2013-01-23 00:48:59 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
    2013-01-23 00:48:57 23552 ----a-w- c:\windows\system32\mciseq.dll
    2013-01-23 00:48:57 189952 ----a-w- c:\windows\system32\winmm.dll
    2013-01-23 00:48:56 75264 ----a-w- c:\windows\system32\drivers\dfsc.sys
    2013-01-23 00:48:38 623616 ----a-w- c:\windows\system32\localspl.dll
    2013-01-23 00:48:22 1162240 ----a-w- c:\windows\system32\mfc42u.dll
    2013-01-23 00:48:22 1136640 ----a-w- c:\windows\system32\mfc42.dll
    2013-01-23 00:48:19 1205064 ----a-w- c:\windows\system32\ntdll.dll
    2013-01-23 00:46:38 1169408 ----a-w- c:\windows\system32\sdclt.exe
    2013-01-23 00:45:59 797696 ----a-w- c:\windows\system32\FntCache.dll
    2013-01-23 00:45:58 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll
    2013-01-23 00:45:40 66560 ----a-w- c:\windows\system32\packager.dll
    2013-01-23 00:45:37 954752 ----a-w- c:\windows\system32\mfc40.dll
    2013-01-23 00:45:37 954288 ----a-w- c:\windows\system32\mfc40u.dll
    2013-01-23 00:44:14 204288 ----a-w- c:\windows\system32\ncrypt.dll
    2013-01-23 00:44:08 376320 ----a-w- c:\windows\system32\winsrv.dll
    2013-01-23 00:44:03 1696256 ----a-w- c:\windows\system32\gameux.dll
    2013-01-23 00:44:02 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
    2013-01-23 00:44:00 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
    2013-01-23 00:41:45 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
    2013-01-23 00:41:40 677888 ----a-w- c:\windows\system32\mstsc.exe
    2013-01-23 00:41:40 2067968 ----a-w- c:\windows\system32\mstscax.dll
    2013-01-23 00:41:32 707584 ----a-w- c:\program files\common files\system\wab32.dll
    2013-01-23 00:40:41 531968 ----a-w- c:\windows\system32\comctl32.dll
    2013-01-23 00:40:39 440704 ----a-w- c:\windows\system32\drivers\ksecdd.sys
    2013-01-23 00:40:39 278528 ----a-w- c:\windows\system32\schannel.dll
    2013-01-23 00:40:39 1259008 ----a-w- c:\windows\system32\lsasrv.dll
    2013-01-23 00:40:38 9728 ----a-w- c:\windows\system32\lsass.exe
    2013-01-23 00:40:38 72704 ----a-w- c:\windows\system32\secur32.dll
    2013-01-23 00:40:35 231424 ----a-w- c:\windows\system32\msshsq.dll
    2013-01-23 00:40:28 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2013-01-23 00:40:27 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
    2013-01-23 00:18:17 6991832 ----a-w- c:\programdata\microsoft\windows defender\definition updates\backup\mpengine.dll
    2013-01-23 00:17:32 232336 ------w- c:\windows\system32\MpSigStub.exe
    2013-01-23 00:13:17 613376 ----a-w- c:\windows\system32\rdpencom.dll
    2013-01-22 23:55:02 2422272 ----a-w- c:\windows\system32\wucltux.dll
    2013-01-22 23:54:11 88576 ----a-w- c:\windows\system32\wudriver.dll
    2013-01-22 23:53:55 33792 ----a-w- c:\windows\system32\wuapp.exe
    2013-01-22 23:53:55 171904 ----a-w- c:\windows\system32\wuwebv.dll
    2013-01-21 00:12:50 -------- d-----w- C:\CFLog
    2013-01-19 00:50:58 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll
    2013-01-19 00:50:58 528216 ----a-w- c:\windows\system32\XAudio2_6.dll
    2013-01-19 00:50:54 81768 ----a-w- c:\windows\system32\xinput1_3.dll
    2013-01-19 00:50:54 4178264 ----a-w- c:\windows\system32\D3DX9_41.dll
    2013-01-19 00:50:54 238936 ----a-w- c:\windows\system32\xactengine3_6.dll
    2013-01-19 00:50:54 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll
    2013-01-19 00:50:52 3495784 ----a-w- c:\windows\system32\d3dx9_33.dll
    2013-01-19 00:50:44 -------- d-----w- c:\program files\Microsoft XNA
    2013-01-19 00:19:56 -------- d-----w- c:\users\kenneth\appdata\local\CrashRpt
    2013-01-19 00:17:52 -------- d-----w- c:\users\kenneth\KAG
    2013-01-18 23:20:05 -------- d-----w- c:\program files\Z8Games
    2013-01-18 22:59:23 -------- d-----w- c:\program files\BP DOWNLOADER
    2013-01-18 03:57:12 -------- d-----w- c:\program files\common files\HP
    2013-01-18 03:57:09 -------- d-----w- c:\program files\common files\Hewlett-Packard
    2013-01-18 03:56:53 -------- d-----w- c:\windows\hpoj4500g510g-m
    2013-01-18 03:55:42 -------- d-----w- c:\program files\HP
    2013-01-13 03:28:11 -------- d-----w- C:\Ace of Spades
    2013-01-12 22:55:22 -------- d-----w- c:\users\kenneth\appdata\local\Apple Computer
    2013-01-12 22:54:49 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
    2013-01-12 22:53:51 -------- d-----w- c:\program files\iPod
    2013-01-12 22:53:46 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
    2013-01-12 22:53:46 -------- d-----w- c:\program files\iTunes
    2013-01-12 22:52:22 -------- d-----w- c:\users\kenneth\appdata\local\Apple
    2013-01-12 22:48:56 -------- d-----w- c:\program files\Bonjour
    2013-01-10 19:41:34 37064 ----a-w- c:\windows\system32\drivers\taphss6.sys
    2013-01-10 19:27:44 36040 ----a-w- c:\windows\system32\drivers\hssdrv6.sys
    .
    ==================== Find3M ====================
    .
    2013-01-23 21:48:45 98816 ----a-w- c:\windows\system32\mfps.dll
    2013-01-06 17:06:13 224016 --s---r- c:\windows\system32\TABCTL32.OCX
    2013-01-06 17:06:13 1010720 --s---r- c:\windows\system32\MSCHRT20.OCX
    2013-01-06 17:06:12 152848 --s---r- c:\windows\system32\COMDLG32.OCX
    2013-01-05 20:34:57 859072 ----a-w- c:\windows\system32\npDeployJava1.dll
    2013-01-05 20:34:57 779704 ----a-w- c:\windows\system32\deployJava1.dll
    2012-12-29 21:50:22 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2012-12-29 21:50:22 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2012-12-26 22:30:25 3851784 ----a-w- c:\windows\system32\d3dx9_39.dll
    2012-12-16 13:12:54 34304 ----a-w- c:\windows\system32\atmlib.dll
    2012-12-16 10:50:29 293376 ----a-w- c:\windows\system32\atmfd.dll
    2012-12-11 17:12:08 342288 ----a-w- c:\windows\system32\HMIPCore.dll
    2012-11-23 01:35:53 2048000 ----a-w- c:\windows\system32\win32k.sys
    2012-11-13 01:29:51 2048 ----a-w- c:\windows\system32\tzres.dll
    .
    ============= FINISH: 22:54:29.55 ===============

  2. #2
    Security Expert Satchfan's Avatar
    Join Date
    Feb 2009
    Location
    Exeter, UK
    Posts
    259

    Default

    Hello Packman241 and welcome to the Safer Networking Forum.

    At a quick glance you do have some issues that need attention.

    However, it looks like you’ve asked for help at another forum also.

    http://www.bleepingcomputer.com/foru...icating-files/

    All of the forums are staffed by volunteers who do this in our spare time. With the amount of people posting with malware problems it’s unfair to ask two forums and more than one helper to help you; it is also unfair to other people posting and waiting for help.

    Please advise either this forum or the other to close the topic.

    If I don’t hear from you in 24 hours I’ll assume that you no longer require help and will close this topic.

    Thanks

    Satchfan
    Last edited by Satchfan; 2013-02-09 at 17:08.

  3. #3
    Junior Member
    Join Date
    Feb 2013
    Posts
    2

    Default

    I don't know what you mean by "unfair", but I'd like to be assisted on this forum.

  4. #4
    Security Expert Satchfan's Avatar
    Join Date
    Feb 2009
    Location
    Exeter, UK
    Posts
    259

    Default

    I don't know what you mean by "unfair"
    It is asking 2 people to help you when one of them could be helping someone else.

    You still haven't told the other forum that you no longer require help.

  5. #5
    Security Expert Satchfan's Avatar
    Join Date
    Feb 2009
    Location
    Exeter, UK
    Posts
    259

    Default

    I see that Dark Knight is helping you with your problem so I'll close this.

    Good luck with your computer problem

    Satchfan

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •