-
Need help after browser hijacker removed. _MEI31722 folder possible trojan?
I was recently (although I dont know how) was infected by a browser hijacker. I used my tools (Spybot, Kaspersky, windows security essentials, etc... to remove it) It was preventing me opening malwarebytes. I started looking into it and it appears that there have been a couple threads in places that say the folder in C:\Users\USER\AppData\Local\Temp named is a trojan program. This folder contains some pythoncom.dll, win32api.pyd and other pyd and dll files. Is this a malware/virus/trojan/etc... ? Can anyone help or direct me in this matter it would be greatly appreciated.
Thanks!
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17126 BrowserJavaVersion: 10.60.2
Run by SMl at 19:40:31 on 2014-07-07
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.16318.11263 [GMT -4:00]
.
AV: Kaspersky PURE 3.0 *Enabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Kaspersky PURE 3.0 *Enabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
FW: Kaspersky PURE 3.0 *Enabled* {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\AMD\amdacpusrsvc.exe
C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
c:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\SysWOW64\WinMsgBalloonServer.exe
C:\Windows\SysWOW64\WinMsgBalloonClient.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\TurboV EVO\TurboVHELP.exe
C:\Program Files (x86)\iolo\System Mechanic\iologovernor64.exe
C:\Windows\DAODx.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files\ASUS\TurboV EVO\TurboV_EVO.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\PROGRA~2\Raptr\raptr.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\PROGRA~2\Raptr\raptr_im.exe
C:\Program Files (x86)\Raptr\raptr_ep64.exe
C:\Program Files (x86)\Origin\Origin.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\nacl64.exe
C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\nacl64.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\SMl\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\Windows\system32\PnkBstrA.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Ventrilo\Ventrilo.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
mStart Page = about:blank
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll
BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - <orphaned>
BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll
BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
uRun: [Raptr] C:\PROGRA~2\Raptr\raptrstub.exe --startup
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
mRun: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
mRun: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [TurboV EVO] "C:\Program Files\ASUS\TurboV EVO\TurboV_EVO.exe" -b
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe"
mRunOnce: [TURBO_BOOST_SETTING] <no file>
StartupFolder: C:\Users\SMl\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SAMSUN~2.LNK - C:\Windows\System32\schtasks.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:60
mPolicies-Explorer: HideSCAHealth = dword:1
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-Explorer: HideSCAHealth = dword:1
IE: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ie_banner_deny.htm
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} - hxxp://support.asus.com/select/asusTek_sys_ctrl3.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
TCP: NameServer = 10.0.0.1
TCP: Interfaces\{8519AB2B-84ED-4C29-82D3-476E4573986E} : DHCPNameServer = 10.0.0.1
TCP: Interfaces\{BF0DB1FB-0A92-4BB1-8F0A-F25D405C15DF} : DHCPNameServer = 10.0.0.1
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = about:blank
x64-BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
x64-BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll
x64-BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
x64-BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\OnlineBanking\online_banking_bho.dll
x64-BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
x64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
x64-Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\SMl\AppData\Roaming\Mozilla\Firefox\Profiles\hhza8kzi.default\
FF - prefs.js: browser.search.selectedEngine -
.
============= SERVICES / DRIVERS ===============
.
R0 ahcix64s;ahcix64s;C:\Windows\System32\drivers\ahcix64s.sys [2012-12-10 293720]
R0 CSCrySec;InfoWatch Encrypt Sector Library driver;C:\Windows\System32\drivers\CSCrySec.sys [2014-7-1 84536]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2014-1-25 268512]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2013-4-23 56208]
R1 CSVirtualDiskDrv;InfoWatch Virtual Disk driver;C:\Windows\System32\drivers\CSVirtualDiskDrv.sys [2014-7-1 66616]
R1 ElRawDisk;ElRawDisk;C:\Windows\System32\drivers\ElRawDsk.sys [2014-2-1 30752]
R1 JSWPSLWF;JumpStart Wireless Filter Driver;C:\Windows\System32\drivers\jswpslwfx.sys [2008-10-1 26624]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2012-8-2 29792]
R1 kltdi;kltdi;C:\Windows\System32\drivers\kltdi.sys [2013-11-11 54368]
R1 kneps;kneps;C:\Windows\System32\drivers\kneps.sys [2013-11-11 178448]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2014-5-22 239616]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2014-5-22 344064]
R2 AMD_RAIDXpert;AMD RAIDXpert;C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [2011-12-14 131320]
R2 amdacpksd;ACP Kernel Service Driver;C:\Windows\System32\drivers\amdacpksd.sys [2014-5-22 276192]
R2 amdacpusrsvc;ACP User Service;C:\AMD\amdacpusrsvc.exe [2014-5-22 112640]
R2 AODDriver4.2.0;AODDriver4.2.0;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2014-2-11 59616]
R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2013-3-23 96896]
R2 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [2013-11-11 356128]
R2 cpuz135;cpuz135;C:\Windows\System32\drivers\cpuz135_x64.sys [2013-11-30 21992]
R2 CSObjectsSrv;CryptoStorage control service;C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [2013-9-25 818888]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2014-3-11 133928]
R2 PDFsFilter;PDFsFilter;C:\Windows\System32\drivers\PDFsFilter.sys [2013-6-20 82160]
R2 regi;regi;C:\Windows\System32\drivers\regi.sys [2013-4-7 15672]
R2 TeamViewer9;TeamViewer 9;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2013-12-24 5037888]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2014-4-8 94720]
R3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);C:\Windows\System32\drivers\vrtaucbl.sys [2014-2-16 90624]
R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\Windows\System32\drivers\klkbdflt.sys [2013-11-11 29280]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\drivers\klmouflt.sys [2013-11-11 29280]
R3 lvpopf64;Logitech POP Suppression Filter;C:\Windows\System32\drivers\lvpopf64.sys [2009-10-7 271640]
R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2009-10-7 327704]
R3 lvsels64;Logitech Selective Suspend Filter;C:\Windows\System32\drivers\lvsels64.sys [2009-10-7 67992]
R3 LVUVC64;QuickCam Orbit/Sphere MP(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2009-10-7 6379288]
R3 Lycosa;Lycosa Keyboard;C:\Windows\System32\drivers\Lycosa.sys [2008-1-17 18816]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-3-11 347872]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-1-22 77824]
R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-1-22 180224]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2014-6-4 60640]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\System32\drivers\viahduaa.sys [2013-3-23 1301504]
R3 VMfilt;VMfilt;C:\Windows\System32\drivers\VMfilt64.sys [2013-3-23 25600]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2010-3-17 401696]
S2 AODDriver4.3;AODDriver4.3;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2014-2-11 59616]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-6-12 111616]
S3 jswpsapi;Jumpstart Wifi Protected Setup;C:\Program Files (x86)\NETGEAR\WNDA3100\jswpsapi.exe [2008-2-29 942080]
S3 PCAMp50a64;PCAMp50a64 NDIS Protocol Driver;C:\Windows\System32\drivers\PCAMp50a64.sys [2013-3-23 43328]
S3 PCASp50a64;PCASp50a64 NDIS Protocol Driver;C:\Windows\System32\drivers\PCASp50a64.sys [2013-3-23 41280]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-4-1 19456]
S3 RzDxgk;RzDxgk;C:\Windows\System32\drivers\RzDxgk.sys [2014-5-31 129472]
S3 rzp1endpt;Razer platform 1 end point;C:\Windows\System32\drivers\rzp1endpt.sys [2014-4-8 39080]
S3 RzSynapse;Razer Driver;C:\Windows\System32\drivers\RzSynapse.sys [2011-3-31 126464]
S3 rzudd;Razer Mouse Driver;C:\Windows\System32\drivers\rzudd.sys [2014-4-8 154792]
S3 rzvmouse;Razer Virtual Mouse;C:\Windows\System32\drivers\rzvmouse.sys [2014-4-8 31400]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-11-12 56832]
S3 usbrndis6;USB RNDIS6 Adapter;C:\Windows\System32\drivers\usb80236.sys [2013-3-23 19968]
S3 VBAudioVACMME;VB-Audio Virtual Cable (WDM);C:\Windows\System32\drivers\vbaudio_cable64_win7.sys [2013-7-11 41192]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-3-23 1255736]
S3 WN111v2;NETGEAR WN111v2 USB2.0 Wireless Card Service;C:\Windows\System32\drivers\WN111v2w7x.sys [2010-4-27 783360]
S4 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2013-9-27 79360]
S4 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2013-3-23 79360]
S4 IHA_MessageCenter;IHA_MessageCenter;C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [2012-8-3 352248]
S4 ioloSystemService;iolo System Service;C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [2014-5-4 4492776]
S4 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2012-7-13 769432]
S4 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
.
=============== File Associations ===============
.
ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2014-07-07 20:56:33 76152 ----a-w- C:\Windows\System32\PnkBstrA.exe
2014-07-07 19:42:14 -------- d-----w- C:\AdwCleaner
2014-07-07 19:31:16 536576 ----a-w- C:\Windows\SysWow64\sqlite3.dll
2014-07-07 19:27:10 -------- d-----w- C:\FRST
2014-07-07 17:50:42 -------- d-----w- C:\Program Files (x86)\ESET
2014-07-07 16:59:16 -------- d-sh--w- C:\$RECYCLE.BIN
2014-07-07 06:31:07 10779000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E9B49A27-07FB-4D7C-A0FE-B57B08422B0D}\mpengine.dll
2014-07-07 03:38:00 1031560 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-07-07 03:38:00 1031560 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8FE68A8C-2334-4365-9313-38E7C562558B}\gapaengine.dll
2014-07-07 03:37:43 10779000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-07-02 10:36:34 -------- d-----w- C:\Users\SMl\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2014-07-02 03:22:15 64856 ----a-w- C:\Windows\System32\klfphc.dll
2014-07-02 03:21:54 84536 ----a-w- C:\Windows\System32\drivers\CSCrySec.sys
2014-07-02 03:21:54 66616 ----a-w- C:\Windows\System32\drivers\CSVirtualDiskDrv.sys
2014-07-02 03:21:29 -------- d-----w- C:\Windows\ELAMBKUP
2014-07-02 03:21:25 -------- d-----w- C:\Program Files (x86)\Common Files\InfoWatch
2014-07-02 03:21:22 -------- d-----w- C:\Program Files (x86)\Kaspersky Lab
2014-07-02 03:21:14 92768 ----a-w- C:\Windows\System32\drivers\klflt.sys
2014-07-01 08:36:11 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2014-07-01 08:36:08 -------- d-----w- C:\Program Files\Microsoft Security Client
2014-07-01 02:10:56 122584 ----a-w- C:\Windows\System32\drivers\48230029.sys
2014-06-30 06:18:12 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-06-30 06:18:12 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-06-30 06:18:12 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-30 05:43:46 128728 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-06-30 05:43:46 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-06-30 05:43:23 92888 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-06-30 05:33:50 -------- d-----w- C:\ProgramData\Malwarebytes
2014-06-30 01:42:41 10779000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B332F8D3-B194-4542-BE6B-6BDEACDA1705}\mpengine.dll
2014-06-30 01:40:01 -------- d-----w- C:\Users\SMl\AppData\Local\Adobe
2014-06-26 04:52:36 -------- d-----w- C:\Users\SMl\AppData\Roaming\TheBannerSaga
2014-06-20 01:09:16 -------- d-----w- C:\Program Files\Blender Foundation
2014-06-12 19:05:34 46376 ----a-w- C:\Windows\System32\drivers\netfilter64.sys
2014-06-11 01:57:09 -------- d-----w- C:\Users\SMl\AppData\Roaming\CardScan
2014-06-11 01:56:58 -------- d-----w- C:\Users\SMl\AppData\Local\CardScan
.
==================== Find3M ====================
.
2014-07-07 20:56:19 215416 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2014-07-07 20:47:11 214392 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2014-07-07 20:06:03 65536 ----a-w- C:\Windows\System32\spu_storage.bin
2014-07-02 03:38:50 458336 ----a-w- C:\Windows\System32\drivers\kl1.sys
2014-07-02 03:38:50 29792 ----a-w- C:\Windows\System32\drivers\klim6.sys
2014-06-26 01:37:20 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-06-26 01:37:20 699056 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-06-14 05:10:42 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2014-06-08 09:13:05 506368 ----a-w- C:\Windows\System32\aepdu.dll
2014-06-08 09:08:04 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-06-04 23:35:16 0 ----a-w- C:\Windows\ativpsrm.bin
2014-05-31 04:29:14 2106216 ----a-w- C:\Windows\SysWow64\D3DCompiler_43.dll
2014-05-30 10:02:37 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-05-30 10:02:09 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-05-30 09:39:43 548352 ----a-w- C:\Windows\System32\vbscript.dll
2014-05-30 09:39:23 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-05-30 09:38:29 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-05-30 09:21:23 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-05-30 09:21:05 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-05-30 09:20:36 752640 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-05-30 09:11:24 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-05-30 09:08:22 5782528 ----a-w- C:\Windows\System32\jscript9.dll
2014-05-30 09:02:39 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-05-30 08:55:36 38400 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-05-30 08:44:28 455168 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-05-30 08:43:06 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-05-30 08:42:16 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-05-30 08:28:33 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-05-30 08:27:56 592896 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-05-30 08:24:19 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-05-30 08:23:22 2040832 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-05-30 08:10:46 32256 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-05-30 07:56:56 2266112 ----a-w- C:\Windows\System32\wininet.dll
2014-05-30 07:56:50 4244992 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-05-30 07:50:09 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-05-30 07:49:38 1964544 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-05-30 07:21:10 1790976 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-05-29 11:32:14 80384 ----a-w- C:\Windows\System32\RazerCoinstaller.dll
2014-05-23 02:28:16 127872 ----a-w- C:\Windows\System32\amdhcp64.dll
2014-05-23 02:28:16 117560 ----a-w- C:\Windows\SysWow64\amdhcp32.dll
2014-05-23 02:28:14 78432 ----a-w- C:\Windows\System32\atimpc64.dll
2014-05-23 02:28:14 78432 ----a-w- C:\Windows\System32\amdpcom64.dll
2014-05-23 02:28:12 71704 ----a-w- C:\Windows\SysWow64\atimpc32.dll
2014-05-23 02:28:12 71704 ----a-w- C:\Windows\SysWow64\amdpcom32.dll
2014-05-23 02:28:08 143304 ----a-w- C:\Windows\System32\atiuxp64.dll
2014-05-23 02:28:06 126336 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
2014-05-23 02:28:06 117584 ----a-w- C:\Windows\System32\atiu9p64.dll
2014-05-23 02:28:04 99520 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
2014-05-23 02:28:04 1328352 ----a-w- C:\Windows\System32\aticfx64.dll
2014-05-23 02:28:02 1108432 ----a-w- C:\Windows\SysWow64\aticfx32.dll
2014-05-23 02:27:56 10516488 ----a-w- C:\Windows\System32\atidxx64.dll
2014-05-23 02:27:54 9015224 ----a-w- C:\Windows\SysWow64\atidxx32.dll
2014-05-23 02:27:48 7102496 ----a-w- C:\Windows\SysWow64\atiumdva.dll
2014-05-23 02:27:42 6879016 ----a-w- C:\Windows\SysWow64\atiumdag.dll
2014-05-23 02:27:38 7892000 ----a-w- C:\Windows\System32\atiumd6a.dll
2014-05-23 02:27:34 8108312 ----a-w- C:\Windows\System32\atiumd64.dll
2014-05-23 02:24:24 276192 ----a-w- C:\Windows\System32\drivers\amdacpksd.sys
2014-05-23 02:22:08 15950336 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
2014-05-23 01:56:56 51200 ----a-w- C:\Windows\System32\kdbsdk64.dll
2014-05-23 01:55:58 27529216 ----a-w- C:\Windows\System32\atio6axx.dll
2014-05-23 01:52:44 38912 ----a-w- C:\Windows\SysWow64\kdbsdk32.dll
2014-05-23 01:47:48 231424 ----a-w- C:\Windows\System32\clinfo.exe
2014-05-23 01:47:38 995342 ----a-w- C:\Windows\SysWow64\amdocl_as32.exe
2014-05-23 01:47:38 798734 ----a-w- C:\Windows\SysWow64\amdocl_ld32.exe
2014-05-23 01:47:38 1187342 ----a-w- C:\Windows\System32\amdocl_as64.exe
2014-05-23 01:47:38 1061902 ----a-w- C:\Windows\System32\amdocl_ld64.exe
2014-05-23 01:47:36 98816 ----a-w- C:\Windows\System32\OpenVideo64.dll
2014-05-23 01:47:30 83456 ----a-w- C:\Windows\SysWow64\OpenVideo.dll
2014-05-23 01:47:26 86528 ----a-w- C:\Windows\System32\OVDecode64.dll
2014-05-23 01:47:22 73216 ----a-w- C:\Windows\SysWow64\OVDecode.dll
2014-05-23 01:47:18 32874496 ----a-w- C:\Windows\System32\amdocl64.dll
2014-05-23 01:46:06 127488 ----a-w- C:\Windows\System32\mantle64.dll
2014-05-23 01:45:54 113664 ----a-w- C:\Windows\SysWow64\mantle32.dll
2014-05-23 01:45:38 5224960 ----a-w- C:\Windows\System32\amdmantle64.dll
2014-05-23 01:45:26 27841024 ----a-w- C:\Windows\SysWow64\amdocl.dll
2014-05-23 01:43:48 65024 ----a-w- C:\Windows\System32\OpenCL.dll
2014-05-23 01:43:44 58880 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2014-05-23 01:43:16 357376 ----a-w- C:\Windows\System32\amdacpusl.dll
2014-05-23 01:43:04 242688 ----a-w- C:\Windows\SysWow64\amdacpusl.dll
2014-05-23 01:40:52 23028224 ----a-w- C:\Windows\SysWow64\atioglxx.dll
2014-05-23 01:38:08 366592 ----a-w- C:\Windows\System32\atiapfxx.exe
2014-05-23 01:38:02 62464 ----a-w- C:\Windows\System32\aticalrt64.dll
2014-05-23 01:38:00 52224 ----a-w- C:\Windows\SysWow64\aticalrt.dll
2014-05-23 01:37:52 55808 ----a-w- C:\Windows\System32\aticalcl64.dll
2014-05-23 01:37:50 49152 ----a-w- C:\Windows\SysWow64\aticalcl.dll
2014-05-23 01:37:44 4180992 ----a-w- C:\Windows\SysWow64\amdmantle32.dll
2014-05-23 01:37:34 15716352 ----a-w- C:\Windows\System32\aticaldd64.dll
2014-05-23 01:35:18 14302208 ----a-w- C:\Windows\SysWow64\aticaldd.dll
2014-05-23 01:31:00 91648 ----a-w- C:\Windows\System32\mantleaxl64.dll
2014-05-23 01:30:50 85504 ----a-w- C:\Windows\SysWow64\mantleaxl32.dll
2014-05-23 01:27:46 48128 ----a-w- C:\Windows\System32\amdmmcl6.dll
2014-05-23 01:27:42 37888 ----a-w- C:\Windows\SysWow64\amdmmcl.dll
2014-05-23 01:25:46 442368 ----a-w- C:\Windows\System32\atidemgy.dll
2014-05-23 01:25:38 31232 ----a-w- C:\Windows\System32\atimuixx.dll
2014-05-23 01:25:32 588800 ----a-w- C:\Windows\System32\atieclxx.exe
2014-05-23 01:25:16 239616 ----a-w- C:\Windows\System32\atiesrxx.exe
2014-05-23 01:24:34 190976 ----a-w- C:\Windows\System32\atitmm64.dll
2014-05-23 01:18:54 826368 ----a-w- C:\Windows\System32\coinst_14.200.dll
2014-05-23 01:12:34 1207296 ----a-w- C:\Windows\System32\atiadlxx.dll
2014-05-23 01:12:26 898560 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
.
============= FINISH: 19:41:02.40 ===============
aswMBR version 1.0.1.2041 Copyright(c) 2014 AVAST Software
Run date: 2014-07-07 19:47:51
-----------------------------
19:47:51.166 OS Version: Windows x64 6.1.7601 Service Pack 1
19:47:51.166 Number of processors: 6 586 0xA00
19:47:51.167 ComputerName: WILBUR UserName: SMl
19:47:52.521 Initialize success
19:47:52.592 VM: initialized successfully
19:47:52.616 VM: Amd CPU supported
19:48:01.078 VM: supported disk I/O storport.sys
19:48:54.952 AVAST engine defs: 14070701
19:49:02.774 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
19:49:02.776 Disk 0 Vendor: Samsung_SSD_840_EVO_250GB EXT0BB6Q Size: 238475MB BusType: 3
19:49:02.779 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\00000075
19:49:02.781 Disk 1 Vendor: AMD_____ 1.10 Size: 1907348MB BusType: 8
19:49:02.990 Disk 1 MBR read successfully
19:49:02.993 Disk 1 MBR scan
19:49:03.025 Disk 1 Windows 7 default MBR code
19:49:03.028 Disk 1 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
19:49:03.031 Disk 1 default boot code
19:49:03.092 Disk 1 Partition 2 00 07 HPFS/NTFS NTFS 1907246 MB offset 206848
19:49:03.211 Disk 1 scanning C:\Windows\system32\drivers
19:49:15.891 Service scanning
19:49:40.861 Modules scanning
19:49:40.865 Disk 1 trace - called modules:
19:49:40.894 ntoskrnl.exe CLASSPNP.SYS disk.sys storport.sys hal.dll ahcix64s.sys
19:49:40.898 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xfffffa800dc5e060]
19:49:40.902 3 CLASSPNP.SYS[fffff8800205143f] -> nt!IofCallDriver -> \Device\00000075[0xfffffa800db369c0]
19:49:41.717 AVAST engine scan C:\Windows
19:49:43.865 AVAST engine scan C:\Windows\system32
19:53:23.531 AVAST engine scan C:\Windows\system32\drivers
19:53:38.099 AVAST engine scan C:\Users\SMl
19:59:04.283 AVAST engine scan C:\ProgramData
20:02:43.162 Scan finished successfully
20:04:49.038 Disk 1 MBR has been saved successfully to "C:\Users\SMl\Desktop\Malware Removal\MBR.dat"
20:04:49.070 The log file has been saved successfully to "C:\Users\SMl\Desktop\Malware Removal\aswMBR.txt"
Congratulations!: No immediate threats were found. (Status)
--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---
2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDShred.exe (1.0.2.5)
2009-01-26 SDUpdate.exe (1.6.0.12)
2009-01-26 SDWinSec.exe (1.0.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-03-05 TeaTimer.exe (1.6.6.32)
2014-06-30 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-11-04 advcheck.dll (1.6.5.20)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2009-01-26 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-26 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2014-03-05 Includes\Adware-000.sbi (*)
2014-01-08 Includes\Adware-001.sbi (*)
2014-06-11 Includes\Adware-C.sbi (*)
2014-01-13 Includes\Adware.sbi (*)
2014-01-13 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2014-01-08 Includes\Dialer-000.sbi (*)
2014-01-08 Includes\Dialer-001.sbi (*)
2014-01-08 Includes\Dialer-C.sbi (*)
2014-01-08 Includes\Dialer.sbi (*)
2014-01-13 Includes\DialerC.sbi (*)
2014-01-09 Includes\Fraud-000.sbi (*)
2014-01-09 Includes\Fraud-001.sbi (*)
2014-03-31 Includes\Fraud-002.sbi (*)
2014-01-09 Includes\Fraud-003.sbi (*)
2013-04-11 Includes\HeavyDuty.sbi (*)
2014-01-08 Includes\Hijackers-000.sbi (*)
2014-01-08 Includes\Hijackers-001.sbi (*)
2014-01-08 Includes\Hijackers-C.sbi (*)
2014-01-08 Includes\Hijackers.sbi (*)
2014-01-13 Includes\HijackersC.sbi (*)
2014-01-08 Includes\iPhone-000.sbi (*)
2014-01-08 Includes\iPhone.sbi (*)
2014-01-08 Includes\Keyloggers-000.sbi (*)
2014-03-19 Includes\Keyloggers-C.sbi (*)
2014-01-08 Includes\Keyloggers.sbi (*)
2014-01-13 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2014-03-03 Includes\Malware-000.sbi (*)
2014-01-09 Includes\Malware-001.sbi (*)
2014-03-03 Includes\Malware-002.sbi (*)
2014-02-05 Includes\Malware-003.sbi (*)
2014-01-28 Includes\Malware-004.sbi (*)
2014-04-15 Includes\Malware-005.sbi (*)
2014-02-26 Includes\Malware-006.sbi (*)
2014-01-09 Includes\Malware-007.sbi (*)
2014-06-11 Includes\Malware-C.sbi (*)
2014-01-13 Includes\Malware.sbi (*)
2014-01-13 Includes\MalwareC.sbi (*)
2014-01-15 Includes\PUPS-000.sbi (*)
2014-01-15 Includes\PUPS-001.sbi (*)
2014-01-15 Includes\PUPS-002.sbi (*)
2014-06-11 Includes\PUPS-C.sbi (*)
2014-01-13 Includes\PUPS.sbi (*)
2014-01-13 Includes\PUPSC.sbi (*)
2010-01-25 Includes\Revision.sbi (*)
2014-01-08 Includes\Security-000.sbi (*)
2014-01-08 Includes\Security-C.sbi (*)
2014-01-08 Includes\Security.sbi (*)
2014-01-13 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2014-01-28 Includes\Spyware-000.sbi (*)
2014-01-08 Includes\Spyware-001.sbi (*)
2014-01-08 Includes\Spyware-C.sbi (*)
2014-01-13 Includes\Spyware.sbi (*)
2014-01-08 Includes\SpywareC.sbi (*)
2012-11-19 Includes\Tracks.uti
2014-01-15 Includes\Trojans-000.sbi (*)
2014-02-26 Includes\Trojans-001.sbi (*)
2014-01-15 Includes\Trojans-002.sbi (*)
2014-01-28 Includes\Trojans-003.sbi (*)
2014-01-15 Includes\Trojans-004.sbi (*)
2014-03-19 Includes\Trojans-005.sbi (*)
2014-03-14 Includes\Trojans-006.sbi (*)
2014-01-15 Includes\Trojans-007.sbi (*)
2014-02-19 Includes\Trojans-008.sbi (*)
2014-01-15 Includes\Trojans-009.sbi (*)
2014-06-11 Includes\Trojans-C.sbi (*)
2014-01-15 Includes\Trojans-OG-000.sbi (*)
2014-01-15 Includes\Trojans-TD-000.sbi (*)
2014-01-15 Includes\Trojans-VM-000.sbi (*)
2014-01-15 Includes\Trojans-VM-001.sbi (*)
2014-01-15 Includes\Trojans-VM-002.sbi (*)
2014-01-15 Includes\Trojans-VM-003.sbi (*)
2014-01-15 Includes\Trojans-VM-004.sbi (*)
2014-01-15 Includes\Trojans-VM-005.sbi (*)
2014-01-15 Includes\Trojans-VM-006.sbi (*)
2014-01-15 Includes\Trojans-VM-007.sbi (*)
2014-01-15 Includes\Trojans-VM-008.sbi (*)
2014-01-15 Includes\Trojans-VM-009.sbi (*)
2014-01-15 Includes\Trojans-VM-010.sbi (*)
2014-01-15 Includes\Trojans-VM-011.sbi (*)
2014-01-15 Includes\Trojans-VM-012.sbi (*)
2014-01-15 Includes\Trojans-VM-013.sbi (*)
2014-01-15 Includes\Trojans-VM-014.sbi (*)
2014-01-15 Includes\Trojans-VM-015.sbi (*)
2014-01-15 Includes\Trojans-VM-016.sbi (*)
2014-01-15 Includes\Trojans-VM-017.sbi (*)
2014-01-15 Includes\Trojans-VM-018.sbi (*)
2014-01-15 Includes\Trojans-VM-019.sbi (*)
2014-01-15 Includes\Trojans-VM-020.sbi (*)
2014-01-15 Includes\Trojans-VM-021.sbi (*)
2014-01-15 Includes\Trojans-VM-022.sbi (*)
2014-01-15 Includes\Trojans-VM-023.sbi (*)
2014-01-15 Includes\Trojans-VM-024.sbi (*)
2014-01-15 Includes\Trojans-ZB-000.sbi (*)
2014-03-14 Includes\Trojans-ZL-000.sbi (*)
2014-01-09 Includes\Trojans.sbi (*)
2010-03-10 Includes\TrojansC-01.sbi (*)
2014-01-09 Includes\TrojansC-02.sbi (*)
2014-01-09 Includes\TrojansC-03.sbi (*)
2014-01-16 Includes\TrojansC-04.sbi (*)
2014-01-09 Includes\TrojansC-05.sbi (*)
2014-01-09 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll
Attach.zip
my noob thread
-
hi roliks,
Cant say much about those files other than a .pyd is a python programming file extension. Windows is full of .dll files. I would be more concerned if it was a .exe file. If you are concerned you can upload any file (size limit) to have it scanned and checked out as being malcious or not either here or here.
Only need one active AV per machine, two is not better in this case. You have MSSE and Kaspersky active. You should remove one via the add/remove programs panel. I would unload MSSE myself.
-
Yeah only did that as Kaspersky did not detect the hijacker that I had on my machine and oddly enough.. MSSE did. I hadn't removed it as the initial posting thread said not to make any changes after making the post.. I will be doing such in a min. I am familiar about the python files and dlls I just cant seem to find any information about the MEI folder other than a couple sites think that its a Trojan. So you think there is nothing to be worried about then? That's a relief. I gratefully thank you for your time and If there is nothing to be concerned about please feel free to close the thread.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules