PDA

View Full Version : Virus that replicates files



packman241
2013-02-07, 05:43
Good day, this virus has been taking up space which is located in the C drive. I did several virus scans, but nothing was found. Is there anyway I can locate this virus?

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.11.2
Run by Kenneth at 22:53:57 on 2013-02-06
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.2.1033.18.2037.969 [GMT -5:00]
.
AV: avast! Internet Security *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Advanced SystemCare Ultimate *Disabled/Updated* {1C304DC4-1D72-5DB9-B33A-43B638ECFD30}
SP: avast! Internet Security *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
C:\Program Files\Hotspot Shield\bin\hsswd.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\IObit\Advanced SystemCare Ultimate\Suo10_SmartRAM.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Hide My IP\HideMyIpSrv.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\conime.exe
C:\Windows\notepad.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k HPService
.
============== Pseudo HJT Report ===============
.
BHO: Coupon Companion Plugin: {11111111-1111-1111-1111-110211181104} - c:\program files\coupon companion plugin\Coupon Companion Plugin.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Wajam: {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - c:\program files\wajam\ie\priam_bho.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - c:\program files\iobit\advanced systemcare ultimate\browerprotect\ASCPlugin_Protection.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: Hotspot Shield Class: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - c:\program files\hotspot shield\hssie\HssIE.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [SmartRAM] "c:\program files\iobit\advanced systemcare ultimate\Suo10_SmartRAM.exe" /m
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
LSP: c:\windows\system32\HMIPCore.dll
TCP: Interfaces\{D6BAE132-5F16-467F-8ACB-A277EBD91AE6} : DHCPNameServer = 64.71.255.204 64.71.255.198
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: igfxcui - igfxdev.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\24.0.1312.57\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\kenneth\appdata\roaming\mozilla\firefox\profiles\5klgpfks.default\
FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\programdata\nexonus\ngm\npNxGameUS.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_135.dll
FF - ExtSQL: 2012-12-27 21:23; http://forums.spybot.info/misc.php?do=email_dev&email=ZmlkZGxlcmhvb2tAZmlkZGxlcjIuY29t; c:\program files\fiddler2\FiddlerHook
FF - ExtSQL: 2012-12-31 20:42; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - ExtSQL: 2013-01-04 22:05; http://forums.spybot.info/misc.php?do=email_dev&email=YWZ1cmxhZHZpc29yQGFuY2hvcmZyZWUuY29t; c:\program files\mozilla firefox\extensions\afurladvisor@anchorfree.com
FF - ExtSQL: 2013-02-01 16:51; http://forums.spybot.info/misc.php?do=email_dev&email=YXNjc3VyZmluZ3Byb3RlY3Rpb25AaW9iaXQuY29t; c:\users\kenneth\appdata\roaming\mozilla\firefox\profiles\5klgpfks.default\extensions\ascsurfingprotection@iobit.com
.
============= SERVICES / DRIVERS ===============
.
R0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\drivers\aswNdis.sys [2013-2-6 12112]
R0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys [2013-2-6 199320]
R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [2013-1-27 15672]
R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2013-2-6 20624]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2013-2-6 738504]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2013-2-6 361032]
R1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\drivers\hssdrv6.sys [2013-1-10 36040]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2013-2-6 21256]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-2-6 58680]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2013-2-6 44808]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 hshld;Hotspot Shield Service;c:\program files\hotspot shield\bin\openvpnas.exe [2013-1-10 533288]
R2 HssWd;Hotspot Shield Monitoring Service;c:\program files\hotspot shield\bin\hsswd.exe [2013-1-10 389928]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\drivers\taphss6.sys [2013-1-10 37064]
RUnknown HideMyIpSRV;HideMyIpSRV; [x]
S1 aswFW;avast! TDI Firewall driver;c:\windows\system32\drivers\aswFW.sys [2013-2-6 106560]
S2 avast! Firewall;avast! Firewall;c:\program files\avast software\avast\afwServ.exe [2013-2-6 133912]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;"c:\program files\logmein hamachi\hamachi-2.exe" -s --> c:\program files\logmein hamachi\hamachi-2.exe [?]
S2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-1-23 398184]
S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-1-23 682344]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-1-8 161536]
S3 CGVPNCliSrvc;CyberGhost VPN Client;c:\program files\cyberghost vpn\CGVPNCliService.exe [2013-1-6 2438696]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-1-23 21104]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2013-1-23 40776]
S3 WajamUpdater;WajamUpdater;c:\program files\wajam\updater\WajamUpdater.exe [2012-10-5 109064]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2013-02-07 03:26:11 -------- d-----w- c:\program files\ESET
2013-02-07 02:17:01 6991832 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{759b644f-e610-467a-a882-48f8f381f93d}\mpengine.dll
2013-02-07 02:02:47 106560 ----a-w- c:\windows\system32\drivers\aswFW.sys
2013-02-07 02:02:23 199320 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2013-02-07 02:02:22 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-02-07 02:02:22 20624 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2013-02-07 02:02:20 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-02-07 02:01:29 41224 ----a-w- c:\windows\avastSS.scr
2013-02-07 02:01:29 12112 ----a-w- c:\windows\system32\drivers\aswNdis.sys
2013-02-07 02:00:37 -------- d-----w- c:\programdata\AVAST Software
2013-02-07 02:00:37 -------- d-----w- c:\program files\AVAST Software
2013-02-07 00:24:43 -------- d-----w- c:\users\kenneth\appdata\local\Razer
2013-02-02 02:54:17 353096 ----a-w- c:\windows\system32\drivers\bdfsfltr.sys
2013-02-02 02:51:59 340624 ----a-w- c:\windows\system32\drivers\trufos.sys
2013-02-01 20:59:21 -------- d-----w- c:\programdata\Nexon
2013-02-01 19:19:40 -------- d-----w- c:\programdata\NexonEU
2013-01-31 03:17:43 -------- d-----w- c:\windows\system32\Hotspot Shield
2013-01-29 03:35:29 -------- d-----r- c:\program files\Skype
2013-01-29 03:10:03 -------- d-----w- c:\users\kenneth\Tracing
2013-01-29 03:08:18 -------- d-----w- c:\program files\Microsoft
2013-01-29 03:08:02 -------- d-----w- c:\program files\Windows Live SkyDrive
2013-01-29 03:04:32 -------- d-----w- c:\program files\common files\Windows Live
2013-01-27 19:35:19 29528 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
2013-01-27 19:34:39 15672 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
2013-01-27 19:16:34 -------- d-----w- c:\programdata\{D76294E6-03B8-4971-AF2E-3F846161A690}
2013-01-27 19:16:30 -------- d-----w- c:\programdata\{5A85B23A-4B58-47D1-9B9C-DFBD7866099F}
2013-01-27 19:16:29 -------- d-----w- c:\users\kenneth\appdata\roaming\IObit
2013-01-27 19:16:29 -------- d-----w- c:\programdata\IObit
2013-01-27 19:16:19 -------- d-----w- c:\program files\IObit
2013-01-27 18:21:10 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-01-26 22:31:01 -------- d-----w- c:\users\kenneth\appdata\roaming\.minecraft
2013-01-24 18:02:01 876032 ----a-w- c:\windows\system32\XpsPrint.dll
2013-01-24 18:02:00 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-01-24 18:02:00 1069056 ----a-w- c:\windows\system32\DWrite.dll
2013-01-24 18:01:59 683008 ----a-w- c:\windows\system32\d2d1.dll
2013-01-24 18:01:59 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2013-01-24 18:01:59 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2013-01-24 03:08:32 -------- d-----w- c:\program files\Windows Portable Devices
2013-01-23 22:33:07 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2013-01-23 22:33:07 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2013-01-23 22:33:07 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2013-01-23 22:16:22 5120 ----a-w- c:\windows\system32\wmi.dll
2013-01-23 22:16:22 157696 ----a-w- c:\windows\system32\imagehlp.dll
2013-01-23 22:16:22 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2013-01-23 22:00:34 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2013-01-23 21:48:46 979456 ----a-w- c:\windows\system32\MFH264Dec.dll
2013-01-23 21:47:23 -------- d-----w- c:\windows\pss
2013-01-23 21:42:43 -------- d-----w- c:\users\kenneth\appdata\roaming\Malwarebytes
2013-01-23 21:42:32 -------- d-----w- c:\programdata\Malwarebytes
2013-01-23 21:42:31 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-23 21:42:31 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-01-23 21:23:38 9728 ----a-w- c:\windows\system32\Wdfres.dll
2013-01-23 21:23:37 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2013-01-23 21:23:37 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2013-01-23 21:23:37 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2013-01-23 21:23:37 16896 ----a-w- c:\windows\system32\winusb.dll
2013-01-23 21:23:37 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2013-01-23 21:23:36 613888 ----a-w- c:\windows\system32\WUDFx.dll
2013-01-23 21:23:36 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-01-23 21:23:36 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2013-01-23 21:23:36 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2013-01-23 21:23:36 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2013-01-23 21:23:10 -------- d-----w- c:\program files\MSXML 4.0
2013-01-23 00:48:59 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
2013-01-23 00:48:57 23552 ----a-w- c:\windows\system32\mciseq.dll
2013-01-23 00:48:57 189952 ----a-w- c:\windows\system32\winmm.dll
2013-01-23 00:48:56 75264 ----a-w- c:\windows\system32\drivers\dfsc.sys
2013-01-23 00:48:38 623616 ----a-w- c:\windows\system32\localspl.dll
2013-01-23 00:48:22 1162240 ----a-w- c:\windows\system32\mfc42u.dll
2013-01-23 00:48:22 1136640 ----a-w- c:\windows\system32\mfc42.dll
2013-01-23 00:48:19 1205064 ----a-w- c:\windows\system32\ntdll.dll
2013-01-23 00:46:38 1169408 ----a-w- c:\windows\system32\sdclt.exe
2013-01-23 00:45:59 797696 ----a-w- c:\windows\system32\FntCache.dll
2013-01-23 00:45:58 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-01-23 00:45:40 66560 ----a-w- c:\windows\system32\packager.dll
2013-01-23 00:45:37 954752 ----a-w- c:\windows\system32\mfc40.dll
2013-01-23 00:45:37 954288 ----a-w- c:\windows\system32\mfc40u.dll
2013-01-23 00:44:14 204288 ----a-w- c:\windows\system32\ncrypt.dll
2013-01-23 00:44:08 376320 ----a-w- c:\windows\system32\winsrv.dll
2013-01-23 00:44:03 1696256 ----a-w- c:\windows\system32\gameux.dll
2013-01-23 00:44:02 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2013-01-23 00:44:00 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2013-01-23 00:41:45 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2013-01-23 00:41:40 677888 ----a-w- c:\windows\system32\mstsc.exe
2013-01-23 00:41:40 2067968 ----a-w- c:\windows\system32\mstscax.dll
2013-01-23 00:41:32 707584 ----a-w- c:\program files\common files\system\wab32.dll
2013-01-23 00:40:41 531968 ----a-w- c:\windows\system32\comctl32.dll
2013-01-23 00:40:39 440704 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2013-01-23 00:40:39 278528 ----a-w- c:\windows\system32\schannel.dll
2013-01-23 00:40:39 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2013-01-23 00:40:38 9728 ----a-w- c:\windows\system32\lsass.exe
2013-01-23 00:40:38 72704 ----a-w- c:\windows\system32\secur32.dll
2013-01-23 00:40:35 231424 ----a-w- c:\windows\system32\msshsq.dll
2013-01-23 00:40:28 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-01-23 00:40:27 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-23 00:18:17 6991832 ----a-w- c:\programdata\microsoft\windows defender\definition updates\backup\mpengine.dll
2013-01-23 00:17:32 232336 ------w- c:\windows\system32\MpSigStub.exe
2013-01-23 00:13:17 613376 ----a-w- c:\windows\system32\rdpencom.dll
2013-01-22 23:55:02 2422272 ----a-w- c:\windows\system32\wucltux.dll
2013-01-22 23:54:11 88576 ----a-w- c:\windows\system32\wudriver.dll
2013-01-22 23:53:55 33792 ----a-w- c:\windows\system32\wuapp.exe
2013-01-22 23:53:55 171904 ----a-w- c:\windows\system32\wuwebv.dll
2013-01-21 00:12:50 -------- d-----w- C:\CFLog
2013-01-19 00:50:58 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll
2013-01-19 00:50:58 528216 ----a-w- c:\windows\system32\XAudio2_6.dll
2013-01-19 00:50:54 81768 ----a-w- c:\windows\system32\xinput1_3.dll
2013-01-19 00:50:54 4178264 ----a-w- c:\windows\system32\D3DX9_41.dll
2013-01-19 00:50:54 238936 ----a-w- c:\windows\system32\xactengine3_6.dll
2013-01-19 00:50:54 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll
2013-01-19 00:50:52 3495784 ----a-w- c:\windows\system32\d3dx9_33.dll
2013-01-19 00:50:44 -------- d-----w- c:\program files\Microsoft XNA
2013-01-19 00:19:56 -------- d-----w- c:\users\kenneth\appdata\local\CrashRpt
2013-01-19 00:17:52 -------- d-----w- c:\users\kenneth\KAG
2013-01-18 23:20:05 -------- d-----w- c:\program files\Z8Games
2013-01-18 22:59:23 -------- d-----w- c:\program files\BP DOWNLOADER
2013-01-18 03:57:12 -------- d-----w- c:\program files\common files\HP
2013-01-18 03:57:09 -------- d-----w- c:\program files\common files\Hewlett-Packard
2013-01-18 03:56:53 -------- d-----w- c:\windows\hpoj4500g510g-m
2013-01-18 03:55:42 -------- d-----w- c:\program files\HP
2013-01-13 03:28:11 -------- d-----w- C:\Ace of Spades
2013-01-12 22:55:22 -------- d-----w- c:\users\kenneth\appdata\local\Apple Computer
2013-01-12 22:54:49 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2013-01-12 22:53:51 -------- d-----w- c:\program files\iPod
2013-01-12 22:53:46 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-01-12 22:53:46 -------- d-----w- c:\program files\iTunes
2013-01-12 22:52:22 -------- d-----w- c:\users\kenneth\appdata\local\Apple
2013-01-12 22:48:56 -------- d-----w- c:\program files\Bonjour
2013-01-10 19:41:34 37064 ----a-w- c:\windows\system32\drivers\taphss6.sys
2013-01-10 19:27:44 36040 ----a-w- c:\windows\system32\drivers\hssdrv6.sys
.
==================== Find3M ====================
.
2013-01-23 21:48:45 98816 ----a-w- c:\windows\system32\mfps.dll
2013-01-06 17:06:13 224016 --s---r- c:\windows\system32\TABCTL32.OCX
2013-01-06 17:06:13 1010720 --s---r- c:\windows\system32\MSCHRT20.OCX
2013-01-06 17:06:12 152848 --s---r- c:\windows\system32\COMDLG32.OCX
2013-01-05 20:34:57 859072 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-01-05 20:34:57 779704 ----a-w- c:\windows\system32\deployJava1.dll
2012-12-29 21:50:22 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-29 21:50:22 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-26 22:30:25 3851784 ----a-w- c:\windows\system32\d3dx9_39.dll
2012-12-16 13:12:54 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 10:50:29 293376 ----a-w- c:\windows\system32\atmfd.dll
2012-12-11 17:12:08 342288 ----a-w- c:\windows\system32\HMIPCore.dll
2012-11-23 01:35:53 2048000 ----a-w- c:\windows\system32\win32k.sys
2012-11-13 01:29:51 2048 ----a-w- c:\windows\system32\tzres.dll
.
============= FINISH: 22:54:29.55 ===============

Satchfan
2013-02-09, 17:06
Hello Packman241 and welcome to the Safer Networking Forum.

At a quick glance you do have some issues that need attention.

However, it looks like you’ve asked for help at another forum also.

http://www.bleepingcomputer.com/forums/t/484428/duplicating-files/

All of the forums are staffed by volunteers who do this in our spare time. With the amount of people posting with malware problems it’s unfair to ask two forums and more than one helper to help you; it is also unfair to other people posting and waiting for help.

Please advise either this forum or the other to close the topic.

If I don’t hear from you in 24 hours I’ll assume that you no longer require help and will close this topic.

Thanks

Satchfan

packman241
2013-02-09, 23:15
I don't know what you mean by "unfair", but I'd like to be assisted on this forum.

Satchfan
2013-02-10, 10:41
I don't know what you mean by "unfair" It is asking 2 people to help you when one of them could be helping someone else.

You still haven't told the other forum that you no longer require help.

Satchfan
2013-02-10, 17:51
I see that Dark Knight is helping you with your problem so I'll close this.

Good luck with your computer problem

Satchfan