-
malware problems
Hi
Since a few days I have serious issues with malware on my laptop - however not sure what was the initial reason. I checked my PC with different antivirus software (adaware, avast, antivir). adaware found some minor threats within cookies which i removed. However, problems remained. I checked with spybot search&destroy and found many threats which I removed - however some threats keep appearing after making a reboot. Made a rootkit scan with spybot s&d : quick scan found nothing, "tiefenscan" (producing rootalzyer log file) found an awful lot but I'm not an expert enough to understand what it means.
I looked in the forum and produced the DDS log, when using awsmbr, however, i get a bluescreen.
Symptoms are slow performance, programs are crashing (especially browser) and occasional bluescreens. Initially I was upset by Opera, respectively Adobe Flash Player constantly crashing.
Hope you can help me!
DDS-log:
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16464 BrowserJavaVersion: 1.6.0_41
Run by Chris Novak at 11:34:43 on 2013-02-24
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.43.1031.18.4061.2410 [GMT 0:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
.
============== Running Processes ===============
.
svchost.exe
svchost.exe
svchost.exe
svchost.exe
svchost.exe
svchost.exe
svchost.exe
svchost.exe
svchost.exe
svchost.exe
svchost.exe
svchost.exe
svchost.exe
svchost.exe
svchost.exe
svchost.exe
svchost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://securesearch.lavasoft.com/?source=f439e2c0&tbp=homepage&toolbarid=adawaretb&v=2_5&u=29F0915CBB3CB490816551512134D5A4
uDefault_Page_URL = hxxp://www1.euro.dell.com/content/default.aspx?c=at&l=de&s=gen
mWinlogon: Userinit = userinit.exe
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
BHO: SwissAcademic.Citavi.Picker.IEPicker: {609D670F-B735-4da7-AC6D-F3BD358E325E} -
BHO: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
mRun: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: &Citavi Picker... - C:\ProgramData\Swiss Academic Software\Citavi Picker\Internet Explorer\ShowContextMenu.html
IE: Bild an &Bluetooth-Gerät senden... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Nach Microsoft E&xel exportieren - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {619D670F-B735-4da7-AC6D-F3BD358E325E} - {609D670F-B735-4da7-AC6D-F3BD358E325E} -
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_41-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0041-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_41-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_41-windows-i586.cab
DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} - hxxp://www.vexcast.com/download/vexcast.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{632DD7E9-34B8-460E-80C0-5646C13BBD4B} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{8EE49B25-97D6-4050-9F09-581613FFA54C} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{8EE49B25-97D6-4050-9F09-581613FFA54C}\244575966496 : DHCPNameServer = 192.168.22.22 192.168.22.23
TCP: Interfaces\{8EE49B25-97D6-4050-9F09-581613FFA54C}\5416379724F687D2838354835383 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{8EE49B25-97D6-4050-9F09-581613FFA54C}\56465727F616D6 : DHCPNameServer = 158.223.1.2 158.223.1.1
TCP: Interfaces\{8EE49B25-97D6-4050-9F09-581613FFA54C}\75C414E4D2030313144364431383640333 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{8EE49B25-97D6-4050-9F09-581613FFA54C}\84E46424640275C414E4 : DHCPNameServer = 192.168.178.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.97\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_41-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0041-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_41-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_41-windows-i586.cab
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 gfibto;gfibto;C:\Windows\System32\drivers\gfibto.sys [2013-2-17 14456]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2009-10-25 55856]
R1 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2012-5-30 28504]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-2-22 984144]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2013-2-22 370288]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2009-10-25 203264]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2013-2-22 25232]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-2-22 71600]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-2-22 44808]
R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2008-12-18 155648]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-2-21 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-2-21 1369624]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-2-21 168384]
R2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2012-11-26 659040]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2009-10-25 1692480]
R3 CryptOSD;Phoenix CryptOSD Device Driver;C:\Windows\System32\drivers\CryptOSD.sys [2009-6-25 431488]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2009-10-25 172704]
R3 k57nd60a;Broadcom NetLink (TM)-Gigabit-Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2009-6-10 270848]
R3 NETw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\NETw5v64.sys [2009-10-25 5435904]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2009-10-25 35104]
S3 gfiark;gfiark;C:\Windows\System32\drivers\gfiark.sys [2013-2-17 38096]
S3 PSI;PSI;C:\Windows\System32\drivers\psi_mf.sys [2010-9-1 17976]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-2-21 19456]
S3 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2012-11-26 1225312]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-2-21 57856]
S3 WatAdminSvc;Windows-Aktivierungstechnologieservice;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-5-26 1255736]
S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-1-8 161536]
.
=============== Created Last 30 ================
.
2013-02-22 10:33:52 544688 ----a-w- C:\Windows\System32\npdeployJava1.dll
2013-02-22 10:33:52 526256 ----a-w- C:\Windows\System32\deployJava1.dll
2013-02-22 10:25:13 -------- d-----w- C:\Users\Chris Novak\AppData\Local\Secunia PSI
2013-02-22 10:25:02 -------- d-----w- C:\Program Files (x86)\Secunia
2013-02-22 10:16:07 -------- d-----w- C:\ProgramData\inf
2013-02-22 09:21:15 9162192 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{945043BE-97FD-4607-B02A-91CD82C6F690}\mpengine.dll
2013-02-22 09:12:09 54072 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2013-02-22 09:12:04 984144 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2013-02-22 09:12:02 71600 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2013-02-22 09:11:18 41224 ----a-w- C:\Windows\avastSS.scr
2013-02-21 15:06:08 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2013-02-21 15:05:53 17272 ----a-w- C:\Windows\System32\sdnclean64.exe
2013-02-21 15:05:46 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-02-21 09:18:32 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2013-02-21 09:18:32 366592 ----a-w- C:\Windows\System32\qdvd.dll
2013-02-21 09:18:31 458712 ----a-w- C:\Windows\System32\drivers\cng.sys
2013-02-21 09:18:31 340992 ----a-w- C:\Windows\System32\schannel.dll
2013-02-21 09:18:31 247808 ----a-w- C:\Windows\SysWow64\schannel.dll
2013-02-21 09:18:30 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2013-02-21 09:18:30 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2013-02-21 09:18:30 154480 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2013-02-21 09:18:30 1448448 ----a-w- C:\Windows\System32\lsasrv.dll
2013-02-20 16:04:58 -------- d-----w- C:\Windows\CheckSur
2013-02-19 17:51:58 800768 ----a-w- C:\Windows\System32\usp10.dll
2013-02-19 17:48:45 503808 ----a-w- C:\Windows\System32\srcore.dll
2013-02-19 17:48:44 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
2013-02-19 17:47:30 -------- d-----w- C:\Users\Chris Novak\AppData\Roaming\Malwarebytes
2013-02-19 17:37:39 67072 ----a-w- C:\Windows\splwow64.exe
2013-02-19 17:37:39 559104 ----a-w- C:\Windows\System32\spoolsv.exe
2013-02-19 17:37:33 -------- d-----w- C:\ProgramData\Malwarebytes
2013-02-19 17:36:58 -------- d-----w- C:\Users\Chris Novak\AppData\Local\Programs
2013-02-19 11:04:36 71024 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-19 11:04:36 691568 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-02-17 20:05:39 38096 ----a-w- C:\Windows\System32\drivers\gfiark.sys
2013-02-17 19:52:11 -------- d-----w- C:\ProgramData\Search Protection
2013-02-17 19:52:08 -------- d-----w- C:\Users\Chris Novak\AppData\Local\adawarebp
2013-02-17 19:52:08 -------- d-----w- C:\ProgramData\blekko toolbars
2013-02-17 19:52:08 -------- d-----w- C:\ProgramData\adawaretb
2013-02-17 19:52:07 -------- d-----w- C:\ProgramData\Ad-Aware Browsing Protection
2013-02-17 19:52:03 -------- d-----w- C:\Program Files (x86)\Toolbar Cleaner
2013-02-17 19:51:58 -------- d-----w- C:\Program Files (x86)\adawaretb
2013-02-17 19:51:29 -------- d-----w- C:\ProgramData\Downloaded Installations
2013-02-17 19:44:20 14456 ----a-w- C:\Windows\System32\drivers\gfibto.sys
2013-02-17 19:44:20 -------- d-----w- C:\Users\Chris Novak\AppData\Roaming\LavasoftStatistics
2013-02-16 10:51:30 2560 ----a-w- C:\Windows\System32\drivers\de-DE\wdf01000.sys.mui
2013-02-16 10:51:28 9728 ----a-w- C:\Windows\System32\Wdfres.dll
2013-02-16 10:51:28 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2013-02-16 10:51:28 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
2013-02-16 10:50:41 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2013-02-16 10:50:41 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2013-02-16 10:50:34 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2013-02-16 10:50:34 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2013-02-16 10:50:29 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2013-02-16 10:50:27 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2013-02-16 10:50:26 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2013-02-16 10:46:58 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2013-02-16 10:46:57 98816 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2013-02-16 10:46:57 7936 ----a-w- C:\Windows\System32\drivers\usbd.sys
2013-02-16 10:46:57 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2013-02-16 10:46:57 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2013-02-16 10:46:57 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2013-02-16 10:46:57 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2013-02-15 22:04:52 208448 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2013-02-14 00:23:19 996352 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-14 00:23:19 768000 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-14 00:21:00 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-02-14 00:21:00 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2013-02-13 21:09:26 5553512 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-02-13 21:09:24 3967848 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-02-13 21:09:23 3913064 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-02-13 21:08:46 3153408 ----a-w- C:\Windows\System32\win32k.sys
2013-02-13 21:08:41 215040 ----a-w- C:\Windows\System32\winsrv.dll
2013-02-13 21:08:40 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-02-13 21:08:40 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-02-13 21:08:40 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-02-13 21:08:40 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-02-13 21:08:39 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-02-13 21:08:14 1913192 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-02-13 21:08:13 288088 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2013-02-13 21:07:41 96664 ----a-w- C:\Program Files (x86)\Mozilla Firefox\webapprt-stub.exe
2013-02-13 21:07:41 170232 ----a-w- C:\Program Files (x86)\Mozilla Firefox\webapp-uninstaller.exe
2013-02-13 16:02:02 -------- d-----w- C:\Users\Chris Novak\AppData\Roaming\Runscanner.net
2013-02-02 11:00:23 -------- d-----w- C:\Program Files (x86)\OperaNew
.
==================== Find3M ====================
.
2013-02-22 10:36:20 477616 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
2013-02-22 10:36:20 473520 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-01-17 01:28:58 273840 ------w- C:\Windows\System32\MpSigStub.exe
2013-01-09 01:19:09 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2013-01-09 01:12:03 1392128 ----a-w- C:\Windows\System32\wininet.dll
2013-01-09 01:11:06 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2013-01-09 01:07:51 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-01-09 01:07:47 599040 ----a-w- C:\Windows\System32\vbscript.dll
2013-01-08 22:11:21 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-01-08 22:03:20 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-01-08 22:03:12 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2013-01-08 21:59:02 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2013-01-08 21:58:29 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2013-01-04 04:43:21 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2012-12-16 17:11:22 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-16 14:45:03 367616 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-16 14:13:28 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-16 14:13:20 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-07 15:02:37 13048 ----a-w- C:\Windows\System32\avgrssta.dll.prepare
2012-12-07 13:20:16 441856 ----a-w- C:\Windows\System32\Wpc.dll
2012-12-07 13:15:31 2746368 ----a-w- C:\Windows\System32\gameux.dll
2012-12-07 12:26:17 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll
2012-12-07 11:20:04 30720 ----a-w- C:\Windows\System32\usk.rs
2012-12-07 11:20:03 43520 ----a-w- C:\Windows\System32\csrr.rs
2012-12-07 11:20:03 23552 ----a-w- C:\Windows\System32\oflc.rs
2012-12-07 11:20:01 45568 ----a-w- C:\Windows\System32\oflc-nz.rs
2012-12-07 11:20:01 44544 ----a-w- C:\Windows\System32\pegibbfc.rs
2012-12-07 11:20:01 20480 ----a-w- C:\Windows\System32\pegi-fi.rs
2012-12-07 11:20:00 20480 ----a-w- C:\Windows\System32\pegi-pt.rs
2012-12-07 11:19:59 20480 ----a-w- C:\Windows\System32\pegi.rs
2012-12-07 11:19:58 46592 ----a-w- C:\Windows\System32\fpb.rs
2012-12-07 11:19:57 40960 ----a-w- C:\Windows\System32\cob-au.rs
2012-12-07 11:19:57 21504 ----a-w- C:\Windows\System32\grb.rs
2012-12-07 11:19:57 15360 ----a-w- C:\Windows\System32\djctq.rs
2012-12-07 11:19:56 55296 ----a-w- C:\Windows\System32\cero.rs
2012-12-07 11:19:55 51712 ----a-w- C:\Windows\System32\esrb.rs
2012-11-30 05:45:35 362496 ----a-w- C:\Windows\System32\wow64win.dll
2012-11-30 05:45:35 243200 ----a-w- C:\Windows\System32\wow64.dll
2012-11-30 05:45:35 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2012-11-30 05:43:12 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2012-11-30 05:41:07 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2012-11-30 04:53:59 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2012-11-30 03:23:48 338432 ----a-w- C:\Windows\System32\conhost.exe
2012-11-30 02:38:59 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
.
============= FINISH: 11:36:53,60 ===============
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
