Results 1 to 4 of 4

Thread: wscript.exe problem

  1. #1
    Junior Member
    Join Date
    Mar 2013
    Posts
    2

    Default wscript.exe problem

    wscript.exe is trying to conect to malicious pages and screws my usb drives plese help!

    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 10.0.9200.16519 BrowserJavaVersion: 1.6.0_37
    Run by tyty at 1:09:47 on 2013-03-16
    Microsoft Windows 8 Pro 6.2.9200.0.1252.502.3082.18.8190.5495 [GMT -6:00]
    .
    AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
    AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
    .
    ============== Running Processes ===============
    .
    C:\WINDOWS\system32\svchost.exe -k DcomLaunch
    C:\WINDOWS\system32\nvvsvc.exe
    C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    C:\WINDOWS\system32\svchost.exe -k RPCSS
    C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\WINDOWS\system32\dwm.exe
    C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\WINDOWS\system32\svchost.exe -k netsvcs
    C:\WINDOWS\system32\svchost.exe -k LocalService
    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    C:\WINDOWS\system32\nvvsvc.exe
    C:\WINDOWS\system32\svchost.exe -k NetworkService
    C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    C:\WINDOWS\System32\spoolsv.exe
    C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\WINDOWS\system32\svchost.exe -k apphost
    C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\WINDOWS\system32\dashost.exe
    C:\Windows\SysWOW64\XSrvSetup.exe
    C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
    C:\WINDOWS\system32\mqsvc.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\Program Files (x86)\Tunngle\TnglCtrl.exe
    C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
    C:\WINDOWS\system32\svchost.exe -k iissvcs
    C:\WINDOWS\system32\atwtusb.exe
    C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
    C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
    C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    C:\WINDOWS\system32\taskhostex.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
    C:\Windows\System32\AtwtusbIcon.exe
    C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
    C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\ONAIR\ONAIR.exe
    C:\ProgramData\Badoo\Badoo Desktop\1.6.58.1220\Badoo.Desktop.exe
    C:\Windows\System32\WUDFHost.exe
    C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
    C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe
    C:\Windows\System32\StikyNot.exe
    C:\WINDOWS\system32\taskeng.exe
    C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\srspremiumpanel_64.exe
    C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
    C:\Program Files\Alwil Software\Avast5\AvastUI.exe
    C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\Windows Live\Device Integrator\wldi.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
    C:\Program Files (x86)\Windows Live\Device Integrator\DI_HIDServer.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
    C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\System32\Taskmgr.exe
    C:\WINDOWS\system32\dwm.exe
    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    C:\WINDOWS\system32\nvvsvc.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    C:\Windows\System32\RuntimeBroker.exe
    C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
    C:\WINDOWS\system32\taskhostex.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
    C:\Windows\System32\AtwtusbIcon.exe
    C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
    C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files (x86)\Skype\Phone\Skype.exe
    C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\Messenger Plus! for Skype.exe
    C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
    C:\Program Files\Alwil Software\Avast5\AvastUI.exe
    C:\WINDOWS\system32\atwtusb.exe
    C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\Windows Live\Device Integrator\wldi.exe
    C:\Program Files (x86)\Windows Live\Device Integrator\DI_HIDServer.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
    C:\WINDOWS\system32\taskeng.exe
    C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\srspremiumpanel_64.exe
    C:\Program Files\Microsoft Office\Office15\MsoSync.exe
    C:\WINDOWS\system32\SearchProtocolHost.exe
    C:\WINDOWS\system32\SearchFilterHost.exe
    C:\WINDOWS\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.plusnetwork.com/?sp=hp&t=b0125
    uSearch Bar = hxxp://www.plusnetwork.com/?sp=ctbar&q={searchTerms}&dp=MessengerPlus
    uSearch Page = hxxp://www.plusnetwork.com/?sp=ctbar&q={searchTerms}&dp=MessengerPlus
    uSearchAssistant = hxxp://www.plusnetwork.com/?sp=ctbar&q={searchTerms}&dp=MessengerPlus
    mWinlogon: Userinit = userinit.exe,
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
    BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
    BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL
    BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
    uRun: [Facebook Update] "C:\Users\tyty\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
    uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
    uRun: [ONAIR] C:\Program Files\ONAIR\ONAIR.exe
    uRun: [Badoo Desktop] C:\ProgramData\Badoo\Badoo Desktop\1.6.58.1220\Badoo.Desktop.exe
    uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
    uRun: [ManyCam] "C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe" /silent
    uRun: [RESTART_STICKY_NOTES] C:\WINDOWS\System32\StikyNot.exe
    uRun: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
    mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
    mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
    mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
    mRun: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
    mRun: [MessengerPlusForSkypeService] "C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe"
    mRun: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
    mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun: [WindowsLiveDeviceIntegrator] C:\Program Files (x86)\Windows Live\Device Integrator\wldi.exe
    mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
    mRunOnce: [Z1] cmd /c "C:\Users\tyty\Desktop\mbar\mbar.exe" /cleanup /s
    dRunOnce: [Application Restart #0] C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe /Crashed
    StartupFolder: C:\Users\tyty\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Recorte de pantalla y Selector de OneNote 2010.lnk - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
    mPolicies-System: PromptOnSecureDesktop = dword:0
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
    IE: &Enviar a OneNote - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll/105
    IE: E&xportar a Microsoft Excel - C:\Program Files\Microsoft Office\Office15\EXCEL.EXE/3000
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
    IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
    DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
    DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/es/uno1/GAME_UNO1.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
    DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
    TCP: NameServer = 216.230.147.90 216.230.128.32
    TCP: Interfaces\{15A567A4-AC2F-4EC9-B72D-0DF0CFCEA5CF} : DHCPNameServer = 216.230.147.90 216.230.128.32
    Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
    Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
    Notify: SDWinLogon - SDWinLogon.dll
    SSODL: WebCheck - <orphaned>
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll
    x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
    x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL
    x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL
    x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll
    x64-TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>
    x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
    x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
    x64-Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
    x64-Run: [MacrokeyManager] WTMKM.exe
    x64-Run: [AtwtusbIcon] AtwtusbIcon.exe
    x64-Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
    x64-mPolicies-System: PromptOnSecureDesktop = dword:0
    x64-mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
    x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
    x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
    x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
    x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
    x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    x64-SSODL: WebCheck - <orphaned>
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\tyty\AppData\Roaming\Mozilla\Firefox\Profiles\qv7j3guk.default\
    FF - prefs.js: browser.search.selectedEngine - Ask.com
    FF - prefs.js: browser.startup.homepage - about:home
    FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
    FF - plugin: C:\Program Files (x86)\Microsoft Office\Office15\NPSPWRAP.DLL
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll
    FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
    FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
    FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
    FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypchub.dll
    FF - plugin: C:\Program Files (x86)\Veetle\Player\npvlc.dll
    FF - plugin: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
    FF - plugin: C:\Users\tyty\AppData\Local\Skype\SkypeWebPlugin\npSkypeWebPlugin.dll
    FF - plugin: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
    FF - plugin: C:\WINDOWS\SysWOW64\npdeployJava1.dll
    FF - plugin: C:\WINDOWS\SysWOW64\npmproxy.dll
    .
    ---- FIREFOX POLICIES ----
    FF - user.js: general.useragent.extra.handycafe.client - handyCafeCln/3.3.21
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 aswRvrt;aswRvrt;C:\WINDOWS\System32\Drivers\aswRvrt.sys [2013-3-13 65336]
    R0 PxHlpa64;PxHlpa64;C:\WINDOWS\System32\Drivers\PxHlpa64.sys [2011-6-14 56208]
    R1 aswKbd;aswKbd;C:\WINDOWS\System32\Drivers\aswKbd.sys [2012-5-14 28504]
    R1 aswSnx;aswSnx;C:\WINDOWS\System32\Drivers\aswSnx.sys [2011-6-13 1025808]
    R1 aswSP;aswSP;C:\WINDOWS\System32\Drivers\aswSP.sys [2011-6-12 377920]
    R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\WINDOWS\System32\Drivers\dtsoftbus01.sys [2013-1-12 283200]
    R2 aswFsBlk;aswFsBlk;C:\WINDOWS\System32\Drivers\aswFsBlk.sys [2011-6-12 33400]
    R2 aswMonFlt;aswMonFlt;C:\WINDOWS\System32\Drivers\aswMonFlt.sys [2011-6-12 80816]
    R2 avast! Antivirus;avast! Antivirus;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2013-3-13 45248]
    R2 JMB36X;JMB36X;C:\Windows\SysWOW64\XSrvSetup.exe [2011-6-14 72280]
    R2 MsgPlusService;Messenger Plus! Service;C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe [2012-8-19 119808]
    R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-3-14 1103392]
    R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-3-14 1369624]
    R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-3-14 168384]
    R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-2 382824]
    R2 TunngleService;TunngleService;C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2011-10-16 745832]
    R2 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2011-8-29 846448]
    R2 WTService;WTService;C:\WINDOWS\System32\atwtusb.exe -s --> C:\WINDOWS\System32\atwtusb.exe -s [?]
    R3 ManyCam;ManyCam Virtual Webcam;C:\WINDOWS\System32\Drivers\mcvidrv_x64.sys [2013-2-8 44544]
    R3 MayPro;TigerGame SuperJoy Box Pro Filter Service;C:\WINDOWS\System32\Drivers\Maypro.sys [2012-5-11 25120]
    R3 mcaudrv_simple;ManyCam Virtual Microphone;C:\WINDOWS\System32\Drivers\mcaudrv_x64.sys [2013-1-31 28160]
    R3 RTL8168;Controlador NT Realtek 8168;C:\WINDOWS\System32\Drivers\Rt630x64.sys [2012-6-2 589824]
    R3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\Drivers\WUDFRd.sys [2012-7-25 198656]
    R3 xusb22;Servicio 22 del controlador del receptor inalámbrico de Xbox 360;C:\WINDOWS\System32\Drivers\xusb22.sys [2012-7-25 89088]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-1-8 161536]
    S3 aswVmm;aswVmm;C:\WINDOWS\System32\Drivers\aswVmm.sys [2013-3-13 178624]
    S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\WINDOWS\System32\Drivers\ssudbus.sys [2012-9-19 102368]
    S3 DrvAgent64;DrvAgent64;C:\Windows\SysWOW64\drivers\DrvAgent64.SYS [2011-6-13 21712]
    S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE [2012-10-1 178824]
    S3 pwdrvio;pwdrvio;C:\WINDOWS\System32\pwdrvio.sys [2011-11-5 19936]
    S3 pwdspio;pwdspio;C:\WINDOWS\System32\pwdspio.sys [2011-11-5 13280]
    S3 RBOTVAWdm;R-Bot Concept VAudio;C:\WINDOWS\System32\Drivers\RBOTAud_WDM.sys [2012-7-3 26760]
    S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\WINDOWS\System32\Drivers\ssudmdm.sys [2012-9-19 203104]
    S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
    S3 TabletFilter;Tablet Driver;C:\WINDOWS\System32\Drivers\TabletFilter.sys [2012-11-9 7680]
    S3 vmbusr;Proveedor de bus de máquina virtual;C:\WINDOWS\System32\Drivers\vmbusr.sys [2012-7-25 117248]
    .
    =============== File Associations ===============
    .
    FileExt: .txt: txtfile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]
    FileExt: .js: JSFile="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\dreamweaver.exe","%1"
    ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\dreamweaver.exe", "%1"
    .
    =============== Created Last 30 ================
    .
    2013-03-16 03:06:20 -------- d-----w- C:\Users\tyty\AppData\Local\{DCE762A4-E298-4E8B-A518-EE9244034B32}
    2013-03-15 13:45:28 -------- d-----w- C:\Users\tyty\AppData\Local\{1578CBA1-3607-4CF9-B41A-8C082D5A0249}
    2013-03-15 03:59:58 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
    2013-03-15 03:59:47 17272 ----a-w- C:\WINDOWS\System32\sdnclean64.exe
    2013-03-15 03:59:39 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
    2013-03-15 03:57:37 0 ----a-w- C:\FAPE39D.tmp
    2013-03-15 03:57:37 0 ----a-w- C:\FAPE38C.tmp
    2013-03-15 03:57:37 0 ----a-w- C:\FAPE36B.tmp
    2013-03-15 03:57:37 0 ----a-w- C:\FAPE359.tmp
    2013-03-15 03:56:41 0 ----a-w- C:\FAP98C.tmp
    2013-03-15 03:56:40 0 ----a-w- C:\FAP5F2.tmp
    2013-03-15 03:56:40 0 ----a-w- C:\FAP4B8.tmp
    2013-03-15 03:56:38 0 ----a-w- C:\FAPFEBD.tmp
    2013-03-15 03:56:38 0 ----a-w- C:\FAPFD64.tmp
    2013-03-15 03:46:21 0 ----a-w- C:\FAP9241.tmp
    2013-03-15 03:39:28 0 ----a-w- C:\FAP4798.tmp
    2013-03-15 03:39:28 0 ----a-w- C:\FAP466E.tmp
    2013-03-15 03:39:22 0 ----a-w- C:\FAP2FF0.tmp
    2013-03-15 03:39:22 0 ----a-w- C:\FAP2E68.tmp
    2013-03-15 03:36:20 0 ----a-w- C:\FAP68E6.tmp
    2013-03-15 03:36:20 0 ----a-w- C:\FAP67FA.tmp
    2013-03-15 03:32:37 0 ----a-w- C:\FAPFED7.tmp
    2013-03-15 03:32:37 0 ----a-w- C:\FAP31.tmp
    2013-03-15 03:32:04 0 ----a-w- C:\FAP7FA8.tmp
    2013-03-15 03:32:04 0 ----a-w- C:\FAP7DE2.tmp
    2013-03-15 03:31:53 0 ----a-w- C:\FAP5395.tmp
    2013-03-15 03:31:52 0 ----a-w- C:\FAP51FE.tmp
    2013-03-15 03:31:23 0 ----a-w- C:\FAPDD59.tmp
    2013-03-15 03:31:22 0 ----a-w- C:\FAPDC4E.tmp
    2013-03-15 03:31:18 0 ----a-w- C:\FAPCA80.tmp
    2013-03-15 03:31:15 0 ----a-w- C:\FAPBE3F.tmp
    2013-03-15 03:31:14 0 ----a-w- C:\FAPBD91.tmp
    2013-03-15 03:31:09 0 ----a-w- C:\FAPA6E4.tmp
    2013-03-15 03:31:02 0 ----a-w- C:\FAP8C02.tmp
    2013-03-15 03:31:02 0 ----a-w- C:\FAP8B74.tmp
    2013-03-15 03:30:08 0 ----a-w- C:\FAPB9E1.tmp
    2013-03-15 03:28:44 0 ----a-w- C:\FAP738D.tmp
    2013-03-15 03:28:43 0 ----a-w- C:\FAP6E3D.tmp
    2013-03-15 01:45:07 -------- d-----w- C:\Users\tyty\AppData\Local\{10B8252C-49C8-4E95-8E3B-EEDA830CCB51}
    2013-03-14 21:15:03 -------- d-sh--w- C:\db5
    2013-03-14 20:02:52 9162192 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BFD42D79-0ACF-4762-9D1A-716E0DED8C19}\mpengine.dll
    2013-03-14 18:25:03 78168 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
    2013-03-14 18:25:03 692568 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
    2013-03-14 15:27:31 9162192 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
    2013-03-13 21:57:50 -------- d-----w- C:\Users\tyty\AppData\Roaming\INTERHEART
    2013-03-13 21:12:31 65336 ----a-w- C:\WINDOWS\System32\drivers\aswRvrt.sys
    2013-03-13 21:12:31 178624 ----a-w- C:\WINDOWS\System32\drivers\aswVmm.sys
    2013-03-13 21:12:21 41664 ----a-w- C:\WINDOWS\avastSS.scr
    2013-03-13 15:36:26 10115072 ----a-w- C:\WINDOWS\System32\twinui.dll
    2013-03-13 15:36:25 8856576 ----a-w- C:\WINDOWS\SysWow64\twinui.dll
    2013-03-13 15:36:16 754176 ----a-w- C:\WINDOWS\SysWow64\actxprxy.dll
    2013-03-13 15:36:16 69864 ----a-w- C:\WINDOWS\System32\drivers\pdc.sys
    2013-03-13 15:36:16 2302464 ----a-w- C:\WINDOWS\System32\authui.dll
    2013-03-13 15:36:16 2033664 ----a-w- C:\WINDOWS\SysWow64\authui.dll
    2013-03-13 15:36:15 2146816 ----a-w- C:\WINDOWS\System32\actxprxy.dll
    2013-03-13 15:33:07 4041728 ----a-w- C:\WINDOWS\System32\win32k.sys
    2013-03-13 15:33:05 468992 ----a-w- C:\WINDOWS\System32\MFMediaEngine.dll
    2013-03-13 15:33:05 361984 ----a-w- C:\WINDOWS\SysWow64\MFMediaEngine.dll
    2013-03-13 15:32:43 13643264 ----a-w- C:\WINDOWS\System32\Windows.UI.Xaml.dll
    2013-03-13 15:32:34 10792448 ----a-w- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
    2013-03-13 15:32:06 5977600 ----a-w- C:\WINDOWS\System32\mstscax.dll
    2013-03-13 15:32:02 830464 ----a-w- C:\WINDOWS\System32\wbem\WmiPrvSD.dll
    2013-03-13 15:32:01 2226408 ----a-w- C:\WINDOWS\System32\drivers\tcpip.sys
    2013-03-13 15:32:00 5090816 ----a-w- C:\WINDOWS\SysWow64\mstscax.dll
    2013-03-13 14:56:10 -------- d-----w- C:\Users\tyty\AppData\Local\{936E96C8-43E7-4CC2-A992-6DE21F50B3AB}
    2013-03-10 21:31:08 17536 ----a-w- C:\ProgramData\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
    2013-03-10 21:30:06 -------- d-----w- C:\Users\tyty\AppData\Local\{325EA44D-6582-4A0A-BFD5-4BC703EE42A0}
    2013-03-09 20:21:09 -------- d-----w- C:\Users\tyty\AppData\Local\{BFF20978-93A3-4DF2-B80C-6B3AB82475B9}
    2013-03-09 04:36:18 24176 ----a-w- C:\WINDOWS\System32\drivers\mbam.sys
    2013-03-09 03:12:13 -------- d-----w- C:\Users\tyty\AppData\Local\{E831F536-3FD9-4CF7-B01E-9058CD021285}
    2013-03-03 18:47:38 -------- d-----w- C:\Users\tyty\AppData\Local\{BDABEF31-042D-4258-BFD4-66B8A423FEF2}
    2013-03-02 21:08:33 -------- d-----w- C:\Users\tyty\AppData\Local\{84621ABD-E7BC-44FE-8160-513AAE8DEE9E}
    2013-02-26 20:50:13 1010688 ----a-w- C:\WINDOWS\System32\reseteng.dll
    2013-02-26 20:50:12 375808 ----a-w- C:\WINDOWS\SysWow64\ReAgent.dll
    2013-02-26 20:50:11 443392 ----a-w- C:\WINDOWS\System32\ReAgent.dll
    2013-02-26 15:58:44 6559856 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Csi.dll
    2013-02-26 15:58:34 3009712 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\3082\MSOINTL.DLL
    2013-02-26 15:58:32 35335792 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSO.DLL
    2013-02-24 20:06:49 -------- d-----w- C:\Users\tyty\AppData\Local\{8116D03F-4DD2-4C07-ADFD-5D66851406BF}
    2013-02-24 03:44:09 -------- d-----w- C:\Users\tyty\AppData\Local\{9C840C95-2797-4BA8-9546-4D7965BE045F}
    2013-02-23 00:05:02 5068400 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\CMigrate.exe
    2013-02-23 00:05:02 4832864 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Csi.dll
    2013-02-23 00:05:02 25361008 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSO.DLL
    2013-02-22 23:58:54 6782088 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\CMigrate.exe
    2013-02-18 04:06:08 617136 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\ACEDAO.DLL
    2013-02-17 21:55:11 -------- d-----w- C:\Users\tyty\AppData\Local\{0D3D88AD-17C0-4645-A015-2F684B531248}
    2013-02-17 06:53:03 -------- d-----w- C:\Users\tyty\AppData\Local\{3D2A3CD0-F3A6-41DC-8391-3EA8B0C41C33}
    2013-02-16 18:52:44 -------- d-----w- C:\Users\tyty\AppData\Local\{5DA1F90C-85F0-49D0-B845-6FD6B8A64315}
    2013-02-16 06:55:12 484352 ----a-w- C:\WINDOWS\SysWow64\lame_enc.dll
    2013-02-16 03:18:40 6967016 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe
    2013-02-16 02:18:53 -------- d-----w- C:\Users\tyty\AppData\Local\WLDI
    2013-02-16 00:34:28 -------- d-----w- C:\Program Files\Microsoft Xbox 360 Accessories
    2013-02-16 00:03:54 -------- d-----w- C:\Users\tyty\AppData\Local\{68A3A450-FA26-4CCD-A198-05113D2E4028}
    2013-02-15 22:31:48 186432 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
    2013-02-15 19:11:06 1084416 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll
    2013-02-15 19:11:05 817664 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
    2013-02-15 00:17:21 -------- d-----w- C:\Users\tyty\AppData\Local\{282598DA-66AC-4ED9-B09B-9A5973AA9638}
    .
    ==================== Find3M ====================
    .
    2013-03-06 23:33:21 70992 ----a-w- C:\WINDOWS\System32\drivers\aswRdr2.sys
    2013-03-06 23:33:21 1025808 ----a-w- C:\WINDOWS\System32\drivers\aswSnx.sys
    2013-03-06 23:33:20 80816 ----a-w- C:\WINDOWS\System32\drivers\aswMonFlt.sys
    2013-02-24 05:35:13 15664 ----a-w- C:\WINDOWS\SysWow64\drivers\GEARAspiWDM.sys
    2013-02-24 05:35:13 109360 ----a-w- C:\WINDOWS\SysWow64\GEARAspi.dll
    2013-02-16 08:20:41 1174979 ----a-w- C:\WINDOWS\apppatch\unins000.exe
    2013-02-15 07:58:59 39936 ----a-w- C:\WINDOWS\apppatch\apppatch64\acspecfc.dll
    2013-02-15 06:35:40 444416 ----a-w- C:\WINDOWS\apppatch\AcSpecfc.dll
    2013-02-12 01:30:04 44032 ----a-w- C:\WINDOWS\SysWow64\UXInit.dll
    2013-02-12 00:56:19 53760 ----a-w- C:\WINDOWS\System32\UXInit.dll
    2013-02-05 22:31:11 622080 ----a-w- C:\WINDOWS\System32\drivers\srv2.sys
    2013-02-05 22:29:09 370688 ----a-w- C:\WINDOWS\System32\drivers\mrxsmb.sys
    2013-02-05 22:28:48 247808 ----a-w- C:\WINDOWS\System32\drivers\srvnet.sys
    2013-02-05 22:28:36 215552 ----a-w- C:\WINDOWS\System32\drivers\mrxsmb20.sys
    2013-02-05 04:58:01 1766912 ----a-w- C:\WINDOWS\SysWow64\wininet.dll
    2013-02-05 04:56:33 2877952 ----a-w- C:\WINDOWS\SysWow64\jscript9.dll
    2013-02-05 04:56:27 61440 ----a-w- C:\WINDOWS\SysWow64\iesetup.dll
    2013-02-05 04:56:27 109056 ----a-w- C:\WINDOWS\SysWow64\iesysprep.dll
    2013-02-05 03:55:27 2706432 ----a-w- C:\WINDOWS\SysWow64\mshtml.tlb
    2013-02-05 01:44:50 534528 ----a-w- C:\WINDOWS\SysWow64\uxtheme.dll
    2013-02-04 22:39:47 2246656 ----a-w- C:\WINDOWS\System32\wininet.dll
    2013-02-04 22:39:39 907776 ----a-w- C:\WINDOWS\System32\uxtheme.dll
    2013-02-04 22:38:55 3966464 ----a-w- C:\WINDOWS\System32\jscript9.dll
    2013-02-04 22:38:53 136704 ----a-w- C:\WINDOWS\System32\iesysprep.dll
    2013-02-02 11:19:44 496872 ----a-w- C:\WINDOWS\System32\drivers\usbhub.sys
    2013-02-02 11:19:44 446184 ----a-w- C:\WINDOWS\System32\drivers\USBHUB3.SYS
    2013-02-02 11:19:41 329960 ----a-w- C:\WINDOWS\System32\drivers\storport.sys
    2013-02-02 11:19:33 61672 ----a-w- C:\WINDOWS\System32\drivers\crashdmp.sys
    2013-02-02 10:54:54 1933544 ----a-w- C:\WINDOWS\System32\drivers\ntfs.sys
    2013-02-02 10:28:54 993512 ----a-w- C:\WINDOWS\System32\drivers\ndis.sys
    2013-02-02 09:42:07 2207232 ----a-w- C:\WINDOWS\SysWow64\PrintConfig.dll
    2013-02-02 08:40:58 375808 ----a-w- C:\WINDOWS\SysWow64\wbem\WmiPrvSE.exe
    2013-02-02 08:40:55 80896 ----a-w- C:\WINDOWS\SysWow64\tasklist.exe
    2013-02-02 08:40:55 79360 ----a-w- C:\WINDOWS\SysWow64\taskkill.exe
    2013-02-02 08:40:36 155136 ----a-w- C:\WINDOWS\SysWow64\XpsRasterService.dll
    2013-02-02 08:40:35 370688 ----a-w- C:\WINDOWS\SysWow64\WWanAPI.dll
    2013-02-02 08:40:27 131072 ----a-w- C:\WINDOWS\SysWow64\wbem\WmiDcPrv.dll
    2013-02-02 08:40:26 410624 ----a-w- C:\WINDOWS\SysWow64\wlroamextension.dll
    2013-02-02 08:40:22 197632 ----a-w- C:\WINDOWS\SysWow64\Windows.Networking.Connectivity.dll
    2013-02-02 08:40:01 356352 ----a-w- C:\WINDOWS\SysWow64\SettingSync.dll
    2013-02-02 08:39:59 325632 ----a-w- C:\WINDOWS\SysWow64\schannel.dll
    2013-02-02 08:39:47 18432 ----a-w- C:\WINDOWS\SysWow64\npmproxy.dll
    2013-02-02 08:39:34 55296 ----a-w- C:\WINDOWS\SysWow64\nlaapi.dll
    2013-02-02 08:39:34 15872 ----a-w- C:\WINDOWS\SysWow64\nlmproxy.dll
    2013-02-02 08:39:34 12288 ----a-w- C:\WINDOWS\SysWow64\nlmsprep.dll
    2013-02-02 08:39:33 115712 ----a-w- C:\WINDOWS\SysWow64\netprofm.dll
    2013-02-02 08:39:15 157696 ----a-w- C:\WINDOWS\SysWow64\mbsmsapi.dll
    2013-02-02 08:38:54 567808 ----a-w- C:\WINDOWS\SysWow64\duser.dll
    2013-02-02 08:24:19 107520 ----a-w- C:\WINDOWS\System32\taskkill.exe
    2013-02-02 08:24:19 102400 ----a-w- C:\WINDOWS\System32\tasklist.exe
    2013-02-02 08:23:44 228352 ----a-w- C:\WINDOWS\System32\XpsRasterService.dll
    2013-02-02 08:23:43 475136 ----a-w- C:\WINDOWS\System32\WWanAPI.dll
    2013-02-02 08:23:37 611840 ----a-w- C:\WINDOWS\System32\wpd_ci.dll
    2013-02-02 08:23:37 105472 ----a-w- C:\WINDOWS\System32\wpdbusenum.dll
    2013-02-02 08:23:28 543232 ----a-w- C:\WINDOWS\System32\wlroamextension.dll
    2013-02-02 08:23:19 293376 ----a-w- C:\WINDOWS\System32\Windows.Networking.Connectivity.dll
    2013-02-02 08:23:18 731648 ----a-w- C:\WINDOWS\System32\win32spl.dll
    2013-02-02 08:23:16 87552 ----a-w- C:\WINDOWS\System32\wersvc.dll
    2013-02-02 08:22:28 448512 ----a-w- C:\WINDOWS\System32\SettingSync.dll
    2013-02-02 08:22:22 416256 ----a-w- C:\WINDOWS\System32\schannel.dll
    2013-02-02 08:21:45 467456 ----a-w- C:\WINDOWS\System32\netprofmsvc.dll
    2013-02-02 08:21:44 385024 ----a-w- C:\WINDOWS\System32\ncsi.dll
    2013-02-02 08:21:10 225280 ----a-w- C:\WINDOWS\System32\mbsmsapi.dll
    2013-02-02 08:20:47 260096 ----a-w- C:\WINDOWS\System32\hotspotauth.dll
    2013-02-02 08:20:31 729600 ----a-w- C:\WINDOWS\System32\duser.dll
    2013-02-02 07:30:05 2706432 ----a-w- C:\WINDOWS\System32\mshtml.tlb
    2013-02-02 07:25:52 297984 ----a-w- C:\WINDOWS\System32\drivers\ks.sys
    2013-02-02 07:25:26 82944 ----a-w- C:\WINDOWS\System32\drivers\hidclass.sys
    2013-02-02 07:25:23 37632 ----a-w- C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
    2013-02-02 05:41:57 1437184 ----a-w- C:\WINDOWS\SysWow64\GdiPlus.dll
    2013-02-02 05:31:54 1690624 ----a-w- C:\WINDOWS\System32\GdiPlus.dll
    2013-01-31 09:50:58 28160 ----a-w- C:\WINDOWS\System32\drivers\mcaudrv_x64.sys
    2013-01-30 10:53:22 273840 ------w- C:\WINDOWS\System32\MpSigStub.exe
    2013-01-15 09:27:14 421888 ----a-w- C:\WINDOWS\SysWow64\RealMediaSplitter.ax
    2013-01-15 09:27:04 2174976 ----a-w- C:\Program Files (x86)\Common Files\atimpenc.dll
    2013-01-15 02:54:04 44544 ----a-w- C:\WINDOWS\System32\drivers\mcvidrv_x64.sys
    2013-01-12 16:17:12 283200 ----a-w- C:\WINDOWS\System32\drivers\dtsoftbus01.sys
    2013-01-10 01:53:32 28904 ----a-w- C:\WINDOWS\System32\drivers\msgpiowin32.sys
    2013-01-10 01:40:39 1448168 ----a-w- C:\WINDOWS\System32\drivers\dxgkrnl.sys
    2013-01-10 01:40:38 303848 ----a-w- C:\WINDOWS\System32\drivers\dxgmms1.sys
    2013-01-10 01:39:29 194280 ----a-w- C:\WINDOWS\System32\drivers\sdbus.sys
    2013-01-10 01:39:22 124648 ----a-w- C:\WINDOWS\System32\drivers\dumpsd.sys
    2013-01-10 01:29:56 91880 ----a-w- C:\WINDOWS\System32\drivers\partmgr.sys
    2013-01-10 01:29:21 785504 ----a-w- C:\WINDOWS\System32\drivers\Wdf01000.sys
    2013-01-09 23:26:53 83968 ----a-w- C:\WINDOWS\SysWow64\wiaacmgr.exe
    2013-01-09 23:26:46 1611776 ----a-w- C:\WINDOWS\SysWow64\mmc.exe
    2013-01-09 23:26:35 410624 ----a-w- C:\WINDOWS\SysWow64\Windows.Networking.dll
    2013-01-09 23:26:35 261120 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.dll
    2013-01-09 23:26:25 278528 ----a-w- C:\WINDOWS\SysWow64\srm.dll
    2013-01-09 23:26:25 202752 ----a-w- C:\WINDOWS\SysWow64\srmstormod.dll
    2013-01-09 23:26:23 1752064 ----a-w- C:\WINDOWS\SysWow64\setupapi.dll
    2013-01-09 23:26:20 67584 ----a-w- C:\WINDOWS\SysWow64\samlib.dll
    2013-01-09 23:26:04 890880 ----a-w- C:\WINDOWS\SysWow64\msctf.dll
    2013-01-09 23:26:03 436736 ----a-w- C:\WINDOWS\SysWow64\MP4SDECD.DLL
    2013-01-09 23:25:55 582144 ----a-w- C:\WINDOWS\SysWow64\gpprefcl.dll
    2013-01-09 23:23:32 95232 ----a-w- C:\WINDOWS\System32\wiaacmgr.exe
    2013-01-09 23:23:25 2094592 ----a-w- C:\WINDOWS\System32\mmc.exe
    2013-01-09 23:23:18 256000 ----a-w- C:\WINDOWS\System32\WSDMon.dll
    2013-01-09 23:23:16 1964544 ----a-w- C:\WINDOWS\System32\wlidsvc.dll
    2013-01-09 23:23:14 594944 ----a-w- C:\WINDOWS\System32\Windows.Networking.dll
    .
    ============= FINISH: 1:10:56.39 ===============

  2. #2
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default




    Please read Before You Post
    While best efforts are made to assist in removing infections safely, unexpected stuff can happen. It is advisable that you back up your important data before starting any clean up procedure. Neither Safer Networking Forums nor the Analyst providing the advice may be held responsible for any loss.

    Until we deem your system clean I am going to ask you not to install or uninstall any software or hardware except for the programs we may run.

    Running programs with Vista or Windows 7 , Right Click and select RUN AS ADMINISTATOR



    Sorry for the delay , sometimes a thread or two falls through the cracks, do you still need help ?
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

  3. #3
    Junior Member
    Join Date
    Mar 2013
    Posts
    2

    Default

    No thanks. I made a full format already. Close this thread an thanks anyway

  4. #4
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Your welcome, glad you got it fixed

    Make sure you update your Java , serious threat going around with older versions

    1. Go to your Control Panel and click on the Java Icon ( looks like a little coffee cup ) click on About and you should have Version 7 Update 17, if not proceed with the instructions.
    2. Go to the update Tab and update it
    3. Important, during the upgrade UNCHECK ASK TOOL BAR. ( you do not need or want this )
    4. Then go to your Add Remove Programs (WIN XP) or Programs and Features (Vista / Win 7) in the Control Panel and uninstall all previous versions.


    You can verify the installation Here
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •