Results 1 to 10 of 23

Thread: Cannot get rid of SelectionLinks Malware

Threaded View

Previous Post Previous Post   Next Post Next Post
  1. 2013-05-07, 21:27 #1
    yehonatans
    yehonatans is offline
    Junior Member
    Join Date
    May 2013
    Posts
    12

    Default Cannot get rid of SelectionLinks Malware

    Hi, i read this thread:
    http://malwaretips.com/blogs/remove-selectionlinks-ads/
    And did what it said, all my antivirus is up to date.
    My Spybot reported that it solved 2 out of 8 SelectionLinks problems and told me to restart to get rid of the rest, 2 restarts later, spybot still cannot find any problem.

    Anyway, I am hoping you can help me.

    Thank you.

    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 10.0.9200.16537 BrowserJavaVersion: 10.21.2
    Run by owner at 22:21:32 on 2013-05-07
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1037.18.4079.2301 [GMT 3:00]
    .
    AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
    SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    D:\Program Files (x86)\Acunetix\Web Vulnerability Scanner 8\WVSScheduler.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    C:\Windows\SysWOW64\PnkBstrA.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\Explorer.EXE
    C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe
    C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe
    C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Windows\vsnp2std.exe
    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files (x86)\Google\Drive\googledrivesync.exe
    D:\Program Files (x86)\steam\Steam.exe
    D:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    D:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
    D:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
    D:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
    C:\Program Files (x86)\Google\Drive\googledrivesync.exe
    C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe
    C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
    C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Program Files (x86)\CleanMem\Mini_Monitor.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
    c:\program files (x86)\avira\antivir desktop\avscan.exe
    C:\Windows\system32\vssvc.exe
    C:\Windows\System32\svchost.exe -k swprv
    C:\Users\owner\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\owner\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\owner\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\owner\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\owner\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\owner\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\owner\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\owner\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\owner\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\owner\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\owner\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\owner\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\owner\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Program Files\CCleaner\CCleaner64.exe
    D:\Program Files (x86)\iTunes\iTunes.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
    C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
    C:\Windows\System32\WUDFHost.exe
    C:\Windows\explorer.exe
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Users\owner\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.co.il/
    uProxyOverride = 127.0.0.1:9421;*.local
    mWinlogon: Userinit = userinit.exe
    BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - D:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: SelectionLinks: {7825CFB6-490A-436B-9F26-4A7B5CFC01A9} -
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
    uRun: [Steam] "D:\Program Files (x86)\steam\steam.exe" -silent
    uRun: [Google Update] "C:\Users\owner\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    uRun: [SpybotSD TeaTimer] D:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    mRun: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe
    mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
    mRunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\LOGITE~1.LNK - D:\Program Files\Logitech\SetPoint\SetPoint.exe
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    IE: Free YouTube to MP3 Converter - C:\Users\owner\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
    IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - <orphaned>
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - D:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
    .
    INFO: HKCU has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    .
    INFO: HKLM has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab
    DPF: {CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab
    TCP: NameServer = 10.0.0.138
    TCP: Interfaces\{3267CDE9-0AFF-4F78-9B40-998F67A56B08} : DHCPNameServer = 10.0.0.138
    TCP: Interfaces\{3267CDE9-0AFF-4F78-9B40-998F67A56B08}\A41636F62637 : DHCPNameServer = 10.0.0.138
    TCP: Interfaces\{3267CDE9-0AFF-4F78-9B40-998F67A56B08}\C6F6E67686F627E637 : DHCPNameServer = 10.0.0.138
    TCP: Interfaces\{89D6E89B-E882-4251-B8D4-830B933164DF} : DHCPNameServer = 10.0.0.138
    Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
    Notify: igfxcui - <no file>
    SSODL: WebCheck - <orphaned>
    SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
    x64-Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    x64-Run: [snp2std] C:\Windows\vsnp2std.exe
    x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
    x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
    x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
    x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" -f "C:\ProgramData\NVIDIA\Updatus\NvTmru\nvtmru.dat"
    x64-IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - <orphaned>
    .
    INFO: x64-HKLM has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
    x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    x64-Notify: igfxcui - igfxdev.dll
    x64-SSODL: WebCheck - <orphaned>
    Hosts: 127.0.0.1 www.spywareinfo.com
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\6w8cv86h.default\
    FF - prefs.js: browser.search.defaulturl -
    FF - prefs.js: browser.search.selectedEngine - Privitize VPN
    FF - prefs.js: network.proxy.gopher -
    FF - prefs.js: network.proxy.gopher_port - 0
    FF - prefs.js: network.proxy.type - 0
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll
    FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
    FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
    FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
    FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
    FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
    FF - plugin: C:\Users\owner\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
    FF - plugin: C:\Users\owner\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll
    FF - plugin: C:\Users\owner\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
    FF - plugin: C:\Users\owner\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
    FF - plugin: C:\Users\owner\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
    FF - plugin: C:\Users\owner\AppData\Roaming\Mozilla\plugins\npo1d.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll
    FF - plugin: D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
    FF - plugin: D:\Program Files (x86)\QuickTime\Plugins\npqtplugin.dll
    FF - plugin: D:\Program Files (x86)\QuickTime\Plugins\npqtplugin2.dll
    FF - plugin: D:\Program Files (x86)\QuickTime\Plugins\npqtplugin3.dll
    FF - plugin: D:\Program Files (x86)\QuickTime\Plugins\npqtplugin4.dll
    FF - plugin: D:\Program Files (x86)\QuickTime\Plugins\npqtplugin5.dll
    FF - plugin: D:\Program Files (x86)\QuickTime\Plugins\npqtplugin6.dll
    FF - plugin: D:\Program Files (x86)\QuickTime\Plugins\npqtplugin7.dll
    FF - ExtSQL: 2013-04-28 12:42; {7AC261D0-B949-47CA-B9E8-477013A15A6E}; C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\6w8cv86h.default\extensions\{7AC261D0-B949-47CA-B9E8-477013A15A6E}
    .
    ============= SERVICES / DRIVERS ===============
    .
    R1 AppleCharger;AppleCharger;C:\Windows\System32\drivers\AppleCharger.sys [2011-10-27 21104]
    R1 avkmgr;avkmgr;C:\Windows\System32\drivers\avkmgr.sys [2013-3-30 28600]
    R2 AcuWVSSchedulerv8;Acunetix WVS Scheduler v8;D:\Program Files (x86)\Acunetix\Web Vulnerability Scanner 8\WVSScheduler.exe [2012-6-30 1009840]
    R2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2012-10-16 86752]
    R2 AntiVirService;Avira Real-Time Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2012-10-16 110816]
    R2 avgntflt;avgntflt;C:\Windows\System32\drivers\avgntflt.sys [2013-3-30 100712]
    R3 athur;Wireless Network Adapter Service;C:\Windows\System32\drivers\athurx.sys [2012-12-3 1847296]
    R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-5-7 25928]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-10-27 412264]
    R3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]
    S3 ManyCam;ManyCam Virtual Webcam;C:\Windows\System32\drivers\mcvidrv_x64.sys [2012-1-11 34304]
    S3 mcaudrv_simple;ManyCam Virtual Microphone;C:\Windows\System32\drivers\mcaudrv_x64.sys [2012-2-22 28160]
    S3 netr7364;RT73 USB Extensible Wireless LAN Card Driver;C:\Windows\System32\drivers\netr7364.sys [2011-10-5 729152]
    S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-12-8 19456]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-12-8 57856]
    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-12-8 30208]
    .
    =============== File Associations ===============
    .
    FileExt: .txt: txtfile=C:\Windows\System32\NOTEPAD.EXE %1 [UserChoice]
    .
    =============== Created Last 30 ================
    .
    2013-05-07 18:57:19 -------- d-----w- C:\ProgramData\RegCure
    2013-05-07 18:29:52 -------- d-----w- C:\ProgramData\HitmanPro
    2013-05-07 18:28:44 -------- d-----w- C:\Users\owner\AppData\Roaming\Malwarebytes
    2013-05-07 18:28:31 -------- d-----w- C:\ProgramData\Malwarebytes
    2013-05-07 18:28:30 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2013-05-07 18:28:30 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2013-05-07 12:04:43 9317456 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{628FFB0B-FDA3-497F-90D1-816378F2D1F2}\mpengine.dll
    2013-05-07 11:54:25 83160 ----a-w- C:\Windows\System32\drivers\avnetflt.sys
    2013-04-26 09:47:01 -------- d-----w- C:\Users\owner\AppData\Roaming\LOVE
    2013-04-25 12:40:52 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys
    2013-04-18 19:16:46 563488 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
    2013-04-18 19:01:42 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
    2013-04-10 16:49:58 3153408 ----a-w- C:\Windows\System32\win32k.sys
    2013-04-10 16:49:56 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe
    2013-04-10 16:49:56 223752 ----a-w- C:\Windows\System32\drivers\fvevol.sys
    2013-04-10 16:49:55 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll
    2013-04-10 16:49:55 43520 ----a-w- C:\Windows\System32\csrsrv.dll
    2013-04-10 16:49:55 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
    2013-04-10 16:49:55 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
    2013-04-10 16:49:55 112640 ----a-w- C:\Windows\System32\smss.exe
    .
    ==================== Find3M ====================
    .
    2013-05-01 23:06:08 278800 ------w- C:\Windows\System32\MpSigStub.exe
    2013-04-19 02:46:06 6488352 ----a-w- C:\Windows\System32\nvcpl.dll
    2013-04-19 02:46:06 3511072 ----a-w- C:\Windows\System32\nvsvc64.dll
    2013-04-19 02:46:01 884512 ----a-w- C:\Windows\System32\nvvsvc.exe
    2013-04-19 02:46:01 63776 ----a-w- C:\Windows\System32\nvshext.dll
    2013-04-19 02:46:01 2555680 ----a-w- C:\Windows\System32\nvsvcr.dll
    2013-04-19 02:46:01 237856 ----a-w- C:\Windows\System32\nvmctray.dll
    2013-04-17 17:30:28 3122645 ----a-w- C:\Windows\System32\nvcoproc.bin
    2013-04-05 13:34:57 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
    2013-04-05 13:34:49 280792 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
    2013-04-05 13:34:49 280792 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
    2013-04-05 13:33:00 281032 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
    2013-04-02 14:09:52 4550656 ----a-w- C:\Windows\SysWow64\GPhotos.scr
    2013-03-30 19:29:25 28600 ----a-w- C:\Windows\System32\drivers\avkmgr.sys
    2013-03-30 19:29:25 100712 ----a-w- C:\Windows\System32\drivers\avgntflt.sys
    2013-03-15 11:28:44 861088 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
    2013-03-15 11:28:44 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll
    2013-03-15 05:53:06 1807136 ----a-w- C:\Windows\System32\nvdispco6431422.dll
    2013-03-15 05:53:06 1510176 ----a-w- C:\Windows\System32\nvdispgenco6431422.dll
    2013-03-14 11:43:34 1807136 ----a-w- C:\Windows\System32\nvdispco6431421.dll
    2013-03-14 11:43:34 1510176 ----a-w- C:\Windows\System32\nvdispgenco6431421.dll
    2013-02-25 05:27:52 31520 ----a-w- C:\Windows\System32\nvhdap64.dll
    2013-02-25 05:27:45 194848 ----a-w- C:\Windows\System32\drivers\nvhda64v.sys
    2013-02-21 10:30:16 1766912 ----a-w- C:\Windows\SysWow64\wininet.dll
    2013-02-21 10:29:39 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2013-02-21 10:29:37 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
    2013-02-21 10:29:37 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
    2013-02-21 10:15:07 2240512 ----a-w- C:\Windows\System32\wininet.dll
    2013-02-21 10:14:09 3958784 ----a-w- C:\Windows\System32\jscript9.dll
    2013-02-21 10:14:05 67072 ----a-w- C:\Windows\System32\iesetup.dll
    2013-02-21 10:14:05 136704 ----a-w- C:\Windows\System32\iesysprep.dll
    2013-02-19 12:01:03 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2013-02-19 11:42:14 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
    2013-02-19 11:10:53 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
    2013-02-19 10:51:18 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
    2013-02-15 14:44:15 231376 ----a-w- C:\Windows\System32\drivers\truecrypt.sys
    2013-02-12 05:45:24 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
    2013-02-12 05:45:22 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
    2013-02-12 05:45:22 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
    2013-02-12 05:45:22 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
    2013-02-12 04:48:31 474112 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
    2013-02-12 04:48:26 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
    2013-02-12 04:12:05 19968 ----a-w- C:\Windows\System32\drivers\usb8023.sys
    2013-02-10 03:25:27 1807136 ----a-w- C:\Windows\System32\nvdispco6420294.dll
    2013-02-10 03:25:27 1510176 ----a-w- C:\Windows\System32\nvdispgenco6420162.dll
    .
    ============= FINISH: 22:23:38.86 ===============
    Attached Files Attached Files
    Last edited by tashi; 2013-05-08 at 00:08. Reason: Copy pasted log into topic per forum FAQ
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules