Results 1 to 6 of 6

Thread: My computer is a tramp

Threaded View

Previous Post Previous Post   Next Post Next Post
  1. 2013-08-27, 03:34 #1
    mattbeowulf
    mattbeowulf is offline
    Junior Member mattbeowulf's Avatar
    Join Date
    Aug 2013
    Location
    Seattle
    Posts
    4

    Unhappy My computer is a tramp

    ...bringing home all sorts of who-knows-what ;-) I would be most appreciative for some assistance in cleaning the goblins out of her...

    Because I can tell y'all like a challenge (not really, I was simply ignorant) I have done most of the things a user is directed NOT to do prior to your assistance, as enumerated in the "before you post" thread. Sorry Specifically, before admitting that I'm out of my depth, I tried many and various means for removal of the shadowy software lurking in my PC -- registry cleaning (a la Glary Utilities), a couple of anti spyware/root kit tools like Malwarebytes, AVG (until I got fed up & tried to remove it), and then I found Hiran's Boot CD -- and in one blurred, frenzied and ineffective night I tried all sorts of options in the suite of tools. Combofix included, but although I opened the program, I don't think I used any of its tools, but not sure. Also tried ClamWin AV, which is the only thing that named some of the elusive trojans. Here is that scan log; infected files are at the end:

    Scan Started Mon Aug 19 15:21:03 2013
    -------------------------------------------------------------------------------

    WARNING: Can't open file C:\Boot\BCD: Permission denied
    WARNING: Can't open file C:\pagefile.sys: Permission denied
    C:\Program Files (x86)\Creative\ShareDLL\CADI\CtPresetW.dll: moved to 'C:\Qoobox\Quarantine\CtPresetW.dll.infected'
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\033645cb82d642d47aa605cc88e0e3ca_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\049b06736804db2f5e7621bebf6ed59e_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\07bd1d916181adf10240b62971ccf64e_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\09f52e0a31fd18662690f8bd772e66e4_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\0b51c6cc08e821819fc4d861dd43abf9_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\102e8dbbecf306b873cfca4be985e399_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\1148650d479f382165a373d3dbe95a90_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\121b3ed2f250f997cb71d0cdf2b59822_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\169fc132319d105a90d0644948e7bc3b_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\1a14b697ac72b698323074f874c8888b_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\1c7aa1bc7ce76500a52b91ec4ce58b47_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\23e0fbdbaedcfc2208c1509a8293872e_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\2d478076527342ef7fcdbecb4ecdc28a_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\2ecf015b6012bd91248be329bbd2bf47_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\3031c930d4aa06a42755f87a67e9af8b_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\3047a828acdf97013d991028b880c556_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\33b84a1097cc036a3fd4b4353cc63f69_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\3c12f6e1467c4ac4966c5bb8e2f20ee3_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\3da4117aeb23d4e0d33dbbc262bee0d8_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\3e65d1ff502c8948ba275bdc9778e2ea_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\3f91b791638dd75bbdf72f5345cd64dc_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\3ff144a43259042866d488203c817df5_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\41ba34bcdb2177f953c214a169f0c227_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\4240280e49be3991007efb65cbc599ff_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\4591ef02cebc8ec876cac822eddeaed2_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\46d6cc5a3e6bf68989208591f0b5ebef_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\4a52d2b4827844c4b4e19a12df7fd831_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\4f2fb8045bc240825db618b02e093265_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\50759155b0276663b5a4a49979d5594b_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\51356229475c76892b3edfb4487c0a2f_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\57f6e27b1d1a8b0912fb77c9a58a3cd0_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\68294f27f83983725ebbab624846cbb2_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\69cc8aca239d277ad44c008e2257886a_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\6b209b20d48fd8de500c0c0073e1640b_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\6c9ae8a5f86c33ae67f6fc15b7ff7d8c_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\6d33e26fd8288b0fb339322306765dfd_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\7270e2d4532469b59a90c7bb6deba41d_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\764ff12e6bfa66cbad00cb446cbac448_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\7d9dfa7d386a104a25fd530f7bf56273_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\844e98caa4582b782bcf7e623354afed_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\8a4e5055d1760287dde00e446b672ea6_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\8b897ef36142f0e23e409c077d20065d_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\8d5bc829e84337ce16dc414c2fadc916_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\8f050e05aaff7e90980ab0b5d7f83707_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\9b5d0040b5a564605fb08b44ed340451_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\9bb34e4a824539a9beaa5219eae3a64b_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\a2917eedc30797a12920d8012653265e_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\a6c82625a7a95e0c7b4284a9a1d883e2_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\ab913a1d7eee1e429ec3abaff5b1620f_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\ade23b912d0c3e1abae02fbb64975b76_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\b19f341a36468a6a39ffb0d280f6d336_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\b4e6e30a45e4aa79fa27fbddf5363b15_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\b5724232facc542c4c366528017177c1_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\bc9ce41a6bc5152c1ffe764ae12143a8_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\bdf935d91b9907e0d2e14a582c308c8a_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\c1c5472bb5c698de9a3a9dfa39296ce4_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\c39dea9c049e6b8c9fca7ffdaa0e9688_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\c689064be407e1c74d7aa125e51a5dd2_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\c69a8968a46a35e3e091cc4e5d6a7e6e_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\c73add8524540e2385dd2df9e781c1b9_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\c8132611abe0e5eca0b8f7e8cbf7dd1d_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\cc0a29fb795e598881213cf0f134b1cc_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\d0ddcfc62115b7a14ea8676b7644aa5a_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\d54af066da8d738fdfcf6cfeed483166_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\d7beeb857d4435b5b77912fb7c7cb5a1_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\dd493c4537a14931d5b6e63490c65ff0_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\de66b6c415bda6afac89ca285eb7c4c5_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\e053acf0f1aafb92c4e811d259e95410_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\e07f532128c3e21aee6016e64f3872b1_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\e371cd75ca7f6c64f505d624188780c1_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\ebcadaaf5291757baa797716a1aaa702_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\ee9d86034348152be99975864fcf2183_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\eeabb80d0bcd3f9f8e56bc7bff52c522_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\f082e472fad03cbc2b870c945d1fe78b_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\f4ff103e299a22c850065b1f08e22544_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\f50247895c8cca5f8feabd5efb1e0ac6_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\f9ac9fa9bdd2db2c93c05d33539f7651_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\fb5e40d256c3c4fbb336e1cdc2688d51_d11f5272-a737-490e-ac55-87e51c7c4e4f: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Search\Data\Applications\Windows\tmp.edb: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Bluetooth File Transfer Wizard.lnk: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Windows Defender\Scans\History\CacheManager\MpSfc.bin: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-EF17B81B8BEC21E07B878AA88994B27AEB19C5F2.bin.67: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-EF17B81B8BEC21E07B878AA88994B27AEB19C5F2.bin.7E: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-EF17B81B8BEC21E07B878AA88994B27AEB19C5F2.bin.80: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-EF17B81B8BEC21E07B878AA88994B27AEB19C5F2.bin.87: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-EF17B81B8BEC21E07B878AA88994B27AEB19C5F2.bin.A0: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-EF17B81B8BEC21E07B878AA88994B27AEB19C5F2.bin.VE0: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-EF17B81B8BEC21E07B878AA88994B27AEB19C5F2.bin.VE1: Permission denied
    WARNING: Can't open file C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-EF17B81B8BEC21E07B878AA88994B27AEB19C5F2.bin.VF: Permission denied
    C:\Qoobox\Quarantine\CtPresetW.dll.infected not moved/copied since already in quarantine
    WARNING: Can't open file C:\System Volume Information\Syscache.hve: Permission denied
    WARNING: Can't open file C:\System Volume Information\Syscache.hve.LOG1: Permission denied
    WARNING: Can't open file C:\System Volume Information\{05f081fd-0873-11e3-9bb4-7071bc10bd06}{3808876b-c176-4e48-b7ae-04046e6cc752}: Permission denied
    WARNING: Can't open file C:\System Volume Information\{0f1592b2-f269-11e2-8021-7071bc10bd06}{3808876b-c176-4e48-b7ae-04046e6cc752}: Permission denied
    WARNING: Can't open file C:\System Volume Information\{1c11a4c0-fba7-11e2-b122-7071bc10bd06}{3808876b-c176-4e48-b7ae-04046e6cc752}: Permission denied
    WARNING: Can't open file C:\System Volume Information\{26507b0e-056f-11e3-b4e4-7071bc10bd06}{3808876b-c176-4e48-b7ae-04046e6cc752}: Permission denied
    WARNING: Can't open file C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}: Permission denied
    WARNING: Can't open file C:\System Volume Information\{3bdac356-00d7-11e3-8b59-7071bc10bd06}{3808876b-c176-4e48-b7ae-04046e6cc752}: Permission denied
    WARNING: Can't open file C:\System Volume Information\{681b83d7-01c4-11e3-8478-7071bc10bd06}{3808876b-c176-4e48-b7ae-04046e6cc752}: Permission denied
    WARNING: Can't open file C:\System Volume Information\{7d723cd5-f88d-11e2-8073-7071bc10bd06}{3808876b-c176-4e48-b7ae-04046e6cc752}: Permission denied
    WARNING: Can't open file C:\System Volume Information\{86e88912-015c-11e3-b7f3-7071bc10bd06}{3808876b-c176-4e48-b7ae-04046e6cc752}: Permission denied
    WARNING: Can't open file C:\System Volume Information\{86e8894c-015c-11e3-b7f3-7071bc10bd06}{3808876b-c176-4e48-b7ae-04046e6cc752}: Permission denied
    WARNING: Can't open file C:\System Volume Information\{cc871934-070a-11e3-97c7-7071bc10bd06}{3808876b-c176-4e48-b7ae-04046e6cc752}: Permission denied
    WARNING: Can't open file C:\System Volume Information\{d2cbd652-0815-11e3-9608-7071bc10bd06}{3808876b-c176-4e48-b7ae-04046e6cc752}: Permission denied
    WARNING: Can't open file C:\System Volume Information\{ea593ef7-05f0-11e3-94b7-7071bc10bd06}{3808876b-c176-4e48-b7ae-04046e6cc752}: Permission denied
    WARNING: Can't open file C:\System Volume Information\{ea593f0e-05f0-11e3-94b7-7071bc10bd06}{3808876b-c176-4e48-b7ae-04046e6cc752}: Permission denied
    WARNING: Can't open file C:\Users\Matt\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1: Permission denied
    WARNING: Can't open file C:\Users\Matt\ntuser.dat.LOG1: Permission denied
    C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\acrobroker.exe: moved to 'C:\Qoobox\Quarantine\acrobroker.exe.infected'
    WARNING: Can't open file C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT.LOG1: Permission denied
    WARNING: Can't open file C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT.LOG1: Permission denied
    WARNING: Can't open file C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb: Permission denied
    WARNING: Can't open file C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb: Permission denied
    WARNING: Can't open file C:\Windows\System32\config\default: Permission denied
    WARNING: Can't open file C:\Windows\System32\config\DEFAULT.LOG1: Permission denied
    WARNING: Can't open file C:\Windows\System32\config\RegBack\DEFAULT: Permission denied
    WARNING: Can't open file C:\Windows\System32\config\RegBack\SAM: Permission denied
    WARNING: Can't open file C:\Windows\System32\config\RegBack\SECURITY: Permission denied
    WARNING: Can't open file C:\Windows\System32\config\RegBack\SOFTWARE: Permission denied
    WARNING: Can't open file C:\Windows\System32\config\RegBack\SYSTEM: Permission denied
    WARNING: Can't open file C:\Windows\System32\config\sam: Permission denied
    WARNING: Can't open file C:\Windows\System32\config\SAM.LOG1: Permission denied
    WARNING: Can't open file C:\Windows\System32\config\security: Permission denied
    WARNING: Can't open file C:\Windows\System32\config\SECURITY.LOG1: Permission denied
    WARNING: Can't open file C:\Windows\System32\config\software: Permission denied
    WARNING: Can't open file C:\Windows\System32\config\SOFTWARE.LOG1: Permission denied
    WARNING: Can't open file C:\Windows\System32\config\system: Permission denied
    WARNING: Can't open file C:\Windows\System32\config\SYSTEM.LOG1: Permission denied
    WARNING: Can't open file C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTDiagLog.etl: Permission denied
    WARNING: Can't open file C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-Application.etl: Permission denied
    WARNING: Can't open file C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventlog-Security.etl: Permission denied
    WARNING: Can't open file C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-System.etl: Permission denied
    WARNING: Can't open file C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTUBPM.etl: Permission denied
    WARNING: Can't open file C:\Windows\System32\Microsoft\Protect\Recovery\Recovery.dat.LOG1: Permission denied
    WARNING: Can't open file C:\Windows\System32\Microsoft\Protect\Recovery\Recovery.dat{02b8b5e0-ec81-11df-873b-00306724f956}.TM.blf: Permission denied
    WARNING: Can't open file C:\Windows\System32\Microsoft\Protect\Recovery\Recovery.dat{02b8b5e0-ec81-11df-873b-00306724f956}.TMContainer00000000000000000001.regtrans-ms: Permission denied
    WARNING: Can't open file C:\Windows\System32\Microsoft\Protect\Recovery\Recovery.dat{02b8b5e0-ec81-11df-873b-00306724f956}.TMContainer00000000000000000002.regtrans-ms: Permission denied
    WARNING: Can't open file C:\Windows\Temp\TmpFile1: Permission denied

    C:\Program Files (x86)\Creative\ShareDLL\CADI\CtPresetW.dll: Win.Trojan.Agent-469329 FOUND
    C:\Qoobox\Quarantine\CtPresetW.dll.infected: Win.Trojan.Agent-469329 FOUND
    C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\acrobroker.exe: Win.Trojan.Agent-428274 FOUND
    ----------- SCAN SUMMARY -----------
    Known viruses: 2668520
    Engine version: 0.97.6
    Scanned directories: 35367
    Scanned files: 192194
    Infected files: 3
    Not copied: 1
    Data scanned: 41281.57 MB
    Data read: 52875.22 MB (ratio 0.78:1)
    Time: 8136.986 sec (135 m 36 s)

    Re: other inconvenient actions I may have taken, well, I can't actually recall everything I did... I think that night wrapped up with me randomly deleting some [likely benign/important] files/shares/permissions I didn't recognize (as though I would really know what belongs, anyway...) then when THAT somehow failed to fix everything, I unplugged the Interwebs, turned off the PC and engaged in exclusively analog activities for a few days. Now I have turned it back on and come here, with nothing to offer except a challenge, and my useless ego in sacrifice.

    Here is my DDS log, per instructions:

    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 10.0.9200.16660 BrowserJavaVersion: 10.25.2
    Run by Matt at 17:33:53 on 2013-08-26
    #Option Extended Search is enabled.
    Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4094.2152 [GMT -7:00]
    .
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Windows\system32\svchost.exe -k apphost
    C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
    C:\Windows\system32\hasplms.exe
    C:\Windows\System32\svchost.exe -k ipripsvc
    C:\Windows\System32\tcpsvcs.exe
    C:\Windows\System32\snmp.exe
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Windows\System32\WUDFHost.exe
    C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
    C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Microsoft Device Center\itype.exe
    C:\Program Files\Microsoft Device Center\ipoint.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\svchost.exe -k SDRSVC
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Windows\splwow64.exe
    C:\Users\Matt\Downloads\Suite del technomedico\aswMBR.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} -
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} -
    EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} -
    uRun: [SpybotSD TeaTimer] C:\Users\Matt\AppData\Local\Temp\HBCD\SpybotSD\TeaTimer.exe
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    uPolicies-Explorer: NoDrives = dword:0
    mPolicies-Explorer: NoDrives = dword:0
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    mPolicies-System: DontDisplayLockedUserId = dword:1
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} -
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
    TCP: NameServer = 192.168.2.1
    TCP: Interfaces\{A373AF5D-6CF6-43F6-8A12-A8B3FBC13C69} : DHCPNameServer = 192.168.2.1
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
    SSODL: WebCheck - <orphaned>
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    x64-BHO: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} -
    x64-BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} -
    x64-Run: [IntelliType Pro] "C:\Program Files\Microsoft Device Center\itype.exe"
    x64-Run: [IntelliPoint] "C:\Program Files\Microsoft Device Center\ipoint.exe"
    x64-IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} -
    .
    INFO: x64-HKLM has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
    x64-SSODL: WebCheck - <orphaned>
    Hosts: 127.0.0.1 www.spywareinfo.com
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\tkb9qz04.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q=
    FF - prefs.js: browser.search.selectedEngine - Google
    FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q=
    FF - prefs.js: network.proxy.type - 4
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101752.dll
    FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
    FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\MIE\AlternaTIFF\npzzatif.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\tkb9qz04.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
    FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
    FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 BtHidBus;Bluetooth HID Bus Service;C:\Windows\System32\drivers\BtHidBus.sys [2011-12-21 25056]
    R1 nm3;Microsoft Network Monitor 3 Driver;C:\Windows\System32\drivers\nm3.sys [2010-6-9 46392]
    R1 StarPortLite;StarPort Storage Controller (Lite);C:\Windows\System32\drivers\StarPortLite.sys [2011-1-21 118888]
    R2 aksdf;aksdf;C:\Windows\System32\drivers\aksdf.sys [2013-5-1 83072]
    R2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [2012-10-28 166400]
    R2 hasplms;Sentinel Local License Manager;C:\Windows\System32\hasplms.exe -run --> C:\Windows\System32\hasplms.exe -run [?]
    R2 iprip;RIP Listener;C:\Windows\System32\svchost.exe -k ipripsvc [2009-7-13 27136]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S3 3xHybr64;3xHybrid service;C:\Windows\System32\drivers\3xHybr64.sys [2009-8-26 1333376]
    S3 Andbus;LGE Android Platform Composite USB Device;C:\Windows\System32\drivers\lgandbus64.sys [2013-5-2 19456]
    S3 AndDiag;LGE Android Platform USB Serial Port;C:\Windows\System32\drivers\lganddiag64.sys [2013-5-2 27648]
    S3 AndGps;LGE Android Platform USB GPS NMEA Port;C:\Windows\System32\drivers\lgandgps64.sys [2013-5-2 27136]
    S3 ANDModem;LGE Android Platform USB Modem;C:\Windows\System32\drivers\lgandmodem64.sys [2013-5-2 34304]
    S3 BTCOM;Bluetooth Serial port driver;C:\Windows\System32\drivers\btcomport.sys [2011-7-27 29576]
    S3 BTCOMBUS;Bluetooth Serial Port Bus Service;C:\Windows\System32\drivers\btcombus.sys [2011-7-27 25352]
    S3 btnetBUs;Bluetooth PAN Bus Service;C:\Windows\System32\drivers\btnetBus.sys [2011-12-21 31968]
    S3 CH341SER_A64;CH341SER_A64;C:\Windows\System32\drivers\CH341S64.SYS [2009-6-2 58368]
    S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2010-10-27 48488]
    S3 IvtBtBUs;IVT Bluetooth Bus Service;C:\Windows\System32\drivers\IvtBtBus.sys [2010-4-6 27016]
    S3 RDPDISPM;RDPDISPM;C:\Windows\System32\drivers\rdpdispm.sys [2010-8-31 10752]
    S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-18 19456]
    S3 SCMUSB;SCM Microsystems SCR300 USB Smart Card Reader;C:\Windows\System32\drivers\stcusb.sys [2009-7-13 26112]
    S3 synusb64;eLicenser;C:\Windows\System32\drivers\synusb64.sys [2011-4-15 30352]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-18 57856]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-10-27 1255736]
    S3 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
    S3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-13 25088]
    S4 BS_I2cIo;BS_I2cIo;C:\Windows\System32\drivers\BS_I2cIo.sys [2010-10-26 15408]
    S4 DragonSvc;Dragon Service;C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe [2011-6-5 296808]
    S4 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2012-10-28 128512]
    S4 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
    S4 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2013-6-7 3574624]
    .
    =============== Created Last 60 ================
    .
    2013-08-26 23:29:00 9515512 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{969CFC6C-30AB-4FD8-8F0D-9595E1B6174C}\mpengine.dll
    2013-08-18 23:04:03 -------- d-----w- C:\Program Files\Clamwin
    2013-08-18 14:00:13 -------- d-----w- C:\Users\Matt\Doctor Web
    2013-08-17 10:24:19 -------- d-----w- C:\TDSSKiller_Quarantine
    2013-08-17 07:02:18 -------- d-----w- C:\$RECYCLE.BIN
    2013-08-17 06:35:53 -------- d-----w- C:\Users\Matt\AppData\Local\Avg2013
    2013-08-17 06:22:18 208896 ----a-w- C:\Windows\MBR.exe
    2013-08-17 06:22:17 98816 ----a-w- C:\Windows\sed.exe
    2013-08-17 06:22:17 256000 ----a-w- C:\Windows\PEV.exe
    2013-08-17 05:52:04 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
    2013-08-17 04:15:48 -------- d-----w- C:\Users\Matt\AppData\Local\{88FFCDE7-AD07-4FCD-AA93-0876CD804585}
    2013-08-15 06:38:13 -------- d-----w- C:\Windows\System32\MRT
    2013-08-09 09:40:06 -------- d-----w- C:\Users\Matt\AppData\Local\{14A2E42B-4629-4D19-A912-4DE02DD6F750}
    2013-08-09 09:34:48 63776 ----a-w- C:\Windows\System32\nvshext.dll
    2013-08-09 09:34:48 3514656 ----a-w- C:\Windows\System32\nvsvc64.dll
    2013-08-09 09:34:47 884512 ----a-w- C:\Windows\System32\nvvsvc.exe
    2013-08-09 09:34:47 6496544 ----a-w- C:\Windows\System32\nvcpl.dll
    2013-08-09 09:34:47 237856 ----a-w- C:\Windows\System32\nvmctray.dll
    2013-08-09 09:34:23 61216 ----a-w- C:\Windows\System32\OpenCL.dll
    2013-08-09 09:34:23 53024 ----a-w- C:\Windows\SysWow64\OpenCL.dll
    2013-08-09 09:34:16 -------- d-----w- C:\ProgramData\NVIDIA Corporation
    2013-08-09 09:25:58 -------- d-----w- C:\NVIDIA
    2013-08-08 11:57:25 -------- d-----w- C:\Program Files (x86)\USBformat
    2013-08-08 11:57:04 -------- d-----w- C:\Users\Matt\New folder
    2013-08-08 11:25:27 -------- d-----w- C:\MyBootCD
    2013-08-08 11:06:05 -------- d-----w- C:\Program Files (x86)\Hiram Rescue Suite
    2013-08-07 18:54:50 -------- d-----w- C:\Users\Matt\HiramRescue
    2013-08-02 19:41:05 -------- d-----w- C:\Users\Matt\AppData\Local\Windows Live
    2013-08-02 19:40:56 -------- d-----w- C:\Users\Matt\AppData\Local\{C2D30A09-923D-4CE1-9EAB-5BBB47F05783}
    2013-07-16 15:54:36 -------- d-----w- C:\Program Files (x86)\LSS Locksmith
    2013-07-14 19:46:45 -------- d-----w- C:\Users\Matt\AppData\Local\AnVir
    2013-07-14 09:12:34 -------- d-----w- C:\Windows\System32\Reg
    2013-07-02 10:21:20 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
    2013-07-01 19:13:48 -------- d-----w- C:\Users\Matt\AppData\Local\{1094F067-AA91-4B8B-ADC7-D8854F014796}
    2013-07-01 07:13:17 -------- d-----w- C:\Users\Matt\AppData\Local\{EF3D19A0-B90B-4D23-9914-79E08420A584}
    .
    ==================== Find6M ====================
    .
    2013-07-26 05:13:37 2241024 ----a-w- C:\Windows\System32\wininet.dll
    2013-07-26 05:12:08 3958784 ----a-w- C:\Windows\System32\jscript9.dll
    2013-07-26 05:12:04 136704 ----a-w- C:\Windows\System32\iesysprep.dll
    2013-07-26 05:12:03 67072 ----a-w- C:\Windows\System32\iesetup.dll
    2013-07-26 03:35:08 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
    2013-07-26 03:13:24 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
    2013-07-26 03:12:04 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2013-07-26 03:12:00 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
    2013-07-26 03:12:00 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
    2013-07-26 02:49:14 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2013-07-26 02:39:38 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
    2013-07-26 01:59:38 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
    2013-07-25 09:25:54 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL
    2013-07-25 08:57:27 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
    2013-07-19 01:58:42 2048 ----a-w- C:\Windows\System32\tzres.dll
    2013-07-19 01:41:01 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
    2013-07-11 23:59:54 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2013-07-11 23:59:54 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2013-07-09 06:03:30 5550528 ----a-w- C:\Windows\System32\ntoskrnl.exe
    2013-07-09 05:54:22 1732032 ----a-w- C:\Windows\System32\ntdll.dll
    2013-07-09 05:53:12 243712 ----a-w- C:\Windows\System32\wow64.dll
    2013-07-09 05:52:52 224256 ----a-w- C:\Windows\System32\wintrust.dll
    2013-07-09 05:51:16 1217024 ----a-w- C:\Windows\System32\rpcrt4.dll
    2013-07-09 05:46:20 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
    2013-07-09 05:46:20 1472512 ----a-w- C:\Windows\System32\crypt32.dll
    2013-07-09 05:46:20 139776 ----a-w- C:\Windows\System32\cryptnet.dll
    2013-07-09 05:03:34 3968960 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
    2013-07-09 05:03:34 3913664 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
    2013-07-09 04:53:47 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll
    2013-07-09 04:52:33 663552 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
    2013-07-09 04:52:33 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
    2013-07-09 04:52:10 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll
    2013-07-09 04:46:31 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
    2013-07-09 04:46:31 1166848 ----a-w- C:\Windows\SysWow64\crypt32.dll
    2013-07-09 04:46:31 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
    2013-07-09 04:45:07 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
    2013-07-09 02:49:42 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
    2013-07-09 02:49:41 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
    2013-07-09 02:49:39 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
    2013-07-09 02:49:38 2048 ----a-w- C:\Windows\SysWow64\user.exe
    2013-07-06 06:03:53 1910208 ----a-w- C:\Windows\System32\drivers\tcpip.sys
    2013-07-02 10:21:11 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
    2013-07-02 10:21:11 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll
    2013-06-15 04:32:16 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys
    2013-06-05 03:34:27 3153920 ----a-w- C:\Windows\System32\win32k.sys
    2013-06-04 06:00:13 624128 ----a-w- C:\Windows\System32\qedit.dll
    2013-06-04 04:53:07 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
    2013-05-13 05:50:40 52224 ----a-w- C:\Windows\System32\certenc.dll
    2013-05-13 03:43:55 1192448 ----a-w- C:\Windows\System32\certutil.exe
    2013-05-13 03:08:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe
    2013-05-13 03:08:06 43008 ----a-w- C:\Windows\SysWow64\certenc.dll
    2013-05-10 05:49:27 30720 ----a-w- C:\Windows\System32\cryptdlg.dll
    2013-05-10 03:20:54 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll
    2013-05-03 01:24:47 1002728 ----a-w- C:\Windows\System32\WinUSBCoInstaller2.dll
    2013-05-02 09:06:08 278800 ------w- C:\Windows\System32\MpSigStub.exe
    2013-04-26 05:51:36 751104 ----a-w- C:\Windows\System32\win32spl.dll
    2013-04-26 04:55:21 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll
    2013-04-25 23:30:32 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll
    2013-04-17 07:02:06 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
    2013-04-17 06:24:46 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
    2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
    2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
    2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
    2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
    2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
    2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
    2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys
    2013-04-10 06:01:54 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
    2013-04-10 06:01:53 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
    2013-04-09 23:34:01 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll
    2013-04-04 21:50:32 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2013-04-02 22:51:57 1643520 ----a-w- C:\Windows\System32\DWrite.dll
    2013-03-31 22:52:16 1887232 ----a-w- C:\Windows\System32\d3d11.dll
    2013-03-19 05:53:58 48640 ----a-w- C:\Windows\System32\wwanprotdim.dll
    2013-03-19 05:53:58 230400 ----a-w- C:\Windows\System32\wwansvc.dll
    2013-03-19 05:46:56 43520 ----a-w- C:\Windows\System32\csrsrv.dll
    2013-03-19 04:47:50 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll
    2013-03-19 03:06:33 112640 ----a-w- C:\Windows\System32\smss.exe
    .
    ============= FINISH: 17:34:32.60 ===============


    The file, "attach.txt" from the DDS run, is zipped into the attachment along with aswMBR.txt and .dat which were produced once I hit the "save log" button... despite the scan still running on my C: drive. Wasn't sure you needed that part, so figured I'll get the ball rolling with what I've got, and gladly post the rest of the aswMBR log once it is done, if you wish.

    That about covers it, I think that is everything I can do to complicate things. (Unless you think I ought to stick some big magnets onto the harddrive enclosure...? :-)) Thanks in advance,

    Best,

    Matt

    PS- I know this isn't reflected in the log, but I DID just turn off the S&D Tea Timer. However, the program ignored my attempts to uncheck the "SD Helper", even when run as an admin. FYI.
    Attached Files Attached Files
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules