Jump to content

RupertHentzau

Members
  • Posts

    5
  • Joined

  • Last visited

Reputation

0 Neutral
  1. I've reset the router. The factory settings were so easily available to anyone it is no wonder they are hacked. Unfortunately the router won't let me reset it's password. Speaking to their technical guy this morning. I'll post you the details mid morning. Thanks for your help
  2. Even to a novice like me it seemed 'unusual' and I've just got the feeling whatever it was has come back. Could you tell me what you meant by security settings? Windows or malwarebytes settings ? and how would I do this please?
  3. I'm a little confused here. Is there something wrong? By 'you need to configure any security settings' where and what security settings? I've found out what dns servers my network should be using. But at a loss as to what I should do with that information? Thanks for your help (and patience).
  4. Had Searchcore. net last month. Rkill run and where previously got clean bill MWB Pro, spotted 2 infected files, was still there after scan (symptions hotmail account playing totally up). Totally reinstalled- no partitions. Now IE playing up, which was the first sympton last time. Last wednesday kept opening windows (weirdly so did my wife's laptop when I switched to that) and yahoo mail kept security flagging me that I was accessing mail from Netherlands, when I was in London. Am I still infected or just paranoid? Thanks guys. Do have patience if I've not given correct info, novice to all this. . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 8.0.7601.17514 Run by Martin at 15:37:06 on 2012-04-18 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3839.2396 [GMT 1:00] . AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\PROGRA~2\AVG\AVG2012\avgrsa.exe C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe C:\Program Files (x86)\Belkin\F7D4101\V1\wlansrv.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe C:\Program Files (x86)\AVG\AVG2012\avgemca.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\WUDFHost.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\Belkin\F7D4101\V1\PBN.exe C:\Program Files (x86)\AVG\AVG2012\avgtray.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\system32\DllHost.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Windows\system32\sppsvc.exe C:\Windows\servicing\TrustedInstaller.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://google.co.uk/ mWinlogon: Userinit=userinit.exe BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: AVG Do-Not-Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\PLAYWI~1.LNK - C:\Program Files (x86)\Belkin\F7D4101\V1\PBN.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL IE: {DA58ACA7-18A6-403A-93DA-6E4172D43709} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll Trusted Zone: clonewarsadventures.com Trusted Zone: freerealms.com Trusted Zone: soe.com Trusted Zone: sony.com DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab TCP: DhcpNameServer = 192.168.0.1 TCP: Interfaces\{58D7F3AC-69AD-4E47-9036-8E575EE2E6CD} : DhcpNameServer = 192.168.0.1 TCP: Interfaces\{A5BA96F0-F698-4789-ACF4-B176B748C5E7} : DhcpNameServer = 192.168.0.1 Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL mASetup: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: AVG Do-Not-Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll BHO-X64: AVG Do-Not-Track - No File BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO-X64: SkypeIEPluginBHO - No File TB-X64: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\gw9qyw9s.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/ FF - prefs.js: network.proxy.type - 0 FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll FF - plugin: C:\Users\Martin\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\npsoe.dll FF - plugin: C:\Users\Martin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll . ============= SERVICES / DRIVERS =============== . R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\avgidseha.sys --> C:\Windows\system32\DRIVERS\avgidseha.sys [?] R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?] R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?] R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?] R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928] R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [2012-2-14 5104992] R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-2-14 193288] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-4-11 654408] R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-4-9 3063968] R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-1-18 450848] R2 WLANBelkinService;Belkin WLAN service;C:\Program Files (x86)\Belkin\F7D4101\V1\wlansrv.exe [2009-12-28 36864] R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\avgidsdrivera.sys --> C:\Windows\system32\DRIVERS\avgidsdrivera.sys [?] R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\avgidsfiltera.sys --> C:\Windows\system32\DRIVERS\avgidsfiltera.sys [?] R3 BCMH43XX;N+ Wireless USB Adapter Driver;C:\Windows\system32\DRIVERS\bcmwlhigh664.sys --> C:\Windows\system32\DRIVERS\bcmwlhigh664.sys [?] R3 LVUVC64;Logitech Webcam 200(UVC);C:\Windows\system32\DRIVERS\lvuvc64.sys --> C:\Windows\system32\DRIVERS\lvuvc64.sys [?] R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-4-5 158856] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-3 253088] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] . =============== Created Last 30 ================ . 2012-04-18 09:43:25 -------- d-----w- C:\Program Files (x86)\Market Samurai 2012-04-18 05:07:19 -------- d-----w- C:\Users\Martin\AppData\Local\{B9942C70-AB80-4674-A88E-36434C428347} 2012-04-18 05:07:09 -------- d-----w- C:\Users\Martin\AppData\Local\{B33A4E46-E992-4810-A5FF-818809501250} 2012-04-17 08:43:18 -------- d-----w- C:\Users\Martin\AppData\Local\{C892B2D9-5E0D-4D0D-A22C-D428ADB9C25C} 2012-04-17 08:43:06 -------- d-----w- C:\Users\Martin\AppData\Local\{179275B1-3F30-4AA4-903F-9B57FE338AED} 2012-04-16 20:16:34 -------- d-----w- C:\Users\Martin\AppData\Local\{43195AF9-A15D-4FA7-805B-6DA96F72C587} 2012-04-16 20:16:23 -------- d-----w- C:\Users\Martin\AppData\Local\{D939CCB4-C08C-464B-8C2E-E0F0402D023F} 2012-04-16 08:16:09 -------- d-----w- C:\Users\Martin\AppData\Local\{C61DD24B-DECD-4FBB-96D5-E2571243EBD9} 2012-04-16 08:15:57 -------- d-----w- C:\Users\Martin\AppData\Local\{1687BE7D-8A08-4B3E-B312-E6771154F344} 2012-04-15 19:21:46 -------- d-----w- C:\Users\Martin\AppData\Local\{E09E47BD-D279-4B67-ACC6-C3C3D5BC2F41} 2012-04-15 19:21:35 -------- d-----w- C:\Users\Martin\AppData\Local\{5E2C1B29-8840-4CAF-8ECD-55BDF75DF72B} 2012-04-15 07:21:22 -------- d-----w- C:\Users\Martin\AppData\Local\{E3B53F65-AB6C-4E4B-8080-2342D16DE419} 2012-04-15 07:21:11 -------- d-----w- C:\Users\Martin\AppData\Local\{C04AF343-4F46-4EFE-B640-95B7DDF10032} 2012-04-14 19:20:57 -------- d-----w- C:\Users\Martin\AppData\Local\{BBB26C46-6236-470D-8AE4-14F4A3C33883} 2012-04-14 19:20:46 -------- d-----w- C:\Users\Martin\AppData\Local\{EDCAAD96-DC7A-4479-8567-A14560D2257C} 2012-04-14 14:48:01 8766112 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe 2012-04-14 07:20:31 -------- d-----w- C:\Users\Martin\AppData\Local\{F18BEF0F-A0BD-48D6-AB33-727E2FBA7408} 2012-04-14 07:20:19 -------- d-----w- C:\Users\Martin\AppData\Local\{284B7A63-6C81-49F1-94CA-DC62222BDD17} 2012-04-13 17:55:05 -------- d-----w- C:\Users\Martin\AppData\Local\{26BC4569-DCC4-4995-BF86-F0EC643F6D70} 2012-04-13 17:54:53 -------- d-----w- C:\Users\Martin\AppData\Local\{583950CE-E66C-4CC7-AC86-9C39E13BAB7E} 2012-04-13 10:13:41 -------- d-----w- C:\ProgramData\boost_interprocess 2012-04-13 10:13:19 -------- d-----r- C:\Program Files (x86)\Skype 2012-04-13 05:54:40 -------- d-----w- C:\Users\Martin\AppData\Local\{F9E3C431-1293-4359-A24C-5706A58CD7DC} 2012-04-13 05:54:28 -------- d-----w- C:\Users\Martin\AppData\Local\{83A815BD-A238-4A9D-B32C-3CA5672FCC89} 2012-04-12 17:54:01 -------- d-----w- C:\Users\Martin\AppData\Local\{7278B8B3-7C8F-4A48-AFA3-13C52AFC8D77} 2012-04-12 17:53:49 -------- d-----w- C:\Users\Martin\AppData\Local\{719A12E0-CECC-473B-90DF-98954361D451} 2012-04-12 05:53:20 -------- d-----w- C:\Users\Martin\AppData\Local\{05D4DECA-FD91-420B-B532-40BFA8A7EE75} 2012-04-12 05:53:09 -------- d-----w- C:\Users\Martin\AppData\Local\{ED3714E4-B9F9-470C-8CC8-29BC8E536B91} 2012-04-12 05:09:53 81408 ----a-w- C:\Windows\System32\imagehlp.dll 2012-04-12 05:09:53 5120 ----a-w- C:\Windows\SysWow64\wmi.dll 2012-04-12 05:09:53 5120 ----a-w- C:\Windows\System32\wmi.dll 2012-04-12 05:09:53 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys 2012-04-12 05:09:53 220672 ----a-w- C:\Windows\System32\wintrust.dll 2012-04-12 05:09:53 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll 2012-04-12 05:09:53 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll 2012-04-11 20:51:03 5559152 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-04-11 20:51:02 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-04-11 20:51:02 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-04-11 17:52:43 -------- d-----w- C:\Users\Martin\AppData\Local\{644215ED-1808-46FF-9D1F-D5F689470F19} 2012-04-11 17:52:32 -------- d-----w- C:\Users\Martin\AppData\Local\{86702B0C-CEA9-40D2-A10F-857901959E23} 2012-04-11 05:52:04 -------- d-----w- C:\Users\Martin\AppData\Local\{62C6E83F-DEC9-4C1E-851E-CB2CB07F16C9} 2012-04-11 05:51:52 -------- d-----w- C:\Users\Martin\AppData\Local\{59902D72-362D-48AA-B715-9B3AA1FB90F4} 2012-04-10 17:51:25 -------- d-----w- C:\Users\Martin\AppData\Local\{7650005E-6AF8-42D6-A497-0F1DE56F4CF5} 2012-04-10 17:51:13 -------- d-----w- C:\Users\Martin\AppData\Local\{FE50D59D-559B-44AB-A186-56813EDC5E92} 2012-04-10 05:51:01 -------- d-----w- C:\Users\Martin\AppData\Local\{F82F999D-05F2-4F5A-96BF-833A5F74BC1D} 2012-04-10 05:50:49 -------- d-----w- C:\Users\Martin\AppData\Local\{ABE6C3FE-0AC8-4580-8ABB-0606FE236D21} 2012-04-09 17:50:23 -------- d-----w- C:\Users\Martin\AppData\Local\{981A10FB-4E35-4A1B-93C4-65DEFA204D41} 2012-04-09 17:50:12 -------- d-----w- C:\Users\Martin\AppData\Local\{7A4B9A1E-DDE4-405B-B2E8-0E9587D4D8AF} 2012-04-09 10:22:30 4916384 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll 2012-04-09 05:49:59 -------- d-----w- C:\Users\Martin\AppData\Local\{5F6DB296-0169-4D1A-958E-A30406D525E4} 2012-04-09 05:49:48 -------- d-----w- C:\Users\Martin\AppData\Local\{6BFC1F6D-21C5-49BA-A59C-D9857F7474DD} 2012-04-08 17:49:21 -------- d-----w- C:\Users\Martin\AppData\Local\{670A4BBF-138C-4756-BB48-9DFCF9038B3E} 2012-04-08 17:49:10 -------- d-----w- C:\Users\Martin\AppData\Local\{3B723ACB-4DE2-41CB-98D0-47C61A131CFC} 2012-04-08 09:46:33 -------- d-----w- C:\Users\Martin\AppData\Local\Unity 2012-04-08 09:46:20 -------- d-----w- C:\Users\Martin\AppData\Local\Deployment 2012-04-08 09:46:20 -------- d-----w- C:\Users\Martin\AppData\Local\Apps 2012-04-08 05:48:55 -------- d-----w- C:\Users\Martin\AppData\Local\{1AE2C9F1-5DC0-4378-806E-6E3B11885B0E} 2012-04-08 05:48:44 -------- d-----w- C:\Users\Martin\AppData\Local\{43EBB5B0-B2A3-4C64-A359-9C7CC6D4C6E8} 2012-04-07 17:38:56 -------- d-----w- C:\Users\Martin\AppData\Local\{0F1DDBC2-E6C0-45E4-AF80-D9E2306615C5} 2012-04-07 17:38:45 -------- d-----w- C:\Users\Martin\AppData\Local\{C567D232-E6C4-40F7-ADED-F4D62C5E4798} 2012-04-07 10:31:15 -------- d-----w- C:\Users\Martin\AppData\Roaming\JonathanLeger.com 2012-04-07 10:31:15 -------- d-----w- C:\Users\Martin\AppData\Local\IsolatedStorage 2012-04-07 10:31:06 -------- d-----w- C:\Users\Martin\AppData\Local\JonathanLeger.com 2012-04-07 10:30:28 -------- d-----w- C:\Program Files (x86)\TheBestSpinner3 2012-04-07 10:27:30 -------- d-----w- C:\Users\Martin\AppData\Local\TheBestSpinner 2012-04-07 05:38:20 -------- d-----w- C:\Users\Martin\AppData\Local\{8BDF3E34-27E1-4869-91FB-B4BD46E2A365} 2012-04-07 05:38:09 -------- d-----w- C:\Users\Martin\AppData\Local\{B89DC5C4-3DEA-4192-823D-84FFD869416F} 2012-04-06 20:56:14 -------- d-----w- C:\Users\Martin\AppData\Local\Vagex 2012-04-06 17:37:43 -------- d-----w- C:\Users\Martin\AppData\Local\{28F28243-D5E1-44B2-AD66-37FE4E7B567E} 2012-04-06 17:37:33 -------- d-----w- C:\Users\Martin\AppData\Local\{56980446-B14A-4A47-9CD3-DAE9A91C5680} 2012-04-06 05:37:07 -------- d-----w- C:\Users\Martin\AppData\Local\{D69363EB-9E8B-4D52-B304-EBB2C7FACA46} 2012-04-06 05:36:57 -------- d-----w- C:\Users\Martin\AppData\Local\{20405D63-D367-47FF-9345-E5DB981F268E} 2012-04-06 05:36:56 -------- d-----w- C:\Users\Martin\AppData\Local\{5274CFB3-D142-4665-AB83-72DA1DC6C12A} 2012-04-06 05:07:54 77312 ----a-w- C:\Windows\System32\rdpwsx.dll 2012-04-06 05:07:54 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll 2012-04-06 04:40:38 -------- d-----w- C:\Windows\System32\SPReview 2012-04-06 04:39:21 -------- d-----w- C:\Windows\System32\EventProviders 2012-04-05 17:36:30 -------- d-----w- C:\Users\Martin\AppData\Local\{96C5DE79-2D59-4227-842C-D4783D12153D} 2012-04-05 17:36:19 -------- d-----w- C:\Users\Martin\AppData\Local\{94798529-08FE-43CA-8934-A01AD83BD4B0} 2012-04-05 05:36:07 -------- d-----w- C:\Users\Martin\AppData\Local\{F1290D9B-75BE-43C2-B8A2-193AC30D6486} 2012-04-05 05:35:56 -------- d-----w- C:\Users\Martin\AppData\Local\{6E6598B9-4D5B-48E0-9DBB-7D85EE28F1F4} 2012-04-04 20:02:11 -------- d-----w- C:\Users\Martin\AppData\Roaming\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1 2012-04-04 20:01:09 -------- d-----w- C:\Users\Martin\AppData\Local\Adobe 2012-04-04 17:35:30 -------- d-----w- C:\Users\Martin\AppData\Local\{AD4A945D-0429-4A3D-8D52-1CCD80FB1152} 2012-04-04 17:35:19 -------- d-----w- C:\Users\Martin\AppData\Local\{EB293F20-3C1D-49AF-837D-720A4B606CF3} 2012-04-04 05:34:50 -------- d-----w- C:\Users\Martin\AppData\Local\{16FF82A6-3FCC-43BA-824D-C373F172520E} 2012-04-04 05:34:39 -------- d-----w- C:\Users\Martin\AppData\Local\{88D89B32-1D40-43D0-9CD9-AE14F2755117} 2012-04-04 05:24:16 -------- d-----w- C:\Users\Martin\AppData\Local\Mozilla 2012-04-04 05:22:59 81920 ----a-w- C:\Windows\SysWow64\userenv.dll 2012-04-04 05:21:57 606208 ----a-w- C:\Windows\SysWow64\wbem\fastprox.dll 2012-04-04 05:21:57 363008 ----a-w- C:\Windows\SysWow64\wbemcomn.dll 2012-04-04 05:21:57 189952 ----a-w- C:\Program Files (x86)\Windows Portable Devices\sqmapi.dll 2012-04-04 05:20:52 529408 ----a-w- C:\Windows\System32\wbemcomn.dll 2012-04-04 05:20:52 244736 ----a-w- C:\Program Files\Windows Portable Devices\sqmapi.dll 2012-04-04 05:20:48 244736 ----a-w- C:\Windows\System32\sqmapi.dll 2012-04-04 04:58:13 -------- d-----w- C:\Users\Martin\AppData\Roaming\Malwarebytes 2012-04-04 04:58:08 -------- d-----w- C:\ProgramData\Malwarebytes 2012-04-04 04:58:07 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-04-04 04:58:07 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-04-04 04:55:59 96768 ----a-w- C:\Windows\System32\fsutil.exe 2012-04-04 04:55:59 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe 2012-04-04 04:55:59 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys 2012-04-04 04:55:59 27008 ----a-w- C:\Windows\System32\drivers\amdxata.sys 2012-04-04 04:40:04 -------- d-----w- C:\Windows\SysWow64\Wat 2012-04-04 04:40:04 -------- d-----w- C:\Windows\System32\Wat 2012-04-03 21:07:13 294912 ----a-w- C:\Windows\System32\browserchoice.exe 2012-04-03 18:51:31 -------- d-----w- C:\Users\Martin\AppData\Local\Google 2012-04-03 18:51:22 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-04-03 18:51:22 418464 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-04-03 17:34:15 -------- d-----w- C:\Users\Martin\AppData\Local\{4753EF42-633F-4A90-943B-74C96477177A} 2012-04-03 07:13:41 902656 ----a-w- C:\Windows\System32\d2d1.dll 2012-04-03 07:13:41 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll 2012-04-03 07:13:40 1139200 ----a-w- C:\Windows\System32\FntCache.dll 2012-04-03 05:05:43 14744 ----a-w- C:\Users\Martin\AppData\Roaming\Microsoft\IdentityCRL\Production\ppcrlconfig.dll 2012-04-03 05:03:48 -------- d-----w- C:\Program Files (x86)\MSECache 2012-04-03 04:35:59 -------- d-----w- C:\Users\Martin\AppData\Local\{2E4A2783-3E96-4ED2-8D88-0DC5F9BBD4AC} 2012-04-03 04:35:45 -------- d-----w- C:\Users\Martin\Tracing 2012-04-03 04:26:13 715776 ----a-w- C:\Windows\System32\kerberos.dll 2012-04-03 04:26:13 542208 ----a-w- C:\Windows\SysWow64\kerberos.dll 2012-04-03 04:24:57 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll 2012-04-03 04:23:43 43520 ----a-w- C:\Windows\System32\csrsrv.dll 2012-04-03 04:22:32 70656 ----a-w- C:\Windows\SysWow64\fontsub.dll 2012-04-03 04:22:32 46080 ----a-w- C:\Windows\System32\atmlib.dll 2012-04-03 04:22:32 367616 ----a-w- C:\Windows\System32\atmfd.dll 2012-04-03 04:22:32 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll 2012-04-03 04:22:32 294912 ----a-w- C:\Windows\SysWow64\atmfd.dll 2012-04-03 04:22:32 100864 ----a-w- C:\Windows\System32\fontsub.dll 2012-04-03 04:22:14 27520 ----a-w- C:\Windows\System32\drivers\Diskdump.sys 2012-04-03 04:20:54 642944 ----a-w- C:\Windows\System32\winload.efi 2012-04-03 04:19:58 861696 ----a-w- C:\Windows\System32\oleaut32.dll 2012-04-03 04:19:58 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll 2012-04-03 04:19:58 331776 ----a-w- C:\Windows\System32\oleacc.dll 2012-04-03 04:19:58 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll 2012-04-03 04:19:57 723456 ----a-w- C:\Windows\System32\EncDec.dll 2012-04-03 04:19:57 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll 2012-04-03 04:19:54 2048 ----a-w- C:\Windows\SysWow64\tzres.dll 2012-04-03 04:19:54 2048 ----a-w- C:\Windows\System32\tzres.dll 2012-04-03 04:19:44 1731920 ----a-w- C:\Windows\System32\ntdll.dll 2012-04-03 04:19:44 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll 2012-04-03 04:19:27 244736 ----a-w- C:\Program Files\Internet Explorer\sqmapi.dll 2012-04-03 04:19:23 189952 ----a-w- C:\Program Files (x86)\Internet Explorer\sqmapi.dll 2012-04-03 04:12:47 77312 ----a-w- C:\Windows\System32\packager.dll 2012-04-03 04:12:47 67072 ----a-w- C:\Windows\SysWow64\packager.dll 2012-04-03 04:10:12 -------- d-----w- C:\Windows\PCHEALTH 2012-04-03 04:07:07 -------- d-----w- C:\Users\Martin\AppData\Local\Microsoft Help 2012-04-02 20:20:11 -------- d-----w- C:\Windows\Panther 2012-04-02 20:19:46 -------- d-----w- C:\Windows\System32\oem 2012-04-02 19:21:33 0 ----a-w- C:\Windows\ativpsrm.bin 2012-04-02 18:40:36 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe 2012-04-02 18:40:35 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll 2012-04-02 18:40:35 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys 2012-04-02 18:40:35 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2012-04-02 18:40:35 1031680 ----a-w- C:\Windows\System32\rdpcore.dll 2012-04-02 13:14:59 -------- d-----w- C:\Program Files (x86)\Belkin 2012-04-02 13:06:38 -------- d-----w- C:\Users\Martin\AppData\Roaming\AVG2012 2012-04-02 13:06:00 -------- d-----w- C:\Windows\SysWow64\drivers\AVG 2012-04-02 13:05:48 -------- d--h--w- C:\$AVG 2012-04-02 13:05:48 -------- d-----w- C:\Windows\System32\drivers\AVG 2012-04-02 13:05:48 -------- d-----w- C:\ProgramData\AVG2012 2012-04-02 13:05:20 -------- d-----w- C:\Program Files (x86)\AVG 2012-04-02 13:02:39 -------- d--h--w- C:\ProgramData\Common Files 2012-04-02 13:02:27 -------- d-----w- C:\ProgramData\MFAData 2012-04-02 12:44:31 40464 ----a-w- C:\Windows\System32\drivers\npf.sys 2012-04-02 12:43:03 -------- d-----w- C:\Windows\{72E4A482-6DE7-406D-A6CD-59EF1123B0C9} 2012-04-02 12:29:44 -------- d-----w- C:\Users\Martin\AppData\Local\ElevatedDiagnostics 2012-04-02 12:25:59 8669240 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6AB8F123-AD1A-450C-B236-20AEFCDA53AB}\mpengine.dll 2012-04-02 12:25:58 279656 ------w- C:\Windows\System32\MpSigStub.exe 2012-04-02 11:47:03 45056 ----a-r- C:\Users\Martin\AppData\Roaming\Microsoft\Installer\{42929F0F-CE14-47AF-9FC7-FF297A603021}\NewShortcut1_42929F0FCE1447AF9FC7FF297A603021_1.exe 2012-04-02 11:47:03 -------- d-----w- C:\Windows\SysWow64\vmm32 2012-04-02 11:47:03 -------- d-----w- C:\Program Files (x86)\Dell 2012-04-02 11:46:44 -------- d-sh--w- C:\Windows\Installer 2012-04-02 11:35:53 -------- d-----w- C:\Users\Martin\AppData\Local\Diagnostics . ==================== Find3M ==================== . 2012-04-06 04:48:59 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll 2012-04-06 04:48:58 175616 ----a-w- C:\Windows\System32\msclmd.dll 2012-03-08 17:50:28 49016 ----a-w- C:\Windows\SysWow64\sirenacm.dll 2012-02-28 06:39:37 1188864 ----a-w- C:\Windows\System32\wininet.dll 2012-02-28 05:38:52 981504 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-02-28 04:31:38 1638912 ----a-w- C:\Windows\System32\mshtml.tlb 2012-02-28 03:52:27 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-02-22 04:25:50 382032 ----a-w- C:\Windows\System32\drivers\avgtdia.sys 2012-02-22 04:25:32 289872 ----a-w- C:\Windows\System32\drivers\avgldx64.sys 2012-02-10 06:36:07 1544192 ----a-w- C:\Windows\System32\DWrite.dll 2012-02-10 05:38:43 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll 2012-02-07 10:02:40 1070352 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX 2012-02-03 04:34:34 3145728 ----a-w- C:\Windows\System32\win32k.sys 2012-01-31 03:46:48 36944 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys . ============= FINISH: 15:38:03.50 =============== DDS.txt Attach.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.