odlaw
-
Posts
8 -
Joined
-
Last visited
-
The script was posted with instructions and now it has been removed from this thread. Please do not call me a liar. I will post the script if you would like and perhaps it will jog one of the moderators memory or this site has been hacked. In any event my problem has been solved by whoever posted that script for me to run. I can't donate to them can I? Odlaw
-
It appears that the malware has been removed. What was it and is malwarebytes anti malware going to be updated to remove this automatically in the future? You guys are great. Thanks
-
ComboFix 14-01-16.03 - Dave 01/21/2014 20:38:00.2.1 - x86 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.1015.480 [GMT -5:00] Running from: c:\users\Dave\Desktop\ComboFix.exe Command switches used :: c:\users\Dave\Desktop\cfscript.txt AV: Kaspersky Internet Security *Disabled/Outdated* {56547CC9-C9B2-849D-8FEF-A496150D6A06} FW: Kaspersky Internet Security *Disabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D} SP: Kaspersky Internet Security *Disabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB} SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . - REDUCED FUNCTIONALITY MODE - . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\system32\drivers\multikey.sys . . --------------- FCopy --------------- . c:\windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7601.17514_none_6bd245e79c221747\rpcss.dll --> c:\windows\System32\rpcss.dll . ((((((((((((((((((((((((( Files Created from 2013-12-22 to 2014-01-22 ))))))))))))))))))))))))))))))) . . 2014-01-22 01:40 . 2014-01-22 01:42 -------- d-----w- c:\users\Dave\AppData\Local\temp 2014-01-22 01:40 . 2014-01-22 01:40 -------- d-----w- c:\users\Default\AppData\Local\temp 2014-01-22 01:40 . 2014-01-22 01:40 -------- d-----w- c:\users\Arlene\AppData\Local\temp 2014-01-17 22:19 . 2013-04-04 19:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2014-01-17 02:20 . 2014-01-17 02:53 -------- d-----w- c:\users\Dave\AppData\Roaming\Wise Registry Cleaner 2014-01-16 23:33 . 2014-01-16 23:33 -------- d-----w- c:\windows\ERUNT 2014-01-10 23:24 . 2014-01-10 23:31 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable) 2014-01-10 22:35 . 2014-01-11 15:00 -------- d-----w- C:\TDSSKiller_Quarantine 2014-01-10 22:21 . 2014-01-10 22:21 -------- d-----w- c:\users\Dave\AppData\Local\VS Revo Group 2014-01-10 22:21 . 2014-01-10 22:21 -------- d-----w- c:\programdata\VS Revo Group 2014-01-10 22:21 . 2009-12-30 15:21 27192 ----a-w- c:\windows\system32\drivers\revoflt.sys 2014-01-10 00:49 . 2014-01-19 01:52 -------- d-----w- C:\AdwCleaner 2014-01-07 01:36 . 2014-01-17 22:15 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2013-12-30 03:25 . 2014-01-13 02:14 -------- d-----w- c:\users\Dave\AppData\Local\CrashDumps . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2014-01-13 03:51 . 2014-01-11 15:34 132224 ----a-w- c:\windows\system32\drivers\WUDFRd.sys.bak 2014-01-13 03:51 . 2014-01-11 15:34 92672 ----a-w- c:\windows\system32\drivers\WUDFPf.sys.bak 2014-01-13 03:51 . 2014-01-11 15:34 16384 ----a-w- c:\windows\system32\drivers\ws2ifsl.sys.bak 2014-01-13 03:51 . 2014-01-11 15:34 14912 ----a-w- c:\windows\system32\drivers\wmilib.sys.bak 2014-01-13 03:51 . 2014-01-11 15:34 11264 ----a-w- c:\windows\system32\drivers\wmiacpi.sys.bak 2014-01-13 03:51 . 2014-01-11 15:34 34944 ----a-w- c:\windows\system32\drivers\winusb.sys.bak 2014-01-13 03:51 . 2014-01-11 15:34 19008 ----a-w- c:\windows\system32\drivers\wimmount.sys.bak 2014-01-13 03:51 . 2014-01-11 15:34 9728 ----a-w- c:\windows\system32\drivers\wfplwf.sys.bak 2014-01-13 03:51 . 2014-01-11 15:34 38480 ----a-w- c:\windows\system32\drivers\WdfLdr.sys.bak 2014-01-13 03:51 . 2014-01-11 15:34 445008 ----a-w- c:\windows\system32\drivers\Wdf01000.sys.bak 2014-01-13 03:51 . 2014-01-11 15:34 19024 ----a-w- c:\windows\system32\drivers\wd.sys.bak 2014-01-13 03:51 . 2014-01-11 15:34 35328 ----a-w- c:\windows\system32\drivers\watchdog.sys.bak 2014-01-13 03:51 . 2014-01-11 15:34 63488 ----a-w- c:\windows\system32\drivers\wanarp.sys.bak 2014-01-13 03:51 . 2014-01-11 15:34 21632 ----a-w- c:\windows\system32\drivers\wacompen.sys.bak 2014-01-13 03:51 . 2014-01-11 15:34 14336 ----a-w- c:\windows\system32\drivers\vwifimp.sys.bak 2014-01-13 03:51 . 2014-01-11 15:34 48128 ----a-w- c:\windows\system32\drivers\vwififlt.sys.bak 2014-01-13 03:51 . 2014-01-11 15:34 19968 ----a-w- c:\windows\system32\drivers\vwifibus.sys.bak 2014-01-13 03:51 . 2014-01-11 15:34 242176 ----a-w- c:\windows\system32\drivers\VSTICH3.SYS.bak 2014-01-13 03:51 . 2014-01-11 15:34 980992 ----a-w- c:\windows\system32\drivers\VSTDPV3.SYS.bak 2014-01-13 03:51 . 2014-01-11 15:34 661504 ----a-w- c:\windows\system32\drivers\VSTCNXT3.SYS.bak 2014-01-13 03:51 . 2014-01-11 15:34 141904 ----a-w- c:\windows\system32\drivers\vsmraid.sys.bak 2014-01-13 03:51 . 2014-01-11 15:34 245328 ----a-w- c:\windows\system32\drivers\volsnap.sys.bak 2014-01-13 03:51 . 2014-01-11 15:34 297040 ----a-w- c:\windows\system32\drivers\volmgrx.sys.bak 2014-01-13 03:51 . 2014-01-11 15:34 53312 ----a-w- c:\windows\system32\drivers\volmgr.sys.bak 2014-01-13 03:51 . 2014-01-11 15:34 111616 ----a-w- c:\windows\system32\drivers\videoprt.sys.bak 2014-01-13 03:51 . 2014-01-11 15:34 16976 ----a-w- c:\windows\system32\drivers\viaide.sys.bak 2014-01-13 03:51 . 2014-01-11 15:34 52736 ----a-w- c:\windows\system32\drivers\viac7.sys.bak 2014-01-13 03:51 . 2014-01-11 15:34 53328 ----a-w- c:\windows\system32\drivers\VIAAGP.SYS.bak 2014-01-13 03:51 . 2014-01-11 15:33 159824 ----a-w- c:\windows\system32\drivers\vhdmp.sys.bak 2014-01-13 03:51 . 2014-01-11 15:33 26112 ----a-w- c:\windows\system32\drivers\vgapnp.sys.bak 2014-01-13 03:51 . 2014-01-11 15:33 25088 ----a-w- c:\windows\system32\drivers\vga.sys.bak 2014-01-13 03:51 . 2014-01-11 15:33 32832 ----a-w- c:\windows\system32\drivers\vdrvroot.sys.bak 2014-01-13 03:51 . 2014-01-11 15:33 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys.bak 2014-01-13 03:51 . 2014-01-11 15:33 75776 ----a-w- c:\windows\system32\drivers\USBSTOR.SYS.bak 2014-01-13 03:51 . 2014-01-11 15:33 26112 ----a-w- c:\windows\system32\drivers\usbrpm.sys.bak 2014-01-13 03:51 . 2014-01-11 15:33 19968 ----a-w- c:\windows\system32\drivers\usbprint.sys.bak 2014-01-13 03:51 . 2014-01-11 15:33 284160 ----a-w- c:\windows\system32\drivers\usbport.sys.bak 2014-01-13 03:51 . 2014-01-11 15:33 20480 ----a-w- c:\windows\system32\drivers\usbohci.sys.bak 2014-01-13 03:51 . 2014-01-11 15:33 88960 ----a-w- c:\windows\system32\drivers\USBlyzer.sys.bak 2014-01-13 03:51 . 2014-01-11 15:33 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys.bak 2014-01-13 03:50 . 2014-01-11 15:33 43008 ----a-w- c:\windows\system32\drivers\usbehci.sys.bak 2014-01-13 03:50 . 2014-01-11 15:33 5888 ----a-w- c:\windows\system32\drivers\usbd.sys.bak 2014-01-13 03:50 . 2014-01-11 15:33 86016 ----a-w- c:\windows\system32\drivers\usbcir.sys.bak 2014-01-13 03:50 . 2014-01-11 15:33 75776 ----a-w- c:\windows\system32\drivers\usbccgp.sys.bak 2014-01-13 03:50 . 2014-01-11 15:33 25856 ----a-w- c:\windows\system32\drivers\USBCAMD2.sys.bak 2014-01-13 03:50 . 2014-01-11 15:33 25856 ----a-w- c:\windows\system32\drivers\USBCAMD.sys.bak 2014-01-13 03:50 . 2014-01-11 15:33 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys.bak 2014-01-13 03:50 . 2014-01-11 15:33 8192 ----a-w- c:\windows\system32\drivers\umpass.sys.bak 2014-01-13 03:50 . 2014-01-11 15:33 39936 ----a-w- c:\windows\system32\drivers\umbus.sys.bak 2014-01-13 03:50 . 2014-01-11 15:33 57424 ----a-w- c:\windows\system32\drivers\ULIAGPKX.SYS.bak 2014-01-13 03:50 . 2014-01-11 15:33 246784 ----a-w- c:\windows\system32\drivers\udfs.sys.bak 2014-01-13 03:50 . 2014-01-11 15:32 55888 ----a-w- c:\windows\system32\drivers\UAGP35.SYS.bak 2014-01-13 03:50 . 2014-01-11 15:32 108544 ----a-w- c:\windows\system32\drivers\tunnel.sys.bak 2014-01-13 03:50 . 2014-01-11 15:32 30208 ----a-w- c:\windows\system32\drivers\tssecsrv.sys.bak 2014-01-13 03:50 . 2014-01-11 15:32 51776 ----a-w- c:\windows\system32\drivers\termdd.sys.bak 2014-01-13 03:50 . 2014-01-11 15:32 74240 ----a-w- c:\windows\system32\drivers\tdx.sys.bak 2014-01-13 03:50 . 2014-01-11 15:32 24064 ----a-w- c:\windows\system32\drivers\tdtcp.sys.bak 2014-01-13 03:50 . 2014-01-11 15:32 17920 ----a-w- c:\windows\system32\drivers\tdpipe.sys.bak 2014-01-13 03:50 . 2014-01-11 15:32 20992 ----a-w- c:\windows\system32\drivers\tdi.sys.bak 2014-01-13 03:50 . 2014-01-11 15:32 34816 ----a-w- c:\windows\system32\drivers\tcpipreg.sys.bak 2014-01-13 03:50 . 2014-01-11 15:31 1285488 ----a-w- c:\windows\system32\drivers\tcpip.sys.bak 2014-01-13 03:50 . 2014-01-11 15:31 24576 ----a-w- c:\windows\system32\drivers\tape.sys.bak 2014-01-13 03:50 . 2014-01-11 15:31 12240 ----a-w- c:\windows\system32\drivers\swenum.sys.bak 2014-01-13 03:50 . 2014-01-11 15:31 53632 ----a-w- c:\windows\system32\drivers\stream.sys.bak 2014-01-13 03:50 . 2014-01-11 15:31 146304 ----a-w- c:\windows\system32\drivers\storport.sys.bak 2014-01-13 03:50 . 2014-01-11 15:31 21072 ----a-w- c:\windows\system32\drivers\stexstor.sys.bak 2014-01-13 03:50 . 2014-01-11 15:31 273168 ----a-w- c:\windows\system32\drivers\STAC97.sys.bak 2014-01-13 03:50 . 2014-01-11 15:31 114176 ----a-w- c:\windows\system32\drivers\srvnet.sys.bak 2014-01-13 03:50 . 2014-01-11 15:31 309760 ----a-w- c:\windows\system32\drivers\srv2.sys.bak 2014-01-13 03:50 . 2014-01-11 15:31 311296 ----a-w- c:\windows\system32\drivers\srv.sys.bak 2014-01-13 03:50 . 2014-01-11 15:31 405504 ----a-w- c:\windows\system32\drivers\spsys.sys.bak 2014-01-13 03:50 . 2014-01-11 15:31 17472 ----a-w- c:\windows\system32\drivers\spldr.sys.bak 2014-01-13 03:50 . 2014-01-11 15:31 17408 ----a-w- c:\windows\system32\drivers\smclib.sys.bak 2014-01-13 03:50 . 2014-01-11 15:31 71168 ----a-w- c:\windows\system32\drivers\smb.sys.bak 2014-01-13 03:50 . 2014-01-11 15:31 77888 ----a-w- c:\windows\system32\drivers\sisraid4.sys.bak 2014-01-13 03:50 . 2014-01-11 15:31 40016 ----a-w- c:\windows\system32\drivers\sisraid2.sys.bak 2014-01-13 03:50 . 2014-01-11 15:31 52304 ----a-w- c:\windows\system32\drivers\SISAGP.SYS.bak 2014-01-13 03:50 . 2014-01-11 15:31 13824 ----a-w- c:\windows\system32\drivers\sfloppy.sys.bak 2014-01-13 03:50 . 2014-01-11 15:31 12800 ----a-w- c:\windows\system32\drivers\sffp_sd.sys.bak 2014-01-13 03:50 . 2014-01-11 15:31 12288 ----a-w- c:\windows\system32\drivers\sffp_mmc.sys.bak 2014-01-13 03:50 . 2014-01-11 15:31 11264 ----a-w- c:\windows\system32\drivers\sffdisk.sys.bak 2014-01-13 03:50 . 2014-01-11 15:30 19968 ----a-w- c:\windows\system32\drivers\sermouse.sys.bak 2014-01-13 03:50 . 2014-01-11 15:30 83456 ----a-w- c:\windows\system32\drivers\serial.sys.bak 2014-01-13 03:50 . 2014-01-11 15:30 17920 ----a-w- c:\windows\system32\drivers\serenum.sys.bak 2014-01-13 03:50 . 2014-01-11 15:30 20480 ----a-w- c:\windows\system32\drivers\secdrv.sys.bak 2014-01-13 03:50 . 2014-01-11 15:30 140368 ----a-w- c:\windows\system32\drivers\scsiport.sys.bak 2014-01-13 03:50 . 2014-01-11 15:30 26624 ----a-w- c:\windows\system32\drivers\scfilter.sys.bak 2014-01-13 03:50 . 2014-01-11 15:30 85568 ----a-w- c:\windows\system32\drivers\sbp2port.sys.bak 2014-01-13 03:50 . 2014-01-11 15:30 60928 ----a-w- c:\windows\system32\drivers\rspndr.sys.bak 2014-01-13 03:50 . 2014-01-11 15:30 8192 ----a-w- c:\windows\system32\drivers\rootmdm.sys.bak 2014-01-13 03:50 . 2014-01-11 15:30 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys.bak 2014-01-13 03:50 . 2014-01-11 15:30 117248 ----a-w- c:\windows\system32\drivers\rmcast.sys.bak 2014-01-13 03:50 . 2014-01-11 15:30 129536 ----a-w- c:\windows\system32\drivers\rfcomm.sys.bak 2014-01-13 03:50 . 2014-01-11 15:30 27192 ----a-w- c:\windows\system32\drivers\revoflt.sys.bak 2014-01-13 03:50 . 2014-01-11 15:30 173648 ----a-w- c:\windows\system32\drivers\rdyboost.sys.bak 2014-01-13 03:50 . 2014-01-11 15:30 177152 ----a-w- c:\windows\system32\drivers\rdpwd.sys.bak 2014-01-13 03:50 . 2014-01-11 15:30 7168 ----a-w- c:\windows\system32\drivers\RDPREFMP.sys.bak 2014-01-13 03:50 . 2014-01-11 15:30 6656 ----a-w- c:\windows\system32\drivers\RDPENCDD.sys.bak 2014-01-13 03:50 . 2014-01-11 15:30 6656 ----a-w- c:\windows\system32\drivers\RDPCDD.sys.bak 2014-01-13 03:50 . 2014-01-11 15:30 18944 ----a-w- c:\windows\system32\drivers\rdpbus.sys.bak . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension] @="{CDC95B92-E27C-4745-A8C5-64A52A78855D}" [HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}] 2011-03-02 15:23 68216 ----a-w- d:\utilities\IDMShellExt.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IDMan"="d:\utilities\IDMan.exe" [2011-03-15 3278232] "ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2005-02-16 221184] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "USB2Check"="c:\windows\system32\PCLECoInst.dll" [2006-11-06 81920] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-01-13 131072] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-01-13 163840] "Persistence"="c:\windows\system32\igfxpers.exe" [2007-01-13 135168] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-16 81920] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKLM\~\startupfolder\C:^Users^Dave^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk] path=c:\users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup backupExtension=.Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2011-03-30 04:59 937920 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2011-09-07 22:58 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] 2008-10-25 16:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PrnStatusMX] 2007-08-29 21:06 1077248 ----a-w- c:\program files\Hewlett-Packard\PrnStatusMX\PrnStatusMX.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile-based device management] 2007-05-31 14:21 648072 ----a-w- c:\windows\WindowsMobile\wmdcBase.exe . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 . R2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run [x] R2 MBAMService;MBAMService;d:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512] R2 multikey;Virtual USB MultiKey;c:\windows\system32\DRIVERS\multikey.sys [x] R3 cleanhlp;cleanhlp;f:\eek\Run\cleanhlp32.sys [x] R3 gfiark;gfiark;c:\windows\system32\drivers\gfiark.sys [2013-05-23 43368] R3 qcusbser;Qualcomm USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\qcusbser.sys [2004-11-02 64384] R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192] R3 SydexFDD;Sydex Diskette Driver;c:\windows\System32\drivers\sydexfdd.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-03-11 1343400] S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [2010-06-09 11352] S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2010-04-22 22104] S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2011-01-25 85768] S2 MBAMScheduler;MBAMScheduler;d:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376] S3 GTIPCI21;GTIPCI21;c:\windows\system32\DRIVERS\gtipci21.sys [2006-09-14 88192] S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2009-11-02 19984] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 22856] S3 USBlyzer;USBlyzer Capture Driver;c:\windows\system32\DRIVERS\USBlyzer.sys [2010-03-24 88960] S3 VST_DPV;VST_DPV;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992] S3 VSTHWICH;VSTHWICH;c:\windows\system32\DRIVERS\VSTICH3.SYS [2009-07-13 242176] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] WindowsMobile REG_MULTI_SZ wcescomm rapimgr LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr . Contents of the 'Scheduled Tasks' folder . 2014-01-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2013-09-12 23:29] . 2014-01-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2013-09-12 23:29] . . ------- Supplementary Scan ------- . IE: Download all links with IDM - d:\utilities\IEGetAll.htm IE: Download FLV video content with IDM - d:\utilities\IEGetVL.htm IE: Download with IDM - d:\utilities\IEExt.htm IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 Trusted Zone: intuit.com\ttlc TCP: DhcpNameServer = 192.168.1.1 . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TrueSight] "ImagePath"="\??\" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-2498604805-1792745340-2404885984-1000_Classes\CLSID\{20e5c607-f2b3-45c9-8fca-e1c569cf56b4}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "Model"=dword:00000005 "Therad"=dword:0000001e "MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26, 38,95,44,e6,4e,41,10,c4,2c,98,b2,df,7b,ad,34,74,cf,94,30,42,2d,58,8e,14,1a,\ . [HKEY_USERS\S-1-5-21-2498604805-1792745340-2404885984-1000_Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "scansk"=hex(0):f2,b6,4e,1a,bc,f9,87,85,f2,16,3a,e5,77,8f,a8,ef,60,3d,4a,ae,ad, f0,8f,55,3e,4e,6d,6e,fd,ac,33,c6,2a,52,41,a9,ab,47,c8,bf,00,00,00,00,00,00,\ . [HKEY_USERS\S-1-5-21-2498604805-1792745340-2404885984-1000_Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}] @Denied: (Full) (Everyone) "scansk"=hex(0):12,c0,93,08,60,e1,c1,33,5e,21,2a,61,fd,4a,c2,8b,2f,98,16,0d,1c, 13,41,2d,fb,88,79,ac,be,1b,89,49,83,ef,1e,bb,10,dc,46,eb,00,00,00,00,00,00,\ . [HKEY_USERS\S-1-5-21-2498604805-1792745340-2404885984-1000_Classes\CLSID\{ff825e20-f30f-4dd0-a442-5fd6f2630918}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "Model"=dword:0000007f "Therad"=dword:00000015 "MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a, 1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\ . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\taskhost.exe c:\windows\system32\WUDFHost.exe c:\windows\system32\conhost.exe c:\windows\system32\igfxsrvc.exe c:\windows\system32\sppsvc.exe c:\program files\Windows Media Player\wmpnetwk.exe . ************************************************************************** . Completion time: 2014-01-21 20:47:03 - machine was rebooted ComboFix-quarantined-files.txt 2014-01-22 01:47 ComboFix2.txt 2014-01-20 23:19 . Pre-Run: 614,002,688 bytes free Post-Run: 562,835,456 bytes free . - - End Of File - - 3343E56F282ECDA9068890CA152C804C A36C5E4F47E84449FF07ED3517B43A31
-
Here you go ComboFix 14-01-16.03 - Dave 01/20/2014 18:00:27.1.1 - x86 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.1015.503 [GMT -5:00] Running from: c:\users\Dave\Desktop\ComboFix.exe AV: Kaspersky Internet Security *Disabled/Outdated* {56547CC9-C9B2-849D-8FEF-A496150D6A06} FW: Kaspersky Internet Security *Disabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D} SP: Kaspersky Internet Security *Disabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB} SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((( Files Created from 2013-12-20 to 2014-01-20 ))))))))))))))))))))))))))))))) . . 2014-01-20 23:11 . 2014-01-20 23:11 -------- d-----w- c:\users\Default\AppData\Local\temp 2014-01-17 22:19 . 2013-04-04 19:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2014-01-17 02:20 . 2014-01-17 02:53 -------- d-----w- c:\users\Dave\AppData\Roaming\Wise Registry Cleaner 2014-01-16 23:33 . 2014-01-16 23:33 -------- d-----w- c:\windows\ERUNT 2014-01-10 23:24 . 2014-01-10 23:31 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable) 2014-01-10 22:35 . 2014-01-11 15:00 -------- d-----w- C:\TDSSKiller_Quarantine 2014-01-10 22:21 . 2014-01-10 22:21 -------- d-----w- c:\users\Dave\AppData\Local\VS Revo Group 2014-01-10 22:21 . 2014-01-10 22:21 -------- d-----w- c:\programdata\VS Revo Group 2014-01-10 22:21 . 2009-12-30 15:21 27192 ----a-w- c:\windows\system32\drivers\revoflt.sys 2014-01-10 00:49 . 2014-01-19 01:52 -------- d-----w- C:\AdwCleaner 2014-01-07 01:36 . 2014-01-17 22:15 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2013-12-30 03:25 . 2014-01-13 02:14 -------- d-----w- c:\users\Dave\AppData\Local\CrashDumps . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2014-01-13 03:51 . 2014-01-11 15:34 132224 ----a-w- c:\windows\system32\drivers\WUDFRd.sys.bak 2014-01-13 03:51 . 2014-01-11 15:34 92672 ----a-w- c:\windows\system32\drivers\WUDFPf.sys.bak 2014-01-13 03:51 . 2014-01-11 15:34 16384 ----a-w- c:\windows\system32\drivers\ws2ifsl.sys.bak 2014-01-13 03:51 . 2014-01-11 15:34 14912 ----a-w- c:\windows\system32\drivers\wmilib.sys.bak 2014-01-13 03:51 . 2014-01-11 15:34 11264 ----a-w- c:\windows\system32\drivers\wmiacpi.sys.bak 2014-01-13 03:51 . 2014-01-11 15:34 34944 ----a-w- c:\windows\system32\drivers\winusb.sys.bak 2014-01-13 03:51 . 2014-01-11 15:34 19008 ----a-w- c:\windows\system32\drivers\wimmount.sys.bak 2014-01-13 03:51 . 2014-01-11 15:34 9728 ----a-w- c:\windows\system32\drivers\wfplwf.sys.bak 2014-01-13 03:51 . 2014-01-11 15:34 38480 ----a-w- c:\windows\system32\drivers\WdfLdr.sys.bak 2014-01-13 03:51 . 2014-01-11 15:34 445008 ----a-w- c:\windows\system32\drivers\Wdf01000.sys.bak 2014-01-13 03:51 . 2014-01-11 15:34 19024 ----a-w- c:\windows\system32\drivers\wd.sys.bak 2014-01-13 03:51 . 2014-01-11 15:34 35328 ----a-w- c:\windows\system32\drivers\watchdog.sys.bak 2014-01-13 03:51 . 2014-01-11 15:34 63488 ----a-w- c:\windows\system32\drivers\wanarp.sys.bak 2014-01-13 03:51 . 2014-01-11 15:34 21632 ----a-w- c:\windows\system32\drivers\wacompen.sys.bak 2014-01-13 03:51 . 2014-01-11 15:34 14336 ----a-w- c:\windows\system32\drivers\vwifimp.sys.bak 2014-01-13 03:51 . 2014-01-11 15:34 48128 ----a-w- c:\windows\system32\drivers\vwififlt.sys.bak 2014-01-13 03:51 . 2014-01-11 15:34 19968 ----a-w- c:\windows\system32\drivers\vwifibus.sys.bak 2014-01-13 03:51 . 2014-01-11 15:34 242176 ----a-w- c:\windows\system32\drivers\VSTICH3.SYS.bak 2014-01-13 03:51 . 2014-01-11 15:34 980992 ----a-w- c:\windows\system32\drivers\VSTDPV3.SYS.bak 2014-01-13 03:51 . 2014-01-11 15:34 661504 ----a-w- c:\windows\system32\drivers\VSTCNXT3.SYS.bak 2014-01-13 03:51 . 2014-01-11 15:34 141904 ----a-w- c:\windows\system32\drivers\vsmraid.sys.bak 2014-01-13 03:51 . 2014-01-11 15:34 245328 ----a-w- c:\windows\system32\drivers\volsnap.sys.bak 2014-01-13 03:51 . 2014-01-11 15:34 297040 ----a-w- c:\windows\system32\drivers\volmgrx.sys.bak 2014-01-13 03:51 . 2014-01-11 15:34 53312 ----a-w- c:\windows\system32\drivers\volmgr.sys.bak 2014-01-13 03:51 . 2014-01-11 15:34 111616 ----a-w- c:\windows\system32\drivers\videoprt.sys.bak 2014-01-13 03:51 . 2014-01-11 15:34 16976 ----a-w- c:\windows\system32\drivers\viaide.sys.bak 2014-01-13 03:51 . 2014-01-11 15:34 52736 ----a-w- c:\windows\system32\drivers\viac7.sys.bak 2014-01-13 03:51 . 2014-01-11 15:34 53328 ----a-w- c:\windows\system32\drivers\VIAAGP.SYS.bak 2014-01-13 03:51 . 2014-01-11 15:33 159824 ----a-w- c:\windows\system32\drivers\vhdmp.sys.bak 2014-01-13 03:51 . 2014-01-11 15:33 26112 ----a-w- c:\windows\system32\drivers\vgapnp.sys.bak 2014-01-13 03:51 . 2014-01-11 15:33 25088 ----a-w- c:\windows\system32\drivers\vga.sys.bak 2014-01-13 03:51 . 2014-01-11 15:33 32832 ----a-w- c:\windows\system32\drivers\vdrvroot.sys.bak 2014-01-13 03:51 . 2014-01-11 15:33 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys.bak 2014-01-13 03:51 . 2014-01-11 15:33 75776 ----a-w- c:\windows\system32\drivers\USBSTOR.SYS.bak 2014-01-13 03:51 . 2014-01-11 15:33 26112 ----a-w- c:\windows\system32\drivers\usbrpm.sys.bak 2014-01-13 03:51 . 2014-01-11 15:33 19968 ----a-w- c:\windows\system32\drivers\usbprint.sys.bak 2014-01-13 03:51 . 2014-01-11 15:33 284160 ----a-w- c:\windows\system32\drivers\usbport.sys.bak 2014-01-13 03:51 . 2014-01-11 15:33 20480 ----a-w- c:\windows\system32\drivers\usbohci.sys.bak 2014-01-13 03:51 . 2014-01-11 15:33 88960 ----a-w- c:\windows\system32\drivers\USBlyzer.sys.bak 2014-01-13 03:51 . 2014-01-11 15:33 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys.bak 2014-01-13 03:50 . 2014-01-11 15:33 43008 ----a-w- c:\windows\system32\drivers\usbehci.sys.bak 2014-01-13 03:50 . 2014-01-11 15:33 5888 ----a-w- c:\windows\system32\drivers\usbd.sys.bak 2014-01-13 03:50 . 2014-01-11 15:33 86016 ----a-w- c:\windows\system32\drivers\usbcir.sys.bak 2014-01-13 03:50 . 2014-01-11 15:33 75776 ----a-w- c:\windows\system32\drivers\usbccgp.sys.bak 2014-01-13 03:50 . 2014-01-11 15:33 25856 ----a-w- c:\windows\system32\drivers\USBCAMD2.sys.bak 2014-01-13 03:50 . 2014-01-11 15:33 25856 ----a-w- c:\windows\system32\drivers\USBCAMD.sys.bak 2014-01-13 03:50 . 2014-01-11 15:33 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys.bak 2014-01-13 03:50 . 2014-01-11 15:33 8192 ----a-w- c:\windows\system32\drivers\umpass.sys.bak 2014-01-13 03:50 . 2014-01-11 15:33 39936 ----a-w- c:\windows\system32\drivers\umbus.sys.bak 2014-01-13 03:50 . 2014-01-11 15:33 57424 ----a-w- c:\windows\system32\drivers\ULIAGPKX.SYS.bak 2014-01-13 03:50 . 2014-01-11 15:33 246784 ----a-w- c:\windows\system32\drivers\udfs.sys.bak 2014-01-13 03:50 . 2014-01-11 15:32 55888 ----a-w- c:\windows\system32\drivers\UAGP35.SYS.bak 2014-01-13 03:50 . 2014-01-11 15:32 108544 ----a-w- c:\windows\system32\drivers\tunnel.sys.bak 2014-01-13 03:50 . 2014-01-11 15:32 30208 ----a-w- c:\windows\system32\drivers\tssecsrv.sys.bak 2014-01-13 03:50 . 2014-01-11 15:32 51776 ----a-w- c:\windows\system32\drivers\termdd.sys.bak 2014-01-13 03:50 . 2014-01-11 15:32 74240 ----a-w- c:\windows\system32\drivers\tdx.sys.bak 2014-01-13 03:50 . 2014-01-11 15:32 24064 ----a-w- c:\windows\system32\drivers\tdtcp.sys.bak 2014-01-13 03:50 . 2014-01-11 15:32 17920 ----a-w- c:\windows\system32\drivers\tdpipe.sys.bak 2014-01-13 03:50 . 2014-01-11 15:32 20992 ----a-w- c:\windows\system32\drivers\tdi.sys.bak 2014-01-13 03:50 . 2014-01-11 15:32 34816 ----a-w- c:\windows\system32\drivers\tcpipreg.sys.bak 2014-01-13 03:50 . 2014-01-11 15:31 1285488 ----a-w- c:\windows\system32\drivers\tcpip.sys.bak 2014-01-13 03:50 . 2014-01-11 15:31 24576 ----a-w- c:\windows\system32\drivers\tape.sys.bak 2014-01-13 03:50 . 2014-01-11 15:31 12240 ----a-w- c:\windows\system32\drivers\swenum.sys.bak 2014-01-13 03:50 . 2014-01-11 15:31 53632 ----a-w- c:\windows\system32\drivers\stream.sys.bak 2014-01-13 03:50 . 2014-01-11 15:31 146304 ----a-w- c:\windows\system32\drivers\storport.sys.bak 2014-01-13 03:50 . 2014-01-11 15:31 21072 ----a-w- c:\windows\system32\drivers\stexstor.sys.bak 2014-01-13 03:50 . 2014-01-11 15:31 273168 ----a-w- c:\windows\system32\drivers\STAC97.sys.bak 2014-01-13 03:50 . 2014-01-11 15:31 114176 ----a-w- c:\windows\system32\drivers\srvnet.sys.bak 2014-01-13 03:50 . 2014-01-11 15:31 309760 ----a-w- c:\windows\system32\drivers\srv2.sys.bak 2014-01-13 03:50 . 2014-01-11 15:31 311296 ----a-w- c:\windows\system32\drivers\srv.sys.bak 2014-01-13 03:50 . 2014-01-11 15:31 405504 ----a-w- c:\windows\system32\drivers\spsys.sys.bak 2014-01-13 03:50 . 2014-01-11 15:31 17472 ----a-w- c:\windows\system32\drivers\spldr.sys.bak 2014-01-13 03:50 . 2014-01-11 15:31 17408 ----a-w- c:\windows\system32\drivers\smclib.sys.bak 2014-01-13 03:50 . 2014-01-11 15:31 71168 ----a-w- c:\windows\system32\drivers\smb.sys.bak 2014-01-13 03:50 . 2014-01-11 15:31 77888 ----a-w- c:\windows\system32\drivers\sisraid4.sys.bak 2014-01-13 03:50 . 2014-01-11 15:31 40016 ----a-w- c:\windows\system32\drivers\sisraid2.sys.bak 2014-01-13 03:50 . 2014-01-11 15:31 52304 ----a-w- c:\windows\system32\drivers\SISAGP.SYS.bak 2014-01-13 03:50 . 2014-01-11 15:31 13824 ----a-w- c:\windows\system32\drivers\sfloppy.sys.bak 2014-01-13 03:50 . 2014-01-11 15:31 12800 ----a-w- c:\windows\system32\drivers\sffp_sd.sys.bak 2014-01-13 03:50 . 2014-01-11 15:31 12288 ----a-w- c:\windows\system32\drivers\sffp_mmc.sys.bak 2014-01-13 03:50 . 2014-01-11 15:31 11264 ----a-w- c:\windows\system32\drivers\sffdisk.sys.bak 2014-01-13 03:50 . 2014-01-11 15:30 19968 ----a-w- c:\windows\system32\drivers\sermouse.sys.bak 2014-01-13 03:50 . 2014-01-11 15:30 83456 ----a-w- c:\windows\system32\drivers\serial.sys.bak 2014-01-13 03:50 . 2014-01-11 15:30 17920 ----a-w- c:\windows\system32\drivers\serenum.sys.bak 2014-01-13 03:50 . 2014-01-11 15:30 20480 ----a-w- c:\windows\system32\drivers\secdrv.sys.bak 2014-01-13 03:50 . 2014-01-11 15:30 140368 ----a-w- c:\windows\system32\drivers\scsiport.sys.bak 2014-01-13 03:50 . 2014-01-11 15:30 26624 ----a-w- c:\windows\system32\drivers\scfilter.sys.bak 2014-01-13 03:50 . 2014-01-11 15:30 85568 ----a-w- c:\windows\system32\drivers\sbp2port.sys.bak 2014-01-13 03:50 . 2014-01-11 15:30 60928 ----a-w- c:\windows\system32\drivers\rspndr.sys.bak 2014-01-13 03:50 . 2014-01-11 15:30 8192 ----a-w- c:\windows\system32\drivers\rootmdm.sys.bak 2014-01-13 03:50 . 2014-01-11 15:30 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys.bak 2014-01-13 03:50 . 2014-01-11 15:30 117248 ----a-w- c:\windows\system32\drivers\rmcast.sys.bak 2014-01-13 03:50 . 2014-01-11 15:30 129536 ----a-w- c:\windows\system32\drivers\rfcomm.sys.bak 2014-01-13 03:50 . 2014-01-11 15:30 27192 ----a-w- c:\windows\system32\drivers\revoflt.sys.bak 2014-01-13 03:50 . 2014-01-11 15:30 173648 ----a-w- c:\windows\system32\drivers\rdyboost.sys.bak 2014-01-13 03:50 . 2014-01-11 15:30 177152 ----a-w- c:\windows\system32\drivers\rdpwd.sys.bak 2014-01-13 03:50 . 2014-01-11 15:30 7168 ----a-w- c:\windows\system32\drivers\RDPREFMP.sys.bak 2014-01-13 03:50 . 2014-01-11 15:30 6656 ----a-w- c:\windows\system32\drivers\RDPENCDD.sys.bak 2014-01-13 03:50 . 2014-01-11 15:30 6656 ----a-w- c:\windows\system32\drivers\RDPCDD.sys.bak 2014-01-13 03:50 . 2014-01-11 15:30 18944 ----a-w- c:\windows\system32\drivers\rdpbus.sys.bak . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [7] 2010-11-20 . 7660F01D3B38ACA1747E397D21D790AF . 376832 . . [6.1.7601.17514] . . c:\windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7601.17514_none_6bd245e79c221747\rpcss.dll [-] 2009-07-14 . 0668E05AB147C5D61805BE9E730FACCE . 376320 . . [6.1.7600.16385] . . c:\windows\System32\rpcss.dll [-] 2009-07-14 01:16 . !HASH: COULD NOT OPEN FILE !!!!! . 376320 . . [------] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7600.16385_none_69a1321f9f3393ad\rpcss.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension] @="{CDC95B92-E27C-4745-A8C5-64A52A78855D}" [HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}] 2011-03-02 15:23 68216 ----a-w- d:\utilities\IDMShellExt.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IDMan"="d:\utilities\IDMan.exe" [2011-03-15 3278232] "ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2005-02-16 221184] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "USB2Check"="c:\windows\system32\PCLECoInst.dll" [2006-11-06 81920] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-01-13 131072] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-01-13 163840] "Persistence"="c:\windows\system32\igfxpers.exe" [2007-01-13 135168] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-16 81920] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKLM\~\startupfolder\C:^Users^Dave^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk] path=c:\users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup backupExtension=.Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2011-03-30 04:59 937920 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2011-09-07 22:58 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] 2008-10-25 16:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PrnStatusMX] 2007-08-29 21:06 1077248 ----a-w- c:\program files\Hewlett-Packard\PrnStatusMX\PrnStatusMX.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile-based device management] 2007-05-31 14:21 648072 ----a-w- c:\windows\WindowsMobile\wmdcBase.exe . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 . R2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run [x] R2 MBAMService;MBAMService;d:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512] R3 cleanhlp;cleanhlp;f:\eek\Run\cleanhlp32.sys [x] R3 gfiark;gfiark;c:\windows\system32\drivers\gfiark.sys [2013-05-23 43368] R3 qcusbser;Qualcomm USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\qcusbser.sys [2004-11-02 64384] R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192] R3 SydexFDD;Sydex Diskette Driver;c:\windows\System32\drivers\sydexfdd.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-03-11 1343400] S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [2010-06-09 11352] S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2010-04-22 22104] S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2011-01-25 85768] S2 MBAMScheduler;MBAMScheduler;d:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376] S2 multikey;Virtual USB MultiKey;c:\windows\system32\DRIVERS\multikey.sys [2009-03-23 50176] S3 GTIPCI21;GTIPCI21;c:\windows\system32\DRIVERS\gtipci21.sys [2006-09-14 88192] S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2009-11-02 19984] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 22856] S3 USBlyzer;USBlyzer Capture Driver;c:\windows\system32\DRIVERS\USBlyzer.sys [2010-03-24 88960] S3 VST_DPV;VST_DPV;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992] S3 VSTHWICH;VSTHWICH;c:\windows\system32\DRIVERS\VSTICH3.SYS [2009-07-13 242176] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - IDMWFP . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] WindowsMobile REG_MULTI_SZ wcescomm rapimgr LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr . Contents of the 'Scheduled Tasks' folder . 2014-01-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2013-09-12 23:29] . 2014-01-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2013-09-12 23:29] . . ------- Supplementary Scan ------- . IE: Download all links with IDM - d:\utilities\IEGetAll.htm IE: Download FLV video content with IDM - d:\utilities\IEGetVL.htm IE: Download with IDM - d:\utilities\IEExt.htm IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 Trusted Zone: intuit.com\ttlc TCP: DhcpNameServer = 192.168.1.1 . - - - - ORPHANS REMOVED - - - - . SafeBoot-CleanHlp SafeBoot-CleanHlp.sys MSConfigStartUp-DGBieYCfOwC - c:\users\Dave\AppData\Roaming\tvzKdSKFMej.exe MSConfigStartUp-Google Update - c:\users\Dave\AppData\Local\Google\Update\GoogleUpdate.exe MSConfigStartUp-SunJavaUpdateSched - c:\program files\Common Files\Java\Java Update\jusched.exe MSConfigStartUp-Zune Launcher - c:\program files\Zune\ZuneLauncher.exe AddRemove-SIUSBXP&10C4&EA61 - c:\windows\system32\Silabs\DriverUninstaller.exe USBXpress\SIUSBXP&10C4&EA61 AddRemove-SLABCOMM&10C4&EA60 - c:\windows\system32\Silabs\DriverUninstaller.exe VCP CP210x Cardinal\SLABCOMM&10C4&EA60 . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TrueSight] "ImagePath"="\??\" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-2498604805-1792745340-2404885984-1000_Classes\CLSID\{20e5c607-f2b3-45c9-8fca-e1c569cf56b4}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "Model"=dword:00000005 "Therad"=dword:0000001e "MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26, 38,95,44,e6,4e,41,10,c4,2c,98,b2,df,7b,ad,34,74,cf,94,30,42,2d,58,8e,14,1a,\ . [HKEY_USERS\S-1-5-21-2498604805-1792745340-2404885984-1000_Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "scansk"=hex(0):f2,b6,4e,1a,bc,f9,87,85,f2,16,3a,e5,77,8f,a8,ef,60,3d,4a,ae,ad, f0,8f,55,3e,4e,6d,6e,fd,ac,33,c6,2a,52,41,a9,ab,47,c8,bf,00,00,00,00,00,00,\ . [HKEY_USERS\S-1-5-21-2498604805-1792745340-2404885984-1000_Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}] @Denied: (Full) (Everyone) "scansk"=hex(0):12,c0,93,08,60,e1,c1,33,5e,21,2a,61,fd,4a,c2,8b,2f,98,16,0d,1c, 13,41,2d,fb,88,79,ac,be,1b,89,49,83,ef,1e,bb,10,dc,46,eb,00,00,00,00,00,00,\ . [HKEY_USERS\S-1-5-21-2498604805-1792745340-2404885984-1000_Classes\CLSID\{ff825e20-f30f-4dd0-a442-5fd6f2630918}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "Model"=dword:0000007f "Therad"=dword:00000015 "MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a, 1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\ . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\taskhost.exe c:\windows\system32\conhost.exe c:\windows\system32\sppsvc.exe c:\program files\Windows Media Player\wmpnetwk.exe . ************************************************************************** . Completion time: 2014-01-20 18:19:14 - machine was rebooted ComboFix-quarantined-files.txt 2014-01-20 23:19 . Pre-Run: 530,034,688 bytes free Post-Run: 879,259,648 bytes free . - - End Of File - - 02ECEECB44F32A43DCCCC25CD2DCE9D5 A36C5E4F47E84449FF07ED3517B43A31
-
Still have the same problem.
-
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.1.0 (01.07.2014:1) OS: Windows 7 Home Premium x86 Ran by Dave on Sat 01/18/2014 at 14:08:12.43 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sparktrust ~~~ Files ~~~ Folders Failed to delete: [Folder] "C:\ProgramData\sparktrust" Successfully deleted: [Folder] "C:\ProgramData\application data\sparktrust" ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Sat 01/18/2014 at 14:11:32.28 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # AdwCleaner v3.017 - Report created 18/01/2014 at 20:52:09 # Updated 12/01/2014 by Xplode # Operating System : Windows 7 Home Premium (32 bits) # Username : Dave - LAPTOP # Running from : C:\Users\Dave\Desktop\AdwCleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** ***** [ Browsers ] ***** -\\ Internet Explorer v9.0.8112.16457 ************************* AdwCleaner[R0].txt - [2721 octets] - [09/01/2014 19:50:15] AdwCleaner[R1].txt - [737 octets] - [18/01/2014 14:22:29] AdwCleaner[s0].txt - [2840 octets] - [09/01/2014 20:01:06] AdwCleaner[s1].txt - [659 octets] - [18/01/2014 20:52:09] ########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [718 octets] ########## Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2014.01.19.01 Windows 7 x86 NTFS Internet Explorer 9.0.8112.16421 Dave :: LAPTOP [administrator] 1/18/2014 8:58:39 PM mbam-log-2014-01-18 (20-58-39).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 208953 Time elapsed: 19 minute(s), 46 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
-
Thankyou Here are my logs as requested DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 9.0.8112.16457 Run by Dave at 18:03:28 on 2014-01-17 . ============== Running Processes ================ . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\System32\spoolsv.exe D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Windows\system32\igfxsrvc.exe D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe D:\Utilities\IDMan.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe D:\Utilities\IEMonitor.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\system32\svchost.exe -k WindowsMobile . ============== Pseudo HJT Report =============== . BHO: {0055C089-8582-441B-A0BF-17B458C2A3A8} - <orphaned> BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: IEVkbdBHO Class: {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - d:\program files\kaspersky lab\kaspersky internet security 2011\ievkbd.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll BHO: FilterBHO Class: {E33CF602-D945-461A-83F0-819F76A199F8} - d:\program files\kaspersky lab\kaspersky internet security 2011\klwtbbho.dll uRun: [iDMan] d:\utilities\IDMan.exe /onboot uRun: [iSUSPM Startup] c:\progra~1\common~1\instal~1\update~1\isuspm.exe -startup mRun: [uSB2Check] RUNDLL32.EXE "c:\windows\system32\PCLECoInst.dll",CheckUSBController mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start mRun: [AVP] "d:\program files\kaspersky lab\kaspersky internet security 2011\avp.exe" mRunOnce: [Malwarebytes Anti-Malware] d:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent uPolicies-Explorer: NoDriveTypeAutoRun = dword:221 mPolicies-Explorer: NoDriveTypeAutoRun = dword:28 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: Add to Anti-Banner - d:\program files\kaspersky lab\kaspersky internet security 2011\ie_banner_deny.htm IE: Download all links with IDM - d:\utilities\IEGetAll.htm IE: Download FLV video content with IDM - d:\utilities\IEGetVL.htm IE: Download with IDM - d:\utilities\IEExt.htm IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - d:\program files\kaspersky lab\kaspersky internet security 2011\klwtbbho.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - d:\program files\kaspersky lab\kaspersky internet security 2011\klwtbbho.dll LSP: mswsock.dll TCP: NameServer = 192.168.1.1 TCP: Interfaces\{15B9D500-FB75-4D6A-B13F-7B5D3673D21E} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{2B0B8530-3411-431A-AD55-63E54AFE25FA} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{2B0B8530-3411-431A-AD55-63E54AFE25FA}\2656C6B696E6534376 : DHCPNameServer = 192.168.2.1 192.168.1.1 TCP: Interfaces\{2B0B8530-3411-431A-AD55-63E54AFE25FA}\2656C6B696E6E2561616 : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{2B0B8530-3411-431A-AD55-63E54AFE25FA}\2656C6B696E6E2561616E2765756374737 : DHCPNameServer = 192.168.169.1 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll Notify: igfxcui - igfxdev.dll Notify: klogon - c:\windows\system32\klogon.dll AppInit_DLLs= d:\progra~1\kasper~1\kasper~1\kloehk.dll SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll . ============= SERVICES / DRIVERS =============== . R? cleanhlp;cleanhlp R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86 R? gfiark;gfiark R? hasplms;HASP License Manager R? IDMWFP;IDMWFP R? mbamchameleon;mbamchameleon R? qcusbser;Qualcomm USB Device for Legacy Serial Communication R? Revoflt;Revoflt R? SydexFDD;Sydex Diskette Driver R? WatAdminSvc;Windows Activation Technologies Service S? AVP;Kaspersky Anti-Virus Service S? b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 S? GTIPCI21;GTIPCI21 S? kl2;kl2 S? KLIM6;Kaspersky Anti-Virus NDIS 6 Filter S? klmouflt;Kaspersky Lab KLMOUFLT S? multikey;Virtual USB MultiKey S? USBlyzer;USBlyzer Capture Driver S? VST_DPV;VST_DPV S? VSTHWICH;VSTHWICH . =============== Created Last 30 ================ . 2014-01-17 22:19:56 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2014-01-17 22:13:00 -------- d-----w- c:\programdata\SparkTrust 2014-01-17 02:20:44 -------- d-----w- c:\users\dave\appdata\roaming\Wise Registry Cleaner 2014-01-16 23:33:51 -------- d-----w- c:\windows\ERUNT 2014-01-10 23:24:46 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable) 2014-01-10 22:35:41 -------- d-----w- C:\TDSSKiller_Quarantine 2014-01-10 22:21:57 -------- d-----w- c:\users\dave\appdata\local\VS Revo Group 2014-01-10 22:21:06 -------- d-----w- c:\programdata\VS Revo Group 2014-01-10 22:21:05 27192 ----a-w- c:\windows\system32\drivers\revoflt.sys 2014-01-10 00:49:48 -------- d-----w- C:\AdwCleaner 2014-01-07 01:36:30 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2013-12-30 03:25:33 -------- d-----w- c:\users\dave\appdata\local\CrashDumps . ==================== Find3M ==================== . 2014-01-13 03:50:59 5888 ----a-w- c:\windows\system32\drivers\usbd.sys.bak 2014-01-13 03:49:59 586752 ----a-w- c:\windows\system32\drivers\PEAuth.sys.bak 2014-01-13 03:48:55 49728 ----a-w- c:\windows\system32\drivers\mup.sys.bak 2014-01-13 03:47:59 60416 ----a-w- c:\windows\system32\drivers\mpsdrv.sys.bak 2014-01-13 03:46:50 187472 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS.bak 2014-01-13 03:45:59 99968 ----a-w- c:\windows\system32\drivers\aksusb.sys.bak 2014-01-12 01:39:18 104664 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys.bak 2013-12-12 00:46:45 291 ----a-w- c:\programdata\ajwlqlfwl.reg . ============= FINISH: 18:31:33.16 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 1/6/2010 8:18:27 PM System Uptime: 1/17/2014 3:34:27 PM (3 hours ago) . Motherboard: Dell Inc. | | 0U8082 Processor: Intel® Pentium® M processor 2.13GHz | Microprocessor | 1855/133mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 20 GiB total, 0.647 GiB free. D: is FIXED (NTFS) - 36 GiB total, 2.982 GiB free. E: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Dell Wireless 1370 WLAN Mini-PCI Card Device ID: PCI\VEN_14E4&DEV_4318&SUBSYS_00051028&REV_02\4&18D49C8E&0&18F0 Manufacturer: Broadcom Name: Dell Wireless 1370 WLAN Mini-PCI Card PNP Device ID: PCI\VEN_14E4&DEV_4318&SUBSYS_00051028&REV_02\4&18D49C8E&0&18F0 Service: BCM43XX . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Bluetooth Device (Personal Area Network) Device ID: BTH\MS_BTHPAN\6&AC4FFC3&0&2 Manufacturer: Microsoft Name: Bluetooth Device (Personal Area Network) PNP Device ID: BTH\MS_BTHPAN\6&AC4FFC3&0&2 Service: BthPan . ==== System Restore Points =================== . . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) 2007 Microsoft Office Suite Service Pack 2 (SP2) Adobe Flash Player 11 ActiveX Adobe Reader 9.4.6 ARC XT PRO for Uniden XT series ARC396-PRO for Uniden BCD396T ARC396 for Uniden BCD396T ARC500PRO for GRE PSR500 and PSR600 CCleaner Customizer 10000 Plus Customizer for MC350E CuteFTP 8 Professional Dell Driver Download Manager Exact Audio Copy 0.99pb5 FreeSCAN Google Update Helper HASP SRM Run-time Internet Download Manager Kaspersky Internet Security 2011 Malwarebytes Anti-Malware version 1.75.0.1300 Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 Motorola Driver Installation 4.1.0 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP3 Parser Musicnotes Software Suite 1.2 Nero 7 Lite 7.10.1.0 Pinnacle Instant DVD Recorder Pinnacle Systems USB-2 Device Drivers Revo Uninstaller Pro 3.0.8 RevSkills Security Update for 2007 Microsoft Office System (KB2288621) Security Update for 2007 Microsoft Office System (KB2288931) Security Update for 2007 Microsoft Office System (KB2345043) Security Update for 2007 Microsoft Office System (KB2553089) Security Update for 2007 Microsoft Office System (KB2553090) Security Update for 2007 Microsoft Office System (KB2584063) Security Update for 2007 Microsoft Office System (KB969559) Security Update for 2007 Microsoft Office System (KB976321) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office Access 2007 (KB979440) Security Update for Microsoft Office Groove 2007 (KB2552997) Security Update for Microsoft Office InfoPath 2007 (KB2510061) Security Update for Microsoft Office InfoPath 2007 (KB979441) Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition Security Update for Microsoft Office system 2007 (972581) Security Update for Microsoft Office system 2007 (KB974234) Security Update for Microsoft Office Visio Viewer 2007 (KB973709) Security Update for Microsoft Office Word 2007 (KB2344993) Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) Silicon Laboratories USBXpress Device (Driver Removal) SophieSew version 1.13 build 42 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2597998) 32-Bit Edition Update for Microsoft Office 2007 System (KB2539530) Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office Infopath 2007 Help (KB963662) Update for Microsoft Office OneNote 2007 (KB980729) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Outlook 2007 (KB2583910) Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) Update Manager USBlyzer - Software USB Protocol Analyzer Virtual Weather Station Visual C++ 9.0 CRT (x86) WinSXS MSM Visual C++ 9.0 OpenMP (x86) WinSXS MSM VLC media player 1.0.5 WeatherLink 6.0.3 WinAVI Video Converter WinDirStat 1.1.2 Windows Mobile Device Updater Component WinRAR archiver Wise Registry Cleaner 7.92 Zune Zune Language Pack (DEU) Zune Language Pack (ESP) Zune Language Pack (FRA) Zune Language Pack (ITA) Zune Language Pack (NLD) Zune Language Pack (PTB) Zune Language Pack (PTG) . ==== End Of File ===========================
-
These radio stations are slowing the pc down to a crawl and I have tried many removers and nothing has helped. I do not want to reformat. Thanks