Kameronfox

Members

View Profile See their activity

Posts
4
Joined
December 7, 2013
Last visited
December 12, 2013

Reputation

0 Neutral

I think my computer is infected with powerful malware..HELP! :(

Kameronfox replied to Kameronfox's topic in Resolved Malware Removal Logs

Thanks for replay... I have laptop and operating system is windows 8. 2 antivirus programm protecting my computer Kaspersky 2013 and Malwarebytes PRO 1.75.0 both updated. Should i run combofix on windows 8? I already scanned my computer with these 2 antivirus programm. some infected file detected and i deleted permanently. After that my windows defender isn't working. On action center 2 messages about windows defender. 1. Spyware and unwanted software protection. Windows defender is turned off 2. Virus protection Windows defender is turned off I clicked turn on but it's no use... I know it's my own risk to use combofix but i have almost 1 tb data on my laptop. Only one partition C: Is it not harmful for my data?
- December 10, 2013
- 6 replies
- - virus
  - malware
  - (and 4 more)
    Tagged with:
    
    virus
    
    malware
    
    trojan
    
    firewall
    
    antivirus
    
    windows defender
I think my computer is infected with powerful malware..HELP! :(

Kameronfox replied to Kameronfox's topic in Resolved Malware Removal Logs

This is attach file. Btw how to delet my post . I have accidently posted 2 times this post... attach.rar
- December 7, 2013
- 6 replies
- - virus
  - malware
  - (and 4 more)
    Tagged with:
    
    virus
    
    malware
    
    trojan
    
    firewall
    
    antivirus
    
    windows defender
I think my computer is infected with powerful malware..HELP! :(

Kameronfox replied to Kameronfox's topic in Resolved Malware Removal Logs

Hello. I think my computer infected malware. That malware turning off my firewall and cannot start windows firewall service error windows could not start windows firewall. Then i searching information about how to fix/turning on my firewall and security service (i tried to find it from local services but there is no list of this. All these methods didn't work to me. So luckily i did system restore. It's back to normal. BUT windows defender turned off. I tried to turn on WDefender but it's taking me this folder C:\Windows\system32 and notification about "Successfully blocked access malicious website 111.111.111.111" frequently appeared. How to delete that virus or malware. I want to back to normal my computer.. HELP!attach.rar Windows 8 64 Bit Intel core I7 This is dds.txt DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16384 BrowserJavaVersion: 10.45.2Run by Mr. Merovingean at 21:59:05 on 2013-12-07Microsoft Windows 8 6.2.9200.0.1252.1.1033.18.8061.4939 [GMT 8:00]..============== Running Processes ===============.C:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\system32\dwm.exeC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\WLANExt.exeC:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABSVC.EXEC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exeC:\Program Files (x86)\Connectify\ConnectifyService.exeC:\Program Files\Conexant\SA3\CxUtilSvc.exeC:\Program Files\Intel\WiFi\bin\EvtEng.exeC:\Program Files (x86)\Connectify\ConnectifyD.exeC:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exeC:\Program Files (x86)\Hotspot Shield\bin\hsswd.exec:\Program Files\Intel\iCLS Client\HeciServer.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exeC:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exeC:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exeC:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\remotesolverdispatcherservice.exeC:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\dispatcher.exeC:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exeC:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exeC:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exeC:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exeC:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exeC:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exeC:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exeC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Windows\system32\dashost.exeC:\Windows\System32\svchost.exe -k LocalServicePeerNetC:\Windows\system32\wbem\unsecapp.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exeC:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exeC:\Program Files (x86)\Intel\Bluetooth\obexsrv.exeC:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exeC:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exeC:\Program Files (x86)\Dell Backup and Recovery\SftService.exeC:\Windows\system32\SearchIndexer.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\system32\taskhostex.exeC:\Program Files (x86)\Garena Plus\ggdllhost.exeC:\Windows\Explorer.EXEC:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exeC:\Program Files (x86)\Dell Backup and Recovery\TOASTER.EXEC:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exeC:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exeC:\Windows\System32\RuntimeBroker.exeC:\Program Files\Elantech\ETDCtrl.exeC:\Program Files\Dell\QuickSet\quickset.exeC:\Program Files\Elantech\ETDCtrlHelper.exeC:\Program Files\Elantech\ETDGesture.exeC:\Program Files\Conexant\SA3\SmartAudio3.exeC:\Windows\System32\rundll32.exeC:\Windows\System32\igfxtray.exeC:\Windows\System32\hkcmd.exeC:\Windows\System32\igfxpers.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exeC:\Program Files (x86)\Razer\Synapse\RzSynapse.exeC:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exeC:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exeC:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exeC:\Program Files (x86)\Internet Download Manager\IDMan.exeC:\Program Files (x86)\Internet Download Manager\IEMonitor.exeC:\Windows\System32\WUDFHost.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.mWinlogon: Userinit = userinit.exeBHO: SuperAdBlockerBHO Class: {00000000-6C30-11D8-9363-000AE6309654} - C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABBHO.dllBHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dllBHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dllBHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dllBHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dllBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllBHO: Adobe Acrobat Create PDF Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dllBHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllBHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLLBHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLLBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllBHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dllBHO: Adobe Acrobat Create PDF from Selection: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dllTB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dllTB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dllTB: Super Ad Blocker Toolbar: {B4B3001E-0F56-4E51-8250-BDE11547EC55} - C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\sabtb.dlluRun: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorunuRun: [uTorrent] "C:\Users\Mr. Merovingean\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZEDuRun: [GarenaPlus] "C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe" -autolaunchuRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quietuRun: [Connectify] C:\Program Files (x86)\Connectify\Connectify.exeuRun: [Google Update] "C:\Users\Mr. Merovingean\AppData\Local\Google\Update\GoogleUpdate.exe" /cmRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60mRun: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"mRun: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /RmRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"mRun: [Mart] C:\Program Files (x86)\QMT\Mart\Mart.exe -amRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exemRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-startmRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\runner_avp.exe"mRun: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silentStartupFolder: C:\Users\MREF4A~1.MER\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Sidebar.lnk - C:\Program Files\Windows Sidebar\sidebar.exeIE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.htmlIE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppend.htmlIE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.htmlIE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECapture.htmlIE: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htmIE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htmIE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105IE: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htmIE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dllIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dllIE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dllIE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dllIE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllIE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dllTCP: NameServer = 192.168.1.1TCP: Interfaces\{34F47C0B-01C1-4DDF-BB3B-9CF4196CB696} : DHCPNameServer = 192.168.1.1TCP: Interfaces\{34F47C0B-01C1-4DDF-BB3B-9CF4196CB696}\1303261696278347F6F647 : DHCPNameServer = 192.168.0.1TCP: Interfaces\{34F47C0B-01C1-4DDF-BB3B-9CF4196CB696}\9464F43545 : DHCPNameServer = 202.5.192.8 202.5.192.9TCP: Interfaces\{34F47C0B-01C1-4DDF-BB3B-9CF4196CB696}\9464F43545F523D2633343 : DHCPNameServer = 202.5.192.8 202.5.192.9TCP: Interfaces\{34F47C0B-01C1-4DDF-BB3B-9CF4196CB696}\9464F43545F554D2630323 : DHCPNameServer = 202.5.192.8 202.5.192.9TCP: Interfaces\{34F47C0B-01C1-4DDF-BB3B-9CF4196CB696}\9464F43545F554D2630343 : DHCPNameServer = 202.5.192.8 202.5.192.9TCP: Interfaces\{34F47C0B-01C1-4DDF-BB3B-9CF4196CB696}\D4962716A6D264D223 : DHCPNameServer = 192.168.1.1Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLLHandler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLLHandler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dllHandler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllNotify: !SABWinLogon - C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABWINLO.DLLSSODL: WebCheck - <orphaned>SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000D7} - C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABSEHB.DLLmASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromeIFEO: deliverytray.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"IFEO: effectextractor.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"IFEO: hamachi-2-ui.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"IFEO: hd-apkhandler.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"IFEO: hd-startlauncher.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"x64-BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dllx64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dllx64-BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dllx64-BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dllx64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dllx64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dllx64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLLx64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLLx64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dllx64-BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\UrlAdvisor\klwtbbho.dllx64-BHO: Hotspot Shield Class: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - LocalServer32 - <no file>x64-Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exex64-Run: [QuickSet] c:\Program Files\Dell\QuickSet\QuickSet.exex64-Run: [smartAudio] C:\Program Files\CONEXANT\SA3\SACpl.exe /sa3 /nv:3.0+ /dne /sx64-Run: [intelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"x64-Run: [bTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayAppx64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"x64-Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exex64-Run: [igfxTray] C:\Windows\System32\igfxtray.exex64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exex64-Run: [Persistence] C:\Windows\System32\igfxpers.exex64-IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dllx64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dllx64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dllx64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dllx64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dllx64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\UrlAdvisor\klwtbbho.dllx64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLLx64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLLx64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dllx64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>x64-Notify: igfxcui - igfxdev.dllx64-SSODL: WebCheck - <orphaned>x64-IFEO: deliverytray.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"x64-IFEO: effectextractor.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"x64-IFEO: hamachi-2-ui.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"x64-IFEO: hd-apkhandler.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"x64-IFEO: hd-startlauncher.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe".Note: multiple IFEO entries found. Please refer to Attach.txt.================= FIREFOX ===================.FF - ProfilePath - C:\Users\Mr. Merovingean\AppData\Roaming\Mozilla\Firefox\Profiles\73ke2yed.default\FF - plugin: C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLLFF - plugin: C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dllFF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dllFF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dllFF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dllFF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dllFF - plugin: C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dllFF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dllFF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dllFF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dllFF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dllFF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dllFF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dllFF - plugin: C:\Users\Mr. Merovingean\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dllFF - plugin: C:\Users\Mr. Merovingean\AppData\Roaming\Mozilla\plugins\npgoogletalk.dllFF - plugin: C:\Users\Mr. Merovingean\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dllFF - plugin: C:\Users\Mr. Merovingean\AppData\Roaming\Mozilla\plugins\npo1d.dllFF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dllFF - ExtSQL: 2013-11-01 08:50; mozilla_cc@internetdownloadmanager.com; C:\Users\Mr. Merovingean\AppData\Roaming\IDM\idmmzcc5FF - ExtSQL: 2013-11-06 11:59; {3e9a3920-1b27-11da-8cd6-0800200c9a66}; C:\Users\Mr. Merovingean\AppData\Roaming\Mozilla\Firefox\Profiles\73ke2yed.default\extensions\{3e9a3920-1b27-11da-8cd6-0800200c9a66}FF - ExtSQL: 2013-11-16 17:42; content_blocker@kaspersky.com; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\content_blocker@kaspersky.comFF - ExtSQL: 2013-11-16 17:42; url_advisor@kaspersky.com; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\url_advisor@kaspersky.comFF - ExtSQL: 2013-11-16 17:42; virtual_keyboard@kaspersky.com; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\virtual_keyboard@kaspersky.comFF - ExtSQL: 2013-11-26 00:04; {58d2a791-6199-482f-a9aa-9b725ec61362}; C:\Users\Mr. Merovingean\AppData\Roaming\Mozilla\Firefox\Profiles\73ke2yed.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}FF - ExtSQL: 2013-12-04 15:13; afproxy@anchorfree.com; C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com.---- FIREFOX POLICIES ----FF - user.js: browser.startup.page - 1FF - user.js: browser.newtab.url - .============= SERVICES / DRIVERS ===============.R0 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2012-10-27 651832]R0 PxHlpa64;PxHlpa64;C:\Windows\System32\Drivers\PxHlpa64.sys [2013-9-8 56208]R1 CLVirtualDrive;CLVirtualDrive;C:\Windows\System32\Drivers\CLVirtualDrive.sys [2012-11-20 92536]R1 cnnctfy2;Connectify LightWeight Filter;C:\Windows\System32\Drivers\cnnctfy2.sys [2013-11-24 31344]R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\Drivers\dtsoftbus01.sys [2013-9-7 283200]R1 HssDRV6;Hotspot Shield Routing Driver 6;C:\Windows\System32\Drivers\hssdrv6.sys [2013-11-16 44744]R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\Drivers\klim6.sys [2012-8-2 28504]R1 klwfp;klwfp;C:\Windows\System32\Drivers\klwfp.sys [2013-1-14 50448]R1 kneps;kneps;C:\Windows\System32\Drivers\kneps.sys [2012-8-13 178448]R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-7-17 731688]R2 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe [2013-1-14 356128]R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-11-20 1091520]R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-11-20 1112000]R2 BstHdDrv;BlueStacks Hypervisor;C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2012-8-17 74616]R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-5-3 135952]R2 CodeMeter.exe;CodeMeter Runtime Server;C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [2013-9-7 2568120]R2 Connectify;Connectify;C:\Program Files (x86)\Connectify\ConnectifyService.exe [2013-11-24 65536]R2 CxUtilSvc;CxUtilSvc;C:\Program Files\CONEXANT\SA3\CxUtilSvc.exe [2012-11-20 109184]R2 hshld;Hotspot Shield Service;C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [2013-11-2 906024]R2 HssWd;Hotspot Shield Monitoring Service;C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [2013-11-2 555304]R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-11-20 7168]R2 IDMWFP;IDMWFP;C:\Windows\System32\Drivers\idmwfp.sys [2013-10-30 174968]R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-21 635104]R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2012-11-20 165760]R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-12-7 418376]R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-12-7 701512]R2 PanService;PandoraService;C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe [2013-11-1 1922600]R2 PfFilter;PfFilter;C:\Program Files (x86)\IObit\Protected Folder\pffilter.sys [2013-9-7 38392]R2 RemoteSolverDispatcher;Remote Solver for Flow Simulation 2013;C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\remotesolverdispatcherservice.exe [2013-2-22 218248]R2 RzKLService;RzKLService;C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [2013-11-25 106472]R2 RzMaelstromVADStreamingService;Razer Surround Audio Service;C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe [2013-9-18 4241920]R2 RzOvlMon;Razer Overlay Subsystem Emergency Service;C:\Program Files (x86)\Razer\Core\64bit\RzOvlMon.exe [2013-10-25 32960]R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [2012-11-20 1914728]R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-9 3275136]R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2013-8-29 2100024]R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\Drivers\TurboB.sys [2012-5-31 16168]R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-11-20 364416]R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;C:\Windows\System32\Drivers\AmpPal.sys [2012-7-17 162344]R3 BthLEEnum;Bluetooth Low Energy Driver;C:\Windows\System32\Drivers\BthLEEnum.sys [2012-7-26 202752]R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\Drivers\btmaux.sys [2012-11-20 110592]R3 btmhsf;btmhsf;C:\Windows\System32\Drivers\btmhsf.sys [2012-11-20 825344]R3 ETD;Dell Touchpad;C:\Windows\System32\Drivers\ETD.sys [2012-11-20 209744]R3 iBtFltCoex;iBtFltCoex;C:\Windows\System32\Drivers\iBtFltCoex.sys [2012-11-20 55848]R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\Drivers\IntcDAud.sys [2012-11-20 342528]R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\Drivers\iwdbus.sys [2012-8-10 25568]R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\Windows\System32\Drivers\klkbdflt.sys [2013-1-14 29280]R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\Drivers\klmouflt.sys [2013-1-14 29280]R3 MBAMProtector;MBAMProtector;C:\Windows\System32\Drivers\mbam.sys [2013-12-7 25928]R3 NETwNe64;@oem3.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit;C:\Windows\System32\Drivers\NETwew00.sys [2012-11-20 4273192]R3 NMgamingmsFltr;USB Optical Mouse;C:\Windows\System32\Drivers\NMgamingms.sys [2009-7-24 11264]R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows\System32\Drivers\RtsUVStor.sys [2012-11-20 315536]R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2012-11-20 683664]R3 RzDxgk;RzDxgk;C:\Windows\System32\Drivers\RzDxgk.sys [2013-11-25 129472]R3 RzFilter;RzFilter;C:\Windows\System32\Drivers\RzFilter.sys [2013-11-25 74432]R3 RZMAELSTROMVADService;Razer Surround Audio Enhancer Service;C:\Windows\System32\Drivers\RzMaelstromVAD.sys [2013-9-18 40696]R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);C:\Windows\System32\Drivers\tap0901t.sys [2013-12-1 31232]R3 taphss6;Anchorfree HSS VPN Adapter;C:\Windows\System32\Drivers\taphss6.sys [2013-10-16 42184]R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [2013-8-21 14112]R3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\Drivers\wdcsam64.sys [2008-5-7 14464]R3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-26 198656]S0 klelam;klelam;C:\Windows\System32\Drivers\klelam.sys [2012-7-27 29616]S1 SABDIFSV;SABDIFSV;C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\sabdifsv.sys [2005-9-22 5632]S1 SABKUTIL;SABKUTIL;C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABKUTIL.SYS [2007-2-21 32256]S1 Uim_VIM;UIM Virtual Image Plugin;C:\Windows\System32\Drivers\uim_vimx64.sys [2012-11-23 390352]S2 PowerMon;Power Supply Monitor;cmd /c start cmd /c "ping -n 300 127.0.0.1 & C:\Windows\Temp\PowerMon\PowerMon.exe -o http://mining.eligius.st:9337 -O 12jgfM7qaFhKBYEz7KRjqdjBcz22d48bNh" --> cmd [?]S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]S2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2012-7-19 2699568]S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;C:\Windows\System32\Drivers\AmpPal.sys [2012-7-17 162344]S3 Autodesk Content Service;Autodesk Content Service;C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-1-31 19232]S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [2013-3-29 77352]S3 DellRbtn;Airplane Mode Switch;C:\Windows\System32\Drivers\DellRbtn.sys [2012-11-20 10752]S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-9-7 1432400]S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\Drivers\intelaud.sys [2012-8-10 35296]S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-7-19 272176]S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE [2012-10-2 178824]S3 Revoflt;Revoflt;C:\Windows\System32\Drivers\revoflt.sys [2013-9-7 31800]S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-20 517096]S3 TunngleService;TunngleService;C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2013-12-1 758224]S3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.6;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2012-5-31 149544]S3 usb3Hub;USB-IF USB 3.0 Hub;C:\Windows\System32\Drivers\usb3Hub.sys [2012-8-10 48096]S3 XHCIPort;USB-IF xHCI USB Host Controller;C:\Windows\System32\Drivers\xHCIPort.sys [2012-8-10 188384]S4 BstHdAndroidSvc;BlueStacks Android Service;C:\Program Files (x86)\BlueStacks\HD-Service.exe [2012-8-17 397176]S4 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2012-8-17 384888]S4 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2013-8-8 199176]S4 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2013-11-1 2756944]S4 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2013-10-12 377104].=============== File Associations ===============.FileExt: .scr: AutoCADScriptFile=C:\Windows\System32\notepad.exe "%1"FileExt: .vbs: VBSFile="C:\Windows\System32\WScript.exe" "%1" %* [userChoice]ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\dreamweaver.exe", "%1".=============== Created Last 30 ================.2013-12-07 13:32:51 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys2013-12-07 12:36:10 -------- d-----w- C:\Windows\System32\wbem\repository2013-12-06 16:05:45 -------- d-----w- C:\ProgramData\Poser Pro2013-12-06 16:05:05 -------- d-----w- C:\Users\Mr. Merovingean\AppData\Roaming\Poser Pro2013-12-06 15:51:38 -------- d-----w- C:\uninstall2013-12-06 15:15:41 -------- d-----w- C:\Program Files\Smith Micro2013-12-06 15:15:41 -------- d-----w- C:\Program Files (x86)\Smith Micro2013-12-06 14:46:35 -------- d-----w- C:\Users\Mr. Merovingean\AppData\Roaming\dll-files.com2013-12-06 14:46:28 -------- d-----w- C:\ProgramData\Logs2013-12-06 14:46:25 -------- d-----w- C:\Program Files (x86)\Dll-Files.com Fixer2013-12-05 18:01:04 -------- d-----w- C:\Program Files (x86)\DAZ2013-12-05 18:01:04 -------- d-----w- C:\Program Files (x86)\Common Files\DAZ2013-12-05 17:22:20 -------- d-----w- C:\Fraps2013-12-05 17:05:38 -------- d-----w- C:\Users\Mr. Merovingean\AppData\Roaming\Poser2013-12-05 15:18:05 -------- d-----w- C:\Users\Mr. Merovingean\AppData\Roaming\Malwarebytes2013-12-05 15:17:44 -------- d-----w- C:\ProgramData\Malwarebytes2013-12-05 15:17:40 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-12-05 15:11:12 -------- d-----w- C:\Program Files (x86)\FileASSASSIN2013-12-04 18:05:41 -------- d-----w- C:\Users\Mr. Merovingean\AppData\Roaming\DAZ 3D2013-12-04 18:04:21 -------- d-----w- C:\ProgramData\DAZ 3D2013-12-04 18:04:20 -------- d-----w- C:\Program Files\DAZ 3D2013-12-04 18:04:06 -------- d-----w- C:\Program Files (x86)\DAZ 3D2013-12-04 09:50:03 -------- d-----w- C:\ProgramData\Origin2013-12-03 19:52:27 -------- d--h--w- C:\Program Files (x86)\Common Files\EAInstaller2013-12-03 19:51:58 -------- d-----w- C:\ProgramData\Package Cache2013-12-03 19:21:49 -------- d-----w- C:\BF42013-12-01 15:17:31 -------- d--h--w- C:\Games2013-12-01 03:47:47 -------- d-----w- C:\Users\Mr. Merovingean\AppData\Roaming\Tunngle2013-12-01 03:47:47 -------- d-----w- C:\ProgramData\Tunngle2013-12-01 03:47:46 31232 ----a-w- C:\Windows\System32\drivers\tap0901t.sys2013-12-01 03:47:44 -------- d-----w- C:\Program Files (x86)\Tunngle2013-11-30 12:11:04 -------- d-----w- C:\Users\Mr. Merovingean\AppData\Roaming\CrystalIdea Software2013-11-28 08:30:12 -------- d-----w- C:\Program Files (x86)\Common Files\Spigot2013-11-26 10:18:05 -------- d-----w- C:\Windows\SysWow64\Hotspot Shield2013-11-25 16:07:28 -------- d-----w- C:\Program Files\Unlocker2013-11-25 11:56:39 -------- d-----w- C:\Users\Mr. Merovingean\VirtualBox VMs2013-11-25 11:54:52 -------- d-----w- C:\Users\Mr. Merovingean\.VirtualBox2013-11-25 11:53:48 252688 ----a-w- C:\Windows\System32\drivers\VBoxDrv.sys2013-11-25 11:53:39 126736 ----a-w- C:\Windows\System32\drivers\VBoxUSBMon.sys2013-11-25 11:53:28 -------- d-----w- C:\Program Files\Oracle2013-11-24 17:31:19 -------- d-----w- C:\Users\Mr. Merovingean\AppData\Local\CrashDumps2013-11-24 16:56:22 74432 ----a-w- C:\Windows\System32\drivers\RzFilter.sys2013-11-24 16:56:22 129472 ----a-w- C:\Windows\System32\drivers\RzDxgk.sys2013-11-24 16:55:58 -------- d-----w- C:\ProgramData\RzMaelstromVAD_1.1.47.15522013-11-24 16:53:29 -------- d-----w- C:\Windows\Razer Core2013-11-24 16:11:33 -------- d-----w- C:\Program Files (x86)\JDownloader2013-11-24 15:43:41 -------- d-----w- C:\Users\Mr. Merovingean\AppData\Local\Viber2013-11-24 14:17:41 31344 ----a-w- C:\Windows\System32\drivers\cnnctfy2.sys2013-11-24 14:16:51 -------- d-----w- C:\Program Files (x86)\Connectify2013-11-24 14:16:50 -------- d-----w- C:\ProgramData\Connectify2013-11-17 08:58:57 -------- d-----w- C:\Program Files (x86)\Common Files\WuShu_0.0.1.0652013-11-17 08:58:55 -------- d-----w- C:\Program Files (x86)\Common Files\AgeofWushu_download2013-11-16 18:13:33 -------- d-----w- C:\Users\Mr. Merovingean\AppData\Roaming\LolClient2013-11-16 15:11:12 44744 ----a-w- C:\Windows\System32\drivers\hssdrv6.sys2013-11-16 13:23:34 467984 ----a-w- C:\Windows\SysWow64\d3dx10_39.dll2013-11-16 13:23:34 1493528 ----a-w- C:\Windows\SysWow64\D3DCompiler_39.dll2013-11-16 13:23:33 3851784 ----a-w- C:\Windows\SysWow64\D3DX9_39.dll2013-11-16 13:22:11 -------- d-----w- C:\Users\Mr. Merovingean\AppData\Roaming\Riot Games2013-11-16 12:15:23 -------- d-----w- C:\ProgramData\Hotspot Shield2013-11-16 12:15:08 -------- d-----w- C:\Program Files (x86)\Hotspot Shield2013-11-16 12:14:59 -------- d-----w- C:\Users\Mr. Merovingean\AppData\Roaming\Hotspot Shield2013-11-16 12:09:22 -------- d-----w- C:\Program Files (x86)\McAfee Security Scan2013-11-16 08:56:41 64856 ----a-w- C:\Windows\System32\klfphc.dll2013-11-16 08:55:22 90208 ----a-w- C:\Windows\System32\drivers\klflt.sys2013-11-16 08:53:31 -------- d-----w- C:\ProgramData\Kaspersky Lab2013-11-16 08:52:46 -------- d-----w- C:\Program Files (x86)\Kaspersky Lab2013-11-15 19:26:44 10280728 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F8C629A4-874B-4569-9EDB-45BD3E82970B}\mpengine.dll2013-11-15 12:56:22 -------- d-----w- C:\Users\Mr. Merovingean\AppData\Roaming\.minecraft2013-11-08 11:26:30 -------- d-----w- C:\Users\Mr. Merovingean\AppData\Local\Avg20142013-11-08 03:33:54 40760 ----a-w- C:\Windows\System32\TURegOpt.exe2013-11-08 03:33:54 29496 ----a-w- C:\Windows\System32\authuitu.dll2013-11-08 03:33:54 25400 ----a-w- C:\Windows\SysWow64\authuitu.dll2013-11-08 03:32:58 -------- d-----w- C:\Program Files (x86)\TuneUp Utilities 20142013-11-08 03:31:24 -------- d-sh--w- C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}.==================== Find3M ====================.2013-11-16 09:42:27 50448 ----a-w- C:\Windows\System32\drivers\klwfp.sys2013-11-16 09:42:27 178448 ----a-w- C:\Windows\System32\drivers\kneps.sys2013-11-16 09:42:26 29280 ----a-w- C:\Windows\System32\drivers\klmouflt.sys2013-11-16 09:42:26 29280 ----a-w- C:\Windows\System32\drivers\klkbdflt.sys2013-11-16 09:42:24 7717984 ----a-w- C:\Windows\System32\drivers\kl1.sys2013-11-06 06:37:40 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll2013-11-01 07:10:16 154896 ----a-w- C:\Windows\System32\drivers\VBoxNetFlt.sys2013-11-01 07:10:16 140560 ----a-w- C:\Windows\System32\drivers\VBoxNetAdp.sys2013-11-01 07:07:00 204048 ----a-w- C:\Windows\System32\VBoxNetFltNobj.dll2013-10-26 20:35:22 174968 ----a-w- C:\Windows\System32\drivers\idmwfp.sys2013-10-16 01:44:40 42184 ----a-w- C:\Windows\System32\drivers\taphss6.sys2013-09-30 02:23:38 1174979 ----a-w- C:\Windows\apppatch\unins000.exe2013-09-18 01:47:32 69632 ----a-w- C:\Windows\System32\DriverInstallCA.dll2013-09-18 01:47:32 40696 ----a-w- C:\Windows\System32\drivers\RzMaelstromVAD.sys2013-09-18 01:47:32 245760 ----a-w- C:\Windows\System32\DriverInstallCACMD.exe2013-09-18 01:47:32 136704 ----a-w- C:\Windows\SysWow64\RzVAD.dll.============= FINISH: 21:59:29.36 ===============
- December 7, 2013
- 6 replies
- - virus
  - malware
  - (and 4 more)
    Tagged with:
    
    virus
    
    malware
    
    trojan
    
    firewall
    
    antivirus
    
    windows defender
I think my computer is infected with powerful malware..HELP! :(

Kameronfox posted a topic in Resolved Malware Removal Logs

Hello. I think my computer infected malware. That malware turning off my firewall and cannot start windows firewall service error windows could not start windows firewall. Then i searching information about how to fix/turning on my firewall and security service (i tried to find it from local services but there is no list of this. All these methods didn't work to me. So luckily i did system restore. It's back to normal. BUT windows defender turned off. I tried to turn on WDefender but it's taking me this folder C:\Windows\system32 and notification about "Successfully blocked access malicious website 111.111.111.111" frequently appeared. How to delete that virus or malware. I want to back to normal my computer.. HELP!attach.rar Windows 8 64 Bit Intel core I7 This is dds.txt DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16384 BrowserJavaVersion: 10.45.2Run by Mr. Merovingean at 21:59:05 on 2013-12-07Microsoft Windows 8 6.2.9200.0.1252.1.1033.18.8061.4939 [GMT 8:00]..============== Running Processes ===============.C:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\system32\dwm.exeC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\WLANExt.exeC:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABSVC.EXEC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exeC:\Program Files (x86)\Connectify\ConnectifyService.exeC:\Program Files\Conexant\SA3\CxUtilSvc.exeC:\Program Files\Intel\WiFi\bin\EvtEng.exeC:\Program Files (x86)\Connectify\ConnectifyD.exeC:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exeC:\Program Files (x86)\Hotspot Shield\bin\hsswd.exec:\Program Files\Intel\iCLS Client\HeciServer.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exeC:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exeC:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exeC:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\remotesolverdispatcherservice.exeC:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\dispatcher.exeC:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exeC:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exeC:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exeC:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exeC:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exeC:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exeC:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exeC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Windows\system32\dashost.exeC:\Windows\System32\svchost.exe -k LocalServicePeerNetC:\Windows\system32\wbem\unsecapp.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exeC:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exeC:\Program Files (x86)\Intel\Bluetooth\obexsrv.exeC:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exeC:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exeC:\Program Files (x86)\Dell Backup and Recovery\SftService.exeC:\Windows\system32\SearchIndexer.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\system32\taskhostex.exeC:\Program Files (x86)\Garena Plus\ggdllhost.exeC:\Windows\Explorer.EXEC:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exeC:\Program Files (x86)\Dell Backup and Recovery\TOASTER.EXEC:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exeC:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exeC:\Windows\System32\RuntimeBroker.exeC:\Program Files\Elantech\ETDCtrl.exeC:\Program Files\Dell\QuickSet\quickset.exeC:\Program Files\Elantech\ETDCtrlHelper.exeC:\Program Files\Elantech\ETDGesture.exeC:\Program Files\Conexant\SA3\SmartAudio3.exeC:\Windows\System32\rundll32.exeC:\Windows\System32\igfxtray.exeC:\Windows\System32\hkcmd.exeC:\Windows\System32\igfxpers.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exeC:\Program Files (x86)\Razer\Synapse\RzSynapse.exeC:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exeC:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exeC:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exeC:\Program Files (x86)\Internet Download Manager\IDMan.exeC:\Program Files (x86)\Internet Download Manager\IEMonitor.exeC:\Windows\System32\WUDFHost.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.mWinlogon: Userinit = userinit.exeBHO: SuperAdBlockerBHO Class: {00000000-6C30-11D8-9363-000AE6309654} - C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABBHO.dllBHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dllBHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dllBHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dllBHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dllBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllBHO: Adobe Acrobat Create PDF Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dllBHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllBHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLLBHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLLBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllBHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dllBHO: Adobe Acrobat Create PDF from Selection: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dllTB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dllTB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dllTB: Super Ad Blocker Toolbar: {B4B3001E-0F56-4E51-8250-BDE11547EC55} - C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\sabtb.dlluRun: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorunuRun: [uTorrent] "C:\Users\Mr. Merovingean\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZEDuRun: [GarenaPlus] "C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe" -autolaunchuRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quietuRun: [Connectify] C:\Program Files (x86)\Connectify\Connectify.exeuRun: [Google Update] "C:\Users\Mr. Merovingean\AppData\Local\Google\Update\GoogleUpdate.exe" /cmRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60mRun: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"mRun: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /RmRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"mRun: [Mart] C:\Program Files (x86)\QMT\Mart\Mart.exe -amRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exemRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-startmRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\runner_avp.exe"mRun: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silentStartupFolder: C:\Users\MREF4A~1.MER\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Sidebar.lnk - C:\Program Files\Windows Sidebar\sidebar.exeIE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.htmlIE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppend.htmlIE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.htmlIE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECapture.htmlIE: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htmIE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htmIE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105IE: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htmIE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dllIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dllIE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dllIE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dllIE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllIE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dllTCP: NameServer = 192.168.1.1TCP: Interfaces\{34F47C0B-01C1-4DDF-BB3B-9CF4196CB696} : DHCPNameServer = 192.168.1.1TCP: Interfaces\{34F47C0B-01C1-4DDF-BB3B-9CF4196CB696}\1303261696278347F6F647 : DHCPNameServer = 192.168.0.1TCP: Interfaces\{34F47C0B-01C1-4DDF-BB3B-9CF4196CB696}\9464F43545 : DHCPNameServer = 202.5.192.8 202.5.192.9TCP: Interfaces\{34F47C0B-01C1-4DDF-BB3B-9CF4196CB696}\9464F43545F523D2633343 : DHCPNameServer = 202.5.192.8 202.5.192.9TCP: Interfaces\{34F47C0B-01C1-4DDF-BB3B-9CF4196CB696}\9464F43545F554D2630323 : DHCPNameServer = 202.5.192.8 202.5.192.9TCP: Interfaces\{34F47C0B-01C1-4DDF-BB3B-9CF4196CB696}\9464F43545F554D2630343 : DHCPNameServer = 202.5.192.8 202.5.192.9TCP: Interfaces\{34F47C0B-01C1-4DDF-BB3B-9CF4196CB696}\D4962716A6D264D223 : DHCPNameServer = 192.168.1.1Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLLHandler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLLHandler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dllHandler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllNotify: !SABWinLogon - C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABWINLO.DLLSSODL: WebCheck - <orphaned>SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000D7} - C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABSEHB.DLLmASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromeIFEO: deliverytray.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"IFEO: effectextractor.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"IFEO: hamachi-2-ui.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"IFEO: hd-apkhandler.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"IFEO: hd-startlauncher.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"x64-BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dllx64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dllx64-BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dllx64-BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dllx64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dllx64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dllx64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLLx64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLLx64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dllx64-BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\UrlAdvisor\klwtbbho.dllx64-BHO: Hotspot Shield Class: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - LocalServer32 - <no file>x64-Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exex64-Run: [QuickSet] c:\Program Files\Dell\QuickSet\QuickSet.exex64-Run: [smartAudio] C:\Program Files\CONEXANT\SA3\SACpl.exe /sa3 /nv:3.0+ /dne /sx64-Run: [intelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"x64-Run: [bTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayAppx64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"x64-Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exex64-Run: [igfxTray] C:\Windows\System32\igfxtray.exex64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exex64-Run: [Persistence] C:\Windows\System32\igfxpers.exex64-IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dllx64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dllx64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dllx64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dllx64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dllx64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\UrlAdvisor\klwtbbho.dllx64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLLx64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLLx64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dllx64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>x64-Notify: igfxcui - igfxdev.dllx64-SSODL: WebCheck - <orphaned>x64-IFEO: deliverytray.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"x64-IFEO: effectextractor.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"x64-IFEO: hamachi-2-ui.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"x64-IFEO: hd-apkhandler.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"x64-IFEO: hd-startlauncher.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe".Note: multiple IFEO entries found. Please refer to Attach.txt.================= FIREFOX ===================.FF - ProfilePath - C:\Users\Mr. Merovingean\AppData\Roaming\Mozilla\Firefox\Profiles\73ke2yed.default\FF - plugin: C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLLFF - plugin: C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dllFF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dllFF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dllFF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dllFF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dllFF - plugin: C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dllFF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dllFF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dllFF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dllFF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dllFF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dllFF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dllFF - plugin: C:\Users\Mr. Merovingean\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dllFF - plugin: C:\Users\Mr. Merovingean\AppData\Roaming\Mozilla\plugins\npgoogletalk.dllFF - plugin: C:\Users\Mr. Merovingean\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dllFF - plugin: C:\Users\Mr. Merovingean\AppData\Roaming\Mozilla\plugins\npo1d.dllFF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dllFF - ExtSQL: 2013-11-01 08:50; mozilla_cc@internetdownloadmanager.com; C:\Users\Mr. Merovingean\AppData\Roaming\IDM\idmmzcc5FF - ExtSQL: 2013-11-06 11:59; {3e9a3920-1b27-11da-8cd6-0800200c9a66}; C:\Users\Mr. Merovingean\AppData\Roaming\Mozilla\Firefox\Profiles\73ke2yed.default\extensions\{3e9a3920-1b27-11da-8cd6-0800200c9a66}FF - ExtSQL: 2013-11-16 17:42; content_blocker@kaspersky.com; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\content_blocker@kaspersky.comFF - ExtSQL: 2013-11-16 17:42; url_advisor@kaspersky.com; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\url_advisor@kaspersky.comFF - ExtSQL: 2013-11-16 17:42; virtual_keyboard@kaspersky.com; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\virtual_keyboard@kaspersky.comFF - ExtSQL: 2013-11-26 00:04; {58d2a791-6199-482f-a9aa-9b725ec61362}; C:\Users\Mr. Merovingean\AppData\Roaming\Mozilla\Firefox\Profiles\73ke2yed.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}FF - ExtSQL: 2013-12-04 15:13; afproxy@anchorfree.com; C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com.---- FIREFOX POLICIES ----FF - user.js: browser.startup.page - 1FF - user.js: browser.newtab.url - .============= SERVICES / DRIVERS ===============.R0 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2012-10-27 651832]R0 PxHlpa64;PxHlpa64;C:\Windows\System32\Drivers\PxHlpa64.sys [2013-9-8 56208]R1 CLVirtualDrive;CLVirtualDrive;C:\Windows\System32\Drivers\CLVirtualDrive.sys [2012-11-20 92536]R1 cnnctfy2;Connectify LightWeight Filter;C:\Windows\System32\Drivers\cnnctfy2.sys [2013-11-24 31344]R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\Drivers\dtsoftbus01.sys [2013-9-7 283200]R1 HssDRV6;Hotspot Shield Routing Driver 6;C:\Windows\System32\Drivers\hssdrv6.sys [2013-11-16 44744]R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\Drivers\klim6.sys [2012-8-2 28504]R1 klwfp;klwfp;C:\Windows\System32\Drivers\klwfp.sys [2013-1-14 50448]R1 kneps;kneps;C:\Windows\System32\Drivers\kneps.sys [2012-8-13 178448]R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-7-17 731688]R2 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe [2013-1-14 356128]R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-11-20 1091520]R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-11-20 1112000]R2 BstHdDrv;BlueStacks Hypervisor;C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2012-8-17 74616]R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-5-3 135952]R2 CodeMeter.exe;CodeMeter Runtime Server;C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [2013-9-7 2568120]R2 Connectify;Connectify;C:\Program Files (x86)\Connectify\ConnectifyService.exe [2013-11-24 65536]R2 CxUtilSvc;CxUtilSvc;C:\Program Files\CONEXANT\SA3\CxUtilSvc.exe [2012-11-20 109184]R2 hshld;Hotspot Shield Service;C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [2013-11-2 906024]R2 HssWd;Hotspot Shield Monitoring Service;C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [2013-11-2 555304]R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-11-20 7168]R2 IDMWFP;IDMWFP;C:\Windows\System32\Drivers\idmwfp.sys [2013-10-30 174968]R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-21 635104]R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2012-11-20 165760]R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-12-7 418376]R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-12-7 701512]R2 PanService;PandoraService;C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe [2013-11-1 1922600]R2 PfFilter;PfFilter;C:\Program Files (x86)\IObit\Protected Folder\pffilter.sys [2013-9-7 38392]R2 RemoteSolverDispatcher;Remote Solver for Flow Simulation 2013;C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\remotesolverdispatcherservice.exe [2013-2-22 218248]R2 RzKLService;RzKLService;C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [2013-11-25 106472]R2 RzMaelstromVADStreamingService;Razer Surround Audio Service;C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe [2013-9-18 4241920]R2 RzOvlMon;Razer Overlay Subsystem Emergency Service;C:\Program Files (x86)\Razer\Core\64bit\RzOvlMon.exe [2013-10-25 32960]R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [2012-11-20 1914728]R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-9 3275136]R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2013-8-29 2100024]R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\Drivers\TurboB.sys [2012-5-31 16168]R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-11-20 364416]R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;C:\Windows\System32\Drivers\AmpPal.sys [2012-7-17 162344]R3 BthLEEnum;Bluetooth Low Energy Driver;C:\Windows\System32\Drivers\BthLEEnum.sys [2012-7-26 202752]R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\Drivers\btmaux.sys [2012-11-20 110592]R3 btmhsf;btmhsf;C:\Windows\System32\Drivers\btmhsf.sys [2012-11-20 825344]R3 ETD;Dell Touchpad;C:\Windows\System32\Drivers\ETD.sys [2012-11-20 209744]R3 iBtFltCoex;iBtFltCoex;C:\Windows\System32\Drivers\iBtFltCoex.sys [2012-11-20 55848]R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\Drivers\IntcDAud.sys [2012-11-20 342528]R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\Drivers\iwdbus.sys [2012-8-10 25568]R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\Windows\System32\Drivers\klkbdflt.sys [2013-1-14 29280]R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\Drivers\klmouflt.sys [2013-1-14 29280]R3 MBAMProtector;MBAMProtector;C:\Windows\System32\Drivers\mbam.sys [2013-12-7 25928]R3 NETwNe64;@oem3.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit;C:\Windows\System32\Drivers\NETwew00.sys [2012-11-20 4273192]R3 NMgamingmsFltr;USB Optical Mouse;C:\Windows\System32\Drivers\NMgamingms.sys [2009-7-24 11264]R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows\System32\Drivers\RtsUVStor.sys [2012-11-20 315536]R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2012-11-20 683664]R3 RzDxgk;RzDxgk;C:\Windows\System32\Drivers\RzDxgk.sys [2013-11-25 129472]R3 RzFilter;RzFilter;C:\Windows\System32\Drivers\RzFilter.sys [2013-11-25 74432]R3 RZMAELSTROMVADService;Razer Surround Audio Enhancer Service;C:\Windows\System32\Drivers\RzMaelstromVAD.sys [2013-9-18 40696]R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);C:\Windows\System32\Drivers\tap0901t.sys [2013-12-1 31232]R3 taphss6;Anchorfree HSS VPN Adapter;C:\Windows\System32\Drivers\taphss6.sys [2013-10-16 42184]R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [2013-8-21 14112]R3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\Drivers\wdcsam64.sys [2008-5-7 14464]R3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-26 198656]S0 klelam;klelam;C:\Windows\System32\Drivers\klelam.sys [2012-7-27 29616]S1 SABDIFSV;SABDIFSV;C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\sabdifsv.sys [2005-9-22 5632]S1 SABKUTIL;SABKUTIL;C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABKUTIL.SYS [2007-2-21 32256]S1 Uim_VIM;UIM Virtual Image Plugin;C:\Windows\System32\Drivers\uim_vimx64.sys [2012-11-23 390352]S2 PowerMon;Power Supply Monitor;cmd /c start cmd /c "ping -n 300 127.0.0.1 & C:\Windows\Temp\PowerMon\PowerMon.exe -o http://mining.eligius.st:9337 -O 12jgfM7qaFhKBYEz7KRjqdjBcz22d48bNh" --> cmd [?]S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]S2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2012-7-19 2699568]S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;C:\Windows\System32\Drivers\AmpPal.sys [2012-7-17 162344]S3 Autodesk Content Service;Autodesk Content Service;C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-1-31 19232]S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [2013-3-29 77352]S3 DellRbtn;Airplane Mode Switch;C:\Windows\System32\Drivers\DellRbtn.sys [2012-11-20 10752]S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-9-7 1432400]S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\Drivers\intelaud.sys [2012-8-10 35296]S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-7-19 272176]S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE [2012-10-2 178824]S3 Revoflt;Revoflt;C:\Windows\System32\Drivers\revoflt.sys [2013-9-7 31800]S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-20 517096]S3 TunngleService;TunngleService;C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2013-12-1 758224]S3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.6;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2012-5-31 149544]S3 usb3Hub;USB-IF USB 3.0 Hub;C:\Windows\System32\Drivers\usb3Hub.sys [2012-8-10 48096]S3 XHCIPort;USB-IF xHCI USB Host Controller;C:\Windows\System32\Drivers\xHCIPort.sys [2012-8-10 188384]S4 BstHdAndroidSvc;BlueStacks Android Service;C:\Program Files (x86)\BlueStacks\HD-Service.exe [2012-8-17 397176]S4 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2012-8-17 384888]S4 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2013-8-8 199176]S4 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2013-11-1 2756944]S4 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2013-10-12 377104].=============== File Associations ===============.FileExt: .scr: AutoCADScriptFile=C:\Windows\System32\notepad.exe "%1"FileExt: .vbs: VBSFile="C:\Windows\System32\WScript.exe" "%1" %* [userChoice]ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\dreamweaver.exe", "%1".=============== Created Last 30 ================.2013-12-07 13:32:51 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys2013-12-07 12:36:10 -------- d-----w- C:\Windows\System32\wbem\repository2013-12-06 16:05:45 -------- d-----w- C:\ProgramData\Poser Pro2013-12-06 16:05:05 -------- d-----w- C:\Users\Mr. Merovingean\AppData\Roaming\Poser Pro2013-12-06 15:51:38 -------- d-----w- C:\uninstall2013-12-06 15:15:41 -------- d-----w- C:\Program Files\Smith Micro2013-12-06 15:15:41 -------- d-----w- C:\Program Files (x86)\Smith Micro2013-12-06 14:46:35 -------- d-----w- C:\Users\Mr. Merovingean\AppData\Roaming\dll-files.com2013-12-06 14:46:28 -------- d-----w- C:\ProgramData\Logs2013-12-06 14:46:25 -------- d-----w- C:\Program Files (x86)\Dll-Files.com Fixer2013-12-05 18:01:04 -------- d-----w- C:\Program Files (x86)\DAZ2013-12-05 18:01:04 -------- d-----w- C:\Program Files (x86)\Common Files\DAZ2013-12-05 17:22:20 -------- d-----w- C:\Fraps2013-12-05 17:05:38 -------- d-----w- C:\Users\Mr. Merovingean\AppData\Roaming\Poser2013-12-05 15:18:05 -------- d-----w- C:\Users\Mr. Merovingean\AppData\Roaming\Malwarebytes2013-12-05 15:17:44 -------- d-----w- C:\ProgramData\Malwarebytes2013-12-05 15:17:40 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-12-05 15:11:12 -------- d-----w- C:\Program Files (x86)\FileASSASSIN2013-12-04 18:05:41 -------- d-----w- C:\Users\Mr. Merovingean\AppData\Roaming\DAZ 3D2013-12-04 18:04:21 -------- d-----w- C:\ProgramData\DAZ 3D2013-12-04 18:04:20 -------- d-----w- C:\Program Files\DAZ 3D2013-12-04 18:04:06 -------- d-----w- C:\Program Files (x86)\DAZ 3D2013-12-04 09:50:03 -------- d-----w- C:\ProgramData\Origin2013-12-03 19:52:27 -------- d--h--w- C:\Program Files (x86)\Common Files\EAInstaller2013-12-03 19:51:58 -------- d-----w- C:\ProgramData\Package Cache2013-12-03 19:21:49 -------- d-----w- C:\BF42013-12-01 15:17:31 -------- d--h--w- C:\Games2013-12-01 03:47:47 -------- d-----w- C:\Users\Mr. Merovingean\AppData\Roaming\Tunngle2013-12-01 03:47:47 -------- d-----w- C:\ProgramData\Tunngle2013-12-01 03:47:46 31232 ----a-w- C:\Windows\System32\drivers\tap0901t.sys2013-12-01 03:47:44 -------- d-----w- C:\Program Files (x86)\Tunngle2013-11-30 12:11:04 -------- d-----w- C:\Users\Mr. Merovingean\AppData\Roaming\CrystalIdea Software2013-11-28 08:30:12 -------- d-----w- C:\Program Files (x86)\Common Files\Spigot2013-11-26 10:18:05 -------- d-----w- C:\Windows\SysWow64\Hotspot Shield2013-11-25 16:07:28 -------- d-----w- C:\Program Files\Unlocker2013-11-25 11:56:39 -------- d-----w- C:\Users\Mr. Merovingean\VirtualBox VMs2013-11-25 11:54:52 -------- d-----w- C:\Users\Mr. Merovingean\.VirtualBox2013-11-25 11:53:48 252688 ----a-w- C:\Windows\System32\drivers\VBoxDrv.sys2013-11-25 11:53:39 126736 ----a-w- C:\Windows\System32\drivers\VBoxUSBMon.sys2013-11-25 11:53:28 -------- d-----w- C:\Program Files\Oracle2013-11-24 17:31:19 -------- d-----w- C:\Users\Mr. Merovingean\AppData\Local\CrashDumps2013-11-24 16:56:22 74432 ----a-w- C:\Windows\System32\drivers\RzFilter.sys2013-11-24 16:56:22 129472 ----a-w- C:\Windows\System32\drivers\RzDxgk.sys2013-11-24 16:55:58 -------- d-----w- C:\ProgramData\RzMaelstromVAD_1.1.47.15522013-11-24 16:53:29 -------- d-----w- C:\Windows\Razer Core2013-11-24 16:11:33 -------- d-----w- C:\Program Files (x86)\JDownloader2013-11-24 15:43:41 -------- d-----w- C:\Users\Mr. Merovingean\AppData\Local\Viber2013-11-24 14:17:41 31344 ----a-w- C:\Windows\System32\drivers\cnnctfy2.sys2013-11-24 14:16:51 -------- d-----w- C:\Program Files (x86)\Connectify2013-11-24 14:16:50 -------- d-----w- C:\ProgramData\Connectify2013-11-17 08:58:57 -------- d-----w- C:\Program Files (x86)\Common Files\WuShu_0.0.1.0652013-11-17 08:58:55 -------- d-----w- C:\Program Files (x86)\Common Files\AgeofWushu_download2013-11-16 18:13:33 -------- d-----w- C:\Users\Mr. Merovingean\AppData\Roaming\LolClient2013-11-16 15:11:12 44744 ----a-w- C:\Windows\System32\drivers\hssdrv6.sys2013-11-16 13:23:34 467984 ----a-w- C:\Windows\SysWow64\d3dx10_39.dll2013-11-16 13:23:34 1493528 ----a-w- C:\Windows\SysWow64\D3DCompiler_39.dll2013-11-16 13:23:33 3851784 ----a-w- C:\Windows\SysWow64\D3DX9_39.dll2013-11-16 13:22:11 -------- d-----w- C:\Users\Mr. Merovingean\AppData\Roaming\Riot Games2013-11-16 12:15:23 -------- d-----w- C:\ProgramData\Hotspot Shield2013-11-16 12:15:08 -------- d-----w- C:\Program Files (x86)\Hotspot Shield2013-11-16 12:14:59 -------- d-----w- C:\Users\Mr. Merovingean\AppData\Roaming\Hotspot Shield2013-11-16 12:09:22 -------- d-----w- C:\Program Files (x86)\McAfee Security Scan2013-11-16 08:56:41 64856 ----a-w- C:\Windows\System32\klfphc.dll2013-11-16 08:55:22 90208 ----a-w- C:\Windows\System32\drivers\klflt.sys2013-11-16 08:53:31 -------- d-----w- C:\ProgramData\Kaspersky Lab2013-11-16 08:52:46 -------- d-----w- C:\Program Files (x86)\Kaspersky Lab2013-11-15 19:26:44 10280728 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F8C629A4-874B-4569-9EDB-45BD3E82970B}\mpengine.dll2013-11-15 12:56:22 -------- d-----w- C:\Users\Mr. Merovingean\AppData\Roaming\.minecraft2013-11-08 11:26:30 -------- d-----w- C:\Users\Mr. Merovingean\AppData\Local\Avg20142013-11-08 03:33:54 40760 ----a-w- C:\Windows\System32\TURegOpt.exe2013-11-08 03:33:54 29496 ----a-w- C:\Windows\System32\authuitu.dll2013-11-08 03:33:54 25400 ----a-w- C:\Windows\SysWow64\authuitu.dll2013-11-08 03:32:58 -------- d-----w- C:\Program Files (x86)\TuneUp Utilities 20142013-11-08 03:31:24 -------- d-sh--w- C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}.==================== Find3M ====================.2013-11-16 09:42:27 50448 ----a-w- C:\Windows\System32\drivers\klwfp.sys2013-11-16 09:42:27 178448 ----a-w- C:\Windows\System32\drivers\kneps.sys2013-11-16 09:42:26 29280 ----a-w- C:\Windows\System32\drivers\klmouflt.sys2013-11-16 09:42:26 29280 ----a-w- C:\Windows\System32\drivers\klkbdflt.sys2013-11-16 09:42:24 7717984 ----a-w- C:\Windows\System32\drivers\kl1.sys2013-11-06 06:37:40 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll2013-11-01 07:10:16 154896 ----a-w- C:\Windows\System32\drivers\VBoxNetFlt.sys2013-11-01 07:10:16 140560 ----a-w- C:\Windows\System32\drivers\VBoxNetAdp.sys2013-11-01 07:07:00 204048 ----a-w- C:\Windows\System32\VBoxNetFltNobj.dll2013-10-26 20:35:22 174968 ----a-w- C:\Windows\System32\drivers\idmwfp.sys2013-10-16 01:44:40 42184 ----a-w- C:\Windows\System32\drivers\taphss6.sys2013-09-30 02:23:38 1174979 ----a-w- C:\Windows\apppatch\unins000.exe2013-09-18 01:47:32 69632 ----a-w- C:\Windows\System32\DriverInstallCA.dll2013-09-18 01:47:32 40696 ----a-w- C:\Windows\System32\drivers\RzMaelstromVAD.sys2013-09-18 01:47:32 245760 ----a-w- C:\Windows\System32\DriverInstallCACMD.exe2013-09-18 01:47:32 136704 ----a-w- C:\Windows\SysWow64\RzVAD.dll.============= FINISH: 21:59:29.36 ===============
- December 7, 2013
- 6 replies
- - virus
  - malware
  - (and 4 more)
    Tagged with:
    
    virus
    
    malware
    
    trojan
    
    firewall
    
    antivirus
    
    windows defender

Sign In

Kameronfox

Posts

Joined

Last visited

Reputation

I think my computer is infected with powerful malware..HELP! :(

I think my computer is infected with powerful malware..HELP! :(

I think my computer is infected with powerful malware..HELP! :(

I think my computer is infected with powerful malware..HELP! :(

Browse

Activity

Personal

Business

Business Modules

Partners

Learn

Start here

Type of malware/attacks

How does it get on my computer?

Scams and grifts

Support

Important Information