Serascel

Members
  • Content count

    29
  • Joined

  • Last visited

About Serascel

  • Rank
    New Member
  1. Just finished formating, wiped C:\ completely and some of the things on my other drive, and installed W7 again, everything looks normal, scans are clear. Thanks a lot for your help.
  2. Before, just after I open the notepad and start to type, it blue screens..
  3. Keep getting blue screened after being 30 seconds or so on Command Prompt mode, tryed 3 times, same over and over, blue screen and reset.
  4. Renamed, runs fine without a problem, but doesnt create the .txt
  5. Did that, doesnt give any errors, but it doesnt creat the .txt either..
  6. E:\Documents\ComboFix.exe
  7. "Windows cannot find 'combofix'. Make sure you typed the name correctly, and then try again." Thats the error/windows message I get after doing that
  8. Not that I can see, it just deletes then extracts, then while extracting it gives the iexplore.exe error.
  9. . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_29 Run by Javier at 15:01:17 on 2012-03-11 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.34.1033.18.8169.3303 [GMT 1:00] . SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe E:\Tribes\HiPatchService.exe C:\Windows\system32\IProsetMonitor.exe C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\SysWOW64\PnkBstrA.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Windows\system32\svchost.exe -k imgsvc E:\Tunngle\TnglCtrl.exe C:\Windows\SysWOW64\UAService7.exe C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe C:\Windows\SysWOW64\vmnat.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\SysWOW64\vmnetdhcp.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe E:\HP\Digital Imaging\bin\hpqtra08.exe E:\HP\HP Software Update\hpwuSchd2.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\pnSvc.exe C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe E:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe C:\Program Files\Java\jre7\bin\javaw.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\iPod\bin\iPodService.exe C:\Windows\system32\SearchIndexer.exe E:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe E:\HP\Digital Imaging\bin\hpqSTE08.exe E:\HP\Digital Imaging\bin\hpqbam08.exe E:\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe E:\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\taskhost.exe C:\Windows\explorer.exe C:\Program Files (x86)\iTunes\iTunes.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe E:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\Common Files\Acronis\TrueImageHome\TrueImageHomeService.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe C:\Windows\system32\WUDFHost.exe E:\Malwarebytes' Anti-Malware\Malwarebytes' Anti-Malware\mbamgui.exe "C:\Windows\system32\svchost.exe" C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uInternet Settings,ProxyServer = http=210.107.100.251:8080;https=210.107.100.251:8080;ftp=210.107.100.251:8080 uInternet Settings,ProxyOverride = *.local uURLSearchHooks: SearchHook Class: {bc86e1ab-eda5-4059-938f-ce307b0c6f0a} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - E:\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - E:\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background uRun: [DAEMON Tools Lite] "E:\DAEMON Tools Lite\DTLite.exe" -autorun uRun: [FileHippo.com] "E:\FileHippo.com\UpdateChecker.exe" /background uRun: [Google Update] "C:\Users\Javier\AppData\Local\Google\Update\GoogleUpdate.exe" /c uRun: [Akamai NetSession Interface] "C:\Users\Javier\AppData\Local\Akamai\netsession_win.exe" mRun: [bCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" mRun: [HP Software Update] E:\HP\HP Software Update\HPWuSchd2.exe mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [Razer Naga Driver] E:\Razer\Naga\RazerNagaSysTray.exe mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [Malwarebytes' Anti-Malware] "E:\Malwarebytes' Anti-Malware\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mExplorerRun: [17314] C:\PROGRA~3\LOCALS~1\Temp\mshovhl.bat StartupFolder: C:\Users\Javier\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Javier\AppData\Roaming\Dropbox\bin\Dropbox.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - E:\HP\Digital Imaging\bin\hpqtra08.exe mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) mPolicies-system: EnableLinkedConnections = 1 (0x1) IE: Descargar con Mipony - file://E:\MiPony\Browser\IEContext.htm IE: Free YouTube to iPhone Converter - C:\Users\Javier\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoiphoneconverter.htm IE: Free YouTube to MP3 Converter - C:\Users\Javier\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - E:\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll LSP: mswsock.dll LSP: %SystemRoot%\system32\vsocklib.dll DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab TCP: DhcpNameServer = 87.216.1.65 87.216.1.66 TCP: Interfaces\{0EF470FC-2CA4-4648-8DEA-426EB57A57B4} : DhcpNameServer = 87.216.1.65 87.216.1.66 TCP: Interfaces\{593690F9-0E56-4C39-BAEA-38D547F2DC69} : DhcpNameServer = 7.254.254.254 TCP: Interfaces\{7748365C-5BD9-45C3-9CD2-56B9B7A2EABC} : DhcpNameServer = 95.141.192.4 TCP: Interfaces\{8AE21A37-27A6-4BB0-9A36-37C62A838C69} : DhcpNameServer = 87.216.1.65 87.216.1.66 SubSystems: Windows = basesrv,1 winsrv:UserServerDllInitialization,3 consrv:ConServerDllInitialization,2 sxssrv,4 BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - E:\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll BHO-X64: HP Print Enhancer - No File BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll BHO-X64: Increase performance and video formats for your HTML5 <video> - No File BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - E:\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll BHO-X64: HP Smart BHO Class - No File mRun-x64: [bCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" mRun-x64: [HP Software Update] E:\HP\HP Software Update\HPWuSchd2.exe mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [Razer Naga Driver] E:\Razer\Naga\RazerNagaSysTray.exe mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [Malwarebytes' Anti-Malware] "E:\Malwarebytes' Anti-Malware\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Javier\AppData\Roaming\Mozilla\Firefox\Profiles\f50z0qws.default\ FF - prefs.js: network.proxy.type - 0 FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll FF - plugin: C:\Users\Javier\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll FF - plugin: C:\Users\Javier\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll FF - plugin: C:\Users\Javier\AppData\Roaming\Mozilla\Firefox\Profiles\f50z0qws.default\extensions\LogMeInClient@logmein.com\plugins\npRACtrl.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll FF - plugin: E:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll FF - plugin: E:\Program Files (x86)\Adobe\Reader 9.0\Reader\browser\nppdf32.dll FF - plugin: E:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll . ============= SERVICES / DRIVERS =============== . R0 AiCharger;ASUS Charger Driver;C:\Windows\system32\DRIVERS\AiCharger.sys --> C:\Windows\system32\DRIVERS\AiCharger.sys [?] R0 mv91xx;mv91xx;C:\Windows\system32\DRIVERS\mv91xx.sys --> C:\Windows\system32\DRIVERS\mv91xx.sys [?] R0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);C:\Windows\system32\DRIVERS\tdrpm273.sys --> C:\Windows\system32\DRIVERS\tdrpm273.sys [?] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928] R2 afcdpsrv;Acronis Nonstop Backup Service;C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2011-7-7 3246040] R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [2010-11-3 918144] R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe [2010-12-2 915584] R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [2011-7-6 586880] R2 BCUService;Browser Configuration Utility Service;C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2009-10-26 223464] R2 DTSAudioService;DTSAudioService;C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe [2011-11-13 210024] R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;E:\Tribes\HiPatchService.exe [2012-2-17 8704] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-7-6 13336] R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;C:\Windows\system32\IProsetMonitor.exe --> C:\Windows\system32\IProsetMonitor.exe [?] R2 MBAMService;MBAMService;E:\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-11 366152] R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-7-6 2255464] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-10-14 381248] R2 TunngleService;TunngleService;E:\Tunngle\TnglCtrl.exe [2011-8-15 741224] R2 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2011-8-29 846448] R3 afcdp;afcdp;C:\Windows\system32\DRIVERS\afcdp.sys --> C:\Windows\system32\DRIVERS\afcdp.sys [?] R3 e1cexpress;Intel® PRO/1000 PCI Express Network Connection Driver C;C:\Windows\system32\DRIVERS\e1c62x64.sys --> C:\Windows\system32\DRIVERS\e1c62x64.sys [?] R3 ICCWDT;Intel® Watchdog Timer Driver (Intel® WDT);C:\Windows\system32\DRIVERS\ICCWDT.sys --> C:\Windows\system32\DRIVERS\ICCWDT.sys [?] R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] R3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?] R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?] R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] R3 RzSynapse;Razer Driver;C:\Windows\system32\DRIVERS\RzSynapse.sys --> C:\Windows\system32\DRIVERS\RzSynapse.sys [?] R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);C:\Windows\system32\DRIVERS\tap0901t.sys --> C:\Windows\system32\DRIVERS\tap0901t.sys [?] R3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] R3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 dmvsc;dmvsc;C:\Windows\system32\drivers\dmvsc.sys --> C:\Windows\system32\drivers\dmvsc.sys [?] S3 npggsvc;nProtect GameGuard Service;C:\Windows\system32\GameMon.des -service --> C:\Windows\system32\GameMon.des -service [?] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?] S3 Synth3dVsc;Synth3dVsc;C:\Windows\system32\drivers\synth3dvsc.sys --> C:\Windows\system32\drivers\synth3dvsc.sys [?] S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\system32\drivers\terminpt.sys --> C:\Windows\system32\drivers\terminpt.sys [?] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?] S3 tsusbhub;tsusbhub;C:\Windows\system32\drivers\tsusbhub.sys --> C:\Windows\system32\drivers\tsusbhub.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] . =============== Created Last 30 ================ . 2012-03-10 08:56:24 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy 2012-03-10 08:56:24 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2012-03-10 08:55:13 0 --sha-w- C:\Windows\System32\dds_log_ad13.cmd 2012-03-10 08:54:06 -------- d-sh--w- C:\Users\Javier\AppData\Local\7d1143f4 2012-03-09 16:23:00 8643640 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D43C1CFF-7E4F-4AEA-B0CF-08F9E1E01421}\mpengine.dll 2012-03-08 21:02:06 -------- d-----w- C:\Users\Javier\AppData\Local\Red 5 Studios 2012-03-08 14:58:03 -------- d-----w- C:\Program Files\iPod 2012-03-08 14:58:01 -------- d-----w- C:\Program Files\iTunes 2012-03-08 14:58:01 -------- d-----w- C:\Program Files (x86)\iTunes 2012-03-08 14:55:31 750488 ----a-w- C:\Windows\System32\npdeployJava1.dll 2012-03-08 13:25:53 -------- d-----w- C:\Users\Javier\AppData\Roaming\kodak 2012-03-06 15:20:11 -------- d-----w- C:\Users\Javier\vm 2012-03-05 12:53:19 -------- d-----w- C:\Users\Javier\AppData\Local\VMware 2012-03-05 12:49:11 63088 ----a-w- C:\Windows\System32\drivers\vmx86.sys 2012-03-05 12:48:48 354416 ----a-w- C:\Windows\SysWow64\vmnetdhcp.exe 2012-03-05 12:48:47 433264 ----a-w- C:\Windows\SysWow64\vmnat.exe 2012-03-05 12:48:47 30320 ----a-w- C:\Windows\System32\drivers\vmnetuserif.sys 2012-03-05 12:48:46 942192 ----a-w- C:\Windows\System32\vnetlib64.dll 2012-03-05 12:48:44 39024 ----a-w- C:\Windows\System32\drivers\hcmon.sys 2012-03-05 12:48:44 32880 ----a-w- C:\Windows\System32\drivers\VMkbd.sys 2012-03-05 12:48:27 -------- d-----w- C:\Users\Javier\messages 2012-03-05 12:48:27 -------- d-----w- C:\Program Files (x86)\VMware 2012-03-05 12:48:27 -------- d-----w- C:\Program Files (x86)\Common Files\VMware 2012-03-05 12:48:20 -------- d-----w- C:\Program Files\Common Files\VMware 2012-03-05 11:36:22 -------- d-----w- C:\Program Files\Business Objects 2012-03-05 11:35:32 -------- d-----w- C:\Windows\SysWow64\js 2012-03-05 11:35:32 -------- d-----w- C:\Windows\SysWow64\images 2012-03-05 11:35:32 -------- d-----w- C:\Windows\SysWow64\html 2012-03-05 11:35:32 -------- d-----w- C:\Windows\SysWow64\css 2012-03-05 11:35:32 -------- d-----w- C:\Program Files (x86)\Business Objects 2012-03-05 11:32:08 -------- d-----w- C:\ProgramData\PreEmptive Solutions 2012-03-05 11:30:08 -------- d-----w- C:\Windows\SysWow64\3082 2012-03-05 11:29:37 -------- d-----w- C:\Program Files (x86)\HTML Help Workshop 2012-03-05 11:29:37 -------- d-----w- C:\Program Files (x86)\Common Files\Merge Modules 2012-03-05 11:29:37 -------- d-----w- C:\Program Files (x86)\CE Remote Tools 2012-03-05 11:18:10 -------- d-----w- C:\Program Files\Microsoft Device Emulator 2012-03-05 11:18:10 -------- d-----w- C:\Program Files (x86)\Microsoft Device Emulator 2012-03-05 11:09:51 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8 2012-03-05 11:09:46 -------- d-----w- C:\Program Files (x86)\Microsoft Web Designer Tools 2012-03-05 11:09:20 96272 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Help 9\Microsoft Document Explorer 2008 Language Pack - ESN\install.res.3082.dll 2012-03-05 11:09:20 562688 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Help 9\Microsoft Document Explorer 2008 Language Pack - ESN\install.exe 2012-03-05 11:09:14 -------- d-----w- C:\Users\Javier\AppData\Local\Microsoft Help 2012-03-01 21:13:50 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 10.0 2012-03-01 17:45:07 1710336 ----a-w- C:\ProgramData\Microsoft\VisualStudio\10.0\3082\ResourceCache.dll 2012-02-29 15:10:12 -------- d-----w- C:\Program Files\Microsoft SQL Server 2012-02-29 15:10:07 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server 2012-02-29 15:09:57 -------- d-----w- C:\Program Files\Microsoft Synchronization Services 2012-02-29 15:09:57 -------- d-----w- C:\Program Files\Microsoft SQL Server Compact Edition 2012-02-29 15:09:55 -------- d-----w- C:\Program Files (x86)\Microsoft Synchronization Services 2012-02-29 15:09:55 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2012-02-29 15:07:27 -------- d-----w- C:\Program Files (x86)\Microsoft ASP.NET 2012-02-29 15:07:25 -------- d-----w- C:\Program Files\IIS 2012-02-29 15:07:25 -------- d-----w- C:\Program Files (x86)\IIS 2012-02-29 15:07:03 1632288 ----a-w- C:\ProgramData\Microsoft\VisualStudio\10.0\1033\ResourceCache.dll 2012-02-29 15:01:57 -------- d-----w- C:\Program Files\Microsoft Help Viewer 2012-02-29 15:00:30 -------- d-----w- C:\Windows\PCHEALTH 2012-02-26 12:36:27 48167 ----a-w- C:\Windows\SysWow64\uninst.exe 2012-02-23 15:05:21 -------- d-----w- C:\Users\Javier\AppData\Roaming\FOG Downloader 2012-02-17 15:10:21 -------- d-----w- C:\Users\Javier\AppData\Local\Chromium 2012-02-17 14:16:36 -------- d-----w- C:\ProgramData\Hi-Rez Studios 2012-02-16 20:38:09 -------- d-----w- C:\ProgramData\EA Logs 2012-02-16 02:00:32 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-02-15 10:01:50 52736 ----a-w- C:\Windows\System32\drivers\usbaapl64.sys 2012-02-15 10:01:50 4547944 ----a-w- C:\Windows\System32\usbaaplrc.dll 2012-02-15 06:39:15 515584 ----a-w- C:\Windows\System32\timedate.cpl 2012-02-15 06:39:15 509952 ----a-w- C:\Windows\System32\ntshrui.dll 2012-02-15 06:39:15 498688 ----a-w- C:\Windows\System32\drivers\afd.sys 2012-02-15 06:39:15 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl 2012-02-15 06:39:15 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll 2012-02-15 06:39:15 3145728 ----a-w- C:\Windows\System32\win32k.sys 2012-02-15 06:39:14 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll 2012-02-15 06:39:14 634880 ----a-w- C:\Windows\System32\msvcrt.dll . ==================== Find3M ==================== . 2012-03-10 10:07:00 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-03-08 14:55:27 660368 ----a-w- C:\Windows\System32\deployJava1.dll 2012-02-23 08:18:36 279656 ------w- C:\Windows\System32\MpSigStub.exe 2012-02-16 21:01:06 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe 2012-02-16 21:00:54 282864 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr 2012-02-16 21:00:54 282864 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe 2012-02-16 20:57:03 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0 2011-12-14 07:11:03 2308096 ----a-w- C:\Windows\System32\jscript9.dll 2011-12-14 07:04:30 1390080 ----a-w- C:\Windows\System32\wininet.dll 2011-12-14 07:03:38 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl 2011-12-14 06:57:28 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2011-12-14 03:04:54 1798656 ----a-w- C:\Windows\SysWow64\jscript9.dll 2011-12-14 02:57:18 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll 2011-12-14 02:56:58 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl . ============= FINISH: 15:01:41,46 ===============
  10. Now its giving me an error, "Error opening file for writing: C:\32788R22FWJFW\License\iexplore.exe Click Abort to stop the installation, Retry to try again, or Ignore to skip this file.
  11. Finishes Completely
  12. Runned Combofix like 5 times now in a row, but no Combofix.txt being created, its not appearing at C:\ or anywhere else, tryed redownloading combofix, but same problem, Comobfix runs fine, but no .txt being created..
  13. . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_29 Run by Javier at 13:25:35 on 2012-03-11 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.34.1033.18.8169.4645 [GMT 1:00] . SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe E:\Tribes\HiPatchService.exe C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt C:\Windows\system32\IProsetMonitor.exe C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\SysWOW64\PnkBstrA.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Windows\system32\svchost.exe -k imgsvc E:\Tunngle\TnglCtrl.exe C:\Windows\SysWOW64\UAService7.exe C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe C:\Windows\SysWOW64\vmnat.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\SysWOW64\vmnetdhcp.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Users\Javier\AppData\Local\Akamai\netsession_win.exe C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe C:\Users\Javier\AppData\Local\Akamai\netsession_win.exe E:\HP\Digital Imaging\bin\hpqtra08.exe C:\Users\Javier\AppData\Roaming\Dropbox\bin\Dropbox.exe E:\HP\HP Software Update\hpwuSchd2.exe E:\Razer\Naga\RazerNagaSysTray.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe E:\Malwarebytes' Anti-Malware\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\pnSvc.exe C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe E:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe E:\Malwarebytes' Anti-Malware\Malwarebytes' Anti-Malware\mbam.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Java\jre7\bin\javaw.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\iPod\bin\iPodService.exe C:\Windows\system32\SearchIndexer.exe E:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe E:\HP\Digital Imaging\bin\hpqSTE08.exe E:\HP\Digital Imaging\bin\hpqbam08.exe E:\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe E:\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\taskhost.exe C:\Windows\explorer.exe E:\Malwarebytes' Anti-Malware\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files (x86)\iTunes\iTunes.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe C:\Windows\system32\conhost.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe C:\Windows\system32\conhost.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uInternet Settings,ProxyServer = http=210.107.100.251:8080;https=210.107.100.251:8080;ftp=210.107.100.251:8080 uInternet Settings,ProxyOverride = *.local uURLSearchHooks: SearchHook Class: {bc86e1ab-eda5-4059-938f-ce307b0c6f0a} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - E:\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - E:\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background uRun: [DAEMON Tools Lite] "E:\DAEMON Tools Lite\DTLite.exe" -autorun uRun: [FileHippo.com] "E:\FileHippo.com\UpdateChecker.exe" /background uRun: [Google Update] "C:\Users\Javier\AppData\Local\Google\Update\GoogleUpdate.exe" /c uRun: [Akamai NetSession Interface] "C:\Users\Javier\AppData\Local\Akamai\netsession_win.exe" mRun: [bCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" mRun: [HP Software Update] E:\HP\HP Software Update\HPWuSchd2.exe mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [Razer Naga Driver] E:\Razer\Naga\RazerNagaSysTray.exe mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [Malwarebytes' Anti-Malware] "E:\Malwarebytes' Anti-Malware\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mExplorerRun: [17314] C:\PROGRA~3\LOCALS~1\Temp\mshovhl.bat StartupFolder: C:\Users\Javier\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Javier\AppData\Roaming\Dropbox\bin\Dropbox.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - E:\HP\Digital Imaging\bin\hpqtra08.exe mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) mPolicies-system: EnableLinkedConnections = 1 (0x1) IE: Descargar con Mipony - file://E:\MiPony\Browser\IEContext.htm IE: Free YouTube to iPhone Converter - C:\Users\Javier\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoiphoneconverter.htm IE: Free YouTube to MP3 Converter - C:\Users\Javier\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - E:\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll LSP: mswsock.dll LSP: %SystemRoot%\system32\vsocklib.dll DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab TCP: DhcpNameServer = 87.216.1.65 87.216.1.66 TCP: Interfaces\{0EF470FC-2CA4-4648-8DEA-426EB57A57B4} : DhcpNameServer = 87.216.1.65 87.216.1.66 TCP: Interfaces\{593690F9-0E56-4C39-BAEA-38D547F2DC69} : DhcpNameServer = 7.254.254.254 TCP: Interfaces\{7748365C-5BD9-45C3-9CD2-56B9B7A2EABC} : DhcpNameServer = 95.141.192.4 TCP: Interfaces\{8AE21A37-27A6-4BB0-9A36-37C62A838C69} : DhcpNameServer = 87.216.1.65 87.216.1.66 SubSystems: Windows = basesrv,1 winsrv:UserServerDllInitialization,3 consrv:ConServerDllInitialization,2 sxssrv,4 BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - E:\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll BHO-X64: HP Print Enhancer - No File BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll BHO-X64: Increase performance and video formats for your HTML5 <video> - No File BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - E:\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll BHO-X64: HP Smart BHO Class - No File mRun-x64: [bCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" mRun-x64: [HP Software Update] E:\HP\HP Software Update\HPWuSchd2.exe mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [Razer Naga Driver] E:\Razer\Naga\RazerNagaSysTray.exe mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [Malwarebytes' Anti-Malware] "E:\Malwarebytes' Anti-Malware\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Javier\AppData\Roaming\Mozilla\Firefox\Profiles\f50z0qws.default\ FF - prefs.js: network.proxy.type - 0 FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll FF - plugin: C:\Users\Javier\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll FF - plugin: C:\Users\Javier\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll FF - plugin: C:\Users\Javier\AppData\Roaming\Mozilla\Firefox\Profiles\f50z0qws.default\extensions\LogMeInClient@logmein.com\plugins\npRACtrl.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll FF - plugin: E:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll FF - plugin: E:\Program Files (x86)\Adobe\Reader 9.0\Reader\browser\nppdf32.dll FF - plugin: E:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll . ============= SERVICES / DRIVERS =============== . R0 AiCharger;ASUS Charger Driver;C:\Windows\system32\DRIVERS\AiCharger.sys --> C:\Windows\system32\DRIVERS\AiCharger.sys [?] R0 mv91xx;mv91xx;C:\Windows\system32\DRIVERS\mv91xx.sys --> C:\Windows\system32\DRIVERS\mv91xx.sys [?] R0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);C:\Windows\system32\DRIVERS\tdrpm273.sys --> C:\Windows\system32\DRIVERS\tdrpm273.sys [?] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928] R2 afcdpsrv;Acronis Nonstop Backup Service;C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2011-7-7 3246040] R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [2010-11-3 918144] R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe [2010-12-2 915584] R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [2011-7-6 586880] R2 BCUService;Browser Configuration Utility Service;C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2009-10-26 223464] R2 DTSAudioService;DTSAudioService;C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe [2011-11-13 210024] R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;E:\Tribes\HiPatchService.exe [2012-2-17 8704] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-7-6 13336] R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;C:\Windows\system32\IProsetMonitor.exe --> C:\Windows\system32\IProsetMonitor.exe [?] R2 MBAMService;MBAMService;E:\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-11 366152] R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-7-6 2255464] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-10-14 381248] R2 TunngleService;TunngleService;E:\Tunngle\TnglCtrl.exe [2011-8-15 741224] R2 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2011-8-29 846448] R3 afcdp;afcdp;C:\Windows\system32\DRIVERS\afcdp.sys --> C:\Windows\system32\DRIVERS\afcdp.sys [?] R3 e1cexpress;Intel® PRO/1000 PCI Express Network Connection Driver C;C:\Windows\system32\DRIVERS\e1c62x64.sys --> C:\Windows\system32\DRIVERS\e1c62x64.sys [?] R3 ICCWDT;Intel® Watchdog Timer Driver (Intel® WDT);C:\Windows\system32\DRIVERS\ICCWDT.sys --> C:\Windows\system32\DRIVERS\ICCWDT.sys [?] R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] R3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?] R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?] R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] R3 RzSynapse;Razer Driver;C:\Windows\system32\DRIVERS\RzSynapse.sys --> C:\Windows\system32\DRIVERS\RzSynapse.sys [?] R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);C:\Windows\system32\DRIVERS\tap0901t.sys --> C:\Windows\system32\DRIVERS\tap0901t.sys [?] R3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 dmvsc;dmvsc;C:\Windows\system32\drivers\dmvsc.sys --> C:\Windows\system32\drivers\dmvsc.sys [?] S3 npggsvc;nProtect GameGuard Service;C:\Windows\system32\GameMon.des -service --> C:\Windows\system32\GameMon.des -service [?] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?] S3 Synth3dVsc;Synth3dVsc;C:\Windows\system32\drivers\synth3dvsc.sys --> C:\Windows\system32\drivers\synth3dvsc.sys [?] S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\system32\drivers\terminpt.sys --> C:\Windows\system32\drivers\terminpt.sys [?] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?] S3 tsusbhub;tsusbhub;C:\Windows\system32\drivers\tsusbhub.sys --> C:\Windows\system32\drivers\tsusbhub.sys [?] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] . =============== Created Last 30 ================ . 2012-03-10 08:56:24 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy 2012-03-10 08:56:24 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2012-03-10 08:55:13 0 --sha-w- C:\Windows\System32\dds_log_ad13.cmd 2012-03-10 08:54:06 -------- d-sh--w- C:\Users\Javier\AppData\Local\7d1143f4 2012-03-09 16:23:00 8643640 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D43C1CFF-7E4F-4AEA-B0CF-08F9E1E01421}\mpengine.dll 2012-03-08 21:02:06 -------- d-----w- C:\Users\Javier\AppData\Local\Red 5 Studios 2012-03-08 14:58:03 -------- d-----w- C:\Program Files\iPod 2012-03-08 14:58:01 -------- d-----w- C:\Program Files\iTunes 2012-03-08 14:58:01 -------- d-----w- C:\Program Files (x86)\iTunes 2012-03-08 14:55:31 750488 ----a-w- C:\Windows\System32\npdeployJava1.dll 2012-03-08 13:25:53 -------- d-----w- C:\Users\Javier\AppData\Roaming\kodak 2012-03-06 15:20:11 -------- d-----w- C:\Users\Javier\vm 2012-03-05 12:53:19 -------- d-----w- C:\Users\Javier\AppData\Local\VMware 2012-03-05 12:49:11 63088 ----a-w- C:\Windows\System32\drivers\vmx86.sys 2012-03-05 12:48:48 354416 ----a-w- C:\Windows\SysWow64\vmnetdhcp.exe 2012-03-05 12:48:47 433264 ----a-w- C:\Windows\SysWow64\vmnat.exe 2012-03-05 12:48:47 30320 ----a-w- C:\Windows\System32\drivers\vmnetuserif.sys 2012-03-05 12:48:46 942192 ----a-w- C:\Windows\System32\vnetlib64.dll 2012-03-05 12:48:44 39024 ----a-w- C:\Windows\System32\drivers\hcmon.sys 2012-03-05 12:48:44 32880 ----a-w- C:\Windows\System32\drivers\VMkbd.sys 2012-03-05 12:48:27 -------- d-----w- C:\Users\Javier\messages 2012-03-05 12:48:27 -------- d-----w- C:\Program Files (x86)\VMware 2012-03-05 12:48:27 -------- d-----w- C:\Program Files (x86)\Common Files\VMware 2012-03-05 12:48:20 -------- d-----w- C:\Program Files\Common Files\VMware 2012-03-05 11:36:22 -------- d-----w- C:\Program Files\Business Objects 2012-03-05 11:35:32 -------- d-----w- C:\Windows\SysWow64\js 2012-03-05 11:35:32 -------- d-----w- C:\Windows\SysWow64\images 2012-03-05 11:35:32 -------- d-----w- C:\Windows\SysWow64\html 2012-03-05 11:35:32 -------- d-----w- C:\Windows\SysWow64\css 2012-03-05 11:35:32 -------- d-----w- C:\Program Files (x86)\Business Objects 2012-03-05 11:32:08 -------- d-----w- C:\ProgramData\PreEmptive Solutions 2012-03-05 11:30:08 -------- d-----w- C:\Windows\SysWow64\3082 2012-03-05 11:29:37 -------- d-----w- C:\Program Files (x86)\HTML Help Workshop 2012-03-05 11:29:37 -------- d-----w- C:\Program Files (x86)\Common Files\Merge Modules 2012-03-05 11:29:37 -------- d-----w- C:\Program Files (x86)\CE Remote Tools 2012-03-05 11:18:10 -------- d-----w- C:\Program Files\Microsoft Device Emulator 2012-03-05 11:18:10 -------- d-----w- C:\Program Files (x86)\Microsoft Device Emulator 2012-03-05 11:09:51 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8 2012-03-05 11:09:46 -------- d-----w- C:\Program Files (x86)\Microsoft Web Designer Tools 2012-03-05 11:09:20 96272 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Help 9\Microsoft Document Explorer 2008 Language Pack - ESN\install.res.3082.dll 2012-03-05 11:09:20 562688 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Help 9\Microsoft Document Explorer 2008 Language Pack - ESN\install.exe 2012-03-05 11:09:14 -------- d-----w- C:\Users\Javier\AppData\Local\Microsoft Help 2012-03-01 21:13:50 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 10.0 2012-03-01 17:45:07 1710336 ----a-w- C:\ProgramData\Microsoft\VisualStudio\10.0\3082\ResourceCache.dll 2012-02-29 15:10:12 -------- d-----w- C:\Program Files\Microsoft SQL Server 2012-02-29 15:10:07 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server 2012-02-29 15:09:57 -------- d-----w- C:\Program Files\Microsoft Synchronization Services 2012-02-29 15:09:57 -------- d-----w- C:\Program Files\Microsoft SQL Server Compact Edition 2012-02-29 15:09:55 -------- d-----w- C:\Program Files (x86)\Microsoft Synchronization Services 2012-02-29 15:09:55 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2012-02-29 15:07:27 -------- d-----w- C:\Program Files (x86)\Microsoft ASP.NET 2012-02-29 15:07:25 -------- d-----w- C:\Program Files\IIS 2012-02-29 15:07:25 -------- d-----w- C:\Program Files (x86)\IIS 2012-02-29 15:07:03 1632288 ----a-w- C:\ProgramData\Microsoft\VisualStudio\10.0\1033\ResourceCache.dll 2012-02-29 15:01:57 -------- d-----w- C:\Program Files\Microsoft Help Viewer 2012-02-29 15:00:30 -------- d-----w- C:\Windows\PCHEALTH 2012-02-26 12:36:27 48167 ----a-w- C:\Windows\SysWow64\uninst.exe 2012-02-23 15:05:21 -------- d-----w- C:\Users\Javier\AppData\Roaming\FOG Downloader 2012-02-17 15:10:21 -------- d-----w- C:\Users\Javier\AppData\Local\Chromium 2012-02-17 14:16:36 -------- d-----w- C:\ProgramData\Hi-Rez Studios 2012-02-16 20:38:09 -------- d-----w- C:\ProgramData\EA Logs 2012-02-16 02:00:32 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-02-15 10:01:50 52736 ----a-w- C:\Windows\System32\drivers\usbaapl64.sys 2012-02-15 10:01:50 4547944 ----a-w- C:\Windows\System32\usbaaplrc.dll 2012-02-15 06:39:15 515584 ----a-w- C:\Windows\System32\timedate.cpl 2012-02-15 06:39:15 509952 ----a-w- C:\Windows\System32\ntshrui.dll 2012-02-15 06:39:15 498688 ----a-w- C:\Windows\System32\drivers\afd.sys 2012-02-15 06:39:15 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl 2012-02-15 06:39:15 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll 2012-02-15 06:39:15 3145728 ----a-w- C:\Windows\System32\win32k.sys 2012-02-15 06:39:14 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll 2012-02-15 06:39:14 634880 ----a-w- C:\Windows\System32\msvcrt.dll . ==================== Find3M ==================== . 2012-03-10 10:07:00 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-03-08 14:55:27 660368 ----a-w- C:\Windows\System32\deployJava1.dll 2012-02-23 08:18:36 279656 ------w- C:\Windows\System32\MpSigStub.exe 2012-02-16 21:01:06 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe 2012-02-16 21:00:54 282864 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr 2012-02-16 21:00:54 282864 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe 2012-02-16 20:57:03 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0 2011-12-14 07:11:03 2308096 ----a-w- C:\Windows\System32\jscript9.dll 2011-12-14 07:04:30 1390080 ----a-w- C:\Windows\System32\wininet.dll 2011-12-14 07:03:38 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl 2011-12-14 06:57:28 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2011-12-14 03:04:54 1798656 ----a-w- C:\Windows\SysWow64\jscript9.dll 2011-12-14 02:57:18 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll 2011-12-14 02:56:58 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl . ============= FINISH: 13:25:57,98 =============== Thanks.
  14. Ive tryed MBAM deleting them after plenty of scans, but after computer restart and another quickscan, they keep showing.... seems to be running ok, maybe a little slugish.. Thanks.
  15. Deleted, restarted, but they still show on the scans... Protection: Enabled 11/03/2012 0:00:34 mbam-log-2012-03-11 (00-02-37).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 215756 Time elapsed: 1 minute(s), 35 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run|17314 (Trojan.Agent) -> Data: C:\PROGRA~3\LOCALS~1\Temp\mshovhl.bat -> No action taken. Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 1 C:\Users\Javier\AppData\Local\Temp\{E9C1E1AC-C9B2-4c85-94DE-9C1518918D02}.tlb (Rootkit.Zeroaccess) -> No action taken. (end)