Inactive PC really bogging. No malware\viruses

Status
Not open for further replies.
Any help is greatly appreciated. System is bogging a lot lately.

Malwarebytes Anti-Malware (Trial) 1.62.0.1300
www.malwarebytes.org

Database version: v2012.09.03.07

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Joe :: JOE-BBO6P085Z16 [administrator]

Protection: Enabled

9/3/2012 3:21:03 PM
mbam-log-2012-09-03 (15-21-03).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 322588
Time elapsed: 42 minute(s), 43 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\Documents and Settings\Joe\My Documents\Downloads\mediaplayer(1).exe (PUP.BundleOffers.IIQ) -> Quarantined and deleted successfully.
C:\Documents and Settings\Joe\My Documents\Downloads\mediaplayer.exe (PUP.BundleOffers.IIQ) -> Quarantined and deleted successfully.

(end)

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2012-09-30 01:14:06
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\00000070 ST2000DL003-9VT166 rev.CC3C
Running: wg7tiyv9.exe; Driver: C:\DOCUME~1\JOE~1.JOE\LOCALS~1\Temp\uwddrfoc.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwEnumerateKey [0xB126D932]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwEnumerateValueKey [0xB126D79D]

Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0xB1316966]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software)

AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

---- EOF - GMER 1.0.15 ----

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_30
Run by Joe at 1:09:43 on 2012-09-30
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3071.2365 [GMT -4:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Lavasoft Ad-Aware *Disabled/Updated* {964FCE60-0B18-4D30-ADD6-EB178909041C}
FW: Lavasoft Ad-Aware *Disabled*
FW: avast! Antivirus *Disabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\Program Files\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\lvhidsvc.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Documents and Settings\All Users.WINDOWS\Application Data\Ad-Aware Browsing Protection\adawarebp.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Joe.JOE-BBO6P085Z16\My Documents\Downloads\wg7tiyv9.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.ca/
uURLSearchHooks: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} - c:\program files\pc tools\pc tools security\bdt\PCTBrowserDefender.dll
mWinlogon: UIHost=c:\documents and settings\all users.windows\application data\tuneup software\tuneup utilities 2012\winstyler\tu_logonui.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: PC Tools Browser Guard BHO: {2a0f3d1b-0909-4ff4-b272-609cce6054e7} - c:\program files\pc tools\pc tools security\bdt\PCTBrowserDefender.dll
BHO: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - c:\program files\adawaretb\adawareDx.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
TB: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} - c:\program files\pc tools\pc tools security\bdt\PCTBrowserDefender.dll
TB: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - c:\program files\adawaretb\adawareDx.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe" /MINIMIZED
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Ad-Aware Browsing Protection] "c:\documents and settings\all users.windows\application data\ad-aware browsing protection\adawarebp.exe"
mRun: [Ad-Aware Antivirus] "c:\program files\ad-aware antivirus\AdAwareLauncher" --windows-run
mRun: [Trend Micro RUBotted V2.0 Beta] c:\program files\trend micro\rubotted\RUBottedGUI.exe
mRunOnce: [Malwarebytes Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
StartupFolder: c:\docume~1\alluse~1.win\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} - hxxp://support.asus.com/select/asusTek_sys_ctrl3.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
TCP: DhcpNameServer = 64.71.255.198
TCP: Interfaces\{919AD881-0523-4D36-BCFB-2B843FF4800D} : DhcpNameServer = 64.71.255.198
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office14\GROOVEEX.DLL
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\joe.joe-bbo6p085z16\application data\mozilla\firefox\profiles\vcubcmfm.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - hxxp://www.google.ca/
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&q=
FF - plugin: c:\documents and settings\joe.joe-bbo6p085z16\application data\mozilla\firefox\profiles\vcubcmfm.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\plugins\np-mswmp.dll
FF - plugin: c:\documents and settings\joe.joe-bbo6p085z16\application data\mozilla\plugins\npDXStudioPlugin.DLL
FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPAskSBr.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\sony\media go\npmediago.dll
FF - plugin: c:\program files\sony\playstation network downloader\nppsndl.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_262.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=108298
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.id - f4be84ef0000000000000015f24a9d59
FF - user.js: extensions.BabylonToolbar_i.hardId - f4be84ef0000000000000015f24a9d59
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15359
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1721:48:02
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-12-29 729752]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-12-29 355632]
R1 sbaphd;sbaphd;c:\windows\system32\drivers\sbaphd.sys [2012-9-9 21240]
R2 Ad-Aware Service;Ad-Aware Service;c:\program files\ad-aware antivirus\AdAwareService.exe [2012-7-12 1239952]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-12-29 21256]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-12-29 44808]
R2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\pc tools\pc tools security\bdt\BDTUpdateService.exe [2012-9-9 575448]
R2 sbapifs;sbapifs;c:\windows\system32\drivers\sbapifs.sys [2012-9-9 77816]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\tuneup utilities 2012\TuneUpUtilitiesService32.exe [2011-12-14 1514304]
R2 UMVPFSrv;UMVPFSrv;c:\program files\common files\logishrd\lvmvfm\UMVPFSrv.exe [2011-8-19 450848]
R3 CompFilter;UVCCompositeFilter;c:\windows\system32\drivers\lvbusflt.sys [2011-8-19 22176]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2012\TuneUpUtilitiesDriver32.sys [2011-12-12 10064]
S1 SBRE;SBRE;c:\windows\system32\drivers\SBREDrv.sys [2011-10-26 101112]
S2 PS3 Media Server;PS3 Media Server;c:\program files\ps3 media server\win32\service\wrapper.exe [2011-5-17 366872]
S2 RUBotSrv;Trend Micro RUBotted Service;c:\program files\trend micro\rubotted\RUBotSrv.exe [2012-9-15 439632]
S2 SBAMSvc;Ad-Aware;c:\program files\ad-aware antivirus\SBAMSvc.exe [2011-12-19 3289032]
S2 SgtSch2Svc;Seagate Scheduler2 Service;"c:\program files\common files\seagate\schedule2\schedul2.exe" --> c:\program files\common files\seagate\schedule2\schedul2.exe [?]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-1 250568]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2011-6-12 31125880]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-5-22 114144]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2009-10-20 50704]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
S3 PCTBD;PC Tools Browser Defender Driver;c:\windows\system32\drivers\PCTBD.sys [2012-9-9 70768]
S3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2012-1-31 15576]
S3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2012-1-31 10200]
S3 Sony PC Companion;Sony PC Companion;c:\program files\sony\sony pc companion\PCCService.exe [2012-4-19 155320]
.
=============== File Associations ===============
.
.scr=AutoCADScriptFile
.
=============== Created Last 30 ================
.
2012-09-30 04:21:39 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-30 04:21:25 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-09-21 01:19:40 73696 ----a-w- c:\program files\mozilla firefox\breakpadinjector.dll
2012-09-20 02:01:20 -------- d-----w- c:\documents and settings\all users.windows\application data\Ad-Aware Antivirus
2012-09-16 16:40:58 -------- d-sha-r- C:\cmdcons
2012-09-16 16:27:58 98816 ----a-w- c:\windows\sed.exe
2012-09-16 16:27:58 518144 ----a-w- c:\windows\SWREG.exe
2012-09-16 16:27:58 256000 ----a-w- c:\windows\PEV.exe
2012-09-16 16:27:58 208896 ----a-w- c:\windows\MBR.exe
2012-09-16 13:46:22 -------- d-----w- C:\_OTL
2012-09-15 12:05:35 -------- d-----w- c:\documents and settings\all users.windows\application data\Trend Micro
2012-09-15 11:55:15 -------- d-----w- c:\program files\WinPcap
2012-09-15 02:18:31 -------- d-----w- c:\program files\CCleaner
2012-09-10 02:30:31 -------- d-----w- c:\documents and settings\joe.joe-bbo6p085z16\local settings\application data\adaware
2012-09-10 02:30:15 77816 ----a-w- c:\windows\system32\drivers\sbapifs.sys
2012-09-10 02:30:15 21240 ----a-w- c:\windows\system32\drivers\sbaphd.sys
2012-09-10 02:30:05 -------- d-----w- c:\windows\system32\drivers\VDD
2012-09-10 02:30:05 -------- d-----w- c:\program files\Ad-Aware Antivirus
2012-09-10 02:29:08 -------- d-----w- c:\documents and settings\joe.joe-bbo6p085z16\local settings\application data\adawarebp
2012-09-10 02:29:05 -------- d-----w- c:\documents and settings\all users.windows\application data\Ad-Aware Browsing Protection
2012-09-10 02:29:01 -------- d-----w- c:\program files\Toolbar Cleaner
2012-09-10 02:28:46 -------- d-----w- c:\documents and settings\joe.joe-bbo6p085z16\application data\adawaretb
2012-09-10 02:28:44 -------- d-----w- c:\program files\adawaretb
2012-09-10 02:22:53 -------- d-----w- c:\documents and settings\joe.joe-bbo6p085z16\application data\Ad-Aware Antivirus
2012-09-10 02:22:36 -------- d-----w- c:\documents and settings\joe.joe-bbo6p085z16\local settings\application data\Threat Expert
2012-09-10 02:09:09 70768 ----a-w- c:\windows\system32\drivers\PCTBD.sys
2012-09-10 02:09:07 767960 ----a-w- c:\windows\BDTSupport.dll
2012-09-10 02:09:03 149464 ----a-w- c:\windows\SGDetectionTool.dll
2012-09-10 02:09:02 2267096 ----a-w- c:\windows\PCTBDCore.dll
2012-09-10 02:09:02 1689560 ----a-w- c:\windows\PCTBDRes.dll
2012-09-10 02:04:56 -------- d-----w- c:\program files\PC Tools
2012-09-10 01:53:12 203120 ----a-w- c:\windows\system32\drivers\PCTSD.sys
2012-09-10 01:52:33 -------- d-----w- c:\documents and settings\all users.windows\application data\PC Tools
2012-09-10 01:52:31 -------- d-----w- c:\documents and settings\joe.joe-bbo6p085z16\application data\TestApp
2012-09-03 19:18:36 -------- d-----w- c:\documents and settings\joe.joe-bbo6p085z16\application data\Malwarebytes
2012-09-03 19:18:30 -------- d-----w- c:\documents and settings\all users.windows\application data\Malwarebytes
2012-09-01 11:37:15 -------- d-----w- c:\program files\Sony Media Go Install
.
==================== Find3M ====================
.
2012-09-03 20:12:51 696520 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-09-03 20:12:50 73416 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-08-28 15:14:53 916992 ----a-w- c:\windows\system32\wininet.dll
2012-08-28 15:14:53 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-08-28 15:14:52 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-08-28 12:07:15 385024 ----a-w- c:\windows\system32\html.iec
2012-08-21 09:13:15 729752 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-08-21 09:12:33 41224 ----a-w- c:\windows\avastSS.scr
2012-07-06 13:58:51 78336 ----a-w- c:\windows\system32\browser.dll
2012-07-04 14:05:18 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-07-03 13:40:15 1866112 ----a-w- c:\windows\system32\win32k.sys
2001-09-28 22:00:28 164864 ----a-w- c:\program files\UNWISE.EXE
.
============= FINISH: 1:10:24.65 ===============
 
Welcome aboard
yahooo.gif


Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

=================================

I still need Attach.txt part of DDS.
 
Status
Not open for further replies.
Back