Results 1 to 10 of 29

Thread: Infected

Hybrid View

Previous Post Previous Post   Next Post Next Post
  1. 2012-01-05, 15:28 #1
    acko64
    acko64 is offline
    Junior Member
    Join Date
    Dec 2010
    Posts
    22

    Default Infected

    hi im having a problem ive send you the dds that was no problem, and ive copyed spybot results to clipboard but cant seem to find the clipboard to paste you spybot results, thanks regards martin

    hi everyone i think i have been infected im writing again because i used the same title and forgot to use a new one anyway heres my dds.
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 9.0.8112.16421
    Run by martin at 14:39:12 on 2012-01-05
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.8138.6196 [GMT 0:00]
    .
    AV: AVG Internet Security 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
    SP: AVG Internet Security 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
    FW: AVG Firewall *Enabled* {621CC794-9486-F902-D092-0484E8EA828B}
    .
    ============== Running Processes ===============
    .
    C:\PROGRA~2\AVG\AVG2012\avgrsa.exe
    C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\ATKFUSService.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\atieclxx.exe
    C:\Program Files\ASUS\GamerOSD\ATKFastUserSwitching.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\taskhost.exe
    C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
    C:\Program Files (x86)\IObit\Advanced SystemCare 4\PMonitor.exe
    C:\Windows\DAODx.exe
    C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
    C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Program Files (x86)\MAGIX\PC_Check_Tuning_2011_Download_Version\MxTray.exe
    C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
    C:\Program Files (x86)\IObit\Advanced Spyware Remover\ASRsrv.exe
    C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
    C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
    C:\Program Files (x86)\AVG\AVG2012\avgfws.exe
    C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
    C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe
    C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
    C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesApp64.exe
    C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
    C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
    C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
    C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
    C:\Program Files (x86)\AVG Secure Search\vprot.exe
    C:\Program Files (x86)\IObit\Advanced Spyware Remover\ASRtray.exe
    C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Windows\Integrator.exe
    C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    C:\Program Files (x86)\IObit\Advanced Spyware Remover\ASR.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Windows\SysWOW64\rundll32.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\SysWOW64\cscript.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    mWinlogon: Userinit=userinit.exe,
    BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\9.0.0.23\AVG Secure Search_toolbar.dll
    BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\9.0.0.23\AVG Secure Search_toolbar.dll
    {e7df6bff-55a5-4eb7-a673-4ed3e9456d39}
    uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
    mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
    mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
    mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
    mRun: [Advanced Spyware Remover] "C:\Program Files (x86)\IObit\Advanced Spyware Remover\ASRtray.exe" /autostart
    StartupFolder: C:\Users\martin\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ANTICR~1.LNK - C:\Program Files (x86)\Dachshund Software\AntiCrash\AntiCrash.exe
    StartupFolder: C:\Users\martin\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    TCP: DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{053F4FB4-A421-4969-872A-359EFFFF95A1} : DhcpNameServer = 192.168.1.1
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
    Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\9.0.1\ViProtocol.dll
    BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
    BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\9.0.0.23\AVG Secure Search_toolbar.dll
    BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    TB-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\9.0.0.23\AVG Secure Search_toolbar.dll
    mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun-x64: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
    mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
    mRun-x64: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
    mRun-x64: [Advanced Spyware Remover] "C:\Program Files (x86)\IObit\Advanced Spyware Remover\ASRtray.exe" /autostart
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\martin\AppData\Roaming\Mozilla\Firefox\Profiles\5wr3j6ja.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.aol.co.uk/?icid=aoluk5logorefresh&dlact=dl1
    FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B1b250c6d-51dd-458d-b349-1b16857f9103%7D&mid=c009b5fb1bc647d1a4df854de0cb8be2-db5ad380754f1c985866002e8dfac8c3ac0d2b14&ds=AVG&v=9.0.0.23&lang=en&pr=pr&d=2011-12-28%2013%3A22%3A12&sap=ku&q=
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 AiChargerPlus;ASUS Charger Plus Driver;C:\Windows\system32\DRIVERS\AiChargerPlus.sys --> C:\Windows\system32\DRIVERS\AiChargerPlus.sys [?]
    R0 amd_sata;amd_sata;C:\Windows\system32\DRIVERS\amd_sata.sys --> C:\Windows\system32\DRIVERS\amd_sata.sys [?]
    R0 amd_xata;amd_xata;C:\Windows\system32\DRIVERS\amd_xata.sys --> C:\Windows\system32\DRIVERS\amd_xata.sys [?]
    R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?]
    R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]
    R0 DiskSec;Magix Volume Filter Driver;C:\Windows\system32\drivers\DiskSec.sys --> C:\Windows\system32\drivers\DiskSec.sys [?]
    R1 Avgfwfd;AVG network filter service;C:\Windows\system32\DRIVERS\avgfwd6a.sys --> C:\Windows\system32\DRIVERS\avgfwd6a.sys [?]
    R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]
    R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]
    R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]
    R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
    R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
    R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2011-7-19 140672]
    R2 AdvancedSystemCareService;Advanced SystemCare Service;C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe [2011-12-13 328536]
    R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
    R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-4-5 365568]
    R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [2010-11-3 918144]
    R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [2010-12-2 915584]
    R2 ASRservice;ASRservice;C:\Program Files (x86)\IObit\Advanced Spyware Remover\ASRsrv.exe [2012-1-2 697104]
    R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [2011-12-12 586880]
    R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG2012\avgfws.exe [2011-11-23 2391832]
    R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
    R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 192776]
    R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2011-12-14 2123584]
    R2 vToolbarUpdater;vToolbarUpdater;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe [2011-12-28 869216]
    R3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys --> C:\Windows\system32\DRIVERS\amdiox64.sys [?]
    R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
    R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
    R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\system32\DRIVERS\asmthub3.sys --> C:\Windows\system32\DRIVERS\asmthub3.sys [?]
    R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\system32\DRIVERS\asmtxhci.sys --> C:\Windows\system32\DRIVERS\asmtxhci.sys [?]
    R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]
    R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?]
    R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
    R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2011-12-12 11856]
    R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-12 136176]
    S2 MAGIX StartUp Analyze Service;MAGIX StartUp Analyze Service;C:\Program Files (x86)\MAGIX\PC_Check_Tuning_2011_Download_Version\MXSAS.exe [2010-10-12 196096]
    S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-12 136176]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
    .
    =============== Created Last 30 ================
    .
    2012-01-05 13:22:22 -------- d-----w- C:\Users\martin\AppData\Local\{18A26359-018B-409D-BEE5-8D12B1B64646}
    2012-01-05 13:22:11 -------- d-----w- C:\Users\martin\AppData\Local\{A5CEDDB0-1082-4043-B956-F4F4F3CE97F1}
    2012-01-04 11:55:27 -------- d-----w- C:\Users\martin\AppData\Local\{A4B00FEF-0B4A-410A-878F-3C33E0F91164}
    2012-01-04 11:55:16 -------- d-----w- C:\Users\martin\AppData\Local\{64887C9D-BB24-428D-96EC-22EBDB20F1AB}
    2012-01-03 13:17:53 -------- d-----w- C:\Users\martin\AppData\Local\{3D94F6DC-1386-46C9-AEA7-24F9EC6BD257}
    2012-01-03 13:17:42 -------- d-----w- C:\Users\martin\AppData\Local\{20B601A3-DBD3-4922-9BC2-799D42BF5664}
    2012-01-02 16:57:36 -------- d-----w- C:\Users\martin\AppData\Local\{3508D6BA-8363-47AF-8046-5D0F0D91BD8C}
    2012-01-02 16:57:25 -------- d-----w- C:\Users\martin\AppData\Local\{196C92BC-12E3-46ED-9D8A-F60D5A458BD5}
    2011-12-31 19:06:09 -------- d-----w- C:\Users\martin\AppData\Local\{1588EC49-587C-459C-9375-A5C43FE03BB2}
    2011-12-31 19:05:54 -------- d-----w- C:\Users\martin\AppData\Local\{6196876E-35DC-48C2-AAA0-54842A321BAF}
    2011-12-30 17:58:32 388096 ----a-r- C:\Users\martin\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2011-12-30 17:58:32 -------- d-----w- C:\Program Files (x86)\Trend Micro
    2011-12-30 17:45:21 -------- d-----w- C:\Users\martin\AppData\Local\{D98DAFB0-298E-4167-9877-6E68E0D5C1AE}
    2011-12-30 17:45:10 -------- d-----w- C:\Users\martin\AppData\Local\{EFA01C89-D566-4970-A9F7-8D862680A55D}
    2011-12-29 21:02:10 -------- d-----w- C:\Users\martin\AppData\Roaming\Curiolab
    2011-12-29 19:50:49 -------- d-----w- C:\Program Files (x86)\Advanced Spyware Remover
    2011-12-29 19:42:12 141312 ----a-w- C:\Windows\SysWow64\drivers\sp_rsdrv2.sys
    2011-12-29 19:42:11 -------- d-----w- C:\Users\martin\AppData\Roaming\Spyware Terminator
    2011-12-29 19:42:11 -------- d-----w- C:\ProgramData\Spyware Terminator
    2011-12-29 19:42:09 -------- d-----w- C:\Program Files (x86)\Spyware Terminator
    2011-12-29 19:39:12 64512 ---ha-w- C:\Users\martin\AppData\Roaming\dach100.dll
    2011-12-29 13:53:20 -------- d-----w- C:\Users\martin\AppData\Local\{E2D1B3F8-51D8-4EFD-B2FF-47B48C32C933}
    2011-12-29 13:53:09 -------- d-----w- C:\Users\martin\AppData\Local\{ABAE8172-E919-40A6-A9EE-6B139A96E32C}
    2011-12-28 20:45:47 -------- d-----w- C:\Windows\pss
    2011-12-28 14:34:44 -------- d-----w- C:\ProgramData\!SASCORE
    2011-12-28 14:34:42 -------- d-----w- C:\Program Files\SUPERAntiSpyware
    2011-12-28 13:22:32 -------- d-----w- C:\Users\martin\AppData\Roaming\AVG2012
    2011-12-28 13:22:12 -------- d-----w- C:\ProgramData\AVG Secure Search
    2011-12-28 13:22:10 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search
    2011-12-28 13:22:09 -------- d-----w- C:\Program Files (x86)\AVG Secure Search
    2011-12-28 13:22:02 -------- d-----w- C:\Windows\SysWow64\drivers\AVG
    2011-12-28 13:21:44 -------- d-----w- C:\Windows\System32\drivers\AVG
    2011-12-28 13:21:44 -------- d-----w- C:\ProgramData\AVG2012
    2011-12-28 13:21:00 -------- d-----w- C:\Program Files (x86)\AVG
    2011-12-28 11:43:32 -------- d-----w- C:\Users\martin\AppData\Local\{625DA88F-8474-4A2C-A7B9-6AE25CBB97B2}
    2011-12-28 11:43:20 -------- d-----w- C:\Users\martin\AppData\Local\{5D600DF1-3A95-4641-AAC3-1C31ECD0694F}
    2011-12-27 14:53:41 -------- d-----w- C:\Users\martin\AppData\Local\{A81E2CDA-A488-48D0-8432-B876D72E80DB}
    2011-12-27 14:53:30 -------- d-----w- C:\Users\martin\AppData\Local\{8BB41815-F082-4771-B25D-EDB54B988991}
    2011-12-27 12:49:05 -------- d-----w- C:\Users\martin\AppData\Local\{3EDEA225-F3DE-40E3-B063-F70DEA70346F}
    2011-12-27 12:48:54 -------- d-----w- C:\Users\martin\AppData\Local\{56FBA2E9-89DE-466E-B104-03279D274810}
    2011-12-26 19:08:26 34624 ----a-w- C:\Windows\System32\TURegOpt.exe
    2011-12-26 19:08:26 25920 ----a-w- C:\Windows\System32\authuitu.dll
    2011-12-26 19:08:26 21312 ----a-w- C:\Windows\SysWow64\authuitu.dll
    2011-12-26 19:08:10 -------- d-----w- C:\Users\martin\AppData\Roaming\TuneUp Software
    2011-12-26 19:08:07 -------- d-----w- C:\Program Files (x86)\TuneUp Utilities 2012
    2011-12-26 19:07:57 -------- d-----w- C:\ProgramData\TuneUp Software
    2011-12-26 19:07:54 -------- d-sh--w- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
    2011-12-26 18:56:50 -------- d-----w- C:\Users\martin\AppData\Roaming\Auslogics
    2011-12-26 18:55:47 -------- d-----w- C:\Program Files (x86)\Auslogics
    2011-12-26 12:02:09 -------- d-----w- C:\Users\martin\AppData\Local\{27BD5B4C-ADA1-4EEA-A04C-C9483A9E8A97}
    2011-12-26 12:01:58 -------- d-----w- C:\Users\martin\AppData\Local\{709EB311-8B12-4EAA-8609-0743F5F344F3}
    2011-12-25 15:38:12 -------- d-----w- C:\Users\martin\AppData\Local\{FA7E1B4F-F202-4F01-945C-D91C5A66F855}
    2011-12-25 15:38:01 -------- d-----w- C:\Users\martin\AppData\Local\{1D4BF17D-B61E-4979-9D37-B3F1E18D0B7C}
    2011-12-25 14:33:56 -------- d-----w- C:\Users\martin\AppData\Local\{A4DFA5A7-BBD0-4859-9C6A-31282D46EE6E}
    2011-12-25 14:33:45 -------- d-----w- C:\Users\martin\AppData\Local\{B22209F6-47C2-4242-80E7-5262E002EC56}
    2011-12-24 20:06:44 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2011-12-24 19:19:34 -------- d-----w- C:\Program Files (x86)\inKline Global
    2011-12-24 18:21:47 -------- d-----w- C:\Users\martin\AppData\Local\{FDAF3472-2E95-44CF-810D-9F86FF0FAA00}
    2011-12-24 18:21:35 -------- d-----w- C:\Users\martin\AppData\Local\{2CA25035-1B0A-415F-9267-8CAF53449178}
    2011-12-24 16:58:03 -------- d-----w- C:\Users\martin\AppData\Roaming\SUPERAntiSpyware.com
    2011-12-24 16:57:41 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
    2011-12-24 15:34:00 -------- d-----w- C:\Users\martin\AppData\Local\{36E2EC0C-9354-48C8-9F66-0EA5CC80FB63}
    2011-12-24 15:33:49 -------- d-----w- C:\Users\martin\AppData\Local\{08BF9FB5-B43A-422E-AB53-31785BEB39E7}
    2011-12-23 17:09:41 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
    2011-12-23 16:48:50 -------- d-----w- C:\Users\martin\AppData\Local\{77068C7F-7CCE-4F7F-A938-CAA682B9FE75}
    2011-12-23 16:48:35 -------- d-----w- C:\Users\martin\AppData\Local\{335A06C6-D16F-4437-B17E-63D4B3691C0B}
    2011-12-22 13:12:25 -------- d-----w- C:\ProgramData\IObit
    2011-12-22 13:06:13 -------- d-----w- C:\Users\martin\AppData\Local\{65E40E6F-CF49-4434-90EC-06C63023BA4F}
    2011-12-22 13:06:02 -------- d-----w- C:\Users\martin\AppData\Local\{1137D1A5-C278-4999-82EF-1A97D547A97F}
    2011-12-21 19:21:58 -------- d-----w- C:\Users\martin\AppData\Local\{62B3CFDE-05D5-49EA-B186-F34808FCE3DD}
    2011-12-21 19:21:47 -------- d-----w- C:\Users\martin\AppData\Local\{807A8034-298E-40FA-8DCB-CC70EF1CB669}
    2011-12-20 21:04:15 -------- d-----w- C:\Program Files (x86)\Dachshund Software
    2011-12-20 20:45:42 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
    2011-12-20 18:08:59 -------- d-----w- C:\Users\martin\AppData\Roaming\Malwarebytes
    2011-12-20 18:08:56 -------- d-----w- C:\ProgramData\Malwarebytes
    2011-12-20 18:08:53 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2011-12-20 17:27:25 -------- d-----w- C:\Users\martin\AppData\Local\{5A167E43-5691-4EF9-9D9A-2B13FA3856D4}
    2011-12-20 17:27:13 -------- d-----w- C:\Users\martin\AppData\Local\{2A8D11DE-FF23-4478-86F2-CDE0F87C70C8}
    2011-12-19 18:38:56 -------- d-----w- C:\Users\martin\AppData\Local\Apps
    2011-12-19 18:26:54 -------- d-----w- C:\Program Files (x86)\Common Files\MAGIX shared
    2011-12-19 17:47:53 663552 ----a-w- C:\Windows\SysWow64\mgxoschk.dll
    2011-12-19 17:40:27 27616 ----a-w- C:\Windows\System32\drivers\disksec.sys
    2011-12-19 17:40:15 -------- d-----w- C:\ProgramData\MAGIX
    2011-12-19 17:40:15 -------- d-----w- C:\Program Files (x86)\MAGIX
    2011-12-19 17:32:27 -------- d-----w- C:\Users\martin\AppData\Roaming\MAGIX
    2011-12-19 16:42:23 -------- d-----w- C:\Users\martin\AppData\Local\{102062FD-3F97-4A51-8902-DC64B4BD6951}
    2011-12-19 16:42:12 -------- d-----w- C:\Users\martin\AppData\Local\{63C98E52-337F-4C41-9FE2-23D6F7751254}
    2011-12-18 11:38:00 -------- d-----w- C:\Users\martin\AppData\Local\{6053C415-B6F2-43D8-B8A8-0F4030D337A5}
    2011-12-18 11:37:49 -------- d-----w- C:\Users\martin\AppData\Local\{493D444C-11F2-4BDE-A635-AA5106C2B024}
    2011-12-17 17:56:19 -------- d-----w- C:\Users\martin\AppData\Local\{F3F1F5F8-454F-42FC-A850-6644D514034E}
    2011-12-17 17:56:05 -------- d-----w- C:\Users\martin\AppData\Local\{F31F22BE-F87B-421E-B7C5-111675DD6E37}
    2011-12-16 19:43:19 2513344 ----a-w- C:\Windows\PE_Rom.dll
    2011-12-16 18:15:03 -------- d-----w- C:\Users\martin\AppData\Local\CrashDumps
    2011-12-16 18:14:14 -------- d-----w- C:\Users\martin\AppData\Local\{2DE78E8F-E0E6-4F42-81CF-74C5493C3067}
    2011-12-16 18:14:03 -------- d-----w- C:\Users\martin\AppData\Local\{EEACC7D8-817A-40A4-9E7E-C0E5C172B061}
    2011-12-15 16:43:31 -------- d-----w- C:\Users\martin\AppData\Local\{8956503E-5741-4C59-B895-ABD9AD1F7ADF}
    2011-12-15 16:43:20 -------- d-----w- C:\Users\martin\AppData\Local\{AB7AF5BD-95B5-45FD-A2D8-8F7B4064965A}
    2011-12-15 16:43:20 -------- d-----w- C:\Users\martin\AppData\Local\{531140AC-FA50-4563-B843-EC1DBBA3D7F9}
    2011-12-14 21:31:35 -------- d-----w- C:\Users\martin\AppData\Local\Diagnostics
    2011-12-14 16:00:57 924632 ----a-w- C:\Program Files (x86)\Mozilla Firefox\nsnB443.tmp\firefox.exe
    2011-12-14 15:54:51 -------- d-----w- C:\Users\martin\AppData\Local\{20525307-8D35-42B2-B9CD-3A6F41F42489}
    2011-12-14 15:54:40 -------- d-----w- C:\Users\martin\AppData\Local\{41D7649A-16AD-4FE4-AA21-43C4444724EA}
    2011-12-13 21:22:11 -------- d-----w- C:\ProgramData\CodecCheck
    2011-12-13 21:22:09 -------- d-----w- C:\codec-info
    2011-12-13 21:21:43 -------- d-----w- C:\Users\martin\AppData\Local\Babylon
    2011-12-13 21:21:41 -------- d-----w- C:\Users\martin\AppData\Roaming\Babylon
    2011-12-13 21:21:41 -------- d-----w- C:\ProgramData\Babylon
    2011-12-13 21:21:11 -------- d-----w- C:\ProgramData\Premium
    2011-12-13 21:21:11 -------- d-----w- C:\ProgramData\InstallMate
    2011-12-13 21:14:29 -------- d-----w- C:\Program Files (x86)\DivX
    2011-12-13 21:14:29 -------- d-----w- C:\Program Files (x86)\Common Files\DivX Shared
    2011-12-13 20:21:37 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
    2011-12-13 19:58:12 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
    2011-12-13 19:58:12 2048 ----a-w- C:\Windows\System32\tzres.dll
    2011-12-13 19:58:08 3145216 ----a-w- C:\Windows\System32\win32k.sys
    2011-12-13 19:58:07 723456 ----a-w- C:\Windows\System32\EncDec.dll
    2011-12-13 19:58:07 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll
    2011-12-13 19:58:06 43520 ----a-w- C:\Windows\System32\csrsrv.dll
    2011-12-13 19:18:16 902656 ----a-w- C:\Windows\System32\d2d1.dll
    2011-12-13 19:18:16 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
    2011-12-13 19:18:16 1544192 ----a-w- C:\Windows\System32\DWrite.dll
    2011-12-13 19:18:16 1139200 ----a-w- C:\Windows\System32\FntCache.dll
    2011-12-13 19:18:16 1076736 ----a-w- C:\Windows\SysWow64\DWrite.dll
    2011-12-13 18:52:17 -------- d--h--w- C:\ProgramData\Common Files
    2011-12-13 18:52:07 -------- d-----w- C:\ProgramData\MFAData
    2011-12-13 18:20:19 -------- d-----w- C:\Users\martin\AppData\Local\{70B23F72-9277-40A3-93F9-FA9F88EB4347}
    2011-12-13 18:20:08 -------- d-----w- C:\Users\martin\AppData\Local\{B6563D5B-3612-4398-9369-A6850B240826}
    2011-12-12 23:50:41 -------- d-----w- C:\Windows\Panther
    2011-12-12 19:43:13 -------- d-----w- C:\Users\martin\AppData\Roaming\IObit
    2011-12-12 19:43:12 -------- d-----w- C:\Program Files (x86)\IObit
    2011-12-12 19:28:32 -------- d-----w- C:\Program Files\CCleaner
    2011-12-12 19:19:50 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2011-12-12 19:17:16 -------- d-----w- C:\Users\martin\AppData\Local\Mozilla
    2011-12-12 18:15:07 -------- d-----w- C:\Users\martin\AppData\Local\{C58BEE13-2DC7-424C-8686-6F2144036EBD}
    2011-12-12 18:14:56 -------- d-----w- C:\Users\martin\AppData\Local\{F5EF2FA1-6A51-46C6-8144-ABBA58146CD6}
    2011-12-12 18:14:42 -------- d-----w- C:\Users\martin\Tracing
    2011-12-12 18:10:50 -------- d-----w- C:\ProgramData\Norton
    2011-12-12 18:10:04 -------- d-----w- C:\ProgramData\NortonInstaller
    2011-12-12 17:58:05 -------- d-----w- C:\Windows\PCHEALTH
    2011-12-12 17:57:30 6260088 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\7fd69b4a1ccb8f703\Silverlight.4.0.exe
    2011-12-12 17:56:45 -------- d-----w- C:\Users\martin\AppData\Local\Windows Live
    2011-12-12 17:56:45 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live
    2011-12-12 17:55:56 -------- d-----w- C:\Users\martin\AppData\Local\{BA4B8F11-20A0-4DBA-A5A0-E009D1E8C141}
    2011-12-12 17:48:07 -------- d-----w- C:\Users\martin\AppData\Local\Google
    2011-12-12 17:43:26 -------- d-----w- C:\ProgramData\ASUS OC Profiles
    2011-12-12 17:41:22 -------- d-----w- C:\Windows\AsusInstAll
    2011-12-12 17:38:06 14464 ----a-w- C:\Windows\System32\drivers\AiChargerPlus.sys
    2011-12-12 17:37:42 184320 ----a-w- C:\Windows\SysWow64\drivers\UpdateHelper.dll
    2011-12-12 17:37:20 77824 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
    2011-12-12 17:37:20 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
    2011-12-12 17:37:20 225280 ------w- C:\Program Files (x86)\Common Files\InstallShield\IScript\iscript.dll
    2011-12-12 17:37:20 176128 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
    2011-12-12 17:37:03 -------- d-----w- C:\ProgramData\ASUS
    2011-12-12 17:36:48 28672 ----a-r- C:\Windows\SysWow64\AsIO.dll
    2011-12-12 17:36:48 13440 ----a-r- C:\Windows\SysWow64\drivers\AsIO.sys
    2011-12-12 17:36:43 11832 ------w- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
    2011-12-12 17:35:32 -------- d-----w- C:\Program Files (x86)\ASM104xUSB3
    2011-12-12 17:34:04 74272 ----a-w- C:\Windows\System32\RtNicProp64.dll
    2011-12-12 17:34:04 471144 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys
    2011-12-12 17:26:54 74584 ----a-w- C:\Windows\System32\R4EEG64A.dll
    2011-12-12 17:25:24 -------- d-----w- C:\Windows\AsDmiHtm
    2011-12-12 17:24:25 78976 ----a-w- C:\Windows\System32\drivers\amd_sata.sys
    2011-12-12 17:24:25 38528 ----a-w- C:\Windows\System32\drivers\amd_xata.sys
    2011-12-12 17:24:17 47232 ----a-r- C:\Windows\System32\drivers\usbfilter.sys
    2011-12-12 17:19:56 23680 ----a-w- C:\Windows\System32\drivers\IOMap64.sys
    2011-12-12 17:17:49 761856 ----a-w- C:\Windows\SysWow64\xvidcore.dll
    2011-12-12 17:13:44 -------- d-----w- C:\Program Files (x86)\My Company Name
    2011-12-12 17:13:32 -------- d-----w- C:\Users\martin\AppData\Local\AMD
    2011-12-12 17:13:28 -------- d-----w- C:\Users\martin\AppData\Local\ATI
    2011-12-12 17:13:26 -------- d-----w- C:\Program Files (x86)\AMD APP
    2011-12-12 17:13:04 46136 ----a-w- C:\Windows\System32\drivers\amdiox64.sys
    2011-12-12 17:13:04 -------- d-----w- C:\ProgramData\AMD
    2011-12-12 17:12:58 -------- d-----w- C:\Program Files\Common Files\ATI Technologies
    2011-12-12 17:12:52 115216 ----a-w- C:\Windows\System32\drivers\AtihdW76.sys
    2011-12-12 17:12:33 462848 ----a-w- C:\Windows\System32\ATIDEMGX.dll
    2011-12-12 17:12:12 -------- d-----w- C:\Program Files\ATI
    2011-12-12 17:12:10 -------- d-----w- C:\Program Files (x86)\ATI Technologies
    2011-12-12 17:11:38 -------- d-----w- C:\Program Files\ATI Technologies
    2011-12-12 17:06:56 -------- d-sh--w- C:\Windows\Installer
    2011-12-12 17:03:40 -------- d-----w- C:\Windows\SysWow64\Wat
    2011-12-12 17:03:40 -------- d-----w- C:\Windows\System32\Wat
    2011-12-12 16:53:36 8199504 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
    2011-12-12 16:53:35 8822856 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AD5D3C91-5F5D-4E38-A9C3-42B99074D1E4}\mpengine.dll
    2011-12-12 16:47:59 367616 ----a-w- C:\Windows\System32\atmfd.dll
    2011-12-12 16:46:59 2871808 ----a-w- C:\Windows\explorer.exe
    2011-12-12 16:44:21 5561216 ----a-w- C:\Windows\System32\ntoskrnl.exe
    2011-12-12 16:44:21 3967872 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
    2011-12-12 16:44:21 3912576 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
    2011-12-12 16:10:59 0 ----a-w- C:\Windows\ativpsrm.bin
    .
    ==================== Find3M ====================
    .
    2011-11-15 14:29:56 270720 ------w- C:\Windows\System32\MpSigStub.exe
    2011-11-04 01:53:39 2309120 ----a-w- C:\Windows\System32\jscript9.dll
    2011-11-04 01:44:47 1390080 ----a-w- C:\Windows\System32\wininet.dll
    2011-11-04 01:44:21 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
    2011-11-04 01:34:43 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
    2011-11-03 22:47:42 1798144 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2011-11-03 22:40:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2011-11-03 22:39:47 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
    2011-11-03 22:31:57 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    .
    ============= FINISH: 14:39:31.51 ===============

    hi everyone im using windows 7 and i cant find clipboard wich i put spybots results in. ive send you dds no problem but im a bit confused on where to find clipboard wich has spybot results, regards martin
    Last edited by tashi; 2012-01-05 at 16:05. Reason: Merged three topics, removed a 4th. Please don't start multiple threads.
  2. 2012-01-11, 11:57 #2
    Blade81
    Blade81 is offline
    Security Expert: Emeritus Blade81's Avatar
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    25,288

    Default

    Hi,

    If help still needed post fresh dds logs (attach.txt contents too) and a description of the issue, please.
    Microsoft Windows Insider MVP 2016-2020
    Microsoft MVP Consumer Security 2008-2015
    UNITE member since 2006

    If you have problems create a thread in the forum, please.

    Malware removal instructions are for the correspondent user's case only.
  3. 2012-01-11, 16:17 #3
    acko64
    acko64 is offline
    Junior Member
    Join Date
    Dec 2010
    Posts
    22

    Default infection

    hi everyone, i think i have malware or trogans on my pc, i have tried malwarebyttes and it does nt detect anything, also spybot but that just picks up a few tracking cookies, i have run a free scan with stopzilla and it says im infected with a trogan, plus i have run advanced spyware remover and it detected dynamic desktop media adware, i then delete that but its back again on my next scan with advanced spyware remover, please help
    heres my dds, .
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 9.0.8112.16421
    Run by martin at 14:56:46 on 2012-01-11
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.8138.6117 [GMT 0:00]
    .
    AV: AVG Internet Security 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
    SP: AVG Internet Security 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
    FW: AVG Firewall *Enabled* {621CC794-9486-F902-D092-0484E8EA828B}
    .
    ============== Running Processes ===============
    .
    C:\PROGRA~2\AVG\AVG2012\avgrsa.exe
    C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\ATKFUSService.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\atieclxx.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
    C:\Windows\system32\taskhost.exe
    C:\Program Files\ASUS\GamerOSD\ATKFastUserSwitching.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
    C:\Program Files (x86)\IObit\Advanced SystemCare 4\PMonitor.exe
    C:\Program Files (x86)\MAGIX\PC_Check_Tuning_2011_Download_Version\MxTray.exe
    C:\Windows\DAODx.exe
    C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
    C:\Windows\Explorer.EXE
    C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
    C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
    C:\Program Files (x86)\AVG\AVG2012\avgfws.exe
    C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
    C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
    C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
    C:\Program Files (x86)\AVG Secure Search\vprot.exe
    C:\Windows\Integrator.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
    C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
    C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
    C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
    C:\Windows\system32\DllHost.exe
    C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASC.exe
    C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe
    C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Windows\SysWOW64\rundll32.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\SysWOW64\cscript.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    mWinlogon: Userinit=userinit.exe,
    BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\9.0.0.23\AVG Secure Search_toolbar.dll
    BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\9.0.0.23\AVG Secure Search_toolbar.dll
    {e7df6bff-55a5-4eb7-a673-4ed3e9456d39}
    uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
    mRun: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
    mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
    mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
    mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    StartupFolder: C:\Users\martin\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ANTICR~1.LNK - C:\Program Files (x86)\Dachshund Software\AntiCrash\AntiCrash.exe
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    TCP: DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{053F4FB4-A421-4969-872A-359EFFFF95A1} : DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{053F4FB4-A421-4969-872A-359EFFFF95A1}\D616274796E646166796466343 : DhcpNameServer = 192.168.1.1
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
    Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\9.0.1\ViProtocol.dll
    BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
    BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\9.0.0.23\AVG Secure Search_toolbar.dll
    BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    TB-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\9.0.0.23\AVG Secure Search_toolbar.dll
    mRun-x64: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
    mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
    mRun-x64: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
    mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\martin\AppData\Roaming\Mozilla\Firefox\Profiles\kd283fb1.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.aol.co.uk/?icid=aoluk5logorefresh&dlact=dl1
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 AiChargerPlus;ASUS Charger Plus Driver;C:\Windows\system32\DRIVERS\AiChargerPlus.sys --> C:\Windows\system32\DRIVERS\AiChargerPlus.sys [?]
    R0 amd_sata;amd_sata;C:\Windows\system32\DRIVERS\amd_sata.sys --> C:\Windows\system32\DRIVERS\amd_sata.sys [?]
    R0 amd_xata;amd_xata;C:\Windows\system32\DRIVERS\amd_xata.sys --> C:\Windows\system32\DRIVERS\amd_xata.sys [?]
    R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?]
    R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]
    R0 DiskSec;Magix Volume Filter Driver;C:\Windows\system32\drivers\DiskSec.sys --> C:\Windows\system32\drivers\DiskSec.sys [?]
    R1 Avgfwfd;AVG network filter service;C:\Windows\system32\DRIVERS\avgfwd6a.sys --> C:\Windows\system32\DRIVERS\avgfwd6a.sys [?]
    R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]
    R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]
    R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]
    R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
    R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
    R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2011-7-19 140672]
    R2 AdvancedSystemCareService;Advanced SystemCare Service;C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe [2011-12-13 328536]
    R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
    R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-11-9 361984]
    R2 AODDriver4.01;AODDriver4.01;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2011-6-24 55424]
    R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [2010-11-3 918144]
    R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [2010-12-2 915584]
    R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [2011-12-12 586880]
    R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG2012\avgfws.exe [2011-11-23 2391832]
    R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
    R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 192776]
    R2 vToolbarUpdater;vToolbarUpdater;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe [2011-12-28 869216]
    R3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys --> C:\Windows\system32\DRIVERS\amdiox64.sys [?]
    R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
    R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
    R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\system32\DRIVERS\asmthub3.sys --> C:\Windows\system32\DRIVERS\asmthub3.sys [?]
    R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\system32\DRIVERS\asmtxhci.sys --> C:\Windows\system32\DRIVERS\asmtxhci.sys [?]
    R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]
    R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?]
    R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
    R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-12 136176]
    S2 MAGIX StartUp Analyze Service;MAGIX StartUp Analyze Service;C:\Program Files (x86)\MAGIX\PC_Check_Tuning_2011_Download_Version\MXSAS.exe [2010-10-12 196096]
    S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-12 136176]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
    .
    =============== Created Last 30 ================
    .
    2012-01-11 13:01:08 -------- d-----w- C:\Users\martin\AppData\Local\{AEE908D3-7CA5-407E-88A9-EF6C12BC7571}
    2012-01-11 13:00:55 -------- d-----w- C:\Users\martin\AppData\Local\{76BDBDEA-804F-4767-9992-E8729CA3B658}
    2012-01-11 13:00:34 64512 ---ha-w- C:\Users\martin\AppData\Roaming\dach100.dll
    2012-01-10 20:39:29 -------- d-----w- C:\Users\martin\AppData\Local\ElevatedDiagnostics
    2012-01-10 20:30:13 25160 ----a-w- C:\Windows\System32\drivers\hitmanpro36.sys
    2012-01-10 20:29:46 -------- d-----w- C:\Program Files\HitmanPro
    2012-01-10 20:29:39 -------- d-----w- C:\ProgramData\HitmanPro
    2012-01-10 18:24:06 55384 ----a-w- C:\Windows\System32\drivers\SBREDrv.sys
    2012-01-10 17:47:33 -------- d-----w- C:\Users\martin\AppData\Local\{D6434A5C-FED7-4B7B-B9D5-05B71EC532CE}
    2012-01-10 17:47:21 -------- d-----w- C:\Users\martin\AppData\Local\{9273BEEB-C639-4D7A-8DA4-7443F2E4D276}
    2012-01-09 20:33:23 -------- d-----w- C:\ProgramData\XoftSpySE
    2012-01-09 19:14:49 230952 ----a-w- C:\Windows\System32\drivers\PCTSD64.sys
    2012-01-09 19:14:49 -------- d-----w- C:\Program Files (x86)\Common Files\PC Tools
    2012-01-09 19:12:28 -------- d-----w- C:\Users\martin\AppData\Roaming\TestApp
    2012-01-09 19:12:28 -------- d-----w- C:\ProgramData\PC Tools
    2012-01-09 13:55:38 -------- d-----w- C:\Program Files (x86)\AMD APP
    2012-01-09 13:55:34 -------- d-----w- C:\Program Files (x86)\Common Files\ATI Technologies
    2012-01-09 13:53:31 -------- d-----w- C:\ATI
    2012-01-09 13:50:24 -------- d-----w- C:\Users\martin\AppData\Local\{6CCB1F71-FA60-4670-8224-FD190291C950}
    2012-01-09 13:50:12 -------- d-----w- C:\Users\martin\AppData\Local\{A6362FDF-C3C0-4A40-91C0-9C34BB642BC0}
    2012-01-08 11:20:17 -------- d-----w- C:\Users\martin\AppData\Local\{5B48E6AE-3E3D-40B8-8E20-6A3C8E40B86D}
    2012-01-08 11:20:06 -------- d-----w- C:\Users\martin\AppData\Local\{65EA5F3C-50AB-4C57-9FB6-627A0EC349DC}
    2012-01-07 11:30:59 -------- d-----w- C:\Users\martin\AppData\Local\{EA42B4BE-F9A6-4F10-A8F6-EE189AC6C9AE}
    2012-01-07 11:30:48 -------- d-----w- C:\Users\martin\AppData\Local\{7E0E6A56-D508-45F0-A0C1-5586543611BD}
    2012-01-06 16:58:30 -------- d-----w- C:\Users\martin\AppData\Local\{1A2AF5B3-2052-4F62-9FB1-162FE39DEB74}
    2012-01-06 16:58:19 -------- d-----w- C:\Users\martin\AppData\Local\{EF20225A-063B-4807-A693-119FA0605128}
    2012-01-05 13:22:22 -------- d-----w- C:\Users\martin\AppData\Local\{18A26359-018B-409D-BEE5-8D12B1B64646}
    2012-01-05 13:22:11 -------- d-----w- C:\Users\martin\AppData\Local\{A5CEDDB0-1082-4043-B956-F4F4F3CE97F1}
    2012-01-04 11:55:27 -------- d-----w- C:\Users\martin\AppData\Local\{A4B00FEF-0B4A-410A-878F-3C33E0F91164}
    2012-01-04 11:55:16 -------- d-----w- C:\Users\martin\AppData\Local\{64887C9D-BB24-428D-96EC-22EBDB20F1AB}
    2012-01-03 13:17:53 -------- d-----w- C:\Users\martin\AppData\Local\{3D94F6DC-1386-46C9-AEA7-24F9EC6BD257}
    2012-01-03 13:17:42 -------- d-----w- C:\Users\martin\AppData\Local\{20B601A3-DBD3-4922-9BC2-799D42BF5664}
    2012-01-02 16:57:36 -------- d-----w- C:\Users\martin\AppData\Local\{3508D6BA-8363-47AF-8046-5D0F0D91BD8C}
    2012-01-02 16:57:25 -------- d-----w- C:\Users\martin\AppData\Local\{196C92BC-12E3-46ED-9D8A-F60D5A458BD5}
    2011-12-31 19:06:09 -------- d-----w- C:\Users\martin\AppData\Local\{1588EC49-587C-459C-9375-A5C43FE03BB2}
    2011-12-31 19:05:54 -------- d-----w- C:\Users\martin\AppData\Local\{6196876E-35DC-48C2-AAA0-54842A321BAF}
    2011-12-30 17:45:21 -------- d-----w- C:\Users\martin\AppData\Local\{D98DAFB0-298E-4167-9877-6E68E0D5C1AE}
    2011-12-30 17:45:10 -------- d-----w- C:\Users\martin\AppData\Local\{EFA01C89-D566-4970-A9F7-8D862680A55D}
    2011-12-29 21:02:10 -------- d-----w- C:\Users\martin\AppData\Roaming\Curiolab
    2011-12-29 19:50:49 -------- d-----w- C:\Program Files (x86)\Advanced Spyware Remover
    2011-12-29 13:53:20 -------- d-----w- C:\Users\martin\AppData\Local\{E2D1B3F8-51D8-4EFD-B2FF-47B48C32C933}
    2011-12-29 13:53:09 -------- d-----w- C:\Users\martin\AppData\Local\{ABAE8172-E919-40A6-A9EE-6B139A96E32C}
    2011-12-28 20:45:47 -------- d-----w- C:\Windows\pss
    2011-12-28 14:34:44 -------- d-----w- C:\ProgramData\!SASCORE
    2011-12-28 14:34:42 -------- d-----w- C:\Program Files\SUPERAntiSpyware
    2011-12-28 13:22:32 -------- d-----w- C:\Users\martin\AppData\Roaming\AVG2012
    2011-12-28 13:22:12 -------- d-----w- C:\ProgramData\AVG Secure Search
    2011-12-28 13:22:10 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search
    2011-12-28 13:22:09 -------- d-----w- C:\Program Files (x86)\AVG Secure Search
    2011-12-28 13:22:02 -------- d-----w- C:\Windows\SysWow64\drivers\AVG
    2011-12-28 13:21:44 -------- d-----w- C:\Windows\System32\drivers\AVG
    2011-12-28 13:21:44 -------- d-----w- C:\ProgramData\AVG2012
    2011-12-28 13:21:00 -------- d-----w- C:\Program Files (x86)\AVG
    2011-12-28 11:43:32 -------- d-----w- C:\Users\martin\AppData\Local\{625DA88F-8474-4A2C-A7B9-6AE25CBB97B2}
    2011-12-28 11:43:20 -------- d-----w- C:\Users\martin\AppData\Local\{5D600DF1-3A95-4641-AAC3-1C31ECD0694F}
    2011-12-27 14:53:41 -------- d-----w- C:\Users\martin\AppData\Local\{A81E2CDA-A488-48D0-8432-B876D72E80DB}
    2011-12-27 14:53:30 -------- d-----w- C:\Users\martin\AppData\Local\{8BB41815-F082-4771-B25D-EDB54B988991}
    2011-12-27 12:49:05 -------- d-----w- C:\Users\martin\AppData\Local\{3EDEA225-F3DE-40E3-B063-F70DEA70346F}
    2011-12-27 12:48:54 -------- d-----w- C:\Users\martin\AppData\Local\{56FBA2E9-89DE-466E-B104-03279D274810}
    2011-12-26 19:08:10 -------- d-----w- C:\Users\martin\AppData\Roaming\TuneUp Software
    2011-12-26 19:07:57 -------- d-----w- C:\ProgramData\TuneUp Software
    2011-12-26 19:07:54 -------- d-sh--w- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
    2011-12-26 18:56:50 -------- d-----w- C:\Users\martin\AppData\Roaming\Auslogics
    2011-12-26 18:55:47 -------- d-----w- C:\Program Files (x86)\Auslogics
    2011-12-26 12:02:09 -------- d-----w- C:\Users\martin\AppData\Local\{27BD5B4C-ADA1-4EEA-A04C-C9483A9E8A97}
    2011-12-26 12:01:58 -------- d-----w- C:\Users\martin\AppData\Local\{709EB311-8B12-4EAA-8609-0743F5F344F3}
    2011-12-25 15:38:12 -------- d-----w- C:\Users\martin\AppData\Local\{FA7E1B4F-F202-4F01-945C-D91C5A66F855}
    2011-12-25 15:38:01 -------- d-----w- C:\Users\martin\AppData\Local\{1D4BF17D-B61E-4979-9D37-B3F1E18D0B7C}
    2011-12-25 14:33:56 -------- d-----w- C:\Users\martin\AppData\Local\{A4DFA5A7-BBD0-4859-9C6A-31282D46EE6E}
    2011-12-25 14:33:45 -------- d-----w- C:\Users\martin\AppData\Local\{B22209F6-47C2-4242-80E7-5262E002EC56}
    2011-12-24 20:06:44 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2011-12-24 19:19:34 -------- d-----w- C:\Program Files (x86)\inKline Global
    2011-12-24 18:21:47 -------- d-----w- C:\Users\martin\AppData\Local\{FDAF3472-2E95-44CF-810D-9F86FF0FAA00}
    2011-12-24 18:21:35 -------- d-----w- C:\Users\martin\AppData\Local\{2CA25035-1B0A-415F-9267-8CAF53449178}
    2011-12-24 16:58:03 -------- d-----w- C:\Users\martin\AppData\Roaming\SUPERAntiSpyware.com
    2011-12-24 16:57:41 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
    2011-12-24 15:34:00 -------- d-----w- C:\Users\martin\AppData\Local\{36E2EC0C-9354-48C8-9F66-0EA5CC80FB63}
    2011-12-24 15:33:49 -------- d-----w- C:\Users\martin\AppData\Local\{08BF9FB5-B43A-422E-AB53-31785BEB39E7}
    2011-12-23 17:09:41 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
    2011-12-23 16:48:50 -------- d-----w- C:\Users\martin\AppData\Local\{77068C7F-7CCE-4F7F-A938-CAA682B9FE75}
    2011-12-23 16:48:35 -------- d-----w- C:\Users\martin\AppData\Local\{335A06C6-D16F-4437-B17E-63D4B3691C0B}
    2011-12-22 13:12:25 -------- d-----w- C:\ProgramData\IObit
    2011-12-22 13:06:13 -------- d-----w- C:\Users\martin\AppData\Local\{65E40E6F-CF49-4434-90EC-06C63023BA4F}
    2011-12-22 13:06:02 -------- d-----w- C:\Users\martin\AppData\Local\{1137D1A5-C278-4999-82EF-1A97D547A97F}
    2011-12-21 19:21:58 -------- d-----w- C:\Users\martin\AppData\Local\{62B3CFDE-05D5-49EA-B186-F34808FCE3DD}
    2011-12-21 19:21:47 -------- d-----w- C:\Users\martin\AppData\Local\{807A8034-298E-40FA-8DCB-CC70EF1CB669}
    2011-12-20 21:04:15 -------- d-----w- C:\Program Files (x86)\Dachshund Software
    2011-12-20 20:45:42 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
    2011-12-20 18:08:59 -------- d-----w- C:\Users\martin\AppData\Roaming\Malwarebytes
    2011-12-20 18:08:56 -------- d-----w- C:\ProgramData\Malwarebytes
    2011-12-20 18:08:53 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2011-12-20 17:27:25 -------- d-----w- C:\Users\martin\AppData\Local\{5A167E43-5691-4EF9-9D9A-2B13FA3856D4}
    2011-12-20 17:27:13 -------- d-----w- C:\Users\martin\AppData\Local\{2A8D11DE-FF23-4478-86F2-CDE0F87C70C8}
    2011-12-19 18:38:56 -------- d-----w- C:\Users\martin\AppData\Local\Apps
    2011-12-19 18:26:54 -------- d-----w- C:\Program Files (x86)\Common Files\MAGIX shared
    2011-12-19 17:47:53 663552 ----a-w- C:\Windows\SysWow64\mgxoschk.dll
    2011-12-19 17:40:27 27616 ----a-w- C:\Windows\System32\drivers\disksec.sys
    2011-12-19 17:40:15 -------- d-----w- C:\ProgramData\MAGIX
    2011-12-19 17:40:15 -------- d-----w- C:\Program Files (x86)\MAGIX
    2011-12-19 17:32:27 -------- d-----w- C:\Users\martin\AppData\Roaming\MAGIX
    2011-12-19 16:42:23 -------- d-----w- C:\Users\martin\AppData\Local\{102062FD-3F97-4A51-8902-DC64B4BD6951}
    2011-12-19 16:42:12 -------- d-----w- C:\Users\martin\AppData\Local\{63C98E52-337F-4C41-9FE2-23D6F7751254}
    2011-12-18 11:38:00 -------- d-----w- C:\Users\martin\AppData\Local\{6053C415-B6F2-43D8-B8A8-0F4030D337A5}
    2011-12-18 11:37:49 -------- d-----w- C:\Users\martin\AppData\Local\{493D444C-11F2-4BDE-A635-AA5106C2B024}
    2011-12-17 17:56:19 -------- d-----w- C:\Users\martin\AppData\Local\{F3F1F5F8-454F-42FC-A850-6644D514034E}
    2011-12-17 17:56:05 -------- d-----w- C:\Users\martin\AppData\Local\{F31F22BE-F87B-421E-B7C5-111675DD6E37}
    2011-12-16 19:43:19 2513344 ----a-w- C:\Windows\PE_Rom.dll
    2011-12-16 18:15:03 -------- d-----w- C:\Users\martin\AppData\Local\CrashDumps
    2011-12-16 18:14:14 -------- d-----w- C:\Users\martin\AppData\Local\{2DE78E8F-E0E6-4F42-81CF-74C5493C3067}
    2011-12-16 18:14:03 -------- d-----w- C:\Users\martin\AppData\Local\{EEACC7D8-817A-40A4-9E7E-C0E5C172B061}
    2011-12-15 16:43:31 -------- d-----w- C:\Users\martin\AppData\Local\{8956503E-5741-4C59-B895-ABD9AD1F7ADF}
    2011-12-15 16:43:20 -------- d-----w- C:\Users\martin\AppData\Local\{AB7AF5BD-95B5-45FD-A2D8-8F7B4064965A}
    2011-12-15 16:43:20 -------- d-----w- C:\Users\martin\AppData\Local\{531140AC-FA50-4563-B843-EC1DBBA3D7F9}
    2011-12-14 21:31:35 -------- d-----w- C:\Users\martin\AppData\Local\Diagnostics
    2011-12-14 16:00:57 924632 ----a-w- C:\Program Files (x86)\Mozilla Firefox\nsnB443.tmp\firefox.exe
    2011-12-14 15:54:51 -------- d-----w- C:\Users\martin\AppData\Local\{20525307-8D35-42B2-B9CD-3A6F41F42489}
    2011-12-14 15:54:40 -------- d-----w- C:\Users\martin\AppData\Local\{41D7649A-16AD-4FE4-AA21-43C4444724EA}
    2011-12-13 21:22:11 -------- d-----w- C:\ProgramData\CodecCheck
    2011-12-13 21:22:09 -------- d-----w- C:\codec-info
    2011-12-13 21:21:43 -------- d-----w- C:\Users\martin\AppData\Local\Babylon
    2011-12-13 21:21:41 -------- d-----w- C:\Users\martin\AppData\Roaming\Babylon
    2011-12-13 21:21:41 -------- d-----w- C:\ProgramData\Babylon
    2011-12-13 21:21:11 -------- d-----w- C:\ProgramData\Premium
    2011-12-13 21:21:11 -------- d-----w- C:\ProgramData\InstallMate
    2011-12-13 21:14:29 -------- d-----w- C:\Program Files (x86)\DivX
    2011-12-13 21:14:29 -------- d-----w- C:\Program Files (x86)\Common Files\DivX Shared
    2011-12-13 20:21:37 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
    2011-12-13 19:58:12 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
    2011-12-13 19:58:12 2048 ----a-w- C:\Windows\System32\tzres.dll
    2011-12-13 19:58:08 3145216 ----a-w- C:\Windows\System32\win32k.sys
    2011-12-13 19:58:07 723456 ----a-w- C:\Windows\System32\EncDec.dll
    2011-12-13 19:58:07 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll
    2011-12-13 19:58:06 43520 ----a-w- C:\Windows\System32\csrsrv.dll
    2011-12-13 19:18:16 902656 ----a-w- C:\Windows\System32\d2d1.dll
    2011-12-13 19:18:16 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
    2011-12-13 19:18:16 1544192 ----a-w- C:\Windows\System32\DWrite.dll
    2011-12-13 19:18:16 1139200 ----a-w- C:\Windows\System32\FntCache.dll
    2011-12-13 19:18:16 1076736 ----a-w- C:\Windows\SysWow64\DWrite.dll
    2011-12-13 18:52:17 -------- d--h--w- C:\ProgramData\Common Files
    2011-12-13 18:52:07 -------- d-----w- C:\ProgramData\MFAData
    2011-12-13 18:20:19 -------- d-----w- C:\Users\martin\AppData\Local\{70B23F72-9277-40A3-93F9-FA9F88EB4347}
    2011-12-13 18:20:08 -------- d-----w- C:\Users\martin\AppData\Local\{B6563D5B-3612-4398-9369-A6850B240826}
    2011-12-12 23:50:41 -------- d-----w- C:\Windows\Panther
    2011-12-12 19:43:13 -------- d-----w- C:\Users\martin\AppData\Roaming\IObit
    2011-12-12 19:43:12 -------- d-----w- C:\Program Files (x86)\IObit
    2011-12-12 19:28:32 -------- d-----w- C:\Program Files\CCleaner
    2011-12-12 19:19:50 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2011-12-12 19:17:16 -------- d-----w- C:\Users\martin\AppData\Local\Mozilla
    2011-12-12 18:15:07 -------- d-----w- C:\Users\martin\AppData\Local\{C58BEE13-2DC7-424C-8686-6F2144036EBD}
    2011-12-12 18:14:56 -------- d-----w- C:\Users\martin\AppData\Local\{F5EF2FA1-6A51-46C6-8144-ABBA58146CD6}
    2011-12-12 18:14:42 -------- d-----w- C:\Users\martin\Tracing
    2011-12-12 18:10:50 -------- d-----w- C:\ProgramData\Norton
    2011-12-12 18:10:04 -------- d-----w- C:\ProgramData\NortonInstaller
    2011-12-12 17:58:05 -------- d-----w- C:\Windows\PCHEALTH
    2011-12-12 17:57:30 6260088 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\7fd69b4a1ccb8f703\Silverlight.4.0.exe
    2011-12-12 17:56:45 -------- d-----w- C:\Users\martin\AppData\Local\Windows Live
    2011-12-12 17:56:45 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live
    2011-12-12 17:55:56 -------- d-----w- C:\Users\martin\AppData\Local\{BA4B8F11-20A0-4DBA-A5A0-E009D1E8C141}
    2011-12-12 17:48:07 -------- d-----w- C:\Users\martin\AppData\Local\Google
    2011-12-12 17:43:26 -------- d-----w- C:\ProgramData\ASUS OC Profiles
    2011-12-12 17:41:22 -------- d-----w- C:\Windows\AsusInstAll
    2011-12-12 17:38:06 14464 ----a-w- C:\Windows\System32\drivers\AiChargerPlus.sys
    2011-12-12 17:37:42 184320 ----a-w- C:\Windows\SysWow64\drivers\UpdateHelper.dll
    2011-12-12 17:37:20 77824 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
    2011-12-12 17:37:20 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
    2011-12-12 17:37:20 225280 ------w- C:\Program Files (x86)\Common Files\InstallShield\IScript\iscript.dll
    2011-12-12 17:37:20 176128 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
    2011-12-12 17:37:03 -------- d-----w- C:\ProgramData\ASUS
    2011-12-12 17:36:48 28672 ----a-r- C:\Windows\SysWow64\AsIO.dll
    2011-12-12 17:36:48 13440 ----a-r- C:\Windows\SysWow64\drivers\AsIO.sys
    2011-12-12 17:36:43 11832 ------w- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
    2011-12-12 17:35:32 -------- d-----w- C:\Program Files (x86)\ASM104xUSB3
    2011-12-12 17:34:04 74272 ----a-w- C:\Windows\System32\RtNicProp64.dll
    2011-12-12 17:34:04 471144 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys
    2011-12-12 17:26:54 74584 ----a-w- C:\Windows\System32\R4EEG64A.dll
    2011-12-12 17:25:24 -------- d-----w- C:\Windows\AsDmiHtm
    2011-12-12 17:24:25 78976 ----a-w- C:\Windows\System32\drivers\amd_sata.sys
    2011-12-12 17:24:25 38528 ----a-w- C:\Windows\System32\drivers\amd_xata.sys
    2011-12-12 17:24:17 47232 ----a-r- C:\Windows\System32\drivers\usbfilter.sys
    2011-12-12 17:19:56 23680 ----a-w- C:\Windows\System32\drivers\IOMap64.sys
    2011-12-12 17:17:49 761856 ----a-w- C:\Windows\SysWow64\xvidcore.dll
    2011-12-12 17:13:44 -------- d-----w- C:\Program Files (x86)\My Company Name
    2011-12-12 17:13:32 -------- d-----w- C:\Users\martin\AppData\Local\AMD
    2011-12-12 17:13:28 -------- d-----w- C:\Users\martin\AppData\Local\ATI
    2011-12-12 17:13:04 46136 ----a-w- C:\Windows\System32\drivers\amdiox64.sys
    2011-12-12 17:13:04 -------- d-----w- C:\ProgramData\AMD
    2011-12-12 17:12:58 -------- d-----w- C:\Program Files\Common Files\ATI Technologies
    2011-12-12 17:12:12 -------- d-----w- C:\Program Files\ATI
    2011-12-12 17:12:10 -------- d-----w- C:\Program Files (x86)\ATI Technologies
    2011-12-12 17:11:38 -------- d-----w- C:\Program Files\ATI Technologies
    2011-12-12 17:06:56 -------- d-sh--w- C:\Windows\Installer
    2011-12-12 17:03:40 -------- d-----w- C:\Windows\SysWow64\Wat
    2011-12-12 17:03:40 -------- d-----w- C:\Windows\System32\Wat
    2011-12-12 16:53:36 8199504 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
    2011-12-12 16:53:35 8822856 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AD5D3C91-5F5D-4E38-A9C3-42B99074D1E4}\mpengine.dll
    2011-12-12 16:47:59 367616 ----a-w- C:\Windows\System32\atmfd.dll
    2011-12-12 16:46:59 2871808 ----a-w- C:\Windows\explorer.exe
    2011-12-12 16:44:21 5561216 ----a-w- C:\Windows\System32\ntoskrnl.exe
    2011-12-12 16:44:21 3967872 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
    2011-12-12 16:44:21 3912576 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
    2011-12-12 16:10:59 0 ----a-w- C:\Windows\ativpsrm.bin
    .
    ==================== Find3M ====================
    .
    2011-11-15 14:29:56 270720 ------w- C:\Windows\System32\MpSigStub.exe
    2011-11-10 03:45:30 10567680 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
    2011-11-10 03:20:50 25218048 ----a-w- C:\Windows\System32\atio6axx.dll
    2011-11-10 03:17:10 159744 ----a-w- C:\Windows\System32\atiapfxx.exe
    2011-11-10 03:16:56 774656 ----a-w- C:\Windows\SysWow64\aticfx32.dll
    2011-11-10 03:15:20 927232 ----a-w- C:\Windows\System32\aticfx64.dll
    2011-11-10 03:12:24 466944 ----a-w- C:\Windows\System32\ATIDEMGX.dll
    2011-11-10 03:12:10 516608 ----a-w- C:\Windows\System32\atieclxx.exe
    2011-11-10 03:11:32 204288 ----a-w- C:\Windows\System32\atiesrxx.exe
    2011-11-10 03:10:18 120320 ----a-w- C:\Windows\System32\atitmm64.dll
    2011-11-10 03:09:58 423424 ----a-w- C:\Windows\System32\atipdl64.dll
    2011-11-10 03:09:52 360448 ----a-w- C:\Windows\SysWow64\atipdlxx.dll
    2011-11-10 03:09:40 278528 ----a-w- C:\Windows\SysWow64\Oemdspif.dll
    2011-11-10 03:09:34 21504 ----a-w- C:\Windows\System32\atimuixx.dll
    2011-11-10 03:09:30 59392 ----a-w- C:\Windows\System32\atiedu64.dll
    2011-11-10 03:09:24 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll
    2011-11-10 03:06:20 6077952 ----a-w- C:\Windows\SysWow64\atidxx32.dll
    2011-11-10 02:58:20 18996224 ----a-w- C:\Windows\SysWow64\atioglxx.dll
    2011-11-10 02:51:18 7405056 ----a-w- C:\Windows\System32\atidxx64.dll
    2011-11-10 02:40:52 1113088 ----a-w- C:\Windows\System32\atiumd6v.dll
    2011-11-10 02:40:18 1828864 ----a-w- C:\Windows\SysWow64\atiumdmv.dll
    2011-11-10 02:40:04 4061696 ----a-w- C:\Windows\System32\atiumd6a.dll
    2011-11-10 02:34:54 51200 ----a-w- C:\Windows\System32\aticalrt64.dll
    2011-11-10 02:34:52 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll
    2011-11-10 02:34:44 44544 ----a-w- C:\Windows\System32\aticalcl64.dll
    2011-11-10 02:34:42 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll
    2011-11-10 02:34:28 13552640 ----a-w- C:\Windows\System32\aticaldd64.dll
    2011-11-10 02:33:52 5852672 ----a-w- C:\Windows\SysWow64\atiumdag.dll
    2011-11-10 02:29:58 11300864 ----a-w- C:\Windows\SysWow64\aticaldd.dll
    2011-11-10 02:29:46 4200960 ----a-w- C:\Windows\SysWow64\atiumdva.dll
    2011-11-10 02:24:26 7439360 ----a-w- C:\Windows\System32\atiumd64.dll
    2011-11-10 02:18:44 58880 ----a-w- C:\Windows\System32\coinst.dll
    2011-11-10 02:13:32 494592 ----a-w- C:\Windows\System32\atiadlxx.dll
    2011-11-10 02:13:22 348160 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
    2011-11-10 02:13:08 17408 ----a-w- C:\Windows\System32\atig6pxx.dll
    2011-11-10 02:13:04 14336 ----a-w- C:\Windows\SysWow64\atiglpxx.dll
    2011-11-10 02:13:04 14336 ----a-w- C:\Windows\System32\atiglpxx.dll
    2011-11-10 02:13:00 39936 ----a-w- C:\Windows\System32\atig6txx.dll
    2011-11-10 02:12:52 32768 ----a-w- C:\Windows\SysWow64\atigktxx.dll
    2011-11-10 02:12:44 325632 ----a-w- C:\Windows\System32\drivers\atikmpag.sys
    2011-11-10 02:11:54 41984 ----a-w- C:\Windows\System32\atiuxp64.dll
    2011-11-10 02:11:46 32256 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
    2011-11-10 02:11:40 39424 ----a-w- C:\Windows\System32\atiu9p64.dll
    2011-11-10 02:11:32 54784 ----a-w- C:\Windows\System32\atimpc64.dll
    2011-11-10 02:11:32 54784 ----a-w- C:\Windows\System32\amdpcom64.dll
    2011-11-10 02:11:32 29184 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
    2011-11-10 02:11:26 53760 ----a-w- C:\Windows\SysWow64\atimpc32.dll
    2011-11-10 02:11:26 53760 ----a-w- C:\Windows\SysWow64\amdpcom32.dll
    2011-11-10 02:10:54 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll
    2011-11-09 22:39:50 69632 ----a-w- C:\Windows\System32\OpenVideo64.dll
    2011-11-09 22:39:44 59904 ----a-w- C:\Windows\SysWow64\OpenVideo.dll
    2011-11-09 22:39:36 61952 ----a-w- C:\Windows\System32\OVDecode64.dll
    2011-11-09 22:39:32 54784 ----a-w- C:\Windows\SysWow64\OVDecode.dll
    2011-11-09 22:39:22 17442304 ----a-w- C:\Windows\System32\amdocl64.dll
    2011-11-09 22:38:40 14375936 ----a-w- C:\Windows\SysWow64\amdocl.dll
    2011-11-09 22:37:50 51200 ----a-w- C:\Windows\System32\OpenCL.dll
    2011-11-09 22:37:46 44032 ----a-w- C:\Windows\SysWow64\OpenCL.dll
    2011-11-04 01:53:39 2309120 ----a-w- C:\Windows\System32\jscript9.dll
    2011-11-04 01:44:47 1390080 ----a-w- C:\Windows\System32\wininet.dll
    2011-11-04 01:44:21 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
    2011-11-04 01:34:43 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
    2011-11-03 22:47:42 1798144 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2011-11-03 22:40:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2011-11-03 22:39:47 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
    2011-11-03 22:31:57 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2011-10-21 20:16:12 1843200 ----a-w- C:\Windows\SysWow64\SlotMaximizerBe.dll
    2011-10-21 20:15:46 104448 ----a-w- C:\Windows\SysWow64\SlotMaximizerAg.dllhttp://forums.spybot.info/attachment.php?attachmentid=9078&stc=1&d=1326294814
    2011-10-21 20:12:32 2763264 ----a-w- C:\Windows\System32\SlotMaximizerBe.dll
    2011-10-21 20:07:42 125440 ----a-w- C:\Windows\System32\SlotMaximizerAg.dll2011-10-17 17:40:50 93712 ----a-w- C:\Windows\System32\drivers\AtihdW76.sys
    .http://forums.spybot.info/attachment...1&d=1326294814
    ============= FINISH: 14:57:05.14 ===============
  4. 2012-01-11, 17:14 #4
    Blade81
    Blade81 is offline
    Security Expert: Emeritus Blade81's Avatar
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    25,288

    Default

    Hi


    Please visit this webpage for download links, and instructions for running ComboFix tool:

    http://www.bleepingcomputer.com/comb...o-use-combofix

    Please ensure you read this guide carefully first.

    Please continue as follows:

    1. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix, link
      Remember to re-enable them afterwards.

    2. Click Yes to allow ComboFix to continue scanning for malware.


    When the tool is finished, it will produce a report for you.

    Please include the following reports for further review, and so we may continue cleansing the system:

    C:\ComboFix.txt
    New dds log.

    A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix. This tool is not a toy and not for everyday use.
    Microsoft Windows Insider MVP 2016-2020
    Microsoft MVP Consumer Security 2008-2015
    UNITE member since 2006

    If you have problems create a thread in the forum, please.

    Malware removal instructions are for the correspondent user's case only.
  5. 2012-01-11, 18:11 #5
    acko64
    acko64 is offline
    Junior Member
    Join Date
    Dec 2010
    Posts
    22

    Default infected

    hi again here im getting this error whenever i click on anything ,, illegal operation attempted on a registry key that has been marked for deletion, i managed to get this far by clicking run as administrator on google, im thinking i cleaned registry earlier with ccleaner, shall i use system restore and then run combofix then get back to you, i backed up registry before i used ccleaner, but how do i go about that, sorry for the inconvenience, kind regards martin
  6. 2012-01-11, 18:33 #6
    Blade81
    Blade81 is offline
    Security Expert: Emeritus Blade81's Avatar
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    25,288

    Default

    Hi,

    You need to reboot the system if you didn't after ComboFix run yet.
    Microsoft Windows Insider MVP 2016-2020
    Microsoft MVP Consumer Security 2008-2015
    UNITE member since 2006

    If you have problems create a thread in the forum, please.

    Malware removal instructions are for the correspondent user's case only.
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules