Results 1 to 5 of 5

Thread: Can't remove Adware

  1. #1
    Junior Member
    Join Date
    Oct 2012
    Posts
    1

    Default Can't remove Adware

    I recently got infected by an adware that every hour or so keeps opening a tabs to the same site.

    I've run AVG, Malware Bytes, Spybot S&D, AD-Aware and TSSKiller with no results but the problem keeps happening.


    .
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.7.2
    Run by Goncalo at 10:50:40 on 2012-10-07
    Microsoft Windows 7 Home Premium 6.1.7601.1.932.81.1033.18.8078.4221 [GMT 1:00]
    .
    AV: Lavasoft Ad-Aware *Enabled/Updated* {445B48C3-0FA4-6B16-8F07-6506F305D800}
    AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
    SP: Lavasoft Ad-Aware *Enabled/Updated* {FF3AA927-299E-6498-B5B7-5E74888292BD}
    SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: Lavasoft Ad-Aware *Disabled* {7C60C9E6-45CB-6A4E-A458-CC330DD69F7B}
    .
    ============== Running Processes ===============
    .
    C:\PROGRA~2\AVG\AVG2012\avgrsa.exe
    C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\WLANExt.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\SYSTEM32\WISPTIS.EXE
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
    C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
    C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
    C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
    C:\Program Files\Intel\iCLS Client\HeciServer.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.0\ToolbarUpdater.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
    C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
    C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\SYSTEM32\WISPTIS.EXE
    C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
    C:\Windows\system32\Dwm.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
    C:\Windows\system32\taskhost.exe
    C:\Program Files\ASUS\P4G\BatteryLife.exe
    C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
    C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
    C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    C:\Users\Goncalo\AppData\Local\tuto4pc_pt_2\UpdateTutoriaisSlimbaHP.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
    C:\Program Files (x86)\Steam\Steam.exe
    C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files (x86)\SVP\SVPMgr.exe
    C:\Users\Goncalo\AppData\Roaming\Google\Google Talk\googletalk.exe
    C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
    C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
    C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
    C:\Windows\AsScrPro.exe
    C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
    C:\Program Files (x86)\CyberLink\Shared files\brs.exe
    C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
    C:\Program Files\Elantech\ETDGesture.exe
    C:\Windows\SysWOW64\ACEngSvr.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
    C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files (x86)\AVG Secure Search\vprot.exe
    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    C:\Program Files (x86)\TUTO4PC\tuto4pc_pt_2.exe
    C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
    C:\Windows\system32\igfxpers.exe
    C:\PROGRA~2\AD-AWA~1\AdAware.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
    C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
    C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
    C:\Windows\system32\svchost.exe -k SDRSVC
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\SysWOW64\cscript.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=homepage&toolbarid=adawaretb&v=2_2&u=122E505E94DA31A74FA7AB5070B47D77
    uDefault_Page_URL = hxxp://asus.msn.com
    mStart Page = hxxp://asus.msn.com
    uInternet Settings,ProxyOverride = *.local
    mWinlogon: Userinit=userinit.exe,
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    BHO: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\12.2.0.5\AVG Secure Search_toolbar.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\12.2.0.5\AVG Secure Search_toolbar.dll
    TB: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll
    uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
    uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
    uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
    uRun: [SVPMgr] "C:\Program Files (x86)\SVP\SVPMgr.exe"
    uRun: [googletalk] C:\Users\Goncalo\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
    uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    mRun: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
    mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
    mRun: [ASUS InstantKey] C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe
    mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
    mRun: [ACMON] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
    mRun: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe
    mRun: [RemoteControl10] "C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe"
    mRun: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
    mRun: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
    mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
    mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
    mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
    mRun: [ROC_roc_ssl_v12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12
    mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun: [Tutorials] "C:\Program Files (x86)\TUTO4PC\tuto4pc_pt_2.exe"
    mRun: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
    mRun: [Ad-Aware Antivirus] "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
    mRunOnce: [UpdateTutoriaisSlimbaHP.exe] C:\Users\Goncalo\AppData\Local\tuto4pc_pt_2\UpdateTutoriaisSlimbaHP.exe -runonce
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    Trusted Zone: clonewarsadventures.com
    Trusted Zone: freerealms.com
    Trusted Zone: soe.com
    Trusted Zone: sony.com
    TCP: DhcpNameServer = 192.168.1.254 192.168.1.254
    TCP: Interfaces\{909C6373-07B9-4DCF-9969-AB9F594C703A} : DhcpNameServer = 192.168.1.254 192.168.1.254
    TCP: Interfaces\{99632570-2E68-49DF-9D6A-24E09C712F83} : NameServer = 212.55.154.174,212.55.154.190
    TCP: Interfaces\{99632570-2E68-49DF-9D6A-24E09C712F83} : DhcpNameServer = 192.168.1.254 192.168.1.254
    TCP: Interfaces\{99632570-2E68-49DF-9D6A-24E09C712F83}\44C496E6B6D2247303347313 : NameServer = 212.55.154.174,212.55.154.190
    TCP: Interfaces\{99632570-2E68-49DF-9D6A-24E09C712F83}\44C496E6B6D2247303347313 : DhcpNameServer = 192.168.10.1
    TCP: Interfaces\{99632570-2E68-49DF-9D6A-24E09C712F83}\56465727F616D6 : DhcpNameServer = 193.136.28.10 193.136.28.9
    TCP: Interfaces\{99632570-2E68-49DF-9D6A-24E09C712F83}\66565707E236F6E666562756E636961637 : NameServer = 212.55.154.174,212.55.154.190
    TCP: Interfaces\{99632570-2E68-49DF-9D6A-24E09C712F83}\66565707E236F6E666562756E636961637 : DhcpNameServer = 172.31.255.253
    TCP: Interfaces\{99632570-2E68-49DF-9D6A-24E09C712F83}\F437026596A796E686F63702D41696370264F66696E686F637 : DhcpNameServer = 192.168.1.254 192.168.1.254
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
    Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.0\ViProtocol.dll
    AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
    BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO-X64: AcroIEHelperStub - No File
    BHO-X64: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
    BHO-X64: AVG Do Not Track - No File
    BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    BHO-X64: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll
    BHO-X64: Ad-Aware Security Add-on - No File
    BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.2.0.5\AVG Secure Search_toolbar.dll
    BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    TB-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.2.0.5\AVG Secure Search_toolbar.dll
    TB-X64: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll
    mRun-x64: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
    mRun-x64: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
    mRun-x64: [ASUS InstantKey] C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe
    mRun-x64: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
    mRun-x64: [ACMON] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
    mRun-x64: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe
    mRun-x64: [RemoteControl10] "C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe"
    mRun-x64: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
    mRun-x64: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
    mRun-x64: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    mRun-x64: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    mRun-x64: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
    mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
    mRun-x64: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
    mRun-x64: [ROC_roc_ssl_v12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12
    mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun-x64: [Tutorials] "C:\Program Files (x86)\TUTO4PC\tuto4pc_pt_2.exe"
    mRun-x64: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
    mRun-x64: [Ad-Aware Antivirus] "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
    mRunOnce-x64: [UpdateTutoriaisSlimbaHP.exe] C:\Users\Goncalo\AppData\Local\tuto4pc_pt_2\UpdateTutoriaisSlimbaHP.exe -runonce
    AppInit_DLLs-X64: C:\Windows\SysWOW64\nvinit.dll
    Hosts: 127.0.0.1 www.spywareinfo.com
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Goncalo\AppData\Roaming\Mozilla\Firefox\Profiles\ykdxdtyc.default-1349567241827\
    FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.0\npsitesafety.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
    FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
    FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
    FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll
    FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
    FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    P2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-9-10 8704]
    R0 AVGIDSHA;AVGIDSHA;C:\Windows\system32\DRIVERS\avgidsha.sys --> C:\Windows\system32\DRIVERS\avgidsha.sys [?]
    R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]
    R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\system32\DRIVERS\iusb3hcs.sys --> C:\Windows\system32\DRIVERS\iusb3hcs.sys [?]
    R0 nvpciflt;nvpciflt;C:\Windows\system32\DRIVERS\nvpciflt.sys --> C:\Windows\system32\DRIVERS\nvpciflt.sys [?]
    R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-9-7 17536]
    R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]
    R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]
    R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]
    R1 avgtp;avgtp;\??\C:\Windows\system32\drivers\avgtpx64.sys --> C:\Windows\system32\drivers\avgtpx64.sys [?]
    R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]
    R1 nvkflt;nvkflt;C:\Windows\system32\DRIVERS\nvkflt.sys --> C:\Windows\system32\DRIVERS\nvkflt.sys [?]
    R1 SBRE;SBRE;C:\Windows\System32\drivers\SBREDrv.sys [2011-10-26 101112]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
    R2 Ad-Aware Service;Ad-Aware Service;C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe [2012-9-20 1236368]
    R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-7-27 63960]
    R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]
    R2 ASUS InstantOn;ASUS InstantOn Service;C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [2012-4-13 277120]
    R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [2012-8-13 5167736]
    R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-2-14 193288]
    R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
    R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-2-3 628448]
    R2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-7-19 128280]
    R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-7-19 161560]
    R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-9-10 1258856]
    R2 SBAMSvc;Ad-Aware;C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe [2011-12-19 3289032]
    R2 sbapifs;sbapifs;C:\Windows\system32\DRIVERS\sbapifs.sys --> C:\Windows\system32\DRIVERS\sbapifs.sys [?]
    R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-10-6 1153368]
    R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
    R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-8-30 382312]
    R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-7-19 363800]
    R2 vToolbarUpdater12.2.0;vToolbarUpdater12.2.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.0\ToolbarUpdater.exe [2012-8-31 927840]
    R3 AiCharger;ASUS Charger Driver;C:\Windows\System32\drivers\AiCharger.sys [2012-2-29 17152]
    R3 AsusVBus;AsusVBus;C:\Windows\system32\DRIVERS\AsusVBus.sys --> C:\Windows\system32\DRIVERS\AsusVBus.sys [?]
    R3 AsusVTouch;AsusVTouch;C:\Windows\system32\DRIVERS\AsusVTouch.sys --> C:\Windows\system32\DRIVERS\AsusVTouch.sys [?]
    R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\avgidsdrivera.sys --> C:\Windows\system32\DRIVERS\avgidsdrivera.sys [?]
    R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\avgidsfiltera.sys --> C:\Windows\system32\DRIVERS\avgidsfiltera.sys [?]
    R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\iusb3hub.sys --> C:\Windows\system32\DRIVERS\iusb3hub.sys [?]
    R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\system32\DRIVERS\iusb3xhc.sys --> C:\Windows\system32\DRIVERS\iusb3xhc.sys [?]
    R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?]
    R3 MEIx64;Intel(R) Management Engine Interface ;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
    R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
    R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
    R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
    R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
    R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
    RUnknown ETD;ETD; [x]
    S2 CLKMSVC10_38F51D56;CyberLink Product - 2012/07/18 16:57:07;C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2011-4-20 241648]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-2-24 136176]
    S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-8-31 250288]
    S3 AmUStor;AM USB Stroage Driver;C:\Windows\system32\drivers\AmUStor.SYS --> C:\Windows\system32\drivers\AmUStor.SYS [?]
    S3 cphs;Intel(R) Content Protection HECI Service;C:\Windows\SysWOW64\IntelCpHeciSvc.exe [2012-5-8 276248]
    S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2012-10-5 130976]
    S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-2-24 136176]
    S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-8-31 114144]
    S3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
    S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
    S3 sbhips;sbhips;C:\Windows\system32\drivers\sbhips.sys --> C:\Windows\system32\drivers\sbhips.sys [?]
    S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys --> C:\Windows\system32\DRIVERS\SiSG664.sys [?]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
    S3 WinRing0_1_2_0;WinRing0_1_2_0;C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [2012-9-28 14544]
    .
    =============== Created Last 30 ================
    .
    2012-10-07 09:33:45 252712 ----a-w- C:\Windows\ETDUninst.dll
    2012-10-06 23:12:32 -------- d-----w- C:\Users\Goncalo\AppData\Local\{7556E9BF-3957-46A8-A172-992B971750C8}
    2012-10-06 23:09:10 -------- d-----w- C:\Users\Goncalo\AppData\Roaming\LavasoftStatistics
    2012-10-06 22:49:23 60536 ----a-w- C:\Windows\System32\drivers\sbhips.sys
    2012-10-06 22:49:23 57976 ----a-w- C:\Windows\System32\drivers\sbredrv.sys
    2012-10-06 22:49:23 45936 ----a-w- C:\Windows\System32\sbbd.exe
    2012-10-06 22:49:22 -------- d-----w- C:\Program Files (x86)\Ad-Aware Antivirus
    2012-10-06 22:49:12 -------- d-----w- C:\Users\Goncalo\AppData\Local\Downloaded Installations
    2012-10-06 22:45:36 -------- d-----w- C:\ProgramData\blekko toolbars
    2012-10-06 22:45:32 -------- d-----w- C:\Users\Goncalo\AppData\Local\adawarebp
    2012-10-06 22:45:31 -------- d-----w- C:\ProgramData\Ad-Aware Browsing Protection
    2012-10-06 22:45:26 -------- d-----w- C:\Program Files (x86)\Toolbar Cleaner
    2012-10-06 22:45:22 -------- d-----w- C:\Program Files (x86)\adawaretb
    2012-10-06 22:44:39 -------- d-----w- C:\Users\Goncalo\AppData\Roaming\Ad-Aware Antivirus
    2012-10-06 21:05:38 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
    2012-10-06 21:05:38 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
    2012-10-06 11:12:09 -------- d-----w- C:\Users\Goncalo\AppData\Local\{647CD744-8433-4069-9C5E-00DAE44090D4}
    2012-10-05 23:11:46 -------- d-----w- C:\Users\Goncalo\AppData\Local\{391A3A0B-5EF0-40EB-B272-2EE281203655}
    2012-10-05 22:03:52 -------- d-----w- C:\Users\Goncalo\AppData\Roaming\CPUControl
    2012-10-05 22:03:51 -------- d-----w- C:\Program Files (x86)\CPU-Control
    2012-10-05 21:42:42 -------- d-----w- C:\ProgramData\Futuremark
    2012-10-05 21:39:10 -------- d-----w- C:\Program Files (x86)\Futuremark
    2012-10-05 21:39:09 -------- d-----w- C:\Windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP
    2012-10-05 21:39:09 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
    2012-10-05 21:27:17 -------- d-----w- C:\Users\Goncalo\AppData\Local\tuto4pc_pt_2
    2012-10-05 21:27:17 -------- d-----w- C:\Program Files (x86)\TUTO4PC
    2012-10-05 21:24:19 -------- d-----w- C:\Users\Goncalo\Heaven
    2012-10-05 21:17:02 -------- d-----w- C:\Program Files\Unigine
    2012-10-05 11:11:22 -------- d-----w- C:\Users\Goncalo\AppData\Local\{9C0DAFCD-4AA0-4814-8C5D-F571BCE18F62}
    2012-10-04 23:10:59 -------- d-----w- C:\Users\Goncalo\AppData\Local\{F2EB7F83-17BD-4844-8CAA-77A0AD82B49E}
    2012-10-04 18:14:43 -------- d-----w- C:\Users\Goncalo\AppData\Local\Diagnostics
    2012-10-04 11:10:35 -------- d-----w- C:\Users\Goncalo\AppData\Local\{5173C465-B7C4-418D-91F6-87F7C06CB440}
    2012-10-03 23:08:28 -------- d-----w- C:\Users\Goncalo\AppData\Local\{B2F61BF4-0FC2-40DA-8121-18C4142B90FE}
    2012-10-03 11:08:16 -------- d-----w- C:\Users\Goncalo\AppData\Local\{112134C8-B974-439F-99C9-0B222122797C}
    2012-10-02 23:07:49 -------- d-----w- C:\Users\Goncalo\AppData\Local\{2ADC62C5-B920-4230-9E31-265673FC5A79}
    2012-10-02 11:07:25 -------- d-----w- C:\Users\Goncalo\AppData\Local\{A34BE99F-1766-4BEC-9FF8-A93FE5CB1CC6}
    2012-10-01 22:04:50 -------- d-----w- C:\Users\Goncalo\AppData\Local\{E8922814-3F75-4AD1-9815-EDC5324278FF}
    2012-10-01 10:04:27 -------- d-----w- C:\Users\Goncalo\AppData\Local\{DF4E7B58-A661-4D4E-8ED3-47FB6220FAC6}
    2012-09-30 22:12:24 -------- d-----w- C:\Users\Goncalo\AppData\Local\SCE
    2012-09-30 22:12:24 -------- d-----w- C:\Crash
    2012-09-30 22:12:20 239960 ----a-w- C:\Windows\SysWow64\xactengine3_7.dll
    2012-09-30 22:12:20 1907552 ----a-w- C:\Windows\System32\d3dcsx_43.dll
    2012-09-30 22:12:20 1868128 ----a-w- C:\Windows\SysWow64\d3dcsx_43.dll
    2012-09-30 22:12:20 176984 ----a-w- C:\Windows\System32\xactengine3_7.dll
    2012-09-30 22:12:02 -------- d-----w- C:\Windows\SysWow64\directx
    2012-09-30 22:04:02 -------- d-----w- C:\Users\Goncalo\AppData\Local\{BCB1536E-EBC7-4676-8E63-EF8A1D26EBFC}
    2012-09-30 16:42:59 -------- d-----w- C:\Users\Goncalo\AppData\Roaming\gd.sos.McPixel
    2012-09-30 10:03:38 -------- d-----w- C:\Users\Goncalo\AppData\Local\{03B95AA8-B6E3-4BB3-AC16-69944C4D1550}
    2012-09-30 09:56:35 -------- d-----w- C:\Users\Goncalo\AppData\Roaming\CrystalIdea Software
    2012-09-29 23:54:06 -------- d-----w- C:\Users\Goncalo\AppData\Local\Google
    2012-09-29 22:03:19 -------- d-----w- C:\Users\Goncalo\AppData\Local\{5660ACDF-5B67-44DA-9923-4AA156090AB3}
    2012-09-29 10:03:09 -------- d-----w- C:\Users\Goncalo\AppData\Local\{A39C96DA-82B4-47A0-AC27-559E059CC6A7}
    2012-09-28 18:49:20 -------- d-----w- C:\Users\Goncalo\AppData\Local\Solid State Networks
    2012-09-28 18:49:17 -------- d-----w- C:\Program Files (x86)\MeteorEntertainment
    2012-09-28 13:54:03 -------- d-----w- C:\ProgramData\IObit
    2012-09-28 13:54:03 -------- d-----w- C:\Program Files (x86)\IObit
    2012-09-28 13:23:46 -------- d-----w- C:\Users\Goncalo\AppData\Local\{56314CAC-B895-49AC-B502-7F58ABCFB36A}
    2012-09-27 23:09:02 -------- d-----w- C:\Users\Goncalo\AppData\Local\{E4755822-D125-4DDF-B90B-4CB5E38B76FE}
    2012-09-27 11:08:50 -------- d-----w- C:\Users\Goncalo\AppData\Local\{73B575B6-7519-47DA-8D34-5B2562780E10}
    2012-09-26 23:08:26 -------- d-----w- C:\Users\Goncalo\AppData\Local\{60612B46-D34A-43B3-AB32-5FA698515C3A}
    2012-09-26 11:11:50 245760 ----a-w- C:\Windows\System32\OxpsConverter.exe
    2012-09-26 11:08:02 -------- d-----w- C:\Users\Goncalo\AppData\Local\{5E41037E-7E55-4B6B-9FA4-1890D542C3A1}
    2012-09-25 21:32:33 -------- d-----w- C:\Users\Goncalo\AppData\Local\{0DFCF18D-8109-43BD-A785-0EFCF8ABA736}
    2012-09-25 09:32:09 -------- d-----w- C:\Users\Goncalo\AppData\Local\{43A50178-279C-4297-B03F-BEF867E152CD}
    2012-09-24 21:31:44 -------- d-----w- C:\Users\Goncalo\AppData\Local\{182798E4-CE0D-478B-AE89-BCECFF2A7615}
    2012-09-24 09:31:20 -------- d-----w- C:\Users\Goncalo\AppData\Local\{25096F3A-F61A-4243-8FF7-DC10B48B3A54}
    2012-09-23 14:21:51 -------- d-----w- C:\Users\Goncalo\AppData\Local\{35F02478-AEB8-4C67-909D-58CC68A0B0A6}
    2012-09-22 23:49:13 -------- d-----w- C:\Users\Goncalo\AppData\Local\{8F46AA00-943F-4C25-BCC4-617E85EF1527}
    2012-09-22 11:48:50 -------- d-----w- C:\Users\Goncalo\AppData\Local\{6F85EA7A-23B4-4D5D-B335-D2BC66513811}
    2012-09-21 23:48:27 -------- d-----w- C:\Users\Goncalo\AppData\Local\{C8BD3CDD-4C16-4835-9636-70F8ABB66E9D}
    2012-09-21 11:48:03 -------- d-----w- C:\Users\Goncalo\AppData\Local\{E7B5DA41-0E00-4303-BE69-47EB0D6AF1FE}
    2012-09-21 09:58:34 -------- d-----w- C:\Users\Goncalo\.android
    2012-09-21 09:58:33 -------- d-----w- C:\Users\Goncalo\AppData\Local\Eclipse
    2012-09-21 09:58:05 -------- d-----w- C:\Users\Goncalo\workspace
    2012-09-20 23:47:39 -------- d-----w- C:\Users\Goncalo\AppData\Local\{A1B1F0CD-8026-4122-BC40-9B9C0C81999C}
    2012-09-20 22:03:03 -------- d-----w- C:\Fraps
    2012-09-20 19:10:50 63336 ----a-w- C:\Windows\System32\nvshext.dll
    2012-09-20 19:10:50 3266920 ----a-w- C:\Windows\System32\nvsvc64.dll
    2012-09-20 19:10:49 891240 ----a-w- C:\Windows\System32\nvvsvc.exe
    2012-09-20 19:10:49 6198120 ----a-w- C:\Windows\System32\nvcpl.dll
    2012-09-20 19:10:49 2557800 ----a-w- C:\Windows\System32\nvsvcr.dll
    2012-09-20 19:10:49 118120 ----a-w- C:\Windows\System32\nvmctray.dll
    2012-09-20 19:09:54 9066344 ----a-w- C:\Windows\System32\nvcuda.dll
    2012-09-20 19:09:54 7626088 ----a-w- C:\Windows\SysWow64\nvcuda.dll
    2012-09-20 19:09:54 26228072 ----a-w- C:\Windows\System32\nvoglv64.dll
    2012-09-20 19:09:54 19828584 ----a-w- C:\Windows\SysWow64\nvoglv32.dll
    2012-09-20 19:09:54 1760104 ----a-w- C:\Windows\System32\nvdispco64.dll
    2012-09-20 19:09:54 14879080 ----a-w- C:\Windows\System32\nvwgf2umx.dll
    2012-09-20 19:09:54 1482600 ----a-w- C:\Windows\System32\nvdispgenco64.dll
    2012-09-20 19:09:54 13391720 ----a-w- C:\Windows\System32\drivers\nvlddmkm.sys
    2012-09-20 19:09:54 12465512 ----a-w- C:\Windows\SysWow64\nvwgf2um.dll
    2012-09-20 19:03:15 -------- d-----w- C:\Program Files (x86)\Driver Fusion
    2012-09-20 11:47:14 -------- d-----w- C:\Users\Goncalo\AppData\Local\{25CA0F2D-FE38-451D-8675-CC984F305059}
    2012-09-19 23:46:50 -------- d-----w- C:\Users\Goncalo\AppData\Local\{3763A1D7-7F43-498F-B1CB-8522E11A1BF0}
    2012-09-19 16:42:20 -------- d-----w- C:\Users\Goncalo\AppData\Roaming\SVP 3.1
    2012-09-19 16:39:00 -------- d-----w- C:\Users\Goncalo\AppData\Roaming\XBMC
    2012-09-19 16:37:34 -------- d-----w- C:\Program Files (x86)\XBMC
    2012-09-19 16:31:55 -------- d-----w- C:\Program Files (x86)\Combined Community Codec Pack
    2012-09-19 16:21:49 -------- d-----w- C:\Program Files (x86)\Haali
    2012-09-19 16:21:41 -------- d-----w- C:\Program Files (x86)\AviSynth 2.5
    2012-09-19 16:21:36 -------- d-----w- C:\Program Files (x86)\SVP
    2012-09-19 11:46:22 -------- d-----w- C:\Users\Goncalo\AppData\Local\{F5E63DF8-8123-4E83-919C-D2CB4E56FE5C}
    2012-09-18 21:27:54 -------- d-----w- C:\Users\Goncalo\AppData\Local\{664D8F77-E2A8-4451-AE96-2B971AE37C14}
    2012-09-18 19:09:56 -------- d-----w- C:\Users\Goncalo\AppData\Roaming\MAGIX
    2012-09-18 17:40:55 -------- d-----w- C:\Users\Goncalo\AppData\Roaming\AVG
    2012-09-18 17:40:24 -------- d-----w- C:\ProgramData\AVG
    2012-09-18 17:40:21 -------- d-sh--w- C:\ProgramData\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
    2012-09-18 14:29:52 -------- d-s---w- C:\Windows\SysWow64\Microsoft
    2012-09-18 09:27:30 -------- d-----w- C:\Users\Goncalo\AppData\Local\{79A01924-130A-4BEF-993C-DA29B700631C}
    2012-09-17 21:27:06 -------- d-----w- C:\Users\Goncalo\AppData\Local\{612BFE27-82E0-4D14-A415-72EB62B0B516}
    2012-09-17 12:49:21 -------- d-----w- C:\Users\Goncalo\AppData\Local\Apple Computer
    2012-09-17 09:26:43 -------- d-----w- C:\Users\Goncalo\AppData\Local\{FC8470C6-0FD1-4F40-8D06-4EC922549C5D}
    2012-09-16 21:26:19 -------- d-----w- C:\Users\Goncalo\AppData\Local\{C5CCEC34-8756-4EA9-B59D-DF13A5B78D5D}
    2012-09-16 17:14:36 -------- d-----w- C:\Games
    2012-09-16 09:25:56 -------- d-----w- C:\Users\Goncalo\AppData\Local\{0C96D4B3-B0FC-4913-B88C-D09FA66C2402}
    2012-09-15 11:34:16 -------- d-----w- C:\Users\Goncalo\AppData\Local\{21330E4E-448A-4C23-911B-28C1474478A3}
    2012-09-14 23:33:53 -------- d-----w- C:\Users\Goncalo\AppData\Local\{0C884162-78B7-42C4-9D67-F9D402421C2C}
    2012-09-14 21:13:49 -------- d-----w- C:\ProgramData\VirtualizedApplications
    2012-09-14 19:48:54 -------- d-----w- C:\Program Files (x86)\FTL
    2012-09-14 19:41:58 -------- d-----r- C:\Users\Goncalo\Dropbox
    2012-09-14 19:36:52 -------- d-----w- C:\Users\Goncalo\AppData\Roaming\Dropbox
    2012-09-14 13:31:33 230400 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\hpzppw71.dll
    2012-09-14 13:05:56 -------- d-----w- C:\Users\Goncalo\AppData\Local\SoftGrid Client
    2012-09-14 13:05:55 -------- d-----w- C:\Users\Goncalo\AppData\Roaming\SoftGrid Client
    2012-09-14 13:05:23 -------- d-----w- C:\Program Files (x86)\Microsoft Application Virtualization Client
    2012-09-14 13:05:15 -------- d-----w- C:\Users\Goncalo\AppData\Roaming\TP
    2012-09-14 11:33:30 -------- d-----w- C:\Users\Goncalo\AppData\Local\{C1C952A0-20E8-42A1-A400-49DD8C328E68}
    2012-09-13 16:11:13 -------- d-----w- C:\Users\Goncalo\AppData\Local\{D4728DF1-B732-45D4-AAE4-A88103956A88}
    2012-09-13 00:55:48 -------- d-----w- C:\Users\Goncalo\AppData\Local\{A4C52607-79A2-47B6-A593-0C17A7419C54}
    2012-09-12 23:56:36 -------- d-----w- C:\teste
    2012-09-12 12:55:23 -------- d-----w- C:\Users\Goncalo\AppData\Local\{F32BAF5E-420D-4D35-9FEB-5A41F1BF96F1}
    2012-09-12 00:54:59 -------- d-----w- C:\Users\Goncalo\AppData\Local\{F6EBE051-1FE3-4078-8F12-5513D7BE3047}
    2012-09-11 18:01:27 -------- d-----w- C:\Program Files (x86)\McPixel
    2012-09-11 17:23:48 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
    2012-09-11 17:23:48 366592 ----a-w- C:\Windows\System32\qdvd.dll
    2012-09-11 17:21:38 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys
    2012-09-11 17:21:38 41472 ----a-w- C:\Windows\System32\drivers\RNDISMP.sys
    2012-09-11 17:21:38 376688 ----a-w- C:\Windows\System32\drivers\netio.sys
    2012-09-11 17:21:38 288624 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
    2012-09-11 17:21:38 1913200 ----a-w- C:\Windows\System32\drivers\tcpip.sys
    2012-09-11 17:21:37 574464 ----a-w- C:\Windows\System32\d3d10level9.dll
    2012-09-11 17:21:37 490496 ----a-w- C:\Windows\SysWow64\d3d10level9.dll
    2012-09-11 12:54:35 -------- d-----w- C:\Users\Goncalo\AppData\Local\{EEBBAD29-F294-4CB4-B13C-4218F7FDD412}
    2012-09-11 00:54:11 -------- d-----w- C:\Users\Goncalo\AppData\Local\{99BC103D-1708-41BA-B95B-59D785875A47}
    2012-09-10 18:55:20 -------- d-----w- C:\Windows\SysWow64\NV
    2012-09-10 18:55:20 -------- d-----w- C:\Windows\System32\NV
    2012-09-10 18:52:42 865640 ----a-w- C:\Windows\System32\nv3dappshext.dll
    2012-09-10 18:52:42 55144 ----a-w- C:\Windows\System32\nv3dappshextr.dll
    2012-09-10 18:52:42 3487434 ----a-w- C:\Windows\System32\nvcoproc.bin
    2012-09-10 18:52:28 -------- d-----w- C:\temp
    2012-09-10 18:52:24 -------- d-----w- C:\ProgramData\NVIDIA Corporation
    2012-09-10 18:51:46 971624 ----a-w- C:\Windows\System32\nvumdshimx.dll
    2012-09-10 18:51:46 830312 ----a-w- C:\Windows\SysWow64\nvumdshim.dll
    2012-09-10 18:51:46 2725224 ----a-w- C:\Windows\System32\nvapi64.dll
    2012-09-10 18:51:46 247144 ----a-w- C:\Windows\System32\nvinitx.dll
    2012-09-10 18:51:46 2422120 ----a-w- C:\Windows\SysWow64\nvapi.dll
    2012-09-10 18:51:46 202600 ----a-w- C:\Windows\SysWow64\nvinit.dll
    2012-09-10 18:51:46 18229096 ----a-w- C:\Windows\System32\nvd3dumx.dll
    2012-09-10 18:51:46 15291752 ----a-w- C:\Windows\SysWow64\nvd3dum.dll
    2012-09-10 17:58:40 -------- d-----w- C:\NVIDIA
    2012-09-10 17:41:05 283200 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys
    2012-09-10 17:41:02 -------- d-----w- C:\Users\Goncalo\AppData\Roaming\DAEMON Tools Lite
    2012-09-10 17:41:00 -------- d-----w- C:\Program Files (x86)\DAEMON Tools Lite
    2012-09-10 17:40:36 -------- d-----w- C:\ProgramData\DAEMON Tools Lite
    2012-09-10 17:10:06 1391104 ----a-w- C:\apploc.msi
    2012-09-10 15:59:33 -------- d-----w- C:\Users\Goncalo\AppData\Roaming\NVIDIA
    2012-09-10 15:55:51 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
    2012-09-10 15:55:51 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll
    2012-09-10 15:55:47 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
    2012-09-10 15:52:28 -------- d-----w- C:\Users\Goncalo\AppData\Roaming\.minecraft
    2012-09-10 15:27:19 -------- d-----w- C:\ProgramData\Hi-Rez Studios
    2012-09-10 15:27:17 -------- d-----w- C:\Program Files (x86)\Hi-Rez Studios
    2012-09-10 14:27:43 -------- d-----w- C:\Program Files (x86)\Microsoft XNA
    2012-09-10 12:50:22 -------- d-----w- C:\Users\Goncalo\AppData\Local\{41D382E4-B3D3-48BC-B5F7-4358DB4276F0}
    2012-09-09 22:47:21 -------- d-----w- C:\Users\Goncalo\AppData\Local\{30D150EC-005A-404D-8CA4-E320271FFB50}
    2012-09-09 10:46:57 -------- d-----w- C:\Users\Goncalo\AppData\Local\{90F20600-F790-4BA4-8E77-87797683144B}
    2012-09-08 22:46:34 -------- d-----w- C:\Users\Goncalo\AppData\Local\{AF329743-90B2-4AD3-B13D-EA98F9DB7C4C}
    2012-09-08 10:46:11 -------- d-----w- C:\Users\Goncalo\AppData\Local\{09B0E2F8-1D61-4C8A-BB91-E3AC1DC09732}
    2012-09-07 22:45:48 -------- d-----w- C:\Users\Goncalo\AppData\Local\{6D82A1E3-F4F8-4196-B28D-D94785B431E8}
    2012-09-07 19:15:14 -------- d-----w- C:\Users\Goncalo\AppData\Local\Gas Powered Games
    2012-09-07 19:00:17 -------- d-----w- C:\Users\Goncalo\AppData\Local\My Games
    2012-09-07 10:45:25 -------- d-----w- C:\Users\Goncalo\AppData\Local\{B8723670-B496-4C5B-A36E-02C595043510}
    2012-09-07 10:45:25 -------- d-----w- C:\Users\Goncalo\AppData\Local\{8F91B6AE-9147-4FED-9518-C85A5BD59E35}
    .
    ==================== Find3M ====================
    .
    2012-10-07 09:21:52 387 ----a-w- C:\Users\Goncalo\AppData\Roaming\sp_data.sys
    2012-09-20 20:33:14 73136 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-09-20 20:33:14 696240 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2012-09-07 16:04:46 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2012-08-31 22:17:16 31080 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys
    2012-08-30 19:14:00 7397736 ----a-w- C:\Windows\System32\nvopencl.dll
    2012-08-30 19:14:00 6109032 ----a-w- C:\Windows\SysWow64\nvopencl.dll
    2012-08-30 19:14:00 355176 ----a-w- C:\Windows\System32\nvEncodeAPI64.dll
    2012-08-30 19:14:00 308072 ----a-w- C:\Windows\SysWow64\nvEncodeAPI.dll
    2012-08-30 19:14:00 30056 ----a-w- C:\Windows\System32\drivers\nvpciflt.sys
    2012-08-30 19:14:00 284008 ----a-w- C:\Windows\System32\drivers\nvkflt.sys
    2012-08-30 19:14:00 2745192 ----a-w- C:\Windows\System32\nvcuvid.dll
    2012-08-30 19:14:00 2573672 ----a-w- C:\Windows\SysWow64\nvcuvid.dll
    2012-08-30 19:14:00 25256296 ----a-w- C:\Windows\System32\nvcompiler.dll
    2012-08-30 19:14:00 2216808 ----a-w- C:\Windows\System32\nvcuvenc.dll
    2012-08-30 19:14:00 1866088 ----a-w- C:\Windows\SysWow64\nvcuvenc.dll
    2012-08-30 19:14:00 17559912 ----a-w- C:\Windows\SysWow64\nvcompiler.dll
    2012-08-30 13:46:46 71680 ----a-w- C:\Windows\System32\frapsv64.dll
    2012-08-30 13:46:44 65536 ----a-w- C:\Windows\SysWow64\frapsvid.dll
    2012-08-30 09:40:14 429416 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
    2012-08-24 14:43:16 384352 ----a-w- C:\Windows\System32\drivers\avgtdia.sys
    2012-08-24 10:31:32 2312704 ----a-w- C:\Windows\System32\jscript9.dll
    2012-08-24 10:21:18 1392128 ----a-w- C:\Windows\System32\wininet.dll
    2012-08-24 10:20:11 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
    2012-08-24 10:14:45 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
    2012-08-24 10:13:29 599040 ----a-w- C:\Windows\System32\vbscript.dll
    2012-08-24 10:09:42 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
    2012-08-24 06:59:17 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2012-08-24 06:51:27 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
    2012-08-24 06:51:02 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2012-08-24 06:47:26 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
    2012-08-24 06:47:12 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
    2012-08-24 06:43:58 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2012-08-21 12:01:20 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
    2012-08-21 12:01:20 125872 ----a-w- C:\Windows\System32\GEARAspi64.dll
    2012-08-21 12:01:20 106928 ----a-w- C:\Windows\SysWow64\GEARAspi.dll
    2012-08-20 21:50:20 67272 ----a-w- C:\Windows\SysWow64\drivers\ArgusMonitor.sys
    2012-07-26 02:21:28 291680 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
    2012-07-25 22:51:44 28104 ----a-w- C:\Windows\System32\xfcodec64.dll
    2012-07-18 23:56:05 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
    2012-07-18 23:56:05 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
    2012-07-18 23:56:05 29480 ----a-w- C:\Windows\SysWow64\msxml3a.dll
    2012-07-18 23:51:44 3058304 ----a-w- C:\Windows\AsScrPro.exe
    2012-07-18 18:15:06 3148800 ----a-w- C:\Windows\System32\win32k.sys
    2012-07-09 12:42:56 4547984 ----a-w- C:\Windows\System32\usbaaplrc.dll
    2012-07-09 12:42:54 52736 ----a-w- C:\Windows\System32\drivers\usbaapl64.sys
    .
    ============= FINISH: 10:51:28,48 ===============

    After some extensive search I think the problem maybe some adware called tuto4pc though I have no idea how to remove it and would like some confirmation too.
    Attached Files Attached Files
    Last edited by tashi; 2012-10-07 at 16:20. Reason: Merged two posts

  2. #2
    Anti-Malware Team Robybel's Avatar
    Join Date
    Oct 2012
    Posts
    246

    Default

    Hi and Welcome!! Coiso
    My name is Robybel. I would be more than happy to take a look at your log and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:
    • I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
    • The fixes are specific to your problem and should only be used for the issues on this machine.
    • Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
    • It's often worth reading through these instructions and printing them for ease of reference.
    • If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
    • Please reply to this thread. Do not start a new topic.


    Please be advised, as I am still in training, all my replies to you will be checked for accuracy by one of our experts to ensure that I am giving you the best possible advise, this will be a team effort.
    This may cause a delay, but I will do my best to keep it as short as possible. Please bear with me, I will post back to you as soon as I can.


    IMPORTANT NOTE : Please do not delete, download or install anything unless instructed to do so.
    DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision. Doing so could make your system inoperable and could require a full reinstall of your Operating System and losing all your programs and data.


    Vista and Windows 7 users:

    These tools MUST be run from the executable. (.exe) every time you run them
    with Admin Rights (Right click, choose "Run as Administrator")


    Stay with this topic until I give you the all clean post.

    Having said that....Let's get going!! :thumbup:
    - Proud Graduate of WTT Classroom -

    - Member of UNITE -

  3. #3
    Anti-Malware Team Robybel's Avatar
    Join Date
    Oct 2012
    Posts
    246

    Default

    Hi Coiso

    I'm here

    -----------------

    -AdwCleaner-

    • Please download AdwCleaner by Xplode onto your desktop.
    • Close all open programs and internet browsers.
    • Double click on AdwCleaner.exe to run the tool.
    • Click on Delete.
    • Confirm each time with Ok.
    • Your computer will be rebooted automatically. A text file will open after the restart.
    • Please post the content of that logfile with your next answer.
    • You can find the logfile at C:\AdwCleaner[S1].txt as well.


    =============================== Next =======================================


    • Please download GMER from one of the following locations, and save it to your desktop:
      • Main Mirror
        This version will download a randomly named file (Recommended)
      • Zip Mirror
        This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.

    • Extract the contents of the zipped file to desktop (applicable only to Zip mirror) .
    • Double click or on your desktop.
    • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.



      Click the image to enlarge it
    • In the right panel, you will see several boxes that have been checked. Uncheck the following ...
      • IAT/EAT
      • Drives/Partition other than Systemdrive (typically C:\)
      • Show All (don't miss this one)
    • Then click the Scan button & wait for it to finish.
    • Once done click on the [Save..] button, and in the File name area, type in "Gmer.txt" or it will save as a .log file which cannot be uploaded to your post.
    • Save it where you can easily find it, such as your desktop, and attach it in your reply.

    **Caution**
    Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries


    On your next reply please post :
    • Adw Cleaner report
    • Gmer log

    Let me know if you have any problems in performing with the steps above or any questions you may have.

    Good Day!
    - Proud Graduate of WTT Classroom -

    - Member of UNITE -

  4. #4
    Anti-Malware Team Robybel's Avatar
    Join Date
    Oct 2012
    Posts
    246

    Default

    Hi Coiso
    Still need help?
    - Proud Graduate of WTT Classroom -

    - Member of UNITE -

  5. #5
    Security Expert oldman960's Avatar
    Join Date
    Sep 2010
    Posts
    631

    Default

    Due to inactivity, this thread will now be closed.

    Note:If it has been three days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh DDS log and a link to your previous thread. Please do not add any logs that might have been requested in the closed topic, you would be starting fresh.
    Member of UNITE and ASAP
    Threads will be closed if no response after 5 days.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •