Ads in lower left corner of browser (displayed in flash player)

[Lunarpac]

Hello!

I have a problem with unwanted ads in all of my browsers (firefox, IE, as well as steam). Without adobe flash player installed it manifests as a div-box containing the ad in the bottom left of the browser window. If I enable adblock, the ad is invisible (but the div is still there). If I have adobe flash player installed, adblock will not work, and the ad will display in an adobe flash window.

I've tried a number of rootkit removal programs and registry cleaners (which I have now realized is stupid), but none of them have solved the issue.
Some examples of what I've tried:

• CCleaner
• CleanUp!
• TDSSkiller
• Comodo Cleaning Essentials
• SUPERAntiSpyware
• Microsoft Security Essentials
• Sophos
• Ad-aware
• Etc. In short, a lot of software

I have backed up my registry using ERUNT as instructed in the "BEFORE you POST"-post.
I've provided the DDS and aswMBR logs below, also the attach.txt is provided as a zipped attachment to this post.

DDS-log
DDS (Ver_2012-10-14.05) - NTFS_AMD64
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_29
Run by Max at 23:52:20 on 2012-10-15
Microsoft Windows 7 Professional 6.1.7601.1.1252.46.1033.18.8159.5670 [GMT 2:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\Core Temp\Core Temp.exe
C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
C:\Windows\system32\IProsetMonitor.exe
C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\System32\alg.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\WindowsMobile\wmdcBase.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Net iD\iid.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
C:\Users\Max\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\taskmgr.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.entru.com/?s=21983
mStart Page = hxxp://search.entru.com/?s=21983
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
uRun: [AdobeBridge] <no file>
mRun: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
mRun: [Net iD] "C:\Program Files (x86)\Net iD\iid.exe"
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
TCP: NameServer = 79.138.0.180 85.8.31.209
TCP: Interfaces\{39A85E31-4D53-438C-8BF9-DB3B5F11B375} : DHCPNameServer = 79.138.0.180 85.8.31.209
TCP: Interfaces\{CB2B4FA5-6527-4A2D-8E86-925589073BAF} : DHCPNameServer = 79.138.0.180 85.8.31.209
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg pku2u livessp
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdcBase.exe
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [itype] "c:\Program Files\Microsoft IntelliType Pro\itype.exe"
x64-Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [Net iD] "C:\Program Files\Net iD\iid.exe"
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
x64-SSODL: WebCheck - <orphaned>
Hosts: 78.46.61.26 www.google-analytics.com.
Hosts: 78.46.61.26 ad-emea.doubleclick.net.
Hosts: 78.46.61.26 www.statcounter.com.
Hosts: 108.163.215.51 www.google-analytics.com.
Hosts: 108.163.215.51 ad-emea.doubleclick.net.
.
Note: multiple HOSTS entries found. Please refer to Attach.txt
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\go2atoz2.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.se/ig
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npiidplg.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Windows\System32\Wat\npWatWeb.dll
FF - ExtSQL: 2012-10-15 23:26; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\go2atoz2.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2012-10-15 23:27; artur.dubovoy@gmail.com; C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\go2atoz2.default\extensions\artur.dubovoy@gmail.com.xpi
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2012-8-30 228768]
R0 mv91xx;mv91xx;C:\Windows\System32\drivers\mv91xx.sys [2010-8-27 297000]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-4-6 236544]
R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe [2011-6-13 922240]
R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [2010-12-2 915584]
R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [2012-4-17 586880]
R2 cpuz135;cpuz135;C:\Windows\System32\drivers\cpuz135_x64.sys [2012-5-6 23816]
R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2012-4-17 133800]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2010-10-24 128456]
R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-9-15 88576]
R3 amdkmdag;amdkmdag;C:\Windows\System32\drivers\atikmdag.sys [2012-4-6 11174400]
R3 amdkmdap;amdkmdap;C:\Windows\System32\drivers\atikmpag.sys [2012-4-6 343040]
R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2011-9-14 129000]
R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2011-9-14 394216]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-2-23 95760]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C;C:\Windows\System32\drivers\e1c62x64.sys [2012-4-17 313520]
R3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);C:\Windows\System32\drivers\ICCWDT.sys [2010-8-17 26136]
R3 MEIx64;Intel(R) Management Engine Interface ;C:\Windows\System32\drivers\HECIx64.sys [2010-10-19 56344]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-9-12 368896]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2011-9-29 46136]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;C:\Program Files (x86)\Dragon Age\bin_ship\daupdatersvc.service.exe [2009-12-15 25832]
S3 HTCAND64;HTC Device Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2009-11-2 33736]
S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\System32\drivers\htcnprot.sys [2010-6-25 36928]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-15 115168]
S3 npggsvc;nProtect GameGuard Service;C:\Windows\System32\GameMon.des -service --> C:\Windows\System32\GameMon.des -service [?]
S3 NVFLASH;NVFLASH;C:\Windows\System32\drivers\nvflash.sys [2012-4-18 13416]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-3-1 187392]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-4-5 59392]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-5-26 1255736]
.
=============== File Associations ===============
.
FileExt: .js: jsfile="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5.5\Dreamweaver.exe","%1"
ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5.5\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2012-10-15 21:21:49 9308616 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D9135E9F-AA0E-4823-BDDA-A0C3C13B6247}\mpengine.dll
2012-10-15 21:04:36 208216 ----a-w- C:\Windows\System32\drivers\24476593.sys
2012-10-15 18:42:35 -------- d-----w- C:\Program Files (x86)\RIFT Game
2012-10-14 15:20:31 -------- d-----w- C:\Program Files (x86)\ESET
2012-10-14 14:40:36 -------- d-----w- C:\ProgramData\TERA
2012-10-14 14:40:27 -------- d-----w- C:\Program Files (x86)\TERA
2012-10-14 07:01:46 9308616 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-10-13 22:11:21 -------- d-----w- C:\ProgramData\Sophos
2012-10-12 19:56:05 -------- d-----w- C:\CCE_Quarantine
2012-10-12 14:47:02 -------- d-----w- C:\Users\Max\AppData\Roaming\Songbird2
2012-10-12 14:47:02 -------- d-----w- C:\Users\Max\AppData\Local\Songbird2
2012-10-12 14:33:32 15664 ----a-w- C:\Windows\SysWow64\drivers\GEARAspiWDM.sys
2012-10-12 14:33:32 109360 ----a-w- C:\Windows\SysWow64\GEARAspi.dll
2012-10-12 14:33:00 -------- d-----w- C:\Program Files (x86)\Songbird
2012-10-12 14:26:40 -------- d-----w- C:\Users\Max\.local
2012-10-12 14:12:38 -------- d-----w- C:\Users\Max\AppData\Roaming\.kde
2012-10-12 14:08:50 -------- d-----w- C:\Program Files (x86)\Amarok
2012-10-10 05:11:00 1659760 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2012-10-10 05:09:57 1464320 ----a-w- C:\Windows\System32\crypt32.dll
2012-10-10 05:09:56 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2012-10-10 05:09:56 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2012-10-10 05:09:56 140288 ----a-w- C:\Windows\System32\cryptnet.dll
2012-10-10 05:09:56 1159680 ----a-w- C:\Windows\SysWow64\crypt32.dll
2012-10-10 05:09:51 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2012-10-09 18:02:50 -------- d-----w- C:\TDSSKiller_Quarantine
2012-10-06 07:26:41 972192 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1512DAF9-2307-44C6-A6E3-BC5A4DE8F42A}\gapaengine.dll
2012-10-01 21:02:31 -------- d-----w- C:\Users\Max\AppData\Roaming\SUPERAntiSpyware.com
2012-10-01 21:02:05 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2012-10-01 21:02:05 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2012-10-01 21:00:10 -------- d-----w- C:\Program Files\Common Files\Bitdefender
2012-09-28 12:21:27 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2012-09-28 12:21:23 -------- d-----w- C:\Users\Max\AppData\Roaming\LavasoftStatistics
2012-09-28 12:19:21 -------- d-----w- C:\Program Files (x86)\Toolbar Cleaner
2012-09-28 12:11:19 -------- d-----w- C:\Users\Max\AppData\Local\Threat Expert
2012-09-27 05:47:05 -------- d-----w- C:\Users\Max\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
2012-09-26 06:07:36 245760 ----a-w- C:\Windows\System32\OxpsConverter.exe
2012-09-17 07:50:11 -------- d-----w- C:\Program Files (x86)\GOG.com
2012-09-16 09:54:54 -------- d-----w- C:\Users\Max\AppData\Roaming\Malwarebytes
2012-09-16 09:54:20 -------- d-----w- C:\ProgramData\Malwarebytes
.
==================== Find3M ====================
.
2012-09-20 07:32:31 466456 ----a-w- C:\Windows\System32\wrap_oal.dll
2012-09-20 07:32:31 444952 ----a-w- C:\Windows\SysWow64\wrap_oal.dll
2012-09-20 07:32:31 122904 ----a-w- C:\Windows\System32\OpenAL32.dll
2012-09-20 07:32:31 109080 ----a-w- C:\Windows\SysWow64\OpenAL32.dll
2012-09-14 19:19:29 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-09-14 18:28:53 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-08-30 20:03:48 228768 ----a-w- C:\Windows\System32\drivers\MpFilter.sys
2012-08-30 20:03:48 128456 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys
2012-08-30 18:03:45 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-08-30 17:12:02 3968880 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-08-30 17:12:02 3914096 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-08-24 18:05:07 220160 ----a-w- C:\Windows\System32\wintrust.dll
2012-08-24 18:05:06 1188864 ----a-w- C:\Windows\System32\wininet.dll
2012-08-24 16:57:48 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-08-24 16:57:48 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-08-24 15:59:30 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2012-08-24 15:20:39 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-08-22 18:12:50 1913200 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-08-22 18:12:40 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys
2012-08-22 18:12:40 376688 ----a-w- C:\Windows\System32\drivers\netio.sys
2012-08-22 18:12:33 288624 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2012-08-20 18:48:44 362496 ----a-w- C:\Windows\System32\wow64win.dll
2012-08-20 18:48:44 243200 ----a-w- C:\Windows\System32\wow64.dll
2012-08-20 18:48:44 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2012-08-20 18:48:43 215040 ----a-w- C:\Windows\System32\winsrv.dll
2012-08-20 18:48:37 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2012-08-20 18:48:35 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2012-08-20 18:46:22 338432 ----a-w- C:\Windows\System32\conhost.exe
2012-08-20 17:40:21 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2012-08-20 17:38:44 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2012-08-20 17:38:26 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2012-08-20 17:37:19 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2012-08-20 17:37:18 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2012-08-20 15:38:21 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2012-08-20 15:38:20 2048 ----a-w- C:\Windows\SysWow64\user.exe
2012-08-20 15:33:28 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-08-20 15:33:28 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 15:33:28 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 15:33:28 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-08-20 15:27:38 298016 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2012-08-20 15:27:38 298016 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2012-08-19 15:18:28 298016 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2012-08-11 00:56:03 715776 ----a-w- C:\Windows\System32\kerberos.dll
2012-08-10 23:56:14 542208 ----a-w- C:\Windows\SysWow64\kerberos.dll
2012-08-10 19:14:58 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2012-08-10 18:47:28 3130440 ----a-w- C:\Windows\SysWow64\pbsvc_blr.exe
2012-08-02 17:58:52 574464 ----a-w- C:\Windows\System32\d3d10level9.dll
2012-08-02 16:57:20 490496 ----a-w- C:\Windows\SysWow64\d3d10level9.dll
2012-07-18 18:15:06 3148800 ----a-w- C:\Windows\System32\win32k.sys
.
============= FINISH: 23:53:34.81 ===============


aswMBR-log
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-15 23:52:58
-----------------------------
23:52:58.823 OS Version: Windows x64 6.1.7601 Service Pack 1
23:52:58.823 Number of processors: 4 586 0x2A07
23:52:58.823 ComputerName: MAX-PC UserName: Max
23:52:59.790 Initialize success
23:54:34.624 AVAST engine defs: 12101501
23:56:30.985 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Scsi\mv91xx1Port1Path0Target0Lun0
23:56:30.985 Disk 0 Vendor: ST350041 CC38 Size: 476940MB BusType: 11
23:56:30.985 Disk 0 MBR read successfully
23:56:30.985 Disk 0 MBR scan
23:56:30.985 Disk 0 Windows 7 default MBR code
23:56:31.001 Disk 0 Partition 1 00 07 HPFS/NTFS NTFS 100 MB offset 2048
23:56:31.016 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 476838 MB offset 206848
23:56:31.047 Disk 0 scanning C:\Windows\system32\drivers
23:56:42.903 Service scanning
23:57:05.336 Modules scanning
23:57:05.336 Disk 0 trace - called modules:
23:57:05.336 ntoskrnl.exe CLASSPNP.SYS disk.sys SCSIPORT.SYS hal.dll mv91xx.sys
23:57:05.336 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80077ba060]
23:57:05.851 3 CLASSPNP.SYS[fffff88001b0843f] -> nt!IofCallDriver -> \Device\Scsi\mv91xx1Port1Path0Target0Lun0[0xfffffa800750e050]
23:57:07.333 AVAST engine scan C:\Windows
23:57:10.484 AVAST engine scan C:\Windows\system32
00:00:50.025 AVAST engine scan C:\Windows\system32\drivers
00:01:04.954 AVAST engine scan C:\Users\Max
00:08:46.143 Disk 0 MBR has been saved successfully to "C:\Users\Max\Desktop\MBR.dat"
00:08:46.143 The log file has been saved successfully to "C:\Users\Max\Desktop\aswMBR.txt"


Thanks on beforehand for taking the time to help me out here (seeing as I'm evidently an idiot when it comes to removing malware such as this). I appreciate it.