jtaylor86
2011-04-27, 06:13
I keep running Spybot and it keeps coming up with click.giftload. Google is redirecting and windows are freezing.
Below is the DDS log: please help!
.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Gatto Materazzi at 20:09:44.04 on Tue 04/26/2011
Internet Explorer: 8.0.7600.16385
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.3572.2049 [GMT -7:00]
.
AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_d511891fb5bff1e2\STacSV.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_d511891fb5bff1e2\aestsrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\gearsec.exe
C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\Program Files\AVG\AVG10\avgemcx.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Windows\system32\conhost.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\conhost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Intel\AMT\LMS.exe
C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe
C:\PROGRA~1\AVG\AVG10\avgrsx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe
C:\Program Files\Opera\opera.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\msiexec.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\MsiExec.exe
C:\Windows\Installer\MSI9B56.tmp
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Gatto Materazzi\AppData\Local\Opera\Opera\temporary_downloads\dds (1).scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
uRun: [BitTorrent] "c:\program files\bittorrent\BitTorrent.exe"
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 10.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Apoint] c:\program files\delltpad\Apoint.exe
mRun: [picon] "c:\program files\common files\intel\privacy icon\PIconStartup.exe"
mRun: [SysTrayApp] c:\program files\idt\wdm\sttray.exe
mRun: [nwiz] nwiz.exe /installquiet
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NVHotkey] rundll32.exe c:\windows\system32\nvHotkey.dll,Start
StartupFolder: c:\users\gattom~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2010-9-13 25680]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 26064]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-12-8 251728]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 34384]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-11-12 299984]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\driverstore\filerepository\stwrt.inf_x86_neutral_d511891fb5bff1e2\AEstSrv.exe [2011-3-10 81920]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [2011-1-6 6128720]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg10\avgwdsvc.exe [2010-10-22 265400]
R2 gearsec;gearsec;c:\windows\system32\gearsec.exe [2005-11-30 58952]
R2 NIHardwareService;NIHardwareService;c:\program files\common files\native instruments\hardware\NIHardwareService.exe [2011-3-9 3857408]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2011-4-22 1153368]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files\common files\intel\privacy icon\uns\UNS.exe [2011-4-16 2062872]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2010-8-3 123472]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2010-8-3 30288]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2010-8-3 21072]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\drivers\e1y6032.sys [2009-7-13 214016]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\netw5v32.sys [2009-6-10 4231168]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 a2djavs;Audio 2 DJ WDM Audio;c:\windows\system32\drivers\a2djavs.sys [2010-10-20 342096]
S3 a2djusb_svc;Audio 2 DJ;c:\windows\system32\drivers\a2djusb.sys [2010-10-20 88144]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 ks4avs;Kontrol S4 WDM Audio;c:\windows\system32\drivers\ks4avs.sys [2011-2-25 346192]
S3 ks4usb_svc;Traktor Kontrol S4;c:\windows\system32\drivers\ks4usb.sys [2011-2-25 95824]
S3 rspAux;rspAux;c:\windows\system32\drivers\rspAux32.sys [2011-4-16 19000]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2011-4-7 1343400]
.
=============== Created Last 30 ================
.
2011-04-22 19:54:53 -------- d-----w- c:\users\gattom~1\appdata\local\Mixed_In_Key_LLC
2011-04-22 19:52:29 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-04-22 19:52:29 -------- d-----w- c:\progra~2\Spybot - Search & Destroy
2011-04-22 17:57:15 -------- d-----w- c:\users\gattom~1\appdata\local\MixedInKey
2011-04-22 16:33:38 -------- d-----w- c:\program files\Platinum Notes
2011-04-22 16:33:28 -------- d-----w- c:\program files\Mixed In Key
2011-04-22 16:28:33 -------- d-----w- c:\users\gattom~1\appdata\local\Xenocode
2011-04-22 16:10:35 348160 ----a-w- c:\windows\system32\msvcr71.dll
2011-04-22 16:10:35 -------- d-----w- c:\program files\Mixed In Key 4
2011-04-20 10:00:34 190976 ----a-w- c:\windows\system32\drivers\ks.sys
2011-04-20 10:00:26 276992 ----a-w- c:\windows\system32\wcncsvc.dll
2011-04-20 02:55:59 85504 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2011-04-20 02:55:59 85504 ----a-w- c:\windows\system32\secproc_ssp.dll
2011-04-20 02:55:59 369152 ----a-w- c:\windows\system32\secproc.dll
2011-04-20 02:55:59 365568 ----a-w- c:\windows\system32\secproc_isv.dll
2011-04-20 02:55:59 324608 ----a-w- c:\windows\system32\RMActivate_isv.exe
2011-04-20 02:55:59 320512 ----a-w- c:\windows\system32\RMActivate.exe
2011-04-20 02:55:59 280064 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2011-04-20 02:55:59 277504 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2011-04-20 02:55:58 728448 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2011-04-20 02:55:58 571904 ----a-w- c:\windows\system32\oleaut32.dll
2011-04-20 02:55:58 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2011-04-20 02:55:58 107520 ----a-w- c:\windows\system32\cdd.dll
2011-04-16 17:57:42 19000 ----a-w- c:\windows\system32\drivers\rspAux32.sys
2011-04-16 17:57:42 -------- d-----w- c:\program files\LatencyMon
2011-04-16 16:37:16 -------- d-----w- c:\windows\system32\Lang
2011-04-16 16:37:16 -------- d-----w- c:\program files\common files\postureAgent
2011-04-16 16:37:14 1014296 ----a-w- c:\windows\system32\mesoludlg.exe
2011-04-16 16:37:10 -------- d-----w- c:\program files\common files\Intel
2011-04-16 16:36:59 -------- d-----w- C:\Intel
2011-04-16 16:36:17 39936 ----a-w- c:\windows\system32\drivers\rimmptsk.sys
2011-04-16 16:35:57 692224 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iKernel.dll
2011-04-16 16:35:57 57344 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\ctor.dll
2011-04-16 16:35:57 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\DotNetInstaller.exe
2011-04-16 16:35:57 32768 ----a-w- c:\program files\common files\installshield\professional\runtime\Objectps.dll
2011-04-16 16:35:57 282756 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\setup.dll
2011-04-16 16:35:57 237568 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iscript.dll
2011-04-16 16:35:57 163972 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iGdi.dll
2011-04-16 16:35:57 155648 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iuser.dll
2011-04-15 02:48:50 -------- dc-h--w- c:\progra~2\{AEB5E617-7B9B-45FD-969B-1112CFB8D7D5}
2011-04-15 02:45:19 -------- dc-h--w- c:\progra~2\{B519F32F-827C-40F0-8D31-289E18AFCBCC}
2011-04-15 02:44:21 -------- dc-h--w- c:\progra~2\{C563A71C-0CD1-48DB-BF21-E9663D577F6E}
2011-04-15 02:42:33 -------- dc-h--w- c:\progra~2\{F1E1AF14-F91F-4ECF-B2AC-261F02221942}
2011-04-15 02:42:02 -------- dc-h--w- c:\progra~2\{2C41B757-F5D0-44F9-A206-EEB9CD973927}
2011-04-13 20:29:04 -------- dc-h--w- c:\progra~2\{69B9EA9A-2B6B-4DD3-A8F9-ED88FA739388}
2011-04-13 20:27:54 -------- dc----w- c:\progra~2\{CC5930EB-F6E2-4251-B5F2-AB59BE0ABB8A}
2011-04-13 20:24:40 -------- dc----w- c:\progra~2\{B5F0C192-874D-49A8-88D7-8431E3714756}
2011-04-07 10:00:23 -------- d-----w- c:\windows\system32\Wat
2011-04-07 00:35:45 -------- d-----w- c:\program files\DellTPad
2011-04-07 00:35:35 251440 ----a-w- c:\windows\system32\drivers\Apfiltr.sys
2011-04-07 00:35:35 109122 ----a-w- c:\windows\system32\Vxdif.dll
.
==================== Find3M ====================
.
2011-03-11 05:40:24 1164288 ----a-w- c:\windows\system32\mfc42u.dll
2011-03-11 05:40:24 1137664 ----a-w- c:\windows\system32\mfc42.dll
2011-03-08 05:38:13 740864 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-03 05:29:23 132608 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-03-03 05:27:30 28672 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-03-03 03:31:32 2331136 ----a-w- c:\windows\system32\win32k.sys
2011-02-24 05:32:52 288256 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-02-24 05:32:44 981504 ----a-w- c:\windows\system32\wininet.dll
2011-02-24 05:30:16 44544 ----a-w- c:\windows\system32\licmgr10.dll
2011-02-24 04:23:48 386048 ----a-w- c:\windows\system32\html.iec
2011-02-24 03:50:26 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-02-23 04:22:13 737280 ----a-w- c:\windows\iun6002.exe
2011-02-23 04:20:42 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-02-22 19:39:53 79360 ----a-w- c:\windows\system32\xvid.ax
2011-02-22 19:39:05 240640 ----a-w- c:\windows\system32\xvidvfw.dll
2011-02-22 19:37:31 650752 ----a-w- c:\windows\system32\xvidcore.dll
2011-02-19 05:32:08 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-02-19 03:37:02 294912 ----a-w- c:\windows\system32\atmfd.dll
2011-02-18 23:36:58 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
2011-02-18 05:36:26 428032 ----a-w- c:\windows\system32\vbscript.dll
2011-02-12 05:30:49 191488 ----a-w- c:\windows\system32\FXSCOVER.exe
.
============= FINISH: 20:10:02.59 ===============
Below is the DDS log: please help!
.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Gatto Materazzi at 20:09:44.04 on Tue 04/26/2011
Internet Explorer: 8.0.7600.16385
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.3572.2049 [GMT -7:00]
.
AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_d511891fb5bff1e2\STacSV.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_d511891fb5bff1e2\aestsrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\gearsec.exe
C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\Program Files\AVG\AVG10\avgemcx.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Windows\system32\conhost.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\conhost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Intel\AMT\LMS.exe
C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe
C:\PROGRA~1\AVG\AVG10\avgrsx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe
C:\Program Files\Opera\opera.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\msiexec.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\MsiExec.exe
C:\Windows\Installer\MSI9B56.tmp
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Gatto Materazzi\AppData\Local\Opera\Opera\temporary_downloads\dds (1).scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
uRun: [BitTorrent] "c:\program files\bittorrent\BitTorrent.exe"
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 10.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Apoint] c:\program files\delltpad\Apoint.exe
mRun: [picon] "c:\program files\common files\intel\privacy icon\PIconStartup.exe"
mRun: [SysTrayApp] c:\program files\idt\wdm\sttray.exe
mRun: [nwiz] nwiz.exe /installquiet
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NVHotkey] rundll32.exe c:\windows\system32\nvHotkey.dll,Start
StartupFolder: c:\users\gattom~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2010-9-13 25680]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 26064]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-12-8 251728]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 34384]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-11-12 299984]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\driverstore\filerepository\stwrt.inf_x86_neutral_d511891fb5bff1e2\AEstSrv.exe [2011-3-10 81920]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [2011-1-6 6128720]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg10\avgwdsvc.exe [2010-10-22 265400]
R2 gearsec;gearsec;c:\windows\system32\gearsec.exe [2005-11-30 58952]
R2 NIHardwareService;NIHardwareService;c:\program files\common files\native instruments\hardware\NIHardwareService.exe [2011-3-9 3857408]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2011-4-22 1153368]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files\common files\intel\privacy icon\uns\UNS.exe [2011-4-16 2062872]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2010-8-3 123472]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2010-8-3 30288]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2010-8-3 21072]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\drivers\e1y6032.sys [2009-7-13 214016]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\netw5v32.sys [2009-6-10 4231168]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 a2djavs;Audio 2 DJ WDM Audio;c:\windows\system32\drivers\a2djavs.sys [2010-10-20 342096]
S3 a2djusb_svc;Audio 2 DJ;c:\windows\system32\drivers\a2djusb.sys [2010-10-20 88144]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 ks4avs;Kontrol S4 WDM Audio;c:\windows\system32\drivers\ks4avs.sys [2011-2-25 346192]
S3 ks4usb_svc;Traktor Kontrol S4;c:\windows\system32\drivers\ks4usb.sys [2011-2-25 95824]
S3 rspAux;rspAux;c:\windows\system32\drivers\rspAux32.sys [2011-4-16 19000]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2011-4-7 1343400]
.
=============== Created Last 30 ================
.
2011-04-22 19:54:53 -------- d-----w- c:\users\gattom~1\appdata\local\Mixed_In_Key_LLC
2011-04-22 19:52:29 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-04-22 19:52:29 -------- d-----w- c:\progra~2\Spybot - Search & Destroy
2011-04-22 17:57:15 -------- d-----w- c:\users\gattom~1\appdata\local\MixedInKey
2011-04-22 16:33:38 -------- d-----w- c:\program files\Platinum Notes
2011-04-22 16:33:28 -------- d-----w- c:\program files\Mixed In Key
2011-04-22 16:28:33 -------- d-----w- c:\users\gattom~1\appdata\local\Xenocode
2011-04-22 16:10:35 348160 ----a-w- c:\windows\system32\msvcr71.dll
2011-04-22 16:10:35 -------- d-----w- c:\program files\Mixed In Key 4
2011-04-20 10:00:34 190976 ----a-w- c:\windows\system32\drivers\ks.sys
2011-04-20 10:00:26 276992 ----a-w- c:\windows\system32\wcncsvc.dll
2011-04-20 02:55:59 85504 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2011-04-20 02:55:59 85504 ----a-w- c:\windows\system32\secproc_ssp.dll
2011-04-20 02:55:59 369152 ----a-w- c:\windows\system32\secproc.dll
2011-04-20 02:55:59 365568 ----a-w- c:\windows\system32\secproc_isv.dll
2011-04-20 02:55:59 324608 ----a-w- c:\windows\system32\RMActivate_isv.exe
2011-04-20 02:55:59 320512 ----a-w- c:\windows\system32\RMActivate.exe
2011-04-20 02:55:59 280064 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2011-04-20 02:55:59 277504 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2011-04-20 02:55:58 728448 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2011-04-20 02:55:58 571904 ----a-w- c:\windows\system32\oleaut32.dll
2011-04-20 02:55:58 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2011-04-20 02:55:58 107520 ----a-w- c:\windows\system32\cdd.dll
2011-04-16 17:57:42 19000 ----a-w- c:\windows\system32\drivers\rspAux32.sys
2011-04-16 17:57:42 -------- d-----w- c:\program files\LatencyMon
2011-04-16 16:37:16 -------- d-----w- c:\windows\system32\Lang
2011-04-16 16:37:16 -------- d-----w- c:\program files\common files\postureAgent
2011-04-16 16:37:14 1014296 ----a-w- c:\windows\system32\mesoludlg.exe
2011-04-16 16:37:10 -------- d-----w- c:\program files\common files\Intel
2011-04-16 16:36:59 -------- d-----w- C:\Intel
2011-04-16 16:36:17 39936 ----a-w- c:\windows\system32\drivers\rimmptsk.sys
2011-04-16 16:35:57 692224 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iKernel.dll
2011-04-16 16:35:57 57344 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\ctor.dll
2011-04-16 16:35:57 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\DotNetInstaller.exe
2011-04-16 16:35:57 32768 ----a-w- c:\program files\common files\installshield\professional\runtime\Objectps.dll
2011-04-16 16:35:57 282756 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\setup.dll
2011-04-16 16:35:57 237568 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iscript.dll
2011-04-16 16:35:57 163972 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iGdi.dll
2011-04-16 16:35:57 155648 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iuser.dll
2011-04-15 02:48:50 -------- dc-h--w- c:\progra~2\{AEB5E617-7B9B-45FD-969B-1112CFB8D7D5}
2011-04-15 02:45:19 -------- dc-h--w- c:\progra~2\{B519F32F-827C-40F0-8D31-289E18AFCBCC}
2011-04-15 02:44:21 -------- dc-h--w- c:\progra~2\{C563A71C-0CD1-48DB-BF21-E9663D577F6E}
2011-04-15 02:42:33 -------- dc-h--w- c:\progra~2\{F1E1AF14-F91F-4ECF-B2AC-261F02221942}
2011-04-15 02:42:02 -------- dc-h--w- c:\progra~2\{2C41B757-F5D0-44F9-A206-EEB9CD973927}
2011-04-13 20:29:04 -------- dc-h--w- c:\progra~2\{69B9EA9A-2B6B-4DD3-A8F9-ED88FA739388}
2011-04-13 20:27:54 -------- dc----w- c:\progra~2\{CC5930EB-F6E2-4251-B5F2-AB59BE0ABB8A}
2011-04-13 20:24:40 -------- dc----w- c:\progra~2\{B5F0C192-874D-49A8-88D7-8431E3714756}
2011-04-07 10:00:23 -------- d-----w- c:\windows\system32\Wat
2011-04-07 00:35:45 -------- d-----w- c:\program files\DellTPad
2011-04-07 00:35:35 251440 ----a-w- c:\windows\system32\drivers\Apfiltr.sys
2011-04-07 00:35:35 109122 ----a-w- c:\windows\system32\Vxdif.dll
.
==================== Find3M ====================
.
2011-03-11 05:40:24 1164288 ----a-w- c:\windows\system32\mfc42u.dll
2011-03-11 05:40:24 1137664 ----a-w- c:\windows\system32\mfc42.dll
2011-03-08 05:38:13 740864 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-03 05:29:23 132608 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-03-03 05:27:30 28672 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-03-03 03:31:32 2331136 ----a-w- c:\windows\system32\win32k.sys
2011-02-24 05:32:52 288256 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-02-24 05:32:44 981504 ----a-w- c:\windows\system32\wininet.dll
2011-02-24 05:30:16 44544 ----a-w- c:\windows\system32\licmgr10.dll
2011-02-24 04:23:48 386048 ----a-w- c:\windows\system32\html.iec
2011-02-24 03:50:26 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-02-23 04:22:13 737280 ----a-w- c:\windows\iun6002.exe
2011-02-23 04:20:42 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-02-22 19:39:53 79360 ----a-w- c:\windows\system32\xvid.ax
2011-02-22 19:39:05 240640 ----a-w- c:\windows\system32\xvidvfw.dll
2011-02-22 19:37:31 650752 ----a-w- c:\windows\system32\xvidcore.dll
2011-02-19 05:32:08 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-02-19 03:37:02 294912 ----a-w- c:\windows\system32\atmfd.dll
2011-02-18 23:36:58 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
2011-02-18 05:36:26 428032 ----a-w- c:\windows\system32\vbscript.dll
2011-02-12 05:30:49 191488 ----a-w- c:\windows\system32\FXSCOVER.exe
.
============= FINISH: 20:10:02.59 ===============