Slite
2011-06-07, 20:40
I have multiple threats detected and I don't know what to do. Please help.
They are for trojan horses sheur3 files. What do I need to do?
Tried running dds.
.
DDS (Ver_2011-06-03.01) - NTFSx86
Internet Explorer: 8.0.7600.16385
Run by HP G60 at 10:10:41 on 2011-06-07
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.1979.763 [GMT -7:00]
.
AV: ESET Smart Security 4.2 *Enabled/Outdated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: ESET Smart Security 4.2 *Enabled/Outdated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
.
============== Running Processes ===============
.
C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k HsfXAudioService
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Windows\system32\SearchIndexer.exe
C:\PROGRA~1\AVG\AVG10\avgrsx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\Program Files\AVG\AVG10\avgsrmax.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskmgr.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files\Opera\Opera.exe
C:\Program Files\AVG\AVG PC Tuneup 2011\boostspeed.exe
C:\Program Files\AVG\AVG10\avgsrmax.exe
C:\Program Files\AVG\AVG10\avgui.exe
C:\Users\HP G60\Desktop\22icln8n.exe
C:\Windows\system32\msiexec.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
uRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil10p_Plugin.exe -update plugin
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickb~1.lnk - c:\program files\common files\intuit\quickbooks\qbupdate\qbupdate.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 136.168.255.2 136.168.0.5 136.168.0.6
TCP: Interfaces\{E6A2EC95-C551-400B-9D3A-361DC8A3E2BD} : DhcpNameServer = 136.168.255.2 136.168.0.5 136.168.0.6
TCP: Interfaces\{E6A2EC95-C551-400B-9D3A-361DC8A3E2BD}\34355524 : DhcpNameServer = 136.168.255.2 136.168.0.5 136.168.0.6
TCP: Interfaces\{E6A2EC95-C551-400B-9D3A-361DC8A3E2BD}\64C6578734163747 : DhcpNameServer = 192.168.10.2
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll
Notify: igfxcui - igfxdev.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\hp g60\appdata\roaming\mozilla\firefox\profiles\qlvkyhsv.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/home.php?ref=hp
FF - prefs.js: keyword.URL - hxxp://search.avg.com/?d=4dbf2f33&i=23&tp=ab&nt=1&q=
FF - prefs.js: network.proxy.type - 0
FF - component: c:\program files\avg\avg10\firefox4\components\avgssff4.dll
FF - plugin: c:\program files\byond\bin\npbyond.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npbyond.dll
FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll
FF - plugin: c:\users\hp g60\appdata\local\flock\update\1.2.213.0\npFlockOneClick8.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-2-22 22992]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-3-16 32592]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-1-7 248656]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-3-1 34896]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-4-5 297168]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [2011-4-18 7398752]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg10\avgwdsvc.exe [2011-2-8 269520]
R2 eamonm;eamonm;c:\windows\system32\drivers\eamonm.sys [2010-7-29 136632]
R2 ekrn;ESET Service;c:\program files\eset\eset smart security\ekrn.exe [2010-8-12 810144]
R2 epfwwfp;epfwwfp;c:\windows\system32\drivers\epfwwfp.sys [2010-7-29 41336]
R2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe -k HsfXAudioService [2009-7-13 20992]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-4-14 134480]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-2-10 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-2-10 21968]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-3-1 139776]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-13 14336]
.
=============== Created Last 30 ================
.
2011-06-07 12:16:09 -------- d-----w- c:\users\hp g60\appdata\roaming\AVG
2011-06-07 11:38:12 -------- d-----w- c:\programdata\Tarma Installer
2011-06-07 11:38:11 -------- d-----w- c:\program files\PageRage
2011-06-07 11:37:43 -------- d--h--w- C:\$AVG
2011-06-05 02:56:32 -------- d-----w- c:\users\hp g60\appdata\local\Adobe
2011-06-03 01:23:28 -------- d-----w- c:\program files\RPGMakerVX1.02
2011-06-02 23:38:26 -------- d-----w- c:\users\hp g60\.thumbnails
2011-06-02 23:37:05 -------- d-----w- c:\users\hp g60\appdata\roaming\Blender Foundation
2011-06-02 23:36:55 -------- d-----w- c:\program files\Blender Foundation
2011-06-02 23:28:01 -------- d-----w- c:\program files\blender-2.57b-windows32
2011-06-02 23:07:34 -------- d-----w- c:\program files\Microsoft SQL Server
2011-06-02 23:07:18 -------- d-----w- c:\program files\Microsoft Synchronization Services
2011-06-02 23:07:17 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2011-06-02 23:06:37 205984 ----a-w- c:\programdata\microsoft\vbexpress\10.0\1033\ResourceCache.dll
2011-06-02 21:54:27 -------- d-----w- c:\program files\Microsoft Visual Studio 10.0
2011-06-02 21:54:27 -------- d-----w- c:\program files\Microsoft Help Viewer
2011-06-02 09:26:03 56 --sh--r- c:\windows\system32\74A4B76408.sys
2011-06-02 09:25:58 1890 --sha-w- c:\windows\system32\KGyGaAvL.sys
2011-06-02 09:21:26 -------- d-----w- c:\program files\common files\Enterbrain
2011-06-02 09:09:09 -------- d-----w- c:\program files\Enterbrain
2011-06-02 04:53:56 -------- d-----w- c:\program files\Toolkit3
2011-06-02 04:50:29 -------- d-----w- c:\program files\RPG Maker XP
2011-06-02 04:47:26 45056 ----a-r- c:\users\hp g60\appdata\roaming\microsoft\installer\{c471327b-ac5d-43de-8fd2-2a6c0e7f74ee}\GameBasic3D.chm_C471327BAC5D43DE8FD22A6C0E7F74EE_1.exe
2011-06-02 04:47:26 335872 ----a-r- c:\users\hp g60\appdata\roaming\microsoft\installer\{c471327b-ac5d-43de-8fd2-2a6c0e7f74ee}\NewShortcut1_C471327BAC5D43DE8FD22A6C0E7F74EE.exe
2011-06-02 04:47:25 -------- d-----w- c:\program files\Monarke Studios
2011-06-01 08:53:13 -------- d-----w- c:\users\hp g60\appdata\local\Microsoft Games
2011-05-26 05:11:36 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2011-05-26 05:08:21 -------- d-----w- c:\program files\PhotoshopCS5
2011-05-19 07:08:45 -------- d-----w- c:\users\hp g60\appdata\local\intuit
2011-05-19 05:29:21 -------- d-----w- c:\users\hp g60\appdata\roaming\Intuit
2011-05-19 05:29:00 -------- d-----w- c:\program files\common files\supportsoft
2011-05-19 04:59:40 1933312 ----a-w- c:\windows\system32\cdintf251.dll
2011-05-19 04:54:26 -------- d-----w- c:\program files\common files\AnswerWorks 4.0
2011-05-19 04:54:08 -------- d-----w- c:\programdata\Intuit
2011-05-19 04:54:08 -------- d-----w- c:\program files\Intuit
2011-05-19 04:54:08 -------- d-----w- c:\program files\common files\Intuit
2011-05-19 04:11:19 -------- d-----w- c:\users\hp g60\appdata\local\ApplicationHistory
2011-05-19 04:11:18 -------- d-----w- c:\program files\MSXML 4.0
2011-05-19 04:08:41 -------- d-----w- c:\windows\system32\URTTEMP
2011-05-18 07:42:54 -------- d-----w- c:\users\hp g60\appdata\local\SecondLife
.
==================== Find3M ====================
.
2011-04-15 04:28:30 134480 ----a-w- c:\windows\system32\drivers\AVGIDSDriver.sys
2011-04-05 07:59:56 297168 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2011-03-16 23:03:20 32592 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
.
============= FINISH: 10:12:00.41 ===============
http://forums.spybot.info/showthread.php?p=406846#post406846
They are for trojan horses sheur3 files. What do I need to do?
Tried running dds.
.
DDS (Ver_2011-06-03.01) - NTFSx86
Internet Explorer: 8.0.7600.16385
Run by HP G60 at 10:10:41 on 2011-06-07
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.1979.763 [GMT -7:00]
.
AV: ESET Smart Security 4.2 *Enabled/Outdated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: ESET Smart Security 4.2 *Enabled/Outdated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
.
============== Running Processes ===============
.
C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k HsfXAudioService
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Windows\system32\SearchIndexer.exe
C:\PROGRA~1\AVG\AVG10\avgrsx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\Program Files\AVG\AVG10\avgsrmax.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskmgr.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files\Opera\Opera.exe
C:\Program Files\AVG\AVG PC Tuneup 2011\boostspeed.exe
C:\Program Files\AVG\AVG10\avgsrmax.exe
C:\Program Files\AVG\AVG10\avgui.exe
C:\Users\HP G60\Desktop\22icln8n.exe
C:\Windows\system32\msiexec.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
uRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil10p_Plugin.exe -update plugin
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickb~1.lnk - c:\program files\common files\intuit\quickbooks\qbupdate\qbupdate.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 136.168.255.2 136.168.0.5 136.168.0.6
TCP: Interfaces\{E6A2EC95-C551-400B-9D3A-361DC8A3E2BD} : DhcpNameServer = 136.168.255.2 136.168.0.5 136.168.0.6
TCP: Interfaces\{E6A2EC95-C551-400B-9D3A-361DC8A3E2BD}\34355524 : DhcpNameServer = 136.168.255.2 136.168.0.5 136.168.0.6
TCP: Interfaces\{E6A2EC95-C551-400B-9D3A-361DC8A3E2BD}\64C6578734163747 : DhcpNameServer = 192.168.10.2
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll
Notify: igfxcui - igfxdev.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\hp g60\appdata\roaming\mozilla\firefox\profiles\qlvkyhsv.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/home.php?ref=hp
FF - prefs.js: keyword.URL - hxxp://search.avg.com/?d=4dbf2f33&i=23&tp=ab&nt=1&q=
FF - prefs.js: network.proxy.type - 0
FF - component: c:\program files\avg\avg10\firefox4\components\avgssff4.dll
FF - plugin: c:\program files\byond\bin\npbyond.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npbyond.dll
FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll
FF - plugin: c:\users\hp g60\appdata\local\flock\update\1.2.213.0\npFlockOneClick8.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-2-22 22992]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-3-16 32592]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-1-7 248656]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-3-1 34896]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-4-5 297168]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [2011-4-18 7398752]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg10\avgwdsvc.exe [2011-2-8 269520]
R2 eamonm;eamonm;c:\windows\system32\drivers\eamonm.sys [2010-7-29 136632]
R2 ekrn;ESET Service;c:\program files\eset\eset smart security\ekrn.exe [2010-8-12 810144]
R2 epfwwfp;epfwwfp;c:\windows\system32\drivers\epfwwfp.sys [2010-7-29 41336]
R2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe -k HsfXAudioService [2009-7-13 20992]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-4-14 134480]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-2-10 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-2-10 21968]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-3-1 139776]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-13 14336]
.
=============== Created Last 30 ================
.
2011-06-07 12:16:09 -------- d-----w- c:\users\hp g60\appdata\roaming\AVG
2011-06-07 11:38:12 -------- d-----w- c:\programdata\Tarma Installer
2011-06-07 11:38:11 -------- d-----w- c:\program files\PageRage
2011-06-07 11:37:43 -------- d--h--w- C:\$AVG
2011-06-05 02:56:32 -------- d-----w- c:\users\hp g60\appdata\local\Adobe
2011-06-03 01:23:28 -------- d-----w- c:\program files\RPGMakerVX1.02
2011-06-02 23:38:26 -------- d-----w- c:\users\hp g60\.thumbnails
2011-06-02 23:37:05 -------- d-----w- c:\users\hp g60\appdata\roaming\Blender Foundation
2011-06-02 23:36:55 -------- d-----w- c:\program files\Blender Foundation
2011-06-02 23:28:01 -------- d-----w- c:\program files\blender-2.57b-windows32
2011-06-02 23:07:34 -------- d-----w- c:\program files\Microsoft SQL Server
2011-06-02 23:07:18 -------- d-----w- c:\program files\Microsoft Synchronization Services
2011-06-02 23:07:17 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2011-06-02 23:06:37 205984 ----a-w- c:\programdata\microsoft\vbexpress\10.0\1033\ResourceCache.dll
2011-06-02 21:54:27 -------- d-----w- c:\program files\Microsoft Visual Studio 10.0
2011-06-02 21:54:27 -------- d-----w- c:\program files\Microsoft Help Viewer
2011-06-02 09:26:03 56 --sh--r- c:\windows\system32\74A4B76408.sys
2011-06-02 09:25:58 1890 --sha-w- c:\windows\system32\KGyGaAvL.sys
2011-06-02 09:21:26 -------- d-----w- c:\program files\common files\Enterbrain
2011-06-02 09:09:09 -------- d-----w- c:\program files\Enterbrain
2011-06-02 04:53:56 -------- d-----w- c:\program files\Toolkit3
2011-06-02 04:50:29 -------- d-----w- c:\program files\RPG Maker XP
2011-06-02 04:47:26 45056 ----a-r- c:\users\hp g60\appdata\roaming\microsoft\installer\{c471327b-ac5d-43de-8fd2-2a6c0e7f74ee}\GameBasic3D.chm_C471327BAC5D43DE8FD22A6C0E7F74EE_1.exe
2011-06-02 04:47:26 335872 ----a-r- c:\users\hp g60\appdata\roaming\microsoft\installer\{c471327b-ac5d-43de-8fd2-2a6c0e7f74ee}\NewShortcut1_C471327BAC5D43DE8FD22A6C0E7F74EE.exe
2011-06-02 04:47:25 -------- d-----w- c:\program files\Monarke Studios
2011-06-01 08:53:13 -------- d-----w- c:\users\hp g60\appdata\local\Microsoft Games
2011-05-26 05:11:36 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2011-05-26 05:08:21 -------- d-----w- c:\program files\PhotoshopCS5
2011-05-19 07:08:45 -------- d-----w- c:\users\hp g60\appdata\local\intuit
2011-05-19 05:29:21 -------- d-----w- c:\users\hp g60\appdata\roaming\Intuit
2011-05-19 05:29:00 -------- d-----w- c:\program files\common files\supportsoft
2011-05-19 04:59:40 1933312 ----a-w- c:\windows\system32\cdintf251.dll
2011-05-19 04:54:26 -------- d-----w- c:\program files\common files\AnswerWorks 4.0
2011-05-19 04:54:08 -------- d-----w- c:\programdata\Intuit
2011-05-19 04:54:08 -------- d-----w- c:\program files\Intuit
2011-05-19 04:54:08 -------- d-----w- c:\program files\common files\Intuit
2011-05-19 04:11:19 -------- d-----w- c:\users\hp g60\appdata\local\ApplicationHistory
2011-05-19 04:11:18 -------- d-----w- c:\program files\MSXML 4.0
2011-05-19 04:08:41 -------- d-----w- c:\windows\system32\URTTEMP
2011-05-18 07:42:54 -------- d-----w- c:\users\hp g60\appdata\local\SecondLife
.
==================== Find3M ====================
.
2011-04-15 04:28:30 134480 ----a-w- c:\windows\system32\drivers\AVGIDSDriver.sys
2011-04-05 07:59:56 297168 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2011-03-16 23:03:20 32592 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
.
============= FINISH: 10:12:00.41 ===============
http://forums.spybot.info/showthread.php?p=406846#post406846