View Full Version : Infected
hi im having a problem ive send you the dds that was no problem, and ive copyed spybot results to clipboard but cant seem to find the clipboard to paste you spybot results, thanks regards martin
hi everyone i think i have been infected im writing again because i used the same title and forgot to use a new one anyway heres my dds.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by martin at 14:39:12 on 2012-01-05
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.8138.6196 [GMT 0:00]
.
AV: AVG Internet Security 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Internet Security 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
FW: AVG Firewall *Enabled* {621CC794-9486-F902-D092-0484E8EA828B}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2012\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\ATKFUSService.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Program Files\ASUS\GamerOSD\ATKFastUserSwitching.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 4\PMonitor.exe
C:\Windows\DAODx.exe
C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\MAGIX\PC_Check_Tuning_2011_Download_Version\MxTray.exe
C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
C:\Program Files (x86)\IObit\Advanced Spyware Remover\ASRsrv.exe
C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
C:\Program Files (x86)\AVG\AVG2012\avgfws.exe
C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe
C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesApp64.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\IObit\Advanced Spyware Remover\ASRtray.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\Integrator.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\IObit\Advanced Spyware Remover\ASR.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit=userinit.exe,
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\9.0.0.23\AVG Secure Search_toolbar.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\9.0.0.23\AVG Secure Search_toolbar.dll
{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun: [Advanced Spyware Remover] "C:\Program Files (x86)\IObit\Advanced Spyware Remover\ASRtray.exe" /autostart
StartupFolder: C:\Users\martin\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ANTICR~1.LNK - C:\Program Files (x86)\Dachshund Software\AntiCrash\AntiCrash.exe
StartupFolder: C:\Users\martin\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{053F4FB4-A421-4969-872A-359EFFFF95A1} : DhcpNameServer = 192.168.1.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\9.0.1\ViProtocol.dll
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\9.0.0.23\AVG Secure Search_toolbar.dll
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
TB-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\9.0.0.23\AVG Secure Search_toolbar.dll
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun-x64: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun-x64: [Advanced Spyware Remover] "C:\Program Files (x86)\IObit\Advanced Spyware Remover\ASRtray.exe" /autostart
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\martin\AppData\Roaming\Mozilla\Firefox\Profiles\5wr3j6ja.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.aol.co.uk/?icid=aoluk5logorefresh&dlact=dl1
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B1b250c6d-51dd-458d-b349-1b16857f9103%7D&mid=c009b5fb1bc647d1a4df854de0cb8be2-db5ad380754f1c985866002e8dfac8c3ac0d2b14&ds=AVG&v=9.0.0.23&lang=en&pr=pr&d=2011-12-28%2013%3A22%3A12&sap=ku&q=
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AiChargerPlus;ASUS Charger Plus Driver;C:\Windows\system32\DRIVERS\AiChargerPlus.sys --> C:\Windows\system32\DRIVERS\AiChargerPlus.sys [?]
R0 amd_sata;amd_sata;C:\Windows\system32\DRIVERS\amd_sata.sys --> C:\Windows\system32\DRIVERS\amd_sata.sys [?]
R0 amd_xata;amd_xata;C:\Windows\system32\DRIVERS\amd_xata.sys --> C:\Windows\system32\DRIVERS\amd_xata.sys [?]
R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]
R0 DiskSec;Magix Volume Filter Driver;C:\Windows\system32\drivers\DiskSec.sys --> C:\Windows\system32\drivers\DiskSec.sys [?]
R1 Avgfwfd;AVG network filter service;C:\Windows\system32\DRIVERS\avgfwd6a.sys --> C:\Windows\system32\DRIVERS\avgfwd6a.sys [?]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]
R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2011-7-19 140672]
R2 AdvancedSystemCareService;Advanced SystemCare Service;C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe [2011-12-13 328536]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-4-5 365568]
R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [2010-11-3 918144]
R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [2010-12-2 915584]
R2 ASRservice;ASRservice;C:\Program Files (x86)\IObit\Advanced Spyware Remover\ASRsrv.exe [2012-1-2 697104]
R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [2011-12-12 586880]
R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG2012\avgfws.exe [2011-11-23 2391832]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 192776]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2011-12-14 2123584]
R2 vToolbarUpdater;vToolbarUpdater;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe [2011-12-28 869216]
R3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys --> C:\Windows\system32\DRIVERS\amdiox64.sys [?]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\system32\DRIVERS\asmthub3.sys --> C:\Windows\system32\DRIVERS\asmthub3.sys [?]
R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\system32\DRIVERS\asmtxhci.sys --> C:\Windows\system32\DRIVERS\asmtxhci.sys [?]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]
R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?]
R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2011-12-12 11856]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-12 136176]
S2 MAGIX StartUp Analyze Service;MAGIX StartUp Analyze Service;C:\Program Files (x86)\MAGIX\PC_Check_Tuning_2011_Download_Version\MXSAS.exe [2010-10-12 196096]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-12 136176]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2012-01-05 13:22:22 -------- d-----w- C:\Users\martin\AppData\Local\{18A26359-018B-409D-BEE5-8D12B1B64646}
2012-01-05 13:22:11 -------- d-----w- C:\Users\martin\AppData\Local\{A5CEDDB0-1082-4043-B956-F4F4F3CE97F1}
2012-01-04 11:55:27 -------- d-----w- C:\Users\martin\AppData\Local\{A4B00FEF-0B4A-410A-878F-3C33E0F91164}
2012-01-04 11:55:16 -------- d-----w- C:\Users\martin\AppData\Local\{64887C9D-BB24-428D-96EC-22EBDB20F1AB}
2012-01-03 13:17:53 -------- d-----w- C:\Users\martin\AppData\Local\{3D94F6DC-1386-46C9-AEA7-24F9EC6BD257}
2012-01-03 13:17:42 -------- d-----w- C:\Users\martin\AppData\Local\{20B601A3-DBD3-4922-9BC2-799D42BF5664}
2012-01-02 16:57:36 -------- d-----w- C:\Users\martin\AppData\Local\{3508D6BA-8363-47AF-8046-5D0F0D91BD8C}
2012-01-02 16:57:25 -------- d-----w- C:\Users\martin\AppData\Local\{196C92BC-12E3-46ED-9D8A-F60D5A458BD5}
2011-12-31 19:06:09 -------- d-----w- C:\Users\martin\AppData\Local\{1588EC49-587C-459C-9375-A5C43FE03BB2}
2011-12-31 19:05:54 -------- d-----w- C:\Users\martin\AppData\Local\{6196876E-35DC-48C2-AAA0-54842A321BAF}
2011-12-30 17:58:32 388096 ----a-r- C:\Users\martin\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-12-30 17:58:32 -------- d-----w- C:\Program Files (x86)\Trend Micro
2011-12-30 17:45:21 -------- d-----w- C:\Users\martin\AppData\Local\{D98DAFB0-298E-4167-9877-6E68E0D5C1AE}
2011-12-30 17:45:10 -------- d-----w- C:\Users\martin\AppData\Local\{EFA01C89-D566-4970-A9F7-8D862680A55D}
2011-12-29 21:02:10 -------- d-----w- C:\Users\martin\AppData\Roaming\Curiolab
2011-12-29 19:50:49 -------- d-----w- C:\Program Files (x86)\Advanced Spyware Remover
2011-12-29 19:42:12 141312 ----a-w- C:\Windows\SysWow64\drivers\sp_rsdrv2.sys
2011-12-29 19:42:11 -------- d-----w- C:\Users\martin\AppData\Roaming\Spyware Terminator
2011-12-29 19:42:11 -------- d-----w- C:\ProgramData\Spyware Terminator
2011-12-29 19:42:09 -------- d-----w- C:\Program Files (x86)\Spyware Terminator
2011-12-29 19:39:12 64512 ---ha-w- C:\Users\martin\AppData\Roaming\dach100.dll
2011-12-29 13:53:20 -------- d-----w- C:\Users\martin\AppData\Local\{E2D1B3F8-51D8-4EFD-B2FF-47B48C32C933}
2011-12-29 13:53:09 -------- d-----w- C:\Users\martin\AppData\Local\{ABAE8172-E919-40A6-A9EE-6B139A96E32C}
2011-12-28 20:45:47 -------- d-----w- C:\Windows\pss
2011-12-28 14:34:44 -------- d-----w- C:\ProgramData\!SASCORE
2011-12-28 14:34:42 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2011-12-28 13:22:32 -------- d-----w- C:\Users\martin\AppData\Roaming\AVG2012
2011-12-28 13:22:12 -------- d-----w- C:\ProgramData\AVG Secure Search
2011-12-28 13:22:10 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search
2011-12-28 13:22:09 -------- d-----w- C:\Program Files (x86)\AVG Secure Search
2011-12-28 13:22:02 -------- d-----w- C:\Windows\SysWow64\drivers\AVG
2011-12-28 13:21:44 -------- d-----w- C:\Windows\System32\drivers\AVG
2011-12-28 13:21:44 -------- d-----w- C:\ProgramData\AVG2012
2011-12-28 13:21:00 -------- d-----w- C:\Program Files (x86)\AVG
2011-12-28 11:43:32 -------- d-----w- C:\Users\martin\AppData\Local\{625DA88F-8474-4A2C-A7B9-6AE25CBB97B2}
2011-12-28 11:43:20 -------- d-----w- C:\Users\martin\AppData\Local\{5D600DF1-3A95-4641-AAC3-1C31ECD0694F}
2011-12-27 14:53:41 -------- d-----w- C:\Users\martin\AppData\Local\{A81E2CDA-A488-48D0-8432-B876D72E80DB}
2011-12-27 14:53:30 -------- d-----w- C:\Users\martin\AppData\Local\{8BB41815-F082-4771-B25D-EDB54B988991}
2011-12-27 12:49:05 -------- d-----w- C:\Users\martin\AppData\Local\{3EDEA225-F3DE-40E3-B063-F70DEA70346F}
2011-12-27 12:48:54 -------- d-----w- C:\Users\martin\AppData\Local\{56FBA2E9-89DE-466E-B104-03279D274810}
2011-12-26 19:08:26 34624 ----a-w- C:\Windows\System32\TURegOpt.exe
2011-12-26 19:08:26 25920 ----a-w- C:\Windows\System32\authuitu.dll
2011-12-26 19:08:26 21312 ----a-w- C:\Windows\SysWow64\authuitu.dll
2011-12-26 19:08:10 -------- d-----w- C:\Users\martin\AppData\Roaming\TuneUp Software
2011-12-26 19:08:07 -------- d-----w- C:\Program Files (x86)\TuneUp Utilities 2012
2011-12-26 19:07:57 -------- d-----w- C:\ProgramData\TuneUp Software
2011-12-26 19:07:54 -------- d-sh--w- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2011-12-26 18:56:50 -------- d-----w- C:\Users\martin\AppData\Roaming\Auslogics
2011-12-26 18:55:47 -------- d-----w- C:\Program Files (x86)\Auslogics
2011-12-26 12:02:09 -------- d-----w- C:\Users\martin\AppData\Local\{27BD5B4C-ADA1-4EEA-A04C-C9483A9E8A97}
2011-12-26 12:01:58 -------- d-----w- C:\Users\martin\AppData\Local\{709EB311-8B12-4EAA-8609-0743F5F344F3}
2011-12-25 15:38:12 -------- d-----w- C:\Users\martin\AppData\Local\{FA7E1B4F-F202-4F01-945C-D91C5A66F855}
2011-12-25 15:38:01 -------- d-----w- C:\Users\martin\AppData\Local\{1D4BF17D-B61E-4979-9D37-B3F1E18D0B7C}
2011-12-25 14:33:56 -------- d-----w- C:\Users\martin\AppData\Local\{A4DFA5A7-BBD0-4859-9C6A-31282D46EE6E}
2011-12-25 14:33:45 -------- d-----w- C:\Users\martin\AppData\Local\{B22209F6-47C2-4242-80E7-5262E002EC56}
2011-12-24 20:06:44 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-12-24 19:19:34 -------- d-----w- C:\Program Files (x86)\inKline Global
2011-12-24 18:21:47 -------- d-----w- C:\Users\martin\AppData\Local\{FDAF3472-2E95-44CF-810D-9F86FF0FAA00}
2011-12-24 18:21:35 -------- d-----w- C:\Users\martin\AppData\Local\{2CA25035-1B0A-415F-9267-8CAF53449178}
2011-12-24 16:58:03 -------- d-----w- C:\Users\martin\AppData\Roaming\SUPERAntiSpyware.com
2011-12-24 16:57:41 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2011-12-24 15:34:00 -------- d-----w- C:\Users\martin\AppData\Local\{36E2EC0C-9354-48C8-9F66-0EA5CC80FB63}
2011-12-24 15:33:49 -------- d-----w- C:\Users\martin\AppData\Local\{08BF9FB5-B43A-422E-AB53-31785BEB39E7}
2011-12-23 17:09:41 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2011-12-23 16:48:50 -------- d-----w- C:\Users\martin\AppData\Local\{77068C7F-7CCE-4F7F-A938-CAA682B9FE75}
2011-12-23 16:48:35 -------- d-----w- C:\Users\martin\AppData\Local\{335A06C6-D16F-4437-B17E-63D4B3691C0B}
2011-12-22 13:12:25 -------- d-----w- C:\ProgramData\IObit
2011-12-22 13:06:13 -------- d-----w- C:\Users\martin\AppData\Local\{65E40E6F-CF49-4434-90EC-06C63023BA4F}
2011-12-22 13:06:02 -------- d-----w- C:\Users\martin\AppData\Local\{1137D1A5-C278-4999-82EF-1A97D547A97F}
2011-12-21 19:21:58 -------- d-----w- C:\Users\martin\AppData\Local\{62B3CFDE-05D5-49EA-B186-F34808FCE3DD}
2011-12-21 19:21:47 -------- d-----w- C:\Users\martin\AppData\Local\{807A8034-298E-40FA-8DCB-CC70EF1CB669}
2011-12-20 21:04:15 -------- d-----w- C:\Program Files (x86)\Dachshund Software
2011-12-20 20:45:42 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2011-12-20 18:08:59 -------- d-----w- C:\Users\martin\AppData\Roaming\Malwarebytes
2011-12-20 18:08:56 -------- d-----w- C:\ProgramData\Malwarebytes
2011-12-20 18:08:53 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-12-20 17:27:25 -------- d-----w- C:\Users\martin\AppData\Local\{5A167E43-5691-4EF9-9D9A-2B13FA3856D4}
2011-12-20 17:27:13 -------- d-----w- C:\Users\martin\AppData\Local\{2A8D11DE-FF23-4478-86F2-CDE0F87C70C8}
2011-12-19 18:38:56 -------- d-----w- C:\Users\martin\AppData\Local\Apps
2011-12-19 18:26:54 -------- d-----w- C:\Program Files (x86)\Common Files\MAGIX shared
2011-12-19 17:47:53 663552 ----a-w- C:\Windows\SysWow64\mgxoschk.dll
2011-12-19 17:40:27 27616 ----a-w- C:\Windows\System32\drivers\disksec.sys
2011-12-19 17:40:15 -------- d-----w- C:\ProgramData\MAGIX
2011-12-19 17:40:15 -------- d-----w- C:\Program Files (x86)\MAGIX
2011-12-19 17:32:27 -------- d-----w- C:\Users\martin\AppData\Roaming\MAGIX
2011-12-19 16:42:23 -------- d-----w- C:\Users\martin\AppData\Local\{102062FD-3F97-4A51-8902-DC64B4BD6951}
2011-12-19 16:42:12 -------- d-----w- C:\Users\martin\AppData\Local\{63C98E52-337F-4C41-9FE2-23D6F7751254}
2011-12-18 11:38:00 -------- d-----w- C:\Users\martin\AppData\Local\{6053C415-B6F2-43D8-B8A8-0F4030D337A5}
2011-12-18 11:37:49 -------- d-----w- C:\Users\martin\AppData\Local\{493D444C-11F2-4BDE-A635-AA5106C2B024}
2011-12-17 17:56:19 -------- d-----w- C:\Users\martin\AppData\Local\{F3F1F5F8-454F-42FC-A850-6644D514034E}
2011-12-17 17:56:05 -------- d-----w- C:\Users\martin\AppData\Local\{F31F22BE-F87B-421E-B7C5-111675DD6E37}
2011-12-16 19:43:19 2513344 ----a-w- C:\Windows\PE_Rom.dll
2011-12-16 18:15:03 -------- d-----w- C:\Users\martin\AppData\Local\CrashDumps
2011-12-16 18:14:14 -------- d-----w- C:\Users\martin\AppData\Local\{2DE78E8F-E0E6-4F42-81CF-74C5493C3067}
2011-12-16 18:14:03 -------- d-----w- C:\Users\martin\AppData\Local\{EEACC7D8-817A-40A4-9E7E-C0E5C172B061}
2011-12-15 16:43:31 -------- d-----w- C:\Users\martin\AppData\Local\{8956503E-5741-4C59-B895-ABD9AD1F7ADF}
2011-12-15 16:43:20 -------- d-----w- C:\Users\martin\AppData\Local\{AB7AF5BD-95B5-45FD-A2D8-8F7B4064965A}
2011-12-15 16:43:20 -------- d-----w- C:\Users\martin\AppData\Local\{531140AC-FA50-4563-B843-EC1DBBA3D7F9}
2011-12-14 21:31:35 -------- d-----w- C:\Users\martin\AppData\Local\Diagnostics
2011-12-14 16:00:57 924632 ----a-w- C:\Program Files (x86)\Mozilla Firefox\nsnB443.tmp\firefox.exe
2011-12-14 15:54:51 -------- d-----w- C:\Users\martin\AppData\Local\{20525307-8D35-42B2-B9CD-3A6F41F42489}
2011-12-14 15:54:40 -------- d-----w- C:\Users\martin\AppData\Local\{41D7649A-16AD-4FE4-AA21-43C4444724EA}
2011-12-13 21:22:11 -------- d-----w- C:\ProgramData\CodecCheck
2011-12-13 21:22:09 -------- d-----w- C:\codec-info
2011-12-13 21:21:43 -------- d-----w- C:\Users\martin\AppData\Local\Babylon
2011-12-13 21:21:41 -------- d-----w- C:\Users\martin\AppData\Roaming\Babylon
2011-12-13 21:21:41 -------- d-----w- C:\ProgramData\Babylon
2011-12-13 21:21:11 -------- d-----w- C:\ProgramData\Premium
2011-12-13 21:21:11 -------- d-----w- C:\ProgramData\InstallMate
2011-12-13 21:14:29 -------- d-----w- C:\Program Files (x86)\DivX
2011-12-13 21:14:29 -------- d-----w- C:\Program Files (x86)\Common Files\DivX Shared
2011-12-13 20:21:37 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2011-12-13 19:58:12 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2011-12-13 19:58:12 2048 ----a-w- C:\Windows\System32\tzres.dll
2011-12-13 19:58:08 3145216 ----a-w- C:\Windows\System32\win32k.sys
2011-12-13 19:58:07 723456 ----a-w- C:\Windows\System32\EncDec.dll
2011-12-13 19:58:07 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll
2011-12-13 19:58:06 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2011-12-13 19:18:16 902656 ----a-w- C:\Windows\System32\d2d1.dll
2011-12-13 19:18:16 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
2011-12-13 19:18:16 1544192 ----a-w- C:\Windows\System32\DWrite.dll
2011-12-13 19:18:16 1139200 ----a-w- C:\Windows\System32\FntCache.dll
2011-12-13 19:18:16 1076736 ----a-w- C:\Windows\SysWow64\DWrite.dll
2011-12-13 18:52:17 -------- d--h--w- C:\ProgramData\Common Files
2011-12-13 18:52:07 -------- d-----w- C:\ProgramData\MFAData
2011-12-13 18:20:19 -------- d-----w- C:\Users\martin\AppData\Local\{70B23F72-9277-40A3-93F9-FA9F88EB4347}
2011-12-13 18:20:08 -------- d-----w- C:\Users\martin\AppData\Local\{B6563D5B-3612-4398-9369-A6850B240826}
2011-12-12 23:50:41 -------- d-----w- C:\Windows\Panther
2011-12-12 19:43:13 -------- d-----w- C:\Users\martin\AppData\Roaming\IObit
2011-12-12 19:43:12 -------- d-----w- C:\Program Files (x86)\IObit
2011-12-12 19:28:32 -------- d-----w- C:\Program Files\CCleaner
2011-12-12 19:19:50 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-12-12 19:17:16 -------- d-----w- C:\Users\martin\AppData\Local\Mozilla
2011-12-12 18:15:07 -------- d-----w- C:\Users\martin\AppData\Local\{C58BEE13-2DC7-424C-8686-6F2144036EBD}
2011-12-12 18:14:56 -------- d-----w- C:\Users\martin\AppData\Local\{F5EF2FA1-6A51-46C6-8144-ABBA58146CD6}
2011-12-12 18:14:42 -------- d-----w- C:\Users\martin\Tracing
2011-12-12 18:10:50 -------- d-----w- C:\ProgramData\Norton
2011-12-12 18:10:04 -------- d-----w- C:\ProgramData\NortonInstaller
2011-12-12 17:58:05 -------- d-----w- C:\Windows\PCHEALTH
2011-12-12 17:57:30 6260088 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\7fd69b4a1ccb8f703\Silverlight.4.0.exe
2011-12-12 17:56:45 -------- d-----w- C:\Users\martin\AppData\Local\Windows Live
2011-12-12 17:56:45 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live
2011-12-12 17:55:56 -------- d-----w- C:\Users\martin\AppData\Local\{BA4B8F11-20A0-4DBA-A5A0-E009D1E8C141}
2011-12-12 17:48:07 -------- d-----w- C:\Users\martin\AppData\Local\Google
2011-12-12 17:43:26 -------- d-----w- C:\ProgramData\ASUS OC Profiles
2011-12-12 17:41:22 -------- d-----w- C:\Windows\AsusInstAll
2011-12-12 17:38:06 14464 ----a-w- C:\Windows\System32\drivers\AiChargerPlus.sys
2011-12-12 17:37:42 184320 ----a-w- C:\Windows\SysWow64\drivers\UpdateHelper.dll
2011-12-12 17:37:20 77824 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2011-12-12 17:37:20 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2011-12-12 17:37:20 225280 ------w- C:\Program Files (x86)\Common Files\InstallShield\IScript\iscript.dll
2011-12-12 17:37:20 176128 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2011-12-12 17:37:03 -------- d-----w- C:\ProgramData\ASUS
2011-12-12 17:36:48 28672 ----a-r- C:\Windows\SysWow64\AsIO.dll
2011-12-12 17:36:48 13440 ----a-r- C:\Windows\SysWow64\drivers\AsIO.sys
2011-12-12 17:36:43 11832 ------w- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
2011-12-12 17:35:32 -------- d-----w- C:\Program Files (x86)\ASM104xUSB3
2011-12-12 17:34:04 74272 ----a-w- C:\Windows\System32\RtNicProp64.dll
2011-12-12 17:34:04 471144 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys
2011-12-12 17:26:54 74584 ----a-w- C:\Windows\System32\R4EEG64A.dll
2011-12-12 17:25:24 -------- d-----w- C:\Windows\AsDmiHtm
2011-12-12 17:24:25 78976 ----a-w- C:\Windows\System32\drivers\amd_sata.sys
2011-12-12 17:24:25 38528 ----a-w- C:\Windows\System32\drivers\amd_xata.sys
2011-12-12 17:24:17 47232 ----a-r- C:\Windows\System32\drivers\usbfilter.sys
2011-12-12 17:19:56 23680 ----a-w- C:\Windows\System32\drivers\IOMap64.sys
2011-12-12 17:17:49 761856 ----a-w- C:\Windows\SysWow64\xvidcore.dll
2011-12-12 17:13:44 -------- d-----w- C:\Program Files (x86)\My Company Name
2011-12-12 17:13:32 -------- d-----w- C:\Users\martin\AppData\Local\AMD
2011-12-12 17:13:28 -------- d-----w- C:\Users\martin\AppData\Local\ATI
2011-12-12 17:13:26 -------- d-----w- C:\Program Files (x86)\AMD APP
2011-12-12 17:13:04 46136 ----a-w- C:\Windows\System32\drivers\amdiox64.sys
2011-12-12 17:13:04 -------- d-----w- C:\ProgramData\AMD
2011-12-12 17:12:58 -------- d-----w- C:\Program Files\Common Files\ATI Technologies
2011-12-12 17:12:52 115216 ----a-w- C:\Windows\System32\drivers\AtihdW76.sys
2011-12-12 17:12:33 462848 ----a-w- C:\Windows\System32\ATIDEMGX.dll
2011-12-12 17:12:12 -------- d-----w- C:\Program Files\ATI
2011-12-12 17:12:10 -------- d-----w- C:\Program Files (x86)\ATI Technologies
2011-12-12 17:11:38 -------- d-----w- C:\Program Files\ATI Technologies
2011-12-12 17:06:56 -------- d-sh--w- C:\Windows\Installer
2011-12-12 17:03:40 -------- d-----w- C:\Windows\SysWow64\Wat
2011-12-12 17:03:40 -------- d-----w- C:\Windows\System32\Wat
2011-12-12 16:53:36 8199504 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2011-12-12 16:53:35 8822856 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AD5D3C91-5F5D-4E38-A9C3-42B99074D1E4}\mpengine.dll
2011-12-12 16:47:59 367616 ----a-w- C:\Windows\System32\atmfd.dll
2011-12-12 16:46:59 2871808 ----a-w- C:\Windows\explorer.exe
2011-12-12 16:44:21 5561216 ----a-w- C:\Windows\System32\ntoskrnl.exe
2011-12-12 16:44:21 3967872 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2011-12-12 16:44:21 3912576 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2011-12-12 16:10:59 0 ----a-w- C:\Windows\ativpsrm.bin
.
==================== Find3M ====================
.
2011-11-15 14:29:56 270720 ------w- C:\Windows\System32\MpSigStub.exe
2011-11-04 01:53:39 2309120 ----a-w- C:\Windows\System32\jscript9.dll
2011-11-04 01:44:47 1390080 ----a-w- C:\Windows\System32\wininet.dll
2011-11-04 01:44:21 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
2011-11-04 01:34:43 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2011-11-03 22:47:42 1798144 ----a-w- C:\Windows\SysWow64\jscript9.dll
2011-11-03 22:40:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2011-11-03 22:39:47 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-11-03 22:31:57 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
.
============= FINISH: 14:39:31.51 ===============
hi everyone im using windows 7 and i cant find clipboard wich i put spybots results in. ive send you dds no problem but im a bit confused on where to find clipboard wich has spybot results, regards martin
Hi,
If help still needed post fresh dds logs (attach.txt contents too) and a description of the issue, please.
hi everyone, i think i have malware or trogans on my pc, i have tried malwarebyttes and it does nt detect anything, also spybot but that just picks up a few tracking cookies, i have run a free scan with stopzilla and it says im infected with a trogan, plus i have run advanced spyware remover and it detected dynamic desktop media adware, i then delete that but its back again on my next scan with advanced spyware remover, please help
heres my dds, .
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by martin at 14:56:46 on 2012-01-11
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.8138.6117 [GMT 0:00]
.
AV: AVG Internet Security 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Internet Security 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
FW: AVG Firewall *Enabled* {621CC794-9486-F902-D092-0484E8EA828B}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2012\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\ATKFUSService.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\ASUS\GamerOSD\ATKFastUserSwitching.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 4\PMonitor.exe
C:\Program Files (x86)\MAGIX\PC_Check_Tuning_2011_Download_Version\MxTray.exe
C:\Windows\DAODx.exe
C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
C:\Program Files (x86)\AVG\AVG2012\avgfws.exe
C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Windows\Integrator.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASC.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit=userinit.exe,
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\9.0.0.23\AVG Secure Search_toolbar.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\9.0.0.23\AVG Secure Search_toolbar.dll
{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
mRun: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
StartupFolder: C:\Users\martin\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ANTICR~1.LNK - C:\Program Files (x86)\Dachshund Software\AntiCrash\AntiCrash.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{053F4FB4-A421-4969-872A-359EFFFF95A1} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{053F4FB4-A421-4969-872A-359EFFFF95A1}\D616274796E646166796466343 : DhcpNameServer = 192.168.1.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\9.0.1\ViProtocol.dll
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\9.0.0.23\AVG Secure Search_toolbar.dll
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
TB-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\9.0.0.23\AVG Secure Search_toolbar.dll
mRun-x64: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun-x64: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\martin\AppData\Roaming\Mozilla\Firefox\Profiles\kd283fb1.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.aol.co.uk/?icid=aoluk5logorefresh&dlact=dl1
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AiChargerPlus;ASUS Charger Plus Driver;C:\Windows\system32\DRIVERS\AiChargerPlus.sys --> C:\Windows\system32\DRIVERS\AiChargerPlus.sys [?]
R0 amd_sata;amd_sata;C:\Windows\system32\DRIVERS\amd_sata.sys --> C:\Windows\system32\DRIVERS\amd_sata.sys [?]
R0 amd_xata;amd_xata;C:\Windows\system32\DRIVERS\amd_xata.sys --> C:\Windows\system32\DRIVERS\amd_xata.sys [?]
R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]
R0 DiskSec;Magix Volume Filter Driver;C:\Windows\system32\drivers\DiskSec.sys --> C:\Windows\system32\drivers\DiskSec.sys [?]
R1 Avgfwfd;AVG network filter service;C:\Windows\system32\DRIVERS\avgfwd6a.sys --> C:\Windows\system32\DRIVERS\avgfwd6a.sys [?]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]
R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2011-7-19 140672]
R2 AdvancedSystemCareService;Advanced SystemCare Service;C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe [2011-12-13 328536]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-11-9 361984]
R2 AODDriver4.01;AODDriver4.01;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2011-6-24 55424]
R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [2010-11-3 918144]
R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [2010-12-2 915584]
R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [2011-12-12 586880]
R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG2012\avgfws.exe [2011-11-23 2391832]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 192776]
R2 vToolbarUpdater;vToolbarUpdater;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe [2011-12-28 869216]
R3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys --> C:\Windows\system32\DRIVERS\amdiox64.sys [?]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\system32\DRIVERS\asmthub3.sys --> C:\Windows\system32\DRIVERS\asmthub3.sys [?]
R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\system32\DRIVERS\asmtxhci.sys --> C:\Windows\system32\DRIVERS\asmtxhci.sys [?]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]
R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?]
R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-12 136176]
S2 MAGIX StartUp Analyze Service;MAGIX StartUp Analyze Service;C:\Program Files (x86)\MAGIX\PC_Check_Tuning_2011_Download_Version\MXSAS.exe [2010-10-12 196096]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-12 136176]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2012-01-11 13:01:08 -------- d-----w- C:\Users\martin\AppData\Local\{AEE908D3-7CA5-407E-88A9-EF6C12BC7571}
2012-01-11 13:00:55 -------- d-----w- C:\Users\martin\AppData\Local\{76BDBDEA-804F-4767-9992-E8729CA3B658}
2012-01-11 13:00:34 64512 ---ha-w- C:\Users\martin\AppData\Roaming\dach100.dll
2012-01-10 20:39:29 -------- d-----w- C:\Users\martin\AppData\Local\ElevatedDiagnostics
2012-01-10 20:30:13 25160 ----a-w- C:\Windows\System32\drivers\hitmanpro36.sys
2012-01-10 20:29:46 -------- d-----w- C:\Program Files\HitmanPro
2012-01-10 20:29:39 -------- d-----w- C:\ProgramData\HitmanPro
2012-01-10 18:24:06 55384 ----a-w- C:\Windows\System32\drivers\SBREDrv.sys
2012-01-10 17:47:33 -------- d-----w- C:\Users\martin\AppData\Local\{D6434A5C-FED7-4B7B-B9D5-05B71EC532CE}
2012-01-10 17:47:21 -------- d-----w- C:\Users\martin\AppData\Local\{9273BEEB-C639-4D7A-8DA4-7443F2E4D276}
2012-01-09 20:33:23 -------- d-----w- C:\ProgramData\XoftSpySE
2012-01-09 19:14:49 230952 ----a-w- C:\Windows\System32\drivers\PCTSD64.sys
2012-01-09 19:14:49 -------- d-----w- C:\Program Files (x86)\Common Files\PC Tools
2012-01-09 19:12:28 -------- d-----w- C:\Users\martin\AppData\Roaming\TestApp
2012-01-09 19:12:28 -------- d-----w- C:\ProgramData\PC Tools
2012-01-09 13:55:38 -------- d-----w- C:\Program Files (x86)\AMD APP
2012-01-09 13:55:34 -------- d-----w- C:\Program Files (x86)\Common Files\ATI Technologies
2012-01-09 13:53:31 -------- d-----w- C:\ATI
2012-01-09 13:50:24 -------- d-----w- C:\Users\martin\AppData\Local\{6CCB1F71-FA60-4670-8224-FD190291C950}
2012-01-09 13:50:12 -------- d-----w- C:\Users\martin\AppData\Local\{A6362FDF-C3C0-4A40-91C0-9C34BB642BC0}
2012-01-08 11:20:17 -------- d-----w- C:\Users\martin\AppData\Local\{5B48E6AE-3E3D-40B8-8E20-6A3C8E40B86D}
2012-01-08 11:20:06 -------- d-----w- C:\Users\martin\AppData\Local\{65EA5F3C-50AB-4C57-9FB6-627A0EC349DC}
2012-01-07 11:30:59 -------- d-----w- C:\Users\martin\AppData\Local\{EA42B4BE-F9A6-4F10-A8F6-EE189AC6C9AE}
2012-01-07 11:30:48 -------- d-----w- C:\Users\martin\AppData\Local\{7E0E6A56-D508-45F0-A0C1-5586543611BD}
2012-01-06 16:58:30 -------- d-----w- C:\Users\martin\AppData\Local\{1A2AF5B3-2052-4F62-9FB1-162FE39DEB74}
2012-01-06 16:58:19 -------- d-----w- C:\Users\martin\AppData\Local\{EF20225A-063B-4807-A693-119FA0605128}
2012-01-05 13:22:22 -------- d-----w- C:\Users\martin\AppData\Local\{18A26359-018B-409D-BEE5-8D12B1B64646}
2012-01-05 13:22:11 -------- d-----w- C:\Users\martin\AppData\Local\{A5CEDDB0-1082-4043-B956-F4F4F3CE97F1}
2012-01-04 11:55:27 -------- d-----w- C:\Users\martin\AppData\Local\{A4B00FEF-0B4A-410A-878F-3C33E0F91164}
2012-01-04 11:55:16 -------- d-----w- C:\Users\martin\AppData\Local\{64887C9D-BB24-428D-96EC-22EBDB20F1AB}
2012-01-03 13:17:53 -------- d-----w- C:\Users\martin\AppData\Local\{3D94F6DC-1386-46C9-AEA7-24F9EC6BD257}
2012-01-03 13:17:42 -------- d-----w- C:\Users\martin\AppData\Local\{20B601A3-DBD3-4922-9BC2-799D42BF5664}
2012-01-02 16:57:36 -------- d-----w- C:\Users\martin\AppData\Local\{3508D6BA-8363-47AF-8046-5D0F0D91BD8C}
2012-01-02 16:57:25 -------- d-----w- C:\Users\martin\AppData\Local\{196C92BC-12E3-46ED-9D8A-F60D5A458BD5}
2011-12-31 19:06:09 -------- d-----w- C:\Users\martin\AppData\Local\{1588EC49-587C-459C-9375-A5C43FE03BB2}
2011-12-31 19:05:54 -------- d-----w- C:\Users\martin\AppData\Local\{6196876E-35DC-48C2-AAA0-54842A321BAF}
2011-12-30 17:45:21 -------- d-----w- C:\Users\martin\AppData\Local\{D98DAFB0-298E-4167-9877-6E68E0D5C1AE}
2011-12-30 17:45:10 -------- d-----w- C:\Users\martin\AppData\Local\{EFA01C89-D566-4970-A9F7-8D862680A55D}
2011-12-29 21:02:10 -------- d-----w- C:\Users\martin\AppData\Roaming\Curiolab
2011-12-29 19:50:49 -------- d-----w- C:\Program Files (x86)\Advanced Spyware Remover
2011-12-29 13:53:20 -------- d-----w- C:\Users\martin\AppData\Local\{E2D1B3F8-51D8-4EFD-B2FF-47B48C32C933}
2011-12-29 13:53:09 -------- d-----w- C:\Users\martin\AppData\Local\{ABAE8172-E919-40A6-A9EE-6B139A96E32C}
2011-12-28 20:45:47 -------- d-----w- C:\Windows\pss
2011-12-28 14:34:44 -------- d-----w- C:\ProgramData\!SASCORE
2011-12-28 14:34:42 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2011-12-28 13:22:32 -------- d-----w- C:\Users\martin\AppData\Roaming\AVG2012
2011-12-28 13:22:12 -------- d-----w- C:\ProgramData\AVG Secure Search
2011-12-28 13:22:10 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search
2011-12-28 13:22:09 -------- d-----w- C:\Program Files (x86)\AVG Secure Search
2011-12-28 13:22:02 -------- d-----w- C:\Windows\SysWow64\drivers\AVG
2011-12-28 13:21:44 -------- d-----w- C:\Windows\System32\drivers\AVG
2011-12-28 13:21:44 -------- d-----w- C:\ProgramData\AVG2012
2011-12-28 13:21:00 -------- d-----w- C:\Program Files (x86)\AVG
2011-12-28 11:43:32 -------- d-----w- C:\Users\martin\AppData\Local\{625DA88F-8474-4A2C-A7B9-6AE25CBB97B2}
2011-12-28 11:43:20 -------- d-----w- C:\Users\martin\AppData\Local\{5D600DF1-3A95-4641-AAC3-1C31ECD0694F}
2011-12-27 14:53:41 -------- d-----w- C:\Users\martin\AppData\Local\{A81E2CDA-A488-48D0-8432-B876D72E80DB}
2011-12-27 14:53:30 -------- d-----w- C:\Users\martin\AppData\Local\{8BB41815-F082-4771-B25D-EDB54B988991}
2011-12-27 12:49:05 -------- d-----w- C:\Users\martin\AppData\Local\{3EDEA225-F3DE-40E3-B063-F70DEA70346F}
2011-12-27 12:48:54 -------- d-----w- C:\Users\martin\AppData\Local\{56FBA2E9-89DE-466E-B104-03279D274810}
2011-12-26 19:08:10 -------- d-----w- C:\Users\martin\AppData\Roaming\TuneUp Software
2011-12-26 19:07:57 -------- d-----w- C:\ProgramData\TuneUp Software
2011-12-26 19:07:54 -------- d-sh--w- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2011-12-26 18:56:50 -------- d-----w- C:\Users\martin\AppData\Roaming\Auslogics
2011-12-26 18:55:47 -------- d-----w- C:\Program Files (x86)\Auslogics
2011-12-26 12:02:09 -------- d-----w- C:\Users\martin\AppData\Local\{27BD5B4C-ADA1-4EEA-A04C-C9483A9E8A97}
2011-12-26 12:01:58 -------- d-----w- C:\Users\martin\AppData\Local\{709EB311-8B12-4EAA-8609-0743F5F344F3}
2011-12-25 15:38:12 -------- d-----w- C:\Users\martin\AppData\Local\{FA7E1B4F-F202-4F01-945C-D91C5A66F855}
2011-12-25 15:38:01 -------- d-----w- C:\Users\martin\AppData\Local\{1D4BF17D-B61E-4979-9D37-B3F1E18D0B7C}
2011-12-25 14:33:56 -------- d-----w- C:\Users\martin\AppData\Local\{A4DFA5A7-BBD0-4859-9C6A-31282D46EE6E}
2011-12-25 14:33:45 -------- d-----w- C:\Users\martin\AppData\Local\{B22209F6-47C2-4242-80E7-5262E002EC56}
2011-12-24 20:06:44 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-12-24 19:19:34 -------- d-----w- C:\Program Files (x86)\inKline Global
2011-12-24 18:21:47 -------- d-----w- C:\Users\martin\AppData\Local\{FDAF3472-2E95-44CF-810D-9F86FF0FAA00}
2011-12-24 18:21:35 -------- d-----w- C:\Users\martin\AppData\Local\{2CA25035-1B0A-415F-9267-8CAF53449178}
2011-12-24 16:58:03 -------- d-----w- C:\Users\martin\AppData\Roaming\SUPERAntiSpyware.com
2011-12-24 16:57:41 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2011-12-24 15:34:00 -------- d-----w- C:\Users\martin\AppData\Local\{36E2EC0C-9354-48C8-9F66-0EA5CC80FB63}
2011-12-24 15:33:49 -------- d-----w- C:\Users\martin\AppData\Local\{08BF9FB5-B43A-422E-AB53-31785BEB39E7}
2011-12-23 17:09:41 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2011-12-23 16:48:50 -------- d-----w- C:\Users\martin\AppData\Local\{77068C7F-7CCE-4F7F-A938-CAA682B9FE75}
2011-12-23 16:48:35 -------- d-----w- C:\Users\martin\AppData\Local\{335A06C6-D16F-4437-B17E-63D4B3691C0B}
2011-12-22 13:12:25 -------- d-----w- C:\ProgramData\IObit
2011-12-22 13:06:13 -------- d-----w- C:\Users\martin\AppData\Local\{65E40E6F-CF49-4434-90EC-06C63023BA4F}
2011-12-22 13:06:02 -------- d-----w- C:\Users\martin\AppData\Local\{1137D1A5-C278-4999-82EF-1A97D547A97F}
2011-12-21 19:21:58 -------- d-----w- C:\Users\martin\AppData\Local\{62B3CFDE-05D5-49EA-B186-F34808FCE3DD}
2011-12-21 19:21:47 -------- d-----w- C:\Users\martin\AppData\Local\{807A8034-298E-40FA-8DCB-CC70EF1CB669}
2011-12-20 21:04:15 -------- d-----w- C:\Program Files (x86)\Dachshund Software
2011-12-20 20:45:42 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2011-12-20 18:08:59 -------- d-----w- C:\Users\martin\AppData\Roaming\Malwarebytes
2011-12-20 18:08:56 -------- d-----w- C:\ProgramData\Malwarebytes
2011-12-20 18:08:53 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-12-20 17:27:25 -------- d-----w- C:\Users\martin\AppData\Local\{5A167E43-5691-4EF9-9D9A-2B13FA3856D4}
2011-12-20 17:27:13 -------- d-----w- C:\Users\martin\AppData\Local\{2A8D11DE-FF23-4478-86F2-CDE0F87C70C8}
2011-12-19 18:38:56 -------- d-----w- C:\Users\martin\AppData\Local\Apps
2011-12-19 18:26:54 -------- d-----w- C:\Program Files (x86)\Common Files\MAGIX shared
2011-12-19 17:47:53 663552 ----a-w- C:\Windows\SysWow64\mgxoschk.dll
2011-12-19 17:40:27 27616 ----a-w- C:\Windows\System32\drivers\disksec.sys
2011-12-19 17:40:15 -------- d-----w- C:\ProgramData\MAGIX
2011-12-19 17:40:15 -------- d-----w- C:\Program Files (x86)\MAGIX
2011-12-19 17:32:27 -------- d-----w- C:\Users\martin\AppData\Roaming\MAGIX
2011-12-19 16:42:23 -------- d-----w- C:\Users\martin\AppData\Local\{102062FD-3F97-4A51-8902-DC64B4BD6951}
2011-12-19 16:42:12 -------- d-----w- C:\Users\martin\AppData\Local\{63C98E52-337F-4C41-9FE2-23D6F7751254}
2011-12-18 11:38:00 -------- d-----w- C:\Users\martin\AppData\Local\{6053C415-B6F2-43D8-B8A8-0F4030D337A5}
2011-12-18 11:37:49 -------- d-----w- C:\Users\martin\AppData\Local\{493D444C-11F2-4BDE-A635-AA5106C2B024}
2011-12-17 17:56:19 -------- d-----w- C:\Users\martin\AppData\Local\{F3F1F5F8-454F-42FC-A850-6644D514034E}
2011-12-17 17:56:05 -------- d-----w- C:\Users\martin\AppData\Local\{F31F22BE-F87B-421E-B7C5-111675DD6E37}
2011-12-16 19:43:19 2513344 ----a-w- C:\Windows\PE_Rom.dll
2011-12-16 18:15:03 -------- d-----w- C:\Users\martin\AppData\Local\CrashDumps
2011-12-16 18:14:14 -------- d-----w- C:\Users\martin\AppData\Local\{2DE78E8F-E0E6-4F42-81CF-74C5493C3067}
2011-12-16 18:14:03 -------- d-----w- C:\Users\martin\AppData\Local\{EEACC7D8-817A-40A4-9E7E-C0E5C172B061}
2011-12-15 16:43:31 -------- d-----w- C:\Users\martin\AppData\Local\{8956503E-5741-4C59-B895-ABD9AD1F7ADF}
2011-12-15 16:43:20 -------- d-----w- C:\Users\martin\AppData\Local\{AB7AF5BD-95B5-45FD-A2D8-8F7B4064965A}
2011-12-15 16:43:20 -------- d-----w- C:\Users\martin\AppData\Local\{531140AC-FA50-4563-B843-EC1DBBA3D7F9}
2011-12-14 21:31:35 -------- d-----w- C:\Users\martin\AppData\Local\Diagnostics
2011-12-14 16:00:57 924632 ----a-w- C:\Program Files (x86)\Mozilla Firefox\nsnB443.tmp\firefox.exe
2011-12-14 15:54:51 -------- d-----w- C:\Users\martin\AppData\Local\{20525307-8D35-42B2-B9CD-3A6F41F42489}
2011-12-14 15:54:40 -------- d-----w- C:\Users\martin\AppData\Local\{41D7649A-16AD-4FE4-AA21-43C4444724EA}
2011-12-13 21:22:11 -------- d-----w- C:\ProgramData\CodecCheck
2011-12-13 21:22:09 -------- d-----w- C:\codec-info
2011-12-13 21:21:43 -------- d-----w- C:\Users\martin\AppData\Local\Babylon
2011-12-13 21:21:41 -------- d-----w- C:\Users\martin\AppData\Roaming\Babylon
2011-12-13 21:21:41 -------- d-----w- C:\ProgramData\Babylon
2011-12-13 21:21:11 -------- d-----w- C:\ProgramData\Premium
2011-12-13 21:21:11 -------- d-----w- C:\ProgramData\InstallMate
2011-12-13 21:14:29 -------- d-----w- C:\Program Files (x86)\DivX
2011-12-13 21:14:29 -------- d-----w- C:\Program Files (x86)\Common Files\DivX Shared
2011-12-13 20:21:37 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2011-12-13 19:58:12 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2011-12-13 19:58:12 2048 ----a-w- C:\Windows\System32\tzres.dll
2011-12-13 19:58:08 3145216 ----a-w- C:\Windows\System32\win32k.sys
2011-12-13 19:58:07 723456 ----a-w- C:\Windows\System32\EncDec.dll
2011-12-13 19:58:07 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll
2011-12-13 19:58:06 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2011-12-13 19:18:16 902656 ----a-w- C:\Windows\System32\d2d1.dll
2011-12-13 19:18:16 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
2011-12-13 19:18:16 1544192 ----a-w- C:\Windows\System32\DWrite.dll
2011-12-13 19:18:16 1139200 ----a-w- C:\Windows\System32\FntCache.dll
2011-12-13 19:18:16 1076736 ----a-w- C:\Windows\SysWow64\DWrite.dll
2011-12-13 18:52:17 -------- d--h--w- C:\ProgramData\Common Files
2011-12-13 18:52:07 -------- d-----w- C:\ProgramData\MFAData
2011-12-13 18:20:19 -------- d-----w- C:\Users\martin\AppData\Local\{70B23F72-9277-40A3-93F9-FA9F88EB4347}
2011-12-13 18:20:08 -------- d-----w- C:\Users\martin\AppData\Local\{B6563D5B-3612-4398-9369-A6850B240826}
2011-12-12 23:50:41 -------- d-----w- C:\Windows\Panther
2011-12-12 19:43:13 -------- d-----w- C:\Users\martin\AppData\Roaming\IObit
2011-12-12 19:43:12 -------- d-----w- C:\Program Files (x86)\IObit
2011-12-12 19:28:32 -------- d-----w- C:\Program Files\CCleaner
2011-12-12 19:19:50 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-12-12 19:17:16 -------- d-----w- C:\Users\martin\AppData\Local\Mozilla
2011-12-12 18:15:07 -------- d-----w- C:\Users\martin\AppData\Local\{C58BEE13-2DC7-424C-8686-6F2144036EBD}
2011-12-12 18:14:56 -------- d-----w- C:\Users\martin\AppData\Local\{F5EF2FA1-6A51-46C6-8144-ABBA58146CD6}
2011-12-12 18:14:42 -------- d-----w- C:\Users\martin\Tracing
2011-12-12 18:10:50 -------- d-----w- C:\ProgramData\Norton
2011-12-12 18:10:04 -------- d-----w- C:\ProgramData\NortonInstaller
2011-12-12 17:58:05 -------- d-----w- C:\Windows\PCHEALTH
2011-12-12 17:57:30 6260088 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\7fd69b4a1ccb8f703\Silverlight.4.0.exe
2011-12-12 17:56:45 -------- d-----w- C:\Users\martin\AppData\Local\Windows Live
2011-12-12 17:56:45 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live
2011-12-12 17:55:56 -------- d-----w- C:\Users\martin\AppData\Local\{BA4B8F11-20A0-4DBA-A5A0-E009D1E8C141}
2011-12-12 17:48:07 -------- d-----w- C:\Users\martin\AppData\Local\Google
2011-12-12 17:43:26 -------- d-----w- C:\ProgramData\ASUS OC Profiles
2011-12-12 17:41:22 -------- d-----w- C:\Windows\AsusInstAll
2011-12-12 17:38:06 14464 ----a-w- C:\Windows\System32\drivers\AiChargerPlus.sys
2011-12-12 17:37:42 184320 ----a-w- C:\Windows\SysWow64\drivers\UpdateHelper.dll
2011-12-12 17:37:20 77824 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2011-12-12 17:37:20 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2011-12-12 17:37:20 225280 ------w- C:\Program Files (x86)\Common Files\InstallShield\IScript\iscript.dll
2011-12-12 17:37:20 176128 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2011-12-12 17:37:03 -------- d-----w- C:\ProgramData\ASUS
2011-12-12 17:36:48 28672 ----a-r- C:\Windows\SysWow64\AsIO.dll
2011-12-12 17:36:48 13440 ----a-r- C:\Windows\SysWow64\drivers\AsIO.sys
2011-12-12 17:36:43 11832 ------w- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
2011-12-12 17:35:32 -------- d-----w- C:\Program Files (x86)\ASM104xUSB3
2011-12-12 17:34:04 74272 ----a-w- C:\Windows\System32\RtNicProp64.dll
2011-12-12 17:34:04 471144 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys
2011-12-12 17:26:54 74584 ----a-w- C:\Windows\System32\R4EEG64A.dll
2011-12-12 17:25:24 -------- d-----w- C:\Windows\AsDmiHtm
2011-12-12 17:24:25 78976 ----a-w- C:\Windows\System32\drivers\amd_sata.sys
2011-12-12 17:24:25 38528 ----a-w- C:\Windows\System32\drivers\amd_xata.sys
2011-12-12 17:24:17 47232 ----a-r- C:\Windows\System32\drivers\usbfilter.sys
2011-12-12 17:19:56 23680 ----a-w- C:\Windows\System32\drivers\IOMap64.sys
2011-12-12 17:17:49 761856 ----a-w- C:\Windows\SysWow64\xvidcore.dll
2011-12-12 17:13:44 -------- d-----w- C:\Program Files (x86)\My Company Name
2011-12-12 17:13:32 -------- d-----w- C:\Users\martin\AppData\Local\AMD
2011-12-12 17:13:28 -------- d-----w- C:\Users\martin\AppData\Local\ATI
2011-12-12 17:13:04 46136 ----a-w- C:\Windows\System32\drivers\amdiox64.sys
2011-12-12 17:13:04 -------- d-----w- C:\ProgramData\AMD
2011-12-12 17:12:58 -------- d-----w- C:\Program Files\Common Files\ATI Technologies
2011-12-12 17:12:12 -------- d-----w- C:\Program Files\ATI
2011-12-12 17:12:10 -------- d-----w- C:\Program Files (x86)\ATI Technologies
2011-12-12 17:11:38 -------- d-----w- C:\Program Files\ATI Technologies
2011-12-12 17:06:56 -------- d-sh--w- C:\Windows\Installer
2011-12-12 17:03:40 -------- d-----w- C:\Windows\SysWow64\Wat
2011-12-12 17:03:40 -------- d-----w- C:\Windows\System32\Wat
2011-12-12 16:53:36 8199504 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2011-12-12 16:53:35 8822856 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AD5D3C91-5F5D-4E38-A9C3-42B99074D1E4}\mpengine.dll
2011-12-12 16:47:59 367616 ----a-w- C:\Windows\System32\atmfd.dll
2011-12-12 16:46:59 2871808 ----a-w- C:\Windows\explorer.exe
2011-12-12 16:44:21 5561216 ----a-w- C:\Windows\System32\ntoskrnl.exe
2011-12-12 16:44:21 3967872 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2011-12-12 16:44:21 3912576 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2011-12-12 16:10:59 0 ----a-w- C:\Windows\ativpsrm.bin
.
==================== Find3M ====================
.
2011-11-15 14:29:56 270720 ------w- C:\Windows\System32\MpSigStub.exe
2011-11-10 03:45:30 10567680 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
2011-11-10 03:20:50 25218048 ----a-w- C:\Windows\System32\atio6axx.dll
2011-11-10 03:17:10 159744 ----a-w- C:\Windows\System32\atiapfxx.exe
2011-11-10 03:16:56 774656 ----a-w- C:\Windows\SysWow64\aticfx32.dll
2011-11-10 03:15:20 927232 ----a-w- C:\Windows\System32\aticfx64.dll
2011-11-10 03:12:24 466944 ----a-w- C:\Windows\System32\ATIDEMGX.dll
2011-11-10 03:12:10 516608 ----a-w- C:\Windows\System32\atieclxx.exe
2011-11-10 03:11:32 204288 ----a-w- C:\Windows\System32\atiesrxx.exe
2011-11-10 03:10:18 120320 ----a-w- C:\Windows\System32\atitmm64.dll
2011-11-10 03:09:58 423424 ----a-w- C:\Windows\System32\atipdl64.dll
2011-11-10 03:09:52 360448 ----a-w- C:\Windows\SysWow64\atipdlxx.dll
2011-11-10 03:09:40 278528 ----a-w- C:\Windows\SysWow64\Oemdspif.dll
2011-11-10 03:09:34 21504 ----a-w- C:\Windows\System32\atimuixx.dll
2011-11-10 03:09:30 59392 ----a-w- C:\Windows\System32\atiedu64.dll
2011-11-10 03:09:24 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll
2011-11-10 03:06:20 6077952 ----a-w- C:\Windows\SysWow64\atidxx32.dll
2011-11-10 02:58:20 18996224 ----a-w- C:\Windows\SysWow64\atioglxx.dll
2011-11-10 02:51:18 7405056 ----a-w- C:\Windows\System32\atidxx64.dll
2011-11-10 02:40:52 1113088 ----a-w- C:\Windows\System32\atiumd6v.dll
2011-11-10 02:40:18 1828864 ----a-w- C:\Windows\SysWow64\atiumdmv.dll
2011-11-10 02:40:04 4061696 ----a-w- C:\Windows\System32\atiumd6a.dll
2011-11-10 02:34:54 51200 ----a-w- C:\Windows\System32\aticalrt64.dll
2011-11-10 02:34:52 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll
2011-11-10 02:34:44 44544 ----a-w- C:\Windows\System32\aticalcl64.dll
2011-11-10 02:34:42 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll
2011-11-10 02:34:28 13552640 ----a-w- C:\Windows\System32\aticaldd64.dll
2011-11-10 02:33:52 5852672 ----a-w- C:\Windows\SysWow64\atiumdag.dll
2011-11-10 02:29:58 11300864 ----a-w- C:\Windows\SysWow64\aticaldd.dll
2011-11-10 02:29:46 4200960 ----a-w- C:\Windows\SysWow64\atiumdva.dll
2011-11-10 02:24:26 7439360 ----a-w- C:\Windows\System32\atiumd64.dll
2011-11-10 02:18:44 58880 ----a-w- C:\Windows\System32\coinst.dll
2011-11-10 02:13:32 494592 ----a-w- C:\Windows\System32\atiadlxx.dll
2011-11-10 02:13:22 348160 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
2011-11-10 02:13:08 17408 ----a-w- C:\Windows\System32\atig6pxx.dll
2011-11-10 02:13:04 14336 ----a-w- C:\Windows\SysWow64\atiglpxx.dll
2011-11-10 02:13:04 14336 ----a-w- C:\Windows\System32\atiglpxx.dll
2011-11-10 02:13:00 39936 ----a-w- C:\Windows\System32\atig6txx.dll
2011-11-10 02:12:52 32768 ----a-w- C:\Windows\SysWow64\atigktxx.dll
2011-11-10 02:12:44 325632 ----a-w- C:\Windows\System32\drivers\atikmpag.sys
2011-11-10 02:11:54 41984 ----a-w- C:\Windows\System32\atiuxp64.dll
2011-11-10 02:11:46 32256 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
2011-11-10 02:11:40 39424 ----a-w- C:\Windows\System32\atiu9p64.dll
2011-11-10 02:11:32 54784 ----a-w- C:\Windows\System32\atimpc64.dll
2011-11-10 02:11:32 54784 ----a-w- C:\Windows\System32\amdpcom64.dll
2011-11-10 02:11:32 29184 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
2011-11-10 02:11:26 53760 ----a-w- C:\Windows\SysWow64\atimpc32.dll
2011-11-10 02:11:26 53760 ----a-w- C:\Windows\SysWow64\amdpcom32.dll
2011-11-10 02:10:54 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll
2011-11-09 22:39:50 69632 ----a-w- C:\Windows\System32\OpenVideo64.dll
2011-11-09 22:39:44 59904 ----a-w- C:\Windows\SysWow64\OpenVideo.dll
2011-11-09 22:39:36 61952 ----a-w- C:\Windows\System32\OVDecode64.dll
2011-11-09 22:39:32 54784 ----a-w- C:\Windows\SysWow64\OVDecode.dll
2011-11-09 22:39:22 17442304 ----a-w- C:\Windows\System32\amdocl64.dll
2011-11-09 22:38:40 14375936 ----a-w- C:\Windows\SysWow64\amdocl.dll
2011-11-09 22:37:50 51200 ----a-w- C:\Windows\System32\OpenCL.dll
2011-11-09 22:37:46 44032 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2011-11-04 01:53:39 2309120 ----a-w- C:\Windows\System32\jscript9.dll
2011-11-04 01:44:47 1390080 ----a-w- C:\Windows\System32\wininet.dll
2011-11-04 01:44:21 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
2011-11-04 01:34:43 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2011-11-03 22:47:42 1798144 ----a-w- C:\Windows\SysWow64\jscript9.dll
2011-11-03 22:40:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2011-11-03 22:39:47 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-11-03 22:31:57 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-10-21 20:16:12 1843200 ----a-w- C:\Windows\SysWow64\SlotMaximizerBe.dll
2011-10-21 20:15:46 104448 ----a-w- C:\Windows\SysWow64\SlotMaximizerAg.dllhttp://forums.spybot.info/attachment.php?attachmentid=9078&stc=1&d=1326294814
2011-10-21 20:12:32 2763264 ----a-w- C:\Windows\System32\SlotMaximizerBe.dll
2011-10-21 20:07:42 125440 ----a-w- C:\Windows\System32\SlotMaximizerAg.dll
2011-10-17 17:40:50 93712 ----a-w- C:\Windows\System32\drivers\AtihdW76.sys
.http://forums.spybot.info/attachment.php?attachmentid=9078&stc=1&d=1326294814
============= FINISH: 14:57:05.14 ===============
Hi
Please visit this webpage for download links, and instructions for running ComboFix tool:
http://www.bleepingcomputer.com/combofix/how-to-use-combofix
Please ensure you read this guide carefully first.
Please continue as follows:
Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix, link (http://www.bleepingcomputer.com/forums/topic114351.html)
Remember to re-enable them afterwards.
Click Yes to allow ComboFix to continue scanning for malware.
When the tool is finished, it will produce a report for you.
Please include the following reports for further review, and so we may continue cleansing the system:
C:\ComboFix.txt
New dds log.
A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix. This tool is not a toy and not for everyday use.
hi again here im getting this error whenever i click on anything ,, illegal operation attempted on a registry key that has been marked for deletion, i managed to get this far by clicking run as administrator on google, im thinking i cleaned registry earlier with ccleaner, shall i use system restore and then run combofix then get back to you, i backed up registry before i used ccleaner, but how do i go about that, sorry for the inconvenience, kind regards martin
Hi,
You need to reboot the system if you didn't after ComboFix run yet.
hi thanks back to normal my combofix log is as follows
ComboFix 12-01-10.02 - martin 11/01/2012 16:48:49.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.8138.5775 [GMT 0:00]
Running from: c:\users\martin\Downloads\ComboFix.exe
AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
FW: AVG Firewall *Disabled* {621CC794-9486-F902-D092-0484E8EA828B}
SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2011-12-11 to 2012-01-11 )))))))))))))))))))))))))))))))
.
.
2012-01-11 16:51 . 2012-01-11 16:51 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-11 16:35 . 2012-01-11 16:35 -------- d-----w- c:\users\martin\AppData\Local\blekkotb
2012-01-11 16:35 . 2012-01-11 16:35 -------- d-----w- c:\programdata\Anti-phishing Domain Advisor
2012-01-11 16:35 . 2012-01-11 16:35 -------- d-----w- c:\program files (x86)\blekkotb
2012-01-10 20:39 . 2012-01-11 15:47 -------- d-----w- c:\users\martin\AppData\Local\ElevatedDiagnostics
2012-01-10 20:30 . 2012-01-10 20:30 25160 ----a-w- c:\windows\system32\drivers\hitmanpro36.sys
2012-01-10 20:29 . 2012-01-10 20:29 -------- d-----w- c:\program files\HitmanPro
2012-01-10 20:29 . 2012-01-10 20:30 -------- d-----w- c:\programdata\HitmanPro
2012-01-10 18:24 . 2012-01-10 18:24 55384 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2012-01-10 18:21 . 2012-01-10 19:17 -------- d-----w- c:\programdata\Lavasoft
2012-01-09 20:33 . 2012-01-09 20:33 -------- d-----w- c:\programdata\XoftSpySE
2012-01-09 19:14 . 2012-01-09 20:39 -------- d-----w- c:\program files (x86)\Common Files\PC Tools
2012-01-09 19:14 . 2011-11-22 19:42 230952 ----a-w- c:\windows\system32\drivers\PCTSD64.sys
2012-01-09 19:12 . 2012-01-09 20:38 -------- d-----w- c:\programdata\PC Tools
2012-01-09 19:12 . 2012-01-09 19:12 -------- d-----w- c:\users\martin\AppData\Roaming\TestApp
2012-01-09 13:55 . 2012-01-09 13:55 -------- d-----w- c:\programdata\ATI
2012-01-09 13:55 . 2012-01-09 13:55 -------- d-----w- c:\program files (x86)\AMD APP
2012-01-09 13:55 . 2012-01-09 13:55 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2012-01-09 13:53 . 2012-01-09 13:53 -------- d-----w- C:\ATI
2012-01-05 13:42 . 2012-01-06 17:26 -------- d-----w- c:\program files (x86)\ERUNT
2011-12-29 21:02 . 2011-12-29 21:02 -------- d-----w- c:\users\martin\AppData\Roaming\Curiolab
2011-12-29 19:50 . 2012-01-09 18:56 -------- d-----w- c:\program files (x86)\Advanced Spyware Remover
2011-12-28 14:34 . 2011-12-28 14:34 -------- d-----w- c:\programdata\!SASCORE
2011-12-28 14:34 . 2011-12-28 14:36 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-12-28 13:22 . 2011-12-28 13:22 -------- d-----w- c:\users\martin\AppData\Roaming\AVG2012
2011-12-28 13:22 . 2011-12-28 13:22 -------- d-----w- c:\programdata\AVG Secure Search
2011-12-28 13:22 . 2011-12-28 13:22 -------- d-----w- c:\program files (x86)\Common Files\AVG Secure Search
2011-12-28 13:22 . 2011-12-28 13:22 -------- d-----w- c:\program files (x86)\AVG Secure Search
2011-12-28 13:22 . 2011-12-28 13:22 -------- d-----w- c:\windows\SysWow64\drivers\AVG
2011-12-28 13:21 . 2012-01-11 16:09 -------- d-----w- c:\windows\system32\drivers\AVG
2011-12-28 13:21 . 2011-12-28 13:36 -------- d-----w- c:\programdata\AVG2012
2011-12-28 13:21 . 2011-12-28 13:21 -------- d-----w- c:\program files (x86)\AVG
2011-12-26 19:08 . 2011-12-26 19:08 -------- d-----w- c:\users\martin\AppData\Roaming\TuneUp Software
2011-12-26 19:07 . 2012-01-08 18:08 -------- d-----w- c:\programdata\TuneUp Software
2011-12-26 19:07 . 2011-12-26 19:07 -------- d-sh--w- c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2011-12-26 18:56 . 2011-12-26 18:56 -------- d-----w- c:\users\martin\AppData\Roaming\Auslogics
2011-12-26 18:55 . 2011-12-26 19:02 -------- d-----w- c:\program files (x86)\Auslogics
2011-12-24 20:06 . 2011-12-10 15:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-12-24 19:19 . 2011-12-24 19:19 -------- d-----w- c:\program files (x86)\inKline Global
2011-12-24 16:58 . 2011-12-24 16:58 -------- d-----w- c:\users\martin\AppData\Roaming\SUPERAntiSpyware.com
2011-12-24 16:57 . 2011-12-24 16:57 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2011-12-23 17:09 . 2011-12-25 14:36 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy
2011-12-22 13:12 . 2011-12-29 20:01 -------- d-----w- c:\programdata\IObit
2011-12-20 21:04 . 2011-12-20 21:04 -------- d-----w- c:\program files (x86)\Dachshund Software
2011-12-20 20:45 . 2011-12-20 20:45 -------- d-----w- c:\program files (x86)\MSXML 4.0
2011-12-20 18:08 . 2011-12-20 18:08 -------- d-----w- c:\users\martin\AppData\Roaming\Malwarebytes
2011-12-20 18:08 . 2011-12-20 18:08 -------- d-----w- c:\programdata\Malwarebytes
2011-12-20 18:08 . 2011-12-28 12:05 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-12-19 18:38 . 2011-12-19 18:38 -------- d-----w- c:\users\martin\AppData\Local\Apps
2011-12-19 18:26 . 2011-12-24 18:12 -------- d-----w- c:\program files (x86)\Common Files\MAGIX shared
2011-12-19 17:47 . 2007-01-04 11:02 663552 ----a-w- c:\windows\SysWow64\mgxoschk.dll
2011-12-19 17:40 . 2009-09-23 11:11 27616 ----a-w- c:\windows\system32\drivers\disksec.sys
2011-12-19 17:40 . 2011-12-24 18:12 -------- d-----w- c:\programdata\MAGIX
2011-12-19 17:40 . 2011-12-24 17:37 -------- d-----w- c:\program files (x86)\MAGIX
2011-12-19 17:32 . 2011-12-24 18:12 -------- d-----w- c:\users\martin\AppData\Roaming\MAGIX
2011-12-16 19:43 . 2011-12-28 13:48 2513344 ----a-w- c:\windows\PE_Rom.dll
2011-12-16 18:15 . 2011-12-27 14:00 -------- d-----w- c:\users\martin\AppData\Local\CrashDumps
2011-12-15 17:10 . 2011-12-18 14:06 -------- d-----w- c:\program files (x86)\Real
2011-12-14 21:31 . 2011-12-18 13:23 -------- d-----w- c:\users\martin\AppData\Local\Diagnostics
2011-12-13 21:22 . 2011-12-13 21:22 -------- d-----w- c:\programdata\CodecCheck
2011-12-13 21:22 . 2011-12-13 21:22 -------- d-----w- C:\codec-info
2011-12-13 21:21 . 2011-12-13 21:21 237 ----a-w- C:\user.js
2011-12-13 21:21 . 2011-12-13 21:21 -------- d-----w- c:\users\martin\AppData\Local\Babylon
2011-12-13 21:21 . 2011-12-13 21:21 -------- d-----w- c:\users\martin\AppData\Roaming\Babylon
2011-12-13 21:21 . 2011-12-13 21:21 -------- d-----w- c:\programdata\Babylon
2011-12-13 21:21 . 2011-12-13 21:22 -------- d-----w- c:\programdata\InstallMate
2011-12-13 21:21 . 2011-12-13 21:21 -------- d-----w- c:\programdata\Premium
2011-12-13 21:14 . 2011-12-24 18:12 -------- d-----w- c:\program files (x86)\DivX
2011-12-13 21:14 . 2011-12-24 18:12 -------- d-----w- c:\program files (x86)\Common Files\DivX Shared
2011-12-13 20:21 . 2012-01-11 13:16 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2011-12-13 19:58 . 2011-11-05 05:32 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-13 19:58 . 2011-11-05 04:26 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2011-12-13 19:58 . 2011-11-24 04:52 3145216 ----a-w- c:\windows\system32\win32k.sys
2011-12-13 19:58 . 2011-10-15 06:31 723456 ----a-w- c:\windows\system32\EncDec.dll
2011-12-13 19:58 . 2011-10-15 05:38 534528 ----a-w- c:\windows\SysWow64\EncDec.dll
2011-12-13 19:58 . 2011-10-26 05:21 43520 ----a-w- c:\windows\system32\csrsrv.dll
2011-12-13 19:18 . 2011-12-13 19:18 902656 ----a-w- c:\windows\system32\d2d1.dll
2011-12-13 19:18 . 2011-12-13 19:18 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2011-12-13 19:18 . 2011-12-13 19:18 1544192 ----a-w- c:\windows\system32\DWrite.dll
2011-12-13 19:18 . 2011-12-13 19:18 1139200 ----a-w- c:\windows\system32\FntCache.dll
2011-12-13 19:18 . 2011-12-13 19:18 1076736 ----a-w- c:\windows\SysWow64\DWrite.dll
2011-12-13 18:52 . 2011-12-13 18:52 -------- d--h--w- c:\programdata\Common Files
2011-12-13 18:52 . 2012-01-11 16:09 -------- d-----w- c:\programdata\MFAData
2011-12-13 18:23 . 2011-12-13 18:23 -------- d-----w- c:\program files (x86)\Microsoft.NET
2011-12-12 23:50 . 2011-12-12 19:30 -------- d-----w- c:\windows\Panther
2011-12-12 19:43 . 2011-12-13 21:24 -------- d-----w- c:\users\martin\AppData\Roaming\IObit
2011-12-12 19:43 . 2011-12-29 20:00 -------- d-----w- c:\program files (x86)\IObit
2011-12-12 19:28 . 2011-12-24 18:12 -------- d-----w- c:\program files\CCleaner
2011-12-12 19:19 . 2011-12-12 19:19 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-12-12 19:17 . 2011-12-12 19:17 -------- d-----w- c:\users\martin\AppData\Local\Mozilla
2011-12-12 18:14 . 2012-01-11 16:52 -------- d-----w- c:\users\martin\Tracing
2011-12-12 18:10 . 2011-12-12 18:17 -------- d-----w- c:\programdata\Norton
2011-12-12 17:58 . 2011-12-12 18:00 -------- d-----w- c:\program files (x86)\Windows Live
2011-12-12 17:58 . 2011-12-12 17:58 -------- d-----w- c:\program files\Windows Live
2011-12-12 17:58 . 2011-12-12 17:58 -------- d-----w- c:\windows\PCHEALTH
2011-12-12 17:57 . 2011-12-24 18:12 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2011-12-12 17:56 . 2012-01-11 13:01 -------- d-----w- c:\users\martin\AppData\Local\Windows Live
2011-12-12 17:56 . 2011-12-12 17:56 -------- d-----w- c:\program files (x86)\Common Files\Windows Live
2011-12-12 17:48 . 2011-12-12 17:48 -------- d-----w- c:\users\martin\AppData\Local\Google
2011-12-12 17:48 . 2011-12-12 17:48 -------- d-----w- c:\program files (x86)\Google
2011-12-12 17:43 . 2011-12-12 17:43 -------- d-----w- c:\programdata\ASUS OC Profiles
2011-12-12 17:41 . 2011-12-24 18:12 -------- d-----w- c:\windows\AsusInstAll
2011-12-12 17:40 . 2011-12-12 17:40 -------- d-----w- c:\windows\SysWow64\Macromed
2011-12-12 17:38 . 2010-11-08 14:57 14464 ----a-w- c:\windows\system32\drivers\AiChargerPlus.sys
2011-12-12 17:37 . 2008-12-02 20:05 184320 ----a-w- c:\windows\SysWow64\drivers\UpdateHelper.dll
2011-12-12 17:37 . 2011-12-12 17:37 -------- d-----w- c:\programdata\ASUS
2011-12-12 17:36 . 2010-08-24 07:16 13440 ----a-r- c:\windows\SysWow64\drivers\AsIO.sys
2011-12-12 17:36 . 2010-06-29 07:41 28672 ----a-r- c:\windows\SysWow64\AsIO.dll
2011-12-12 17:36 . 2008-01-04 05:34 11832 ------w- c:\windows\SysWow64\drivers\AsInsHelp64.sys
2011-12-12 17:35 . 2011-12-12 17:35 -------- d-----w- c:\program files (x86)\ASM104xUSB3
2011-12-12 17:34 . 2011-04-21 18:17 74272 ----a-w- c:\windows\system32\RtNicProp64.dll
2011-12-12 17:34 . 2011-04-21 18:17 471144 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2011-12-12 17:26 . 2010-11-02 01:35 1718616 ----a-w- c:\windows\system32\R4EEP64A.dll
2011-12-12 17:25 . 2011-12-24 18:12 -------- d-----w- c:\windows\AsDmiHtm
2011-12-12 17:24 . 2011-03-04 05:46 78976 ----a-w- c:\windows\system32\drivers\amd_sata.sys
2011-12-12 17:24 . 2011-03-04 05:46 38528 ----a-w- c:\windows\system32\drivers\amd_xata.sys
2011-12-12 17:24 . 2010-12-16 04:06 47232 ----a-r- c:\windows\system32\drivers\usbfilter.sys
2011-12-12 17:24 . 2012-01-10 19:17 -------- dc----w- c:\windows\system32\DRVSTORE
2011-12-12 17:19 . 2010-02-22 15:46 23680 ----a-w- c:\windows\system32\drivers\IOMap64.sys
2011-12-12 17:17 . 2011-12-12 17:17 -------- d-----w- c:\program files\ASUS
2011-12-12 17:14 . 2011-12-24 19:19 -------- d--h--w- c:\program files (x86)\InstallShield Installation Information
2011-12-12 17:13 . 2011-12-12 17:13 -------- d-----w- c:\program files (x86)\My Company Name
2011-12-12 17:13 . 2011-12-12 17:13 -------- d-----w- c:\users\martin\AppData\Local\AMD
2011-12-12 17:13 . 2011-12-12 17:13 -------- d-----w- c:\users\martin\AppData\Roaming\ATI
2011-12-12 17:13 . 2011-12-12 17:13 -------- d-----w- c:\users\martin\AppData\Local\ATI
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-12 17:58 . 2011-03-28 18:36 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-11-15 14:29 . 2010-11-21 03:27 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-11-10 03:45 . 2011-11-10 03:45 10567680 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2011-11-10 03:20 . 2011-11-10 03:20 25218048 ----a-w- c:\windows\system32\atio6axx.dll
2011-11-10 03:17 . 2011-11-10 03:17 159744 ----a-w- c:\windows\system32\atiapfxx.exe
2011-11-10 03:16 . 2011-04-05 14:03 774656 ----a-w- c:\windows\SysWow64\aticfx32.dll
2011-11-10 03:15 . 2011-04-20 02:07 927232 ----a-w- c:\windows\system32\aticfx64.dll
2011-11-10 03:12 . 2011-11-10 03:12 466944 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-11-10 03:12 . 2011-11-10 03:12 516608 ----a-w- c:\windows\system32\atieclxx.exe
2011-11-10 03:11 . 2011-11-10 03:11 204288 ----a-w- c:\windows\system32\atiesrxx.exe
2011-11-10 03:10 . 2011-11-10 03:10 120320 ----a-w- c:\windows\system32\atitmm64.dll
2011-11-10 03:09 . 2011-04-05 13:57 423424 ----a-w- c:\windows\system32\atipdl64.dll
2011-11-10 03:09 . 2011-04-05 13:57 360448 ----a-w- c:\windows\SysWow64\atipdlxx.dll
2011-11-10 03:09 . 2011-11-10 03:09 278528 ----a-w- c:\windows\SysWow64\Oemdspif.dll
2011-11-10 03:09 . 2011-11-10 03:09 21504 ----a-w- c:\windows\system32\atimuixx.dll
2011-11-10 03:09 . 2011-11-10 03:09 59392 ----a-w- c:\windows\system32\atiedu64.dll
2011-11-10 03:09 . 2011-11-10 03:09 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2011-11-10 03:06 . 2011-04-05 13:53 6077952 ----a-w- c:\windows\SysWow64\atidxx32.dll
2011-11-10 02:58 . 2011-11-10 02:58 18996224 ----a-w- c:\windows\SysWow64\atioglxx.dll
2011-11-10 02:51 . 2011-04-20 01:49 7405056 ----a-w- c:\windows\system32\atidxx64.dll
2011-11-10 02:40 . 2011-11-10 02:40 1113088 ----a-w- c:\windows\system32\atiumd6v.dll
2011-11-10 02:40 . 2011-11-10 02:40 1828864 ----a-w- c:\windows\SysWow64\atiumdmv.dll
2011-11-10 02:40 . 2011-11-10 02:40 4061696 ----a-w- c:\windows\system32\atiumd6a.dll
2011-11-10 02:34 . 2011-11-10 02:34 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2011-11-10 02:34 . 2011-11-10 02:34 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2011-11-10 02:34 . 2011-11-10 02:34 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2011-11-10 02:34 . 2011-11-10 02:34 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2011-11-10 02:34 . 2011-11-10 02:34 13552640 ----a-w- c:\windows\system32\aticaldd64.dll
2011-11-10 02:33 . 2011-11-10 02:33 5852672 ----a-w- c:\windows\SysWow64\atiumdag.dll
2011-11-10 02:29 . 2011-11-10 02:29 11300864 ----a-w- c:\windows\SysWow64\aticaldd.dll
2011-11-10 02:29 . 2011-11-10 02:29 4200960 ----a-w- c:\windows\SysWow64\atiumdva.dll
2011-11-10 02:24 . 2011-11-10 02:24 7439360 ----a-w- c:\windows\system32\atiumd64.dll
2011-11-10 02:18 . 2011-04-20 01:27 58880 ----a-w- c:\windows\system32\coinst.dll
2011-11-10 02:13 . 2011-11-10 02:13 494592 ----a-w- c:\windows\system32\atiadlxx.dll
2011-11-10 02:13 . 2011-11-10 02:13 348160 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2011-11-10 02:13 . 2011-11-10 02:13 17408 ----a-w- c:\windows\system32\atig6pxx.dll
2011-11-10 02:13 . 2011-11-10 02:13 14336 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2011-11-10 02:13 . 2011-11-10 02:13 14336 ----a-w- c:\windows\system32\atiglpxx.dll
2011-11-10 02:13 . 2011-11-10 02:13 39936 ----a-w- c:\windows\system32\atig6txx.dll
2011-11-10 02:12 . 2011-11-10 02:12 32768 ----a-w- c:\windows\SysWow64\atigktxx.dll
2011-11-10 02:12 . 2011-11-10 02:12 325632 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2011-11-10 02:11 . 2011-04-20 01:21 41984 ----a-w- c:\windows\system32\atiuxp64.dll
2011-11-10 02:11 . 2011-04-05 13:20 32256 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2011-11-10 02:11 . 2011-11-10 02:11 39424 ----a-w- c:\windows\system32\atiu9p64.dll
2011-11-10 02:11 . 2011-11-10 02:11 54784 ----a-w- c:\windows\system32\atimpc64.dll
2011-11-10 02:11 . 2011-11-10 02:11 54784 ----a-w- c:\windows\system32\amdpcom64.dll
2011-11-10 02:11 . 2011-11-10 02:11 29184 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2011-11-10 02:11 . 2011-11-10 02:11 53760 ----a-w- c:\windows\SysWow64\atimpc32.dll
2011-11-10 02:11 . 2011-11-10 02:11 53760 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2011-11-10 02:10 . 2011-11-10 02:10 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-11-09 22:39 . 2011-11-09 22:39 69632 ----a-w- c:\windows\system32\OpenVideo64.dll
2011-11-09 22:39 . 2011-11-09 22:39 59904 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2011-11-09 22:39 . 2011-11-09 22:39 61952 ----a-w- c:\windows\system32\OVDecode64.dll
2011-11-09 22:39 . 2011-11-09 22:39 54784 ----a-w- c:\windows\SysWow64\OVDecode.dll
2011-11-09 22:39 . 2011-11-09 22:39 17442304 ----a-w- c:\windows\system32\amdocl64.dll
2011-11-09 22:38 . 2011-11-09 22:38 14375936 ----a-w- c:\windows\SysWow64\amdocl.dll
2011-11-09 22:37 . 2011-11-09 22:37 51200 ----a-w- c:\windows\system32\OpenCL.dll
2011-11-09 22:37 . 2011-11-09 22:37 44032 ----a-w- c:\windows\SysWow64\OpenCL.dll
2011-10-21 20:16 . 2011-10-21 20:16 1843200 ----a-w- c:\windows\SysWow64\SlotMaximizerBe.dll
2011-10-21 20:15 . 2011-10-21 20:15 104448 ----a-w- c:\windows\SysWow64\SlotMaximizerAg.dll
2011-10-21 20:12 . 2011-10-21 20:12 2763264 ----a-w- c:\windows\system32\SlotMaximizerBe.dll
2011-10-21 20:07 . 2011-10-21 20:07 125440 ----a-w- c:\windows\system32\SlotMaximizerAg.dll
2011-10-17 17:40 . 2011-10-17 17:40 93712 ----a-w- c:\windows\system32\drivers\AtihdW76.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{20a0be68-8fd9-4539-8712-ce3d1c1fdfc6}]
2011-12-22 21:17 262312 ----a-w- c:\program files (x86)\blekkotb\auxi\blekkoAu.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{26c9e18c-3717-4be1-a225-04e4471f5b6e}]
2011-12-22 21:16 86696 ----a-w- c:\program files (x86)\blekkotb\blekkoDx.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2011-12-28 13:22 1574240 ----a-w- c:\program files (x86)\AVG Secure Search\9.0.0.23\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\9.0.0.23\AVG Secure Search_toolbar.dll" [2011-12-28 1574240]
"{26c9e18c-3717-4be1-a225-04e4471f5b6e}"= "c:\program files (x86)\blekkotb\blekkoDx.dll" [2011-12-22 86696]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CLASSES_ROOT\clsid\{26c9e18c-3717-4be1-a225-04e4471f5b6e}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ASUS AiChargerPlus Execute"="c:\program files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe" [2010-11-08 465536]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2011-12-03 2415456]
"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2011-12-28 892768]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-11-09 343168]
"Anti-phishing Domain Advisor"="c:\programdata\Anti-phishing Domain Advisor\visicom_antiphishing.exe" [2011-12-21 206504]
.
c:\users\martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
AntiCrash.lnk - c:\program files (x86)\Dachshund Software\AntiCrash\AntiCrash.exe [2002-12-17 2301798]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R1 EIO64;EIO Driver;c:\windows\system32\DRIVERS\EIO64.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-12 136176]
R3 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-12 136176]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 AiChargerPlus;ASUS Charger Plus Driver;c:\windows\system32\DRIVERS\AiChargerPlus.sys [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys [x]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x]
S0 DiskSec;Magix Volume Filter Driver; [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys [x]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-12-28 140672]
S2 AdvancedSystemCareService;Advanced SystemCare Service;c:\program files (x86)\IObit\Advanced SystemCare 4\ASCService.exe [2011-08-09 328536]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-11-09 361984]
S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2011-06-24 55424]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [2010-11-03 918144]
S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [2010-12-02 915584]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [2010-10-21 586880]
S2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2012\avgfws.exe [2011-11-23 2391832]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
S2 MAGIX StartUp Analyze Service;MAGIX StartUp Analyze Service;c:\program files (x86)\MAGIX\PC_Check_Tuning_2011_Download_Version\MXSAS.exe [2010-11-18 196096]
S2 vToolbarUpdater;vToolbarUpdater;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe [2011-12-28 869216]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-01-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-12 17:48]
.
2012-01-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-12 17:48]
.
2012-01-11 c:\windows\Tasks\PCCT - MAGIX AG.job
- c:\program files (x86)\MAGIX\PC_Check_Tuning_2011_Download_Version\MxTray.exe [2010-10-04 14:13]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-19 11613288]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
TCP: DhcpNameServer = 192.168.1.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\9.0.1\ViProtocol.dll
FF - ProfilePath - c:\users\martin\AppData\Roaming\Mozilla\Firefox\Profiles\kd283fb1.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.aol.co.uk/?icid=aoluk5logorefresh&dlact=dl1
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10d.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10d.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\IObit\Advanced SystemCare 4\PMonitor.exe
c:\windows\DAODx.exe
c:\program files (x86)\ASUS\AI Suite II\AsRoutineController.exe
c:\program files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
c:\program files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
c:\program files (x86)\ASUS\AI Suite II\AI Suite II.exe
c:\program files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
.
**************************************************************************
.
Completion time: 2012-01-11 16:55:29 - machine was rebooted
ComboFix-quarantined-files.txt 2012-01-11 16:55
.
Pre-Run: 960,166,092,800 bytes free
Post-Run: 960,020,385,792 bytes free
.
- - End Of File - - 86FF0FBFC9F8B310FE739A6CAE4A9CD9
hi there heres my new dds file .
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by martin at 18:41:46 on 2012-01-11
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.8138.6416 [GMT 0:00]
.
AV: AVG Internet Security 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Internet Security 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
FW: AVG Firewall *Enabled* {621CC794-9486-F902-D092-0484E8EA828B}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\ATKFUSService.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe
C:\Program Files\ASUS\GamerOSD\ATKFastUserSwitching.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 4\PMonitor.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Windows\Explorer.EXE
C:\Windows\DAODx.exe
C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
C:\Program Files (x86)\MAGIX\PC_Check_Tuning_2011_Download_Version\MxTray.exe
C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
C:\Program Files (x86)\AVG\AVG2012\avgfws.exe
C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe
C:\Windows\Integrator.exe
C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\AVG\AVG2012\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
C:\Windows\system32\DllHost.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
BHO: Updater For Spam Free Search Bar: {20a0be68-8fd9-4539-8712-ce3d1c1fdfc6} - C:\Program Files (x86)\blekkotb\auxi\blekkoAu.dll
BHO: Spam Free Search Bar: {26c9e18c-3717-4be1-a225-04e4471f5b6e} - C:\Program Files (x86)\blekkotb\blekkoDx.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\9.0.0.23\AVG Secure Search_toolbar.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\9.0.0.23\AVG Secure Search_toolbar.dll
TB: Spam Free Search Bar: {26c9e18c-3717-4be1-a225-04e4471f5b6e} - C:\Program Files (x86)\blekkotb\blekkoDx.dll
{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}
mRun: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe"
StartupFolder: C:\Users\martin\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ANTICR~1.LNK - C:\Program Files (x86)\Dachshund Software\AntiCrash\AntiCrash.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{053F4FB4-A421-4969-872A-359EFFFF95A1} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{053F4FB4-A421-4969-872A-359EFFFF95A1}\D616274796E646166796466343 : DhcpNameServer = 192.168.1.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\9.0.1\ViProtocol.dll
BHO-X64: Updater For Spam Free Search Bar: {20a0be68-8fd9-4539-8712-ce3d1c1fdfc6} - C:\Program Files (x86)\blekkotb\auxi\blekkoAu.dll
BHO-X64: Updater For Spam Free Search Bar - No File
BHO-X64: Spam Free Search Bar: {26c9e18c-3717-4be1-a225-04e4471f5b6e} - C:\Program Files (x86)\blekkotb\blekkoDx.dll
BHO-X64: Spam Free Search Bar - No File
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\9.0.0.23\AVG Secure Search_toolbar.dll
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
TB-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\9.0.0.23\AVG Secure Search_toolbar.dll
TB-X64: Spam Free Search Bar: {26c9e18c-3717-4be1-a225-04e4471f5b6e} - C:\Program Files (x86)\blekkotb\blekkoDx.dll
mRun-x64: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun-x64: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\martin\AppData\Roaming\Mozilla\Firefox\Profiles\kd283fb1.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.aol.co.uk/?icid=aoluk5logorefresh&dlact=dl1
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AiChargerPlus;ASUS Charger Plus Driver;C:\Windows\system32\DRIVERS\AiChargerPlus.sys --> C:\Windows\system32\DRIVERS\AiChargerPlus.sys [?]
R0 amd_sata;amd_sata;C:\Windows\system32\DRIVERS\amd_sata.sys --> C:\Windows\system32\DRIVERS\amd_sata.sys [?]
R0 amd_xata;amd_xata;C:\Windows\system32\DRIVERS\amd_xata.sys --> C:\Windows\system32\DRIVERS\amd_xata.sys [?]
R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]
R0 DiskSec;Magix Volume Filter Driver;C:\Windows\system32\drivers\DiskSec.sys --> C:\Windows\system32\drivers\DiskSec.sys [?]
R1 Avgfwfd;AVG network filter service;C:\Windows\system32\DRIVERS\avgfwd6a.sys --> C:\Windows\system32\DRIVERS\avgfwd6a.sys [?]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]
R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2011-7-19 140672]
R2 AdvancedSystemCareService;Advanced SystemCare Service;C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe [2011-12-13 328536]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-11-9 361984]
R2 AODDriver4.01;AODDriver4.01;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2011-6-24 55424]
R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [2010-11-3 918144]
R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [2010-12-2 915584]
R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [2011-12-12 586880]
R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG2012\avgfws.exe [2011-11-23 2391832]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 192776]
R2 vToolbarUpdater;vToolbarUpdater;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe [2011-12-28 869216]
R3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys --> C:\Windows\system32\DRIVERS\amdiox64.sys [?]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\system32\DRIVERS\asmthub3.sys --> C:\Windows\system32\DRIVERS\asmthub3.sys [?]
R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\system32\DRIVERS\asmtxhci.sys --> C:\Windows\system32\DRIVERS\asmtxhci.sys [?]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]
R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?]
R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-12 136176]
S2 MAGIX StartUp Analyze Service;MAGIX StartUp Analyze Service;C:\Program Files (x86)\MAGIX\PC_Check_Tuning_2011_Download_Version\MXSAS.exe [2010-10-12 196096]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-12 136176]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2012-01-11 18:29:16 64512 ---ha-w- C:\Users\martin\AppData\Roaming\dach100.dll
2012-01-11 17:12:42 -------- d-sh--w- C:\$RECYCLE.BIN
2012-01-11 16:48:14 98816 ----a-w- C:\Windows\sed.exe
2012-01-11 16:48:14 518144 ----a-w- C:\Windows\SWREG.exe
2012-01-11 16:48:14 256000 ----a-w- C:\Windows\PEV.exe
2012-01-11 16:48:14 208896 ----a-w- C:\Windows\MBR.exe
2012-01-11 16:35:46 -------- d-----w- C:\Users\martin\AppData\Local\blekkotb
2012-01-11 16:35:45 -------- d-----w- C:\ProgramData\Anti-phishing Domain Advisor
2012-01-11 16:35:42 -------- d-----w- C:\Program Files (x86)\blekkotb
2012-01-11 13:01:08 -------- d-----w- C:\Users\martin\AppData\Local\{AEE908D3-7CA5-407E-88A9-EF6C12BC7571}
2012-01-11 13:00:55 -------- d-----w- C:\Users\martin\AppData\Local\{76BDBDEA-804F-4767-9992-E8729CA3B658}
2012-01-10 20:39:29 -------- d-----w- C:\Users\martin\AppData\Local\ElevatedDiagnostics
2012-01-10 20:30:13 25160 ----a-w- C:\Windows\System32\drivers\hitmanpro36.sys
2012-01-10 20:29:46 -------- d-----w- C:\Program Files\HitmanPro
2012-01-10 20:29:39 -------- d-----w- C:\ProgramData\HitmanPro
2012-01-10 18:24:06 55384 ----a-w- C:\Windows\System32\drivers\SBREDrv.sys
2012-01-10 17:47:33 -------- d-----w- C:\Users\martin\AppData\Local\{D6434A5C-FED7-4B7B-B9D5-05B71EC532CE}
2012-01-10 17:47:21 -------- d-----w- C:\Users\martin\AppData\Local\{9273BEEB-C639-4D7A-8DA4-7443F2E4D276}
2012-01-09 20:33:23 -------- d-----w- C:\ProgramData\XoftSpySE
2012-01-09 19:14:49 230952 ----a-w- C:\Windows\System32\drivers\PCTSD64.sys
2012-01-09 19:14:49 -------- d-----w- C:\Program Files (x86)\Common Files\PC Tools
2012-01-09 19:12:28 -------- d-----w- C:\Users\martin\AppData\Roaming\TestApp
2012-01-09 19:12:28 -------- d-----w- C:\ProgramData\PC Tools
2012-01-09 13:55:38 -------- d-----w- C:\Program Files (x86)\AMD APP
2012-01-09 13:55:34 -------- d-----w- C:\Program Files (x86)\Common Files\ATI Technologies
2012-01-09 13:53:31 -------- d-----w- C:\ATI
2012-01-09 13:50:24 -------- d-----w- C:\Users\martin\AppData\Local\{6CCB1F71-FA60-4670-8224-FD190291C950}
2012-01-09 13:50:12 -------- d-----w- C:\Users\martin\AppData\Local\{A6362FDF-C3C0-4A40-91C0-9C34BB642BC0}
2012-01-08 11:20:17 -------- d-----w- C:\Users\martin\AppData\Local\{5B48E6AE-3E3D-40B8-8E20-6A3C8E40B86D}
2012-01-08 11:20:06 -------- d-----w- C:\Users\martin\AppData\Local\{65EA5F3C-50AB-4C57-9FB6-627A0EC349DC}
2012-01-07 11:30:59 -------- d-----w- C:\Users\martin\AppData\Local\{EA42B4BE-F9A6-4F10-A8F6-EE189AC6C9AE}
2012-01-07 11:30:48 -------- d-----w- C:\Users\martin\AppData\Local\{7E0E6A56-D508-45F0-A0C1-5586543611BD}
2012-01-06 16:58:30 -------- d-----w- C:\Users\martin\AppData\Local\{1A2AF5B3-2052-4F62-9FB1-162FE39DEB74}
2012-01-06 16:58:19 -------- d-----w- C:\Users\martin\AppData\Local\{EF20225A-063B-4807-A693-119FA0605128}
2012-01-05 13:22:22 -------- d-----w- C:\Users\martin\AppData\Local\{18A26359-018B-409D-BEE5-8D12B1B64646}
2012-01-05 13:22:11 -------- d-----w- C:\Users\martin\AppData\Local\{A5CEDDB0-1082-4043-B956-F4F4F3CE97F1}
2012-01-04 11:55:27 -------- d-----w- C:\Users\martin\AppData\Local\{A4B00FEF-0B4A-410A-878F-3C33E0F91164}
2012-01-04 11:55:16 -------- d-----w- C:\Users\martin\AppData\Local\{64887C9D-BB24-428D-96EC-22EBDB20F1AB}
2012-01-03 13:17:53 -------- d-----w- C:\Users\martin\AppData\Local\{3D94F6DC-1386-46C9-AEA7-24F9EC6BD257}
2012-01-03 13:17:42 -------- d-----w- C:\Users\martin\AppData\Local\{20B601A3-DBD3-4922-9BC2-799D42BF5664}
2012-01-02 16:57:36 -------- d-----w- C:\Users\martin\AppData\Local\{3508D6BA-8363-47AF-8046-5D0F0D91BD8C}
2012-01-02 16:57:25 -------- d-----w- C:\Users\martin\AppData\Local\{196C92BC-12E3-46ED-9D8A-F60D5A458BD5}
2011-12-31 19:06:09 -------- d-----w- C:\Users\martin\AppData\Local\{1588EC49-587C-459C-9375-A5C43FE03BB2}
2011-12-31 19:05:54 -------- d-----w- C:\Users\martin\AppData\Local\{6196876E-35DC-48C2-AAA0-54842A321BAF}
2011-12-30 17:45:21 -------- d-----w- C:\Users\martin\AppData\Local\{D98DAFB0-298E-4167-9877-6E68E0D5C1AE}
2011-12-30 17:45:10 -------- d-----w- C:\Users\martin\AppData\Local\{EFA01C89-D566-4970-A9F7-8D862680A55D}
2011-12-29 21:02:10 -------- d-----w- C:\Users\martin\AppData\Roaming\Curiolab
2011-12-29 19:50:49 -------- d-----w- C:\Program Files (x86)\Advanced Spyware Remover
2011-12-29 13:53:20 -------- d-----w- C:\Users\martin\AppData\Local\{E2D1B3F8-51D8-4EFD-B2FF-47B48C32C933}
2011-12-29 13:53:09 -------- d-----w- C:\Users\martin\AppData\Local\{ABAE8172-E919-40A6-A9EE-6B139A96E32C}
2011-12-28 20:45:47 -------- d-----w- C:\Windows\pss
2011-12-28 14:34:44 -------- d-----w- C:\ProgramData\!SASCORE
2011-12-28 14:34:42 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2011-12-28 13:22:32 -------- d-----w- C:\Users\martin\AppData\Roaming\AVG2012
2011-12-28 13:22:12 -------- d-----w- C:\ProgramData\AVG Secure Search
2011-12-28 13:22:10 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search
2011-12-28 13:22:09 -------- d-----w- C:\Program Files (x86)\AVG Secure Search
2011-12-28 13:22:02 -------- d-----w- C:\Windows\SysWow64\drivers\AVG
2011-12-28 13:21:44 -------- d-----w- C:\Windows\System32\drivers\AVG
2011-12-28 13:21:44 -------- d-----w- C:\ProgramData\AVG2012
2011-12-28 13:21:00 -------- d-----w- C:\Program Files (x86)\AVG
2011-12-28 11:43:32 -------- d-----w- C:\Users\martin\AppData\Local\{625DA88F-8474-4A2C-A7B9-6AE25CBB97B2}
2011-12-28 11:43:20 -------- d-----w- C:\Users\martin\AppData\Local\{5D600DF1-3A95-4641-AAC3-1C31ECD0694F}
2011-12-27 14:53:41 -------- d-----w- C:\Users\martin\AppData\Local\{A81E2CDA-A488-48D0-8432-B876D72E80DB}
2011-12-27 14:53:30 -------- d-----w- C:\Users\martin\AppData\Local\{8BB41815-F082-4771-B25D-EDB54B988991}
2011-12-27 12:49:05 -------- d-----w- C:\Users\martin\AppData\Local\{3EDEA225-F3DE-40E3-B063-F70DEA70346F}
2011-12-27 12:48:54 -------- d-----w- C:\Users\martin\AppData\Local\{56FBA2E9-89DE-466E-B104-03279D274810}
2011-12-26 19:08:10 -------- d-----w- C:\Users\martin\AppData\Roaming\TuneUp Software
2011-12-26 19:07:57 -------- d-----w- C:\ProgramData\TuneUp Software
2011-12-26 19:07:54 -------- d-sh--w- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2011-12-26 18:56:50 -------- d-----w- C:\Users\martin\AppData\Roaming\Auslogics
2011-12-26 18:55:47 -------- d-----w- C:\Program Files (x86)\Auslogics
2011-12-26 12:02:09 -------- d-----w- C:\Users\martin\AppData\Local\{27BD5B4C-ADA1-4EEA-A04C-C9483A9E8A97}
2011-12-26 12:01:58 -------- d-----w- C:\Users\martin\AppData\Local\{709EB311-8B12-4EAA-8609-0743F5F344F3}
2011-12-25 15:38:12 -------- d-----w- C:\Users\martin\AppData\Local\{FA7E1B4F-F202-4F01-945C-D91C5A66F855}
2011-12-25 15:38:01 -------- d-----w- C:\Users\martin\AppData\Local\{1D4BF17D-B61E-4979-9D37-B3F1E18D0B7C}
2011-12-25 14:33:56 -------- d-----w- C:\Users\martin\AppData\Local\{A4DFA5A7-BBD0-4859-9C6A-31282D46EE6E}
2011-12-25 14:33:45 -------- d-----w- C:\Users\martin\AppData\Local\{B22209F6-47C2-4242-80E7-5262E002EC56}
2011-12-24 20:06:44 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-12-24 19:19:34 -------- d-----w- C:\Program Files (x86)\inKline Global
2011-12-24 18:21:47 -------- d-----w- C:\Users\martin\AppData\Local\{FDAF3472-2E95-44CF-810D-9F86FF0FAA00}
2011-12-24 18:21:35 -------- d-----w- C:\Users\martin\AppData\Local\{2CA25035-1B0A-415F-9267-8CAF53449178}
2011-12-24 16:58:03 -------- d-----w- C:\Users\martin\AppData\Roaming\SUPERAntiSpyware.com
2011-12-24 16:57:41 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2011-12-24 15:34:00 -------- d-----w- C:\Users\martin\AppData\Local\{36E2EC0C-9354-48C8-9F66-0EA5CC80FB63}
2011-12-24 15:33:49 -------- d-----w- C:\Users\martin\AppData\Local\{08BF9FB5-B43A-422E-AB53-31785BEB39E7}
2011-12-23 17:09:41 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2011-12-23 16:48:50 -------- d-----w- C:\Users\martin\AppData\Local\{77068C7F-7CCE-4F7F-A938-CAA682B9FE75}
2011-12-23 16:48:35 -------- d-----w- C:\Users\martin\AppData\Local\{335A06C6-D16F-4437-B17E-63D4B3691C0B}
2011-12-22 13:12:25 -------- d-----w- C:\ProgramData\IObit
2011-12-22 13:06:13 -------- d-----w- C:\Users\martin\AppData\Local\{65E40E6F-CF49-4434-90EC-06C63023BA4F}
2011-12-22 13:06:02 -------- d-----w- C:\Users\martin\AppData\Local\{1137D1A5-C278-4999-82EF-1A97D547A97F}
2011-12-21 19:21:58 -------- d-----w- C:\Users\martin\AppData\Local\{62B3CFDE-05D5-49EA-B186-F34808FCE3DD}
2011-12-21 19:21:47 -------- d-----w- C:\Users\martin\AppData\Local\{807A8034-298E-40FA-8DCB-CC70EF1CB669}
2011-12-20 21:04:15 -------- d-----w- C:\Program Files (x86)\Dachshund Software
2011-12-20 20:45:42 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2011-12-20 18:08:59 -------- d-----w- C:\Users\martin\AppData\Roaming\Malwarebytes
2011-12-20 18:08:56 -------- d-----w- C:\ProgramData\Malwarebytes
2011-12-20 18:08:53 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-12-20 17:27:25 -------- d-----w- C:\Users\martin\AppData\Local\{5A167E43-5691-4EF9-9D9A-2B13FA3856D4}
2011-12-20 17:27:13 -------- d-----w- C:\Users\martin\AppData\Local\{2A8D11DE-FF23-4478-86F2-CDE0F87C70C8}
2011-12-19 18:38:56 -------- d-----w- C:\Users\martin\AppData\Local\Apps
2011-12-19 18:26:54 -------- d-----w- C:\Program Files (x86)\Common Files\MAGIX shared
2011-12-19 17:47:53 663552 ----a-w- C:\Windows\SysWow64\mgxoschk.dll
2011-12-19 17:40:27 27616 ----a-w- C:\Windows\System32\drivers\disksec.sys
2011-12-19 17:40:15 -------- d-----w- C:\ProgramData\MAGIX
2011-12-19 17:40:15 -------- d-----w- C:\Program Files (x86)\MAGIX
2011-12-19 17:32:27 -------- d-----w- C:\Users\martin\AppData\Roaming\MAGIX
2011-12-19 16:42:23 -------- d-----w- C:\Users\martin\AppData\Local\{102062FD-3F97-4A51-8902-DC64B4BD6951}
2011-12-19 16:42:12 -------- d-----w- C:\Users\martin\AppData\Local\{63C98E52-337F-4C41-9FE2-23D6F7751254}
2011-12-18 11:38:00 -------- d-----w- C:\Users\martin\AppData\Local\{6053C415-B6F2-43D8-B8A8-0F4030D337A5}
2011-12-18 11:37:49 -------- d-----w- C:\Users\martin\AppData\Local\{493D444C-11F2-4BDE-A635-AA5106C2B024}
2011-12-17 17:56:19 -------- d-----w- C:\Users\martin\AppData\Local\{F3F1F5F8-454F-42FC-A850-6644D514034E}
2011-12-17 17:56:05 -------- d-----w- C:\Users\martin\AppData\Local\{F31F22BE-F87B-421E-B7C5-111675DD6E37}
2011-12-16 19:43:19 2513344 ----a-w- C:\Windows\PE_Rom.dll
2011-12-16 18:15:03 -------- d-----w- C:\Users\martin\AppData\Local\CrashDumps
2011-12-16 18:14:14 -------- d-----w- C:\Users\martin\AppData\Local\{2DE78E8F-E0E6-4F42-81CF-74C5493C3067}
2011-12-16 18:14:03 -------- d-----w- C:\Users\martin\AppData\Local\{EEACC7D8-817A-40A4-9E7E-C0E5C172B061}
2011-12-15 16:43:31 -------- d-----w- C:\Users\martin\AppData\Local\{8956503E-5741-4C59-B895-ABD9AD1F7ADF}
2011-12-15 16:43:20 -------- d-----w- C:\Users\martin\AppData\Local\{AB7AF5BD-95B5-45FD-A2D8-8F7B4064965A}
2011-12-15 16:43:20 -------- d-----w- C:\Users\martin\AppData\Local\{531140AC-FA50-4563-B843-EC1DBBA3D7F9}
2011-12-14 21:31:35 -------- d-----w- C:\Users\martin\AppData\Local\Diagnostics
2011-12-14 16:00:57 924632 ----a-w- C:\Program Files (x86)\Mozilla Firefox\nsnB443.tmp\firefox.exe
2011-12-14 15:54:51 -------- d-----w- C:\Users\martin\AppData\Local\{20525307-8D35-42B2-B9CD-3A6F41F42489}
2011-12-14 15:54:40 -------- d-----w- C:\Users\martin\AppData\Local\{41D7649A-16AD-4FE4-AA21-43C4444724EA}
2011-12-13 21:22:11 -------- d-----w- C:\ProgramData\CodecCheck
2011-12-13 21:22:09 -------- d-----w- C:\codec-info
2011-12-13 21:21:43 -------- d-----w- C:\Users\martin\AppData\Local\Babylon
2011-12-13 21:21:41 -------- d-----w- C:\Users\martin\AppData\Roaming\Babylon
2011-12-13 21:21:41 -------- d-----w- C:\ProgramData\Babylon
2011-12-13 21:21:11 -------- d-----w- C:\ProgramData\Premium
2011-12-13 21:21:11 -------- d-----w- C:\ProgramData\InstallMate
2011-12-13 21:14:29 -------- d-----w- C:\Program Files (x86)\DivX
2011-12-13 21:14:29 -------- d-----w- C:\Program Files (x86)\Common Files\DivX Shared
2011-12-13 20:21:37 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2011-12-13 19:58:12 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2011-12-13 19:58:12 2048 ----a-w- C:\Windows\System32\tzres.dll
2011-12-13 19:58:08 3145216 ----a-w- C:\Windows\System32\win32k.sys
2011-12-13 19:58:07 723456 ----a-w- C:\Windows\System32\EncDec.dll
2011-12-13 19:58:07 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll
2011-12-13 19:58:06 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2011-12-13 19:18:16 902656 ----a-w- C:\Windows\System32\d2d1.dll
2011-12-13 19:18:16 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
2011-12-13 19:18:16 1544192 ----a-w- C:\Windows\System32\DWrite.dll
2011-12-13 19:18:16 1139200 ----a-w- C:\Windows\System32\FntCache.dll
2011-12-13 19:18:16 1076736 ----a-w- C:\Windows\SysWow64\DWrite.dll
2011-12-13 18:52:17 -------- d--h--w- C:\ProgramData\Common Files
2011-12-13 18:52:07 -------- d-----w- C:\ProgramData\MFAData
2011-12-13 18:20:19 -------- d-----w- C:\Users\martin\AppData\Local\{70B23F72-9277-40A3-93F9-FA9F88EB4347}
2011-12-13 18:20:08 -------- d-----w- C:\Users\martin\AppData\Local\{B6563D5B-3612-4398-9369-A6850B240826}
2011-12-12 23:50:41 -------- d-----w- C:\Windows\Panther
2011-12-12 19:43:13 -------- d-----w- C:\Users\martin\AppData\Roaming\IObit
2011-12-12 19:43:12 -------- d-----w- C:\Program Files (x86)\IObit
2011-12-12 19:28:32 -------- d-----w- C:\Program Files\CCleaner
2011-12-12 19:19:50 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-12-12 19:17:16 -------- d-----w- C:\Users\martin\AppData\Local\Mozilla
.
==================== Find3M ====================
.
2011-12-12 16:10:59 0 ----a-w- C:\Windows\ativpsrm.bin
2011-11-15 14:29:56 270720 ------w- C:\Windows\System32\MpSigStub.exe
2011-11-10 03:45:30 10567680 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
2011-11-10 03:20:50 25218048 ----a-w- C:\Windows\System32\atio6axx.dll
2011-11-10 03:17:10 159744 ----a-w- C:\Windows\System32\atiapfxx.exe
2011-11-10 03:16:56 774656 ----a-w- C:\Windows\SysWow64\aticfx32.dll
2011-11-10 03:15:20 927232 ----a-w- C:\Windows\System32\aticfx64.dll
2011-11-10 03:12:24 466944 ----a-w- C:\Windows\System32\ATIDEMGX.dll
2011-11-10 03:12:10 516608 ----a-w- C:\Windows\System32\atieclxx.exe
2011-11-10 03:11:32 204288 ----a-w- C:\Windows\System32\atiesrxx.exe
2011-11-10 03:10:18 120320 ----a-w- C:\Windows\System32\atitmm64.dll
2011-11-10 03:09:58 423424 ----a-w- C:\Windows\System32\atipdl64.dll
2011-11-10 03:09:52 360448 ----a-w- C:\Windows\SysWow64\atipdlxx.dll
2011-11-10 03:09:40 278528 ----a-w- C:\Windows\SysWow64\Oemdspif.dll
2011-11-10 03:09:34 21504 ----a-w- C:\Windows\System32\atimuixx.dll
2011-11-10 03:09:30 59392 ----a-w- C:\Windows\System32\atiedu64.dll
2011-11-10 03:09:24 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll
2011-11-10 03:06:20 6077952 ----a-w- C:\Windows\SysWow64\atidxx32.dll
2011-11-10 02:58:20 18996224 ----a-w- C:\Windows\SysWow64\atioglxx.dll
2011-11-10 02:51:18 7405056 ----a-w- C:\Windows\System32\atidxx64.dll
2011-11-10 02:40:52 1113088 ----a-w- C:\Windows\System32\atiumd6v.dll
2011-11-10 02:40:18 1828864 ----a-w- C:\Windows\SysWow64\atiumdmv.dll
2011-11-10 02:40:04 4061696 ----a-w- C:\Windows\System32\atiumd6a.dll
2011-11-10 02:34:54 51200 ----a-w- C:\Windows\System32\aticalrt64.dll
2011-11-10 02:34:52 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll
2011-11-10 02:34:44 44544 ----a-w- C:\Windows\System32\aticalcl64.dll
2011-11-10 02:34:42 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll
2011-11-10 02:34:28 13552640 ----a-w- C:\Windows\System32\aticaldd64.dll
2011-11-10 02:33:52 5852672 ----a-w- C:\Windows\SysWow64\atiumdag.dll
2011-11-10 02:29:58 11300864 ----a-w- C:\Windows\SysWow64\aticaldd.dll
2011-11-10 02:29:46 4200960 ----a-w- C:\Windows\SysWow64\atiumdva.dll
2011-11-10 02:24:26 7439360 ----a-w- C:\Windows\System32\atiumd64.dll
2011-11-10 02:18:44 58880 ----a-w- C:\Windows\System32\coinst.dll
2011-11-10 02:13:32 494592 ----a-w- C:\Windows\System32\atiadlxx.dll
2011-11-10 02:13:22 348160 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
2011-11-10 02:13:08 17408 ----a-w- C:\Windows\System32\atig6pxx.dll
2011-11-10 02:13:04 14336 ----a-w- C:\Windows\SysWow64\atiglpxx.dll
2011-11-10 02:13:04 14336 ----a-w- C:\Windows\System32\atiglpxx.dll
2011-11-10 02:13:00 39936 ----a-w- C:\Windows\System32\atig6txx.dll
2011-11-10 02:12:52 32768 ----a-w- C:\Windows\SysWow64\atigktxx.dll
2011-11-10 02:12:44 325632 ----a-w- C:\Windows\System32\drivers\atikmpag.sys
2011-11-10 02:11:54 41984 ----a-w- C:\Windows\System32\atiuxp64.dll
2011-11-10 02:11:46 32256 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
2011-11-10 02:11:40 39424 ----a-w- C:\Windows\System32\atiu9p64.dll
2011-11-10 02:11:32 54784 ----a-w- C:\Windows\System32\atimpc64.dll
2011-11-10 02:11:32 54784 ----a-w- C:\Windows\System32\amdpcom64.dll
2011-11-10 02:11:32 29184 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
2011-11-10 02:11:26 53760 ----a-w- C:\Windows\SysWow64\atimpc32.dll
2011-11-10 02:11:26 53760 ----a-w- C:\Windows\SysWow64\amdpcom32.dll
2011-11-10 02:10:54 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll
2011-11-09 22:39:50 69632 ----a-w- C:\Windows\System32\OpenVideo64.dll
2011-11-09 22:39:44 59904 ----a-w- C:\Windows\SysWow64\OpenVideo.dll
2011-11-09 22:39:36 61952 ----a-w- C:\Windows\System32\OVDecode64.dll
2011-11-09 22:39:32 54784 ----a-w- C:\Windows\SysWow64\OVDecode.dll
2011-11-09 22:39:22 17442304 ----a-w- C:\Windows\System32\amdocl64.dll
2011-11-09 22:38:40 14375936 ----a-w- C:\Windows\SysWow64\amdocl.dll
2011-11-09 22:37:50 51200 ----a-w- C:\Windows\System32\OpenCL.dll
2011-11-09 22:37:46 44032 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2011-11-04 01:53:39 2309120 ----a-w- C:\Windows\System32\jscript9.dll
2011-11-04 01:44:47 1390080 ----a-w- C:\Windows\System32\wininet.dll
2011-11-04 01:44:21 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
2011-11-04 01:34:43 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2011-11-03 22:47:42 1798144 ----a-w- C:\Windows\SysWow64\jscript9.dll
2011-11-03 22:40:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2011-11-03 22:39:47 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-11-03 22:31:57 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-10-21 20:16:12 1843200 ----a-w- C:\Windows\SysWow64\SlotMaximizerBe.dll
2011-10-21 20:15:46 104448 ----a-w- C:\Windows\SysWow64\SlotMaximizerAg.dll
2011-10-21 20:12:32 2763264 ----a-w- C:\Windows\System32\SlotMaximizerBe.dll
2011-10-21 20:07:42 125440 ----a-w- C:\Windows\System32\SlotMaximizerAg.dll
2011-10-17 17:40:50 93712 ----a-w- C:\Windows\System32\drivers\AtihdW76.sys
.
============= FINISH: 18:42:04.32 ===============
Hi again,
Uninstall vulnerable Flash versions by following instructions here (http://kb2.adobe.com/cps/141/tn_14157.html). Fresh version can be obtained here (http://get.adobe.com/flashplayer/).
* Go here (http://www.eset.eu/online-scanner) to run an online scanner from ESET.
Note: You will need to use Internet explorer for this scan
Tick the box next to YES, I accept the Terms of Use.
Click Start
When asked, allow the activex control to install
Click Start
Make sure that the option Remove found threats is UNchecked and the option Scan unwanted applications is checkmarked.
Click Scan
Wait for the scan to finish.
Post back its report & a fresh dds.txt log. How's the system now?
hi again i made a mistake and used google chrome to download est online scanner as i never used internet explorer, and another mistake i forgot uncheck the option remove found threats, and it found 2 infections wich it cleaned, im so sorry hope i havent messed up, anyway i downloaded eset online scanner again on internet explorer and heres my new dds log, regards martin.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 12/12/2011 15:58:14
System Uptime: 12/01/2012 19:59:17 (1 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | M5A97
Processor: AMD FX(tm)-8120 Eight-Core Processor | AM3r2 | 3100/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 931 GiB total, 893.449 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP73: 28/12/2011 21:48:48 - Installed HiJackThis
RP74: 29/12/2011 17:58:02 - MAGIX PC Check & Tuning 2011 (PC Check)
RP75: 29/12/2011 18:08:47 - Installed Kaspersky Internet Security 2011.
RP76: 29/12/2011 21:28:18 - Removed HiJackThis
RP77: 30/12/2011 17:58:24 - Installed HiJackThis
RP78: 05/01/2012 20:40:13 - Removed HiJackThis
RP79: 08/01/2012 18:07:13 - Removed TuneUp Utilities 2012
RP80: 08/01/2012 18:07:57 - Removed TuneUp Utilities Language Pack (en-US)
RP81: 09/01/2012 18:45:46 - MAGIX PC Check & Tuning 2011 (PC Check)
RP82: 10/01/2012 18:20:11 - Installed Ad-Aware
RP83: 10/01/2012 18:20:38 - Installed Ad-Aware
RP84: 10/01/2012 19:17:00 - Removed Ad-Aware
RP85: 11/01/2012 20:42:41 - Windows Update
.
==== Installed Programs ======================
.
Advanced Spyware Remover Free Edition
Advanced SystemCare 4
AI Suite II
AMD VISION Engine Control Center
Anti-phishing Domain Advisor
AntiCrash 3.6.1
Asmedia ASM104x USB 3.0 Host Controller Driver
ASUS Gamer OSD
ASUS VGA Driver
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
CCC Help English
D3DX10
DivX Web Player
ESET Online Scanner v3
Google Chrome
Google Update Helper
HydraVision
Junk Mail filter update
MAGIX PC Check & Tuning 2011 Download Version
MAGIX Screenshare
Malwarebytes Anti-Malware version 1.60.0.1800
Messenger Companion
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Mozilla Firefox 8.0.1 (x86 en-US)
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
PC Booster
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Spam Free Search Bar
Spybot - Search & Destroy
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Utility
VC80CRTRedist - 8.0.50727.762
Visual Studio 2008 x64 Redistributables
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
XviD MPEG-4 Video Codec
.
==== Event Viewer Messages From Past Week ========
.
11/01/2012 16:51:41, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
10/01/2012 20:39:27, Error: Service Control Manager [7001] - The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
09/01/2012 20:38:39, Error: Service Control Manager [7034] - The PC Tools Security Service service terminated unexpectedly. It has done this 1 time(s).
09/01/2012 19:18:58, Error: PCTCore [280] -
.
==== End Of File ===========================
i forgot uncheck the option remove found threats, and it found 2 infections wich it cleanedDid you note down what was removed? Please post dds.txt contents too (you posted attach.txt contents there).
How's the system doing?
hi again i just relized i gave you dds report with internet explorer wich i dont very much use, i use google chrome 99percent of the time so heres my dds log from google chrome .
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by martin at 21:14:34 on 2012-01-12
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.8138.6225 [GMT 0:00]
.
AV: AVG Internet Security 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Internet Security 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
FW: AVG Firewall *Enabled* {621CC794-9486-F902-D092-0484E8EA828B}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2012\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\ATKFUSService.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe
C:\Program Files\ASUS\GamerOSD\ATKFastUserSwitching.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 4\PMonitor.exe
C:\Program Files (x86)\MAGIX\PC_Check_Tuning_2011_Download_Version\MxTray.exe
C:\Windows\DAODx.exe
C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
C:\Program Files (x86)\AVG\AVG2012\avgfws.exe
C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Windows\Integrator.exe
C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe
C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
C:\Windows\system32\DllHost.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\msiexec.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
BHO: Updater For Spam Free Search Bar: {20a0be68-8fd9-4539-8712-ce3d1c1fdfc6} - C:\Program Files (x86)\blekkotb\auxi\blekkoAu.dll
BHO: Spam Free Search Bar: {26c9e18c-3717-4be1-a225-04e4471f5b6e} - C:\Program Files (x86)\blekkotb\blekkoDx.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\9.0.0.23\AVG Secure Search_toolbar.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\9.0.0.23\AVG Secure Search_toolbar.dll
TB: Spam Free Search Bar: {26c9e18c-3717-4be1-a225-04e4471f5b6e} - C:\Program Files (x86)\blekkotb\blekkoDx.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
mRun: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe"
StartupFolder: C:\Users\martin\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ANTICR~1.LNK - C:\Program Files (x86)\Dachshund Software\AntiCrash\AntiCrash.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{053F4FB4-A421-4969-872A-359EFFFF95A1} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{053F4FB4-A421-4969-872A-359EFFFF95A1}\D616274796E646166796466343 : DhcpNameServer = 192.168.1.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\9.0.1\ViProtocol.dll
BHO-X64: Updater For Spam Free Search Bar: {20a0be68-8fd9-4539-8712-ce3d1c1fdfc6} - C:\Program Files (x86)\blekkotb\auxi\blekkoAu.dll
BHO-X64: Updater For Spam Free Search Bar - No File
BHO-X64: Spam Free Search Bar: {26c9e18c-3717-4be1-a225-04e4471f5b6e} - C:\Program Files (x86)\blekkotb\blekkoDx.dll
BHO-X64: Spam Free Search Bar - No File
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\9.0.0.23\AVG Secure Search_toolbar.dll
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\9.0.0.23\AVG Secure Search_toolbar.dll
TB-X64: Spam Free Search Bar: {26c9e18c-3717-4be1-a225-04e4471f5b6e} - C:\Program Files (x86)\blekkotb\blekkoDx.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
mRun-x64: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun-x64: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\martin\AppData\Roaming\Mozilla\Firefox\Profiles\kd283fb1.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.aol.co.uk/?icid=aoluk5logorefresh&dlact=dl1
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AiChargerPlus;ASUS Charger Plus Driver;C:\Windows\system32\DRIVERS\AiChargerPlus.sys --> C:\Windows\system32\DRIVERS\AiChargerPlus.sys [?]
R0 amd_sata;amd_sata;C:\Windows\system32\DRIVERS\amd_sata.sys --> C:\Windows\system32\DRIVERS\amd_sata.sys [?]
R0 amd_xata;amd_xata;C:\Windows\system32\DRIVERS\amd_xata.sys --> C:\Windows\system32\DRIVERS\amd_xata.sys [?]
R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]
R0 DiskSec;Magix Volume Filter Driver;C:\Windows\system32\drivers\DiskSec.sys --> C:\Windows\system32\drivers\DiskSec.sys [?]
R1 Avgfwfd;AVG network filter service;C:\Windows\system32\DRIVERS\avgfwd6a.sys --> C:\Windows\system32\DRIVERS\avgfwd6a.sys [?]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]
R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2011-7-19 140672]
R2 AdvancedSystemCareService;Advanced SystemCare Service;C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe [2011-12-13 328536]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-11-9 361984]
R2 AODDriver4.01;AODDriver4.01;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2011-6-24 55424]
R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [2010-11-3 918144]
R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [2010-12-2 915584]
R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [2011-12-12 586880]
R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG2012\avgfws.exe [2011-11-23 2391832]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 192776]
R2 vToolbarUpdater;vToolbarUpdater;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe [2011-12-28 869216]
R3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys --> C:\Windows\system32\DRIVERS\amdiox64.sys [?]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\system32\DRIVERS\asmthub3.sys --> C:\Windows\system32\DRIVERS\asmthub3.sys [?]
R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\system32\DRIVERS\asmtxhci.sys --> C:\Windows\system32\DRIVERS\asmtxhci.sys [?]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]
R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?]
R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-12 136176]
S2 MAGIX StartUp Analyze Service;MAGIX StartUp Analyze Service;C:\Program Files (x86)\MAGIX\PC_Check_Tuning_2011_Download_Version\MXSAS.exe [2010-10-12 196096]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-12 136176]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2012-01-12 21:06:09 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-01-12 20:49:56 -------- d-----w- C:\Users\martin\AppData\Local\{F3F9DE25-FC92-463E-8E0D-F14C53382563}
2012-01-12 20:49:45 -------- d-----w- C:\Users\martin\AppData\Local\{79BE121E-FD4A-42CA-A381-5C44C32E8CDB}
2012-01-12 20:02:14 -------- d-----w- C:\Program Files (x86)\ESET
2012-01-11 18:29:16 64512 ---ha-w- C:\Users\martin\AppData\Roaming\dach100.dll
2012-01-11 17:12:42 -------- d-sh--w- C:\$RECYCLE.BIN
2012-01-11 16:48:14 98816 ----a-w- C:\Windows\sed.exe
2012-01-11 16:48:14 518144 ----a-w- C:\Windows\SWREG.exe
2012-01-11 16:48:14 256000 ----a-w- C:\Windows\PEV.exe
2012-01-11 16:48:14 208896 ----a-w- C:\Windows\MBR.exe
2012-01-11 16:35:46 -------- d-----w- C:\Users\martin\AppData\Local\blekkotb
2012-01-11 16:35:45 -------- d-----w- C:\ProgramData\Anti-phishing Domain Advisor
2012-01-11 16:35:42 -------- d-----w- C:\Program Files (x86)\blekkotb
2012-01-11 13:06:43 1572864 ----a-w- C:\Windows\System32\quartz.dll
2012-01-11 13:06:42 77312 ----a-w- C:\Windows\System32\packager.dll
2012-01-11 13:06:42 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2012-01-11 13:06:42 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2012-01-11 13:06:42 366592 ----a-w- C:\Windows\System32\qdvd.dll
2012-01-11 13:06:42 1731920 ----a-w- C:\Windows\System32\ntdll.dll
2012-01-11 13:06:42 1328128 ----a-w- C:\Windows\SysWow64\quartz.dll
2012-01-11 13:06:42 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll
2012-01-11 13:01:08 -------- d-----w- C:\Users\martin\AppData\Local\{AEE908D3-7CA5-407E-88A9-EF6C12BC7571}
2012-01-11 13:00:55 -------- d-----w- C:\Users\martin\AppData\Local\{76BDBDEA-804F-4767-9992-E8729CA3B658}
2012-01-10 20:39:29 -------- d-----w- C:\Users\martin\AppData\Local\ElevatedDiagnostics
2012-01-10 20:30:13 25160 ----a-w- C:\Windows\System32\drivers\hitmanpro36.sys
2012-01-10 20:29:46 -------- d-----w- C:\Program Files\HitmanPro
2012-01-10 20:29:39 -------- d-----w- C:\ProgramData\HitmanPro
2012-01-10 18:24:06 55384 ----a-w- C:\Windows\System32\drivers\SBREDrv.sys
2012-01-10 17:47:33 -------- d-----w- C:\Users\martin\AppData\Local\{D6434A5C-FED7-4B7B-B9D5-05B71EC532CE}
2012-01-10 17:47:21 -------- d-----w- C:\Users\martin\AppData\Local\{9273BEEB-C639-4D7A-8DA4-7443F2E4D276}
2012-01-09 20:33:23 -------- d-----w- C:\ProgramData\XoftSpySE
2012-01-09 19:14:49 230952 ----a-w- C:\Windows\System32\drivers\PCTSD64.sys
2012-01-09 19:14:49 -------- d-----w- C:\Program Files (x86)\Common Files\PC Tools
2012-01-09 19:12:28 -------- d-----w- C:\Users\martin\AppData\Roaming\TestApp
2012-01-09 19:12:28 -------- d-----w- C:\ProgramData\PC Tools
2012-01-09 13:55:38 -------- d-----w- C:\Program Files (x86)\AMD APP
2012-01-09 13:55:34 -------- d-----w- C:\Program Files (x86)\Common Files\ATI Technologies
2012-01-09 13:53:31 -------- d-----w- C:\ATI
2012-01-09 13:50:24 -------- d-----w- C:\Users\martin\AppData\Local\{6CCB1F71-FA60-4670-8224-FD190291C950}
2012-01-09 13:50:12 -------- d-----w- C:\Users\martin\AppData\Local\{A6362FDF-C3C0-4A40-91C0-9C34BB642BC0}
2012-01-08 11:20:17 -------- d-----w- C:\Users\martin\AppData\Local\{5B48E6AE-3E3D-40B8-8E20-6A3C8E40B86D}
2012-01-08 11:20:06 -------- d-----w- C:\Users\martin\AppData\Local\{65EA5F3C-50AB-4C57-9FB6-627A0EC349DC}
2012-01-07 11:30:59 -------- d-----w- C:\Users\martin\AppData\Local\{EA42B4BE-F9A6-4F10-A8F6-EE189AC6C9AE}
2012-01-07 11:30:48 -------- d-----w- C:\Users\martin\AppData\Local\{7E0E6A56-D508-45F0-A0C1-5586543611BD}
2012-01-06 16:58:30 -------- d-----w- C:\Users\martin\AppData\Local\{1A2AF5B3-2052-4F62-9FB1-162FE39DEB74}
2012-01-06 16:58:19 -------- d-----w- C:\Users\martin\AppData\Local\{EF20225A-063B-4807-A693-119FA0605128}
2012-01-05 13:22:22 -------- d-----w- C:\Users\martin\AppData\Local\{18A26359-018B-409D-BEE5-8D12B1B64646}
2012-01-05 13:22:11 -------- d-----w- C:\Users\martin\AppData\Local\{A5CEDDB0-1082-4043-B956-F4F4F3CE97F1}
2012-01-04 11:55:27 -------- d-----w- C:\Users\martin\AppData\Local\{A4B00FEF-0B4A-410A-878F-3C33E0F91164}
2012-01-04 11:55:16 -------- d-----w- C:\Users\martin\AppData\Local\{64887C9D-BB24-428D-96EC-22EBDB20F1AB}
2012-01-03 13:17:53 -------- d-----w- C:\Users\martin\AppData\Local\{3D94F6DC-1386-46C9-AEA7-24F9EC6BD257}
2012-01-03 13:17:42 -------- d-----w- C:\Users\martin\AppData\Local\{20B601A3-DBD3-4922-9BC2-799D42BF5664}
2012-01-02 16:57:36 -------- d-----w- C:\Users\martin\AppData\Local\{3508D6BA-8363-47AF-8046-5D0F0D91BD8C}
2012-01-02 16:57:25 -------- d-----w- C:\Users\martin\AppData\Local\{196C92BC-12E3-46ED-9D8A-F60D5A458BD5}
2011-12-31 19:06:09 -------- d-----w- C:\Users\martin\AppData\Local\{1588EC49-587C-459C-9375-A5C43FE03BB2}
2011-12-31 19:05:54 -------- d-----w- C:\Users\martin\AppData\Local\{6196876E-35DC-48C2-AAA0-54842A321BAF}
2011-12-30 17:45:21 -------- d-----w- C:\Users\martin\AppData\Local\{D98DAFB0-298E-4167-9877-6E68E0D5C1AE}
2011-12-30 17:45:10 -------- d-----w- C:\Users\martin\AppData\Local\{EFA01C89-D566-4970-A9F7-8D862680A55D}
2011-12-29 21:02:10 -------- d-----w- C:\Users\martin\AppData\Roaming\Curiolab
2011-12-29 19:50:49 -------- d-----w- C:\Program Files (x86)\Advanced Spyware Remover
2011-12-29 13:53:20 -------- d-----w- C:\Users\martin\AppData\Local\{E2D1B3F8-51D8-4EFD-B2FF-47B48C32C933}
2011-12-29 13:53:09 -------- d-----w- C:\Users\martin\AppData\Local\{ABAE8172-E919-40A6-A9EE-6B139A96E32C}
2011-12-28 20:45:47 -------- d-----w- C:\Windows\pss
2011-12-28 14:34:44 -------- d-----w- C:\ProgramData\!SASCORE
2011-12-28 14:34:42 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2011-12-28 13:22:32 -------- d-----w- C:\Users\martin\AppData\Roaming\AVG2012
2011-12-28 13:22:12 -------- d-----w- C:\ProgramData\AVG Secure Search
2011-12-28 13:22:10 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search
2011-12-28 13:22:09 -------- d-----w- C:\Program Files (x86)\AVG Secure Search
2011-12-28 13:22:02 -------- d-----w- C:\Windows\SysWow64\drivers\AVG
2011-12-28 13:21:44 -------- d-----w- C:\Windows\System32\drivers\AVG
2011-12-28 13:21:44 -------- d-----w- C:\ProgramData\AVG2012
2011-12-28 13:21:00 -------- d-----w- C:\Program Files (x86)\AVG
2011-12-28 11:43:32 -------- d-----w- C:\Users\martin\AppData\Local\{625DA88F-8474-4A2C-A7B9-6AE25CBB97B2}
2011-12-28 11:43:20 -------- d-----w- C:\Users\martin\AppData\Local\{5D600DF1-3A95-4641-AAC3-1C31ECD0694F}
2011-12-27 14:53:41 -------- d-----w- C:\Users\martin\AppData\Local\{A81E2CDA-A488-48D0-8432-B876D72E80DB}
2011-12-27 14:53:30 -------- d-----w- C:\Users\martin\AppData\Local\{8BB41815-F082-4771-B25D-EDB54B988991}
2011-12-27 12:49:05 -------- d-----w- C:\Users\martin\AppData\Local\{3EDEA225-F3DE-40E3-B063-F70DEA70346F}
2011-12-27 12:48:54 -------- d-----w- C:\Users\martin\AppData\Local\{56FBA2E9-89DE-466E-B104-03279D274810}
2011-12-26 19:08:10 -------- d-----w- C:\Users\martin\AppData\Roaming\TuneUp Software
2011-12-26 19:07:57 -------- d-----w- C:\ProgramData\TuneUp Software
2011-12-26 19:07:54 -------- d-sh--w- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2011-12-26 18:56:50 -------- d-----w- C:\Users\martin\AppData\Roaming\Auslogics
2011-12-26 18:55:47 -------- d-----w- C:\Program Files (x86)\Auslogics
2011-12-26 12:02:09 -------- d-----w- C:\Users\martin\AppData\Local\{27BD5B4C-ADA1-4EEA-A04C-C9483A9E8A97}
2011-12-26 12:01:58 -------- d-----w- C:\Users\martin\AppData\Local\{709EB311-8B12-4EAA-8609-0743F5F344F3}
2011-12-25 15:38:12 -------- d-----w- C:\Users\martin\AppData\Local\{FA7E1B4F-F202-4F01-945C-D91C5A66F855}
2011-12-25 15:38:01 -------- d-----w- C:\Users\martin\AppData\Local\{1D4BF17D-B61E-4979-9D37-B3F1E18D0B7C}
2011-12-25 14:33:56 -------- d-----w- C:\Users\martin\AppData\Local\{A4DFA5A7-BBD0-4859-9C6A-31282D46EE6E}
2011-12-25 14:33:45 -------- d-----w- C:\Users\martin\AppData\Local\{B22209F6-47C2-4242-80E7-5262E002EC56}
2011-12-24 20:06:44 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-12-24 19:19:34 -------- d-----w- C:\Program Files (x86)\inKline Global
2011-12-24 18:21:47 -------- d-----w- C:\Users\martin\AppData\Local\{FDAF3472-2E95-44CF-810D-9F86FF0FAA00}
2011-12-24 18:21:35 -------- d-----w- C:\Users\martin\AppData\Local\{2CA25035-1B0A-415F-9267-8CAF53449178}
2011-12-24 16:58:03 -------- d-----w- C:\Users\martin\AppData\Roaming\SUPERAntiSpyware.com
2011-12-24 16:57:41 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2011-12-24 15:34:00 -------- d-----w- C:\Users\martin\AppData\Local\{36E2EC0C-9354-48C8-9F66-0EA5CC80FB63}
2011-12-24 15:33:49 -------- d-----w- C:\Users\martin\AppData\Local\{08BF9FB5-B43A-422E-AB53-31785BEB39E7}
2011-12-23 17:09:41 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2011-12-23 16:48:50 -------- d-----w- C:\Users\martin\AppData\Local\{77068C7F-7CCE-4F7F-A938-CAA682B9FE75}
2011-12-23 16:48:35 -------- d-----w- C:\Users\martin\AppData\Local\{335A06C6-D16F-4437-B17E-63D4B3691C0B}
2011-12-22 13:12:25 -------- d-----w- C:\ProgramData\IObit
2011-12-22 13:06:13 -------- d-----w- C:\Users\martin\AppData\Local\{65E40E6F-CF49-4434-90EC-06C63023BA4F}
2011-12-22 13:06:02 -------- d-----w- C:\Users\martin\AppData\Local\{1137D1A5-C278-4999-82EF-1A97D547A97F}
2011-12-21 19:21:58 -------- d-----w- C:\Users\martin\AppData\Local\{62B3CFDE-05D5-49EA-B186-F34808FCE3DD}
2011-12-21 19:21:47 -------- d-----w- C:\Users\martin\AppData\Local\{807A8034-298E-40FA-8DCB-CC70EF1CB669}
2011-12-20 21:04:15 -------- d-----w- C:\Program Files (x86)\Dachshund Software
2011-12-20 20:45:42 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2011-12-20 18:08:59 -------- d-----w- C:\Users\martin\AppData\Roaming\Malwarebytes
2011-12-20 18:08:56 -------- d-----w- C:\ProgramData\Malwarebytes
2011-12-20 18:08:53 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-12-20 17:27:25 -------- d-----w- C:\Users\martin\AppData\Local\{5A167E43-5691-4EF9-9D9A-2B13FA3856D4}
2011-12-20 17:27:13 -------- d-----w- C:\Users\martin\AppData\Local\{2A8D11DE-FF23-4478-86F2-CDE0F87C70C8}
2011-12-19 18:38:56 -------- d-----w- C:\Users\martin\AppData\Local\Apps
2011-12-19 18:26:54 -------- d-----w- C:\Program Files (x86)\Common Files\MAGIX shared
2011-12-19 17:47:53 663552 ----a-w- C:\Windows\SysWow64\mgxoschk.dll
2011-12-19 17:40:27 27616 ----a-w- C:\Windows\System32\drivers\disksec.sys
2011-12-19 17:40:15 -------- d-----w- C:\ProgramData\MAGIX
2011-12-19 17:40:15 -------- d-----w- C:\Program Files (x86)\MAGIX
2011-12-19 17:32:27 -------- d-----w- C:\Users\martin\AppData\Roaming\MAGIX
2011-12-19 16:42:23 -------- d-----w- C:\Users\martin\AppData\Local\{102062FD-3F97-4A51-8902-DC64B4BD6951}
2011-12-19 16:42:12 -------- d-----w- C:\Users\martin\AppData\Local\{63C98E52-337F-4C41-9FE2-23D6F7751254}
2011-12-18 11:38:00 -------- d-----w- C:\Users\martin\AppData\Local\{6053C415-B6F2-43D8-B8A8-0F4030D337A5}
2011-12-18 11:37:49 -------- d-----w- C:\Users\martin\AppData\Local\{493D444C-11F2-4BDE-A635-AA5106C2B024}
2011-12-17 17:56:19 -------- d-----w- C:\Users\martin\AppData\Local\{F3F1F5F8-454F-42FC-A850-6644D514034E}
2011-12-17 17:56:05 -------- d-----w- C:\Users\martin\AppData\Local\{F31F22BE-F87B-421E-B7C5-111675DD6E37}
2011-12-16 19:43:19 2513344 ----a-w- C:\Windows\PE_Rom.dll
2011-12-16 18:15:03 -------- d-----w- C:\Users\martin\AppData\Local\CrashDumps
2011-12-16 18:14:14 -------- d-----w- C:\Users\martin\AppData\Local\{2DE78E8F-E0E6-4F42-81CF-74C5493C3067}
2011-12-16 18:14:03 -------- d-----w- C:\Users\martin\AppData\Local\{EEACC7D8-817A-40A4-9E7E-C0E5C172B061}
2011-12-15 16:43:31 -------- d-----w- C:\Users\martin\AppData\Local\{8956503E-5741-4C59-B895-ABD9AD1F7ADF}
2011-12-15 16:43:20 -------- d-----w- C:\Users\martin\AppData\Local\{AB7AF5BD-95B5-45FD-A2D8-8F7B4064965A}
2011-12-15 16:43:20 -------- d-----w- C:\Users\martin\AppData\Local\{531140AC-FA50-4563-B843-EC1DBBA3D7F9}
2011-12-14 21:31:35 -------- d-----w- C:\Users\martin\AppData\Local\Diagnostics
2011-12-14 16:00:57 924632 ----a-w- C:\Program Files (x86)\Mozilla Firefox\nsnB443.tmp\firefox.exe
2011-12-14 15:54:51 -------- d-----w- C:\Users\martin\AppData\Local\{20525307-8D35-42B2-B9CD-3A6F41F42489}
2011-12-14 15:54:40 -------- d-----w- C:\Users\martin\AppData\Local\{41D7649A-16AD-4FE4-AA21-43C4444724EA}
2011-12-13 21:22:11 -------- d-----w- C:\ProgramData\CodecCheck
2011-12-13 21:22:09 -------- d-----w- C:\codec-info
2011-12-13 21:21:43 -------- d-----w- C:\Users\martin\AppData\Local\Babylon
2011-12-13 21:21:41 -------- d-----w- C:\Users\martin\AppData\Roaming\Babylon
2011-12-13 21:21:41 -------- d-----w- C:\ProgramData\Babylon
2011-12-13 21:21:11 -------- d-----w- C:\ProgramData\Premium
2011-12-13 21:21:11 -------- d-----w- C:\ProgramData\InstallMate
.
==================== Find3M ====================
.
2011-12-13 19:18:16 902656 ----a-w- C:\Windows\System32\d2d1.dll
2011-12-13 19:18:16 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
2011-12-13 19:18:16 1544192 ----a-w- C:\Windows\System32\DWrite.dll
2011-12-13 19:18:16 1139200 ----a-w- C:\Windows\System32\FntCache.dll
2011-12-13 19:18:16 1076736 ----a-w- C:\Windows\SysWow64\DWrite.dll
2011-12-12 16:10:59 0 ----a-w- C:\Windows\ativpsrm.bin
2011-11-24 04:52:09 3145216 ----a-w- C:\Windows\System32\win32k.sys
2011-11-15 14:29:56 270720 ------w- C:\Windows\System32\MpSigStub.exe
2011-11-10 03:45:30 10567680 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
2011-11-10 03:20:50 25218048 ----a-w- C:\Windows\System32\atio6axx.dll
2011-11-10 03:17:10 159744 ----a-w- C:\Windows\System32\atiapfxx.exe
2011-11-10 03:16:56 774656 ----a-w- C:\Windows\SysWow64\aticfx32.dll
2011-11-10 03:15:20 927232 ----a-w- C:\Windows\System32\aticfx64.dll
2011-11-10 03:12:24 466944 ----a-w- C:\Windows\System32\ATIDEMGX.dll
2011-11-10 03:12:10 516608 ----a-w- C:\Windows\System32\atieclxx.exe
2011-11-10 03:11:32 204288 ----a-w- C:\Windows\System32\atiesrxx.exe
2011-11-10 03:10:18 120320 ----a-w- C:\Windows\System32\atitmm64.dll
2011-11-10 03:09:58 423424 ----a-w- C:\Windows\System32\atipdl64.dll
2011-11-10 03:09:52 360448 ----a-w- C:\Windows\SysWow64\atipdlxx.dll
2011-11-10 03:09:40 278528 ----a-w- C:\Windows\SysWow64\Oemdspif.dll
2011-11-10 03:09:34 21504 ----a-w- C:\Windows\System32\atimuixx.dll
2011-11-10 03:09:30 59392 ----a-w- C:\Windows\System32\atiedu64.dll
2011-11-10 03:09:24 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll
2011-11-10 03:06:20 6077952 ----a-w- C:\Windows\SysWow64\atidxx32.dll
2011-11-10 02:58:20 18996224 ----a-w- C:\Windows\SysWow64\atioglxx.dll
2011-11-10 02:51:18 7405056 ----a-w- C:\Windows\System32\atidxx64.dll
2011-11-10 02:40:52 1113088 ----a-w- C:\Windows\System32\atiumd6v.dll
2011-11-10 02:40:18 1828864 ----a-w- C:\Windows\SysWow64\atiumdmv.dll
2011-11-10 02:40:04 4061696 ----a-w- C:\Windows\System32\atiumd6a.dll
2011-11-10 02:34:54 51200 ----a-w- C:\Windows\System32\aticalrt64.dll
2011-11-10 02:34:52 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll
2011-11-10 02:34:44 44544 ----a-w- C:\Windows\System32\aticalcl64.dll
2011-11-10 02:34:42 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll
2011-11-10 02:34:28 13552640 ----a-w- C:\Windows\System32\aticaldd64.dll
2011-11-10 02:33:52 5852672 ----a-w- C:\Windows\SysWow64\atiumdag.dll
2011-11-10 02:29:58 11300864 ----a-w- C:\Windows\SysWow64\aticaldd.dll
2011-11-10 02:29:46 4200960 ----a-w- C:\Windows\SysWow64\atiumdva.dll
2011-11-10 02:24:26 7439360 ----a-w- C:\Windows\System32\atiumd64.dll
2011-11-10 02:18:44 58880 ----a-w- C:\Windows\System32\coinst.dll
2011-11-10 02:13:32 494592 ----a-w- C:\Windows\System32\atiadlxx.dll
2011-11-10 02:13:22 348160 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
2011-11-10 02:13:08 17408 ----a-w- C:\Windows\System32\atig6pxx.dll
2011-11-10 02:13:04 14336 ----a-w- C:\Windows\SysWow64\atiglpxx.dll
2011-11-10 02:13:04 14336 ----a-w- C:\Windows\System32\atiglpxx.dll
2011-11-10 02:13:00 39936 ----a-w- C:\Windows\System32\atig6txx.dll
2011-11-10 02:12:52 32768 ----a-w- C:\Windows\SysWow64\atigktxx.dll
2011-11-10 02:12:44 325632 ----a-w- C:\Windows\System32\drivers\atikmpag.sys
2011-11-10 02:11:54 41984 ----a-w- C:\Windows\System32\atiuxp64.dll
2011-11-10 02:11:46 32256 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
2011-11-10 02:11:40 39424 ----a-w- C:\Windows\System32\atiu9p64.dll
2011-11-10 02:11:32 54784 ----a-w- C:\Windows\System32\atimpc64.dll
2011-11-10 02:11:32 54784 ----a-w- C:\Windows\System32\amdpcom64.dll
2011-11-10 02:11:32 29184 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
2011-11-10 02:11:26 53760 ----a-w- C:\Windows\SysWow64\atimpc32.dll
2011-11-10 02:11:26 53760 ----a-w- C:\Windows\SysWow64\amdpcom32.dll
2011-11-10 02:10:54 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll
2011-11-09 22:39:50 69632 ----a-w- C:\Windows\System32\OpenVideo64.dll
2011-11-09 22:39:44 59904 ----a-w- C:\Windows\SysWow64\OpenVideo.dll
2011-11-09 22:39:36 61952 ----a-w- C:\Windows\System32\OVDecode64.dll
2011-11-09 22:39:32 54784 ----a-w- C:\Windows\SysWow64\OVDecode.dll
2011-11-09 22:39:22 17442304 ----a-w- C:\Windows\System32\amdocl64.dll
2011-11-09 22:38:40 14375936 ----a-w- C:\Windows\SysWow64\amdocl.dll
2011-11-09 22:37:50 51200 ----a-w- C:\Windows\System32\OpenCL.dll
2011-11-09 22:37:46 44032 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2011-11-05 05:32:50 2048 ----a-w- C:\Windows\System32\tzres.dll
2011-11-05 04:26:03 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2011-11-04 01:53:39 2309120 ----a-w- C:\Windows\System32\jscript9.dll
2011-11-04 01:44:47 1390080 ----a-w- C:\Windows\System32\wininet.dll
2011-11-04 01:44:21 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
2011-11-04 01:34:43 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2011-11-03 22:47:42 1798144 ----a-w- C:\Windows\SysWow64\jscript9.dll
2011-11-03 22:40:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2011-11-03 22:39:47 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-11-03 22:31:57 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-10-26 05:21:20 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2011-10-21 20:16:12 1843200 ----a-w- C:\Windows\SysWow64\SlotMaximizerBe.dll
2011-10-21 20:15:46 104448 ----a-w- C:\Windows\SysWow64\SlotMaximizerAg.dll
2011-10-21 20:12:32 2763264 ----a-w- C:\Windows\System32\SlotMaximizerBe.dll
2011-10-21 20:07:42 125440 ----a-w- C:\Windows\System32\SlotMaximizerAg.dll
2011-10-17 17:40:50 93712 ----a-w- C:\Windows\System32\drivers\AtihdW76.sys
2011-10-15 06:31:56 723456 ----a-w- C:\Windows\System32\EncDec.dll
2011-10-15 05:38:59 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll
.
============= FINISH: 21:14:53.02 ===============
Kindly see my post before your latest one. I posted it at the same time with yours.
heres my attachment log http://forums.spybot.info/attachment.php?attachmentid=9085&stc=1&d=1326451064.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 12/12/2011 15:58:14
System Uptime: 13/01/2012 10:22:30 (0 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | M5A97
Processor: AMD FX(tm)-8120 Eight-Core Processor | AM3r2 | 3100/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 931 GiB total, 893.374 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP73: 28/12/2011 21:48:48 - Installed HiJackThis
RP74: 29/12/2011 17:58:02 - MAGIX PC Check & Tuning 2011 (PC Check)
RP75: 29/12/2011 18:08:47 - Installed Kaspersky Internet Security 2011.
RP76: 29/12/2011 21:28:18 - Removed HiJackThis
RP77: 30/12/2011 17:58:24 - Installed HiJackThis
RP78: 05/01/2012 20:40:13 - Removed HiJackThis
RP79: 08/01/2012 18:07:13 - Removed TuneUp Utilities 2012
RP80: 08/01/2012 18:07:57 - Removed TuneUp Utilities Language Pack (en-US)
RP81: 09/01/2012 18:45:46 - MAGIX PC Check & Tuning 2011 (PC Check)
RP82: 10/01/2012 18:20:11 - Installed Ad-Aware
RP83: 10/01/2012 18:20:38 - Installed Ad-Aware
RP84: 10/01/2012 19:17:00 - Removed Ad-Aware
RP85: 11/01/2012 20:42:41 - Windows Update
.
==== Installed Programs ======================
.
Adobe Flash Player 11 Plugin
Advanced Spyware Remover Free Edition
Advanced SystemCare 4
AI Suite II
AMD VISION Engine Control Center
Anti-phishing Domain Advisor
AntiCrash 3.6.1
Asmedia ASM104x USB 3.0 Host Controller Driver
ASUS Gamer OSD
ASUS VGA Driver
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
CCC Help English
D3DX10
DivX Web Player
ESET Online Scanner v3
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
HydraVision
Junk Mail filter update
MAGIX PC Check & Tuning 2011 Download Version
MAGIX Screenshare
Malwarebytes Anti-Malware version 1.60.0.1800
Messenger Companion
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Mozilla Firefox 8.0.1 (x86 en-US)
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
PC Booster
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Spam Free Search Bar
Spybot - Search & Destroy
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Utility
VC80CRTRedist - 8.0.50727.762
Visual Studio 2008 x64 Redistributables
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
XviD MPEG-4 Video Codec
.
==== Event Viewer Messages From Past Week ========
.
11/01/2012 16:51:41, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
10/01/2012 20:39:27, Error: Service Control Manager [7001] - The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
09/01/2012 20:38:39, Error: Service Control Manager [7034] - The PC Tools Security Service service terminated unexpectedly. It has done this 1 time(s).
09/01/2012 19:18:58, Error: PCTCore [280] -
.
==== End Of File ===========================
Questions I asked in my previous post but didn't get answer yet:
i forgot uncheck the option remove found threats, and it found 2 infections wich it cleanedDid you note down what was removed?.
How's the system doing?
hi there heres my latest dds report.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 12/12/2011 15:58:14
System Uptime: 13/01/2012 10:22:30 (0 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | M5A97
Processor: AMD FX(tm)-8120 Eight-Core Processor | AM3r2 | 3100/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 931 GiB total, 893.374 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP73: 28/12/2011 21:48:48 - Installed HiJackThis
RP74: 29/12/2011 17:58:02 - MAGIX PC Check & Tuning 2011 (PC Check)
RP75: 29/12/2011 18:08:47 - Installed Kaspersky Internet Security 2011.
RP76: 29/12/2011 21:28:18 - Removed HiJackThis
RP77: 30/12/2011 17:58:24 - Installed HiJackThis
RP78: 05/01/2012 20:40:13 - Removed HiJackThis
RP79: 08/01/2012 18:07:13 - Removed TuneUp Utilities 2012
RP80: 08/01/2012 18:07:57 - Removed TuneUp Utilities Language Pack (en-US)
RP81: 09/01/2012 18:45:46 - MAGIX PC Check & Tuning 2011 (PC Check)
RP82: 10/01/2012 18:20:11 - Installed Ad-Aware
RP83: 10/01/2012 18:20:38 - Installed Ad-Aware
RP84: 10/01/2012 19:17:00 - Removed Ad-Aware
RP85: 11/01/2012 20:42:41 - Windows Update
.
==== Installed Programs ======================
.
Adobe Flash Player 11 Plugin
Advanced Spyware Remover Free Edition
Advanced SystemCare 4
AI Suite II
AMD VISION Engine Control Center
Anti-phishing Domain Advisor
AntiCrash 3.6.1
Asmedia ASM104x USB 3.0 Host Controller Driver
ASUS Gamer OSD
ASUS VGA Driver
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
CCC Help English
D3DX10
DivX Web Player
ESET Online Scanner v3
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
HydraVision
Junk Mail filter update
MAGIX PC Check & Tuning 2011 Download Version
MAGIX Screenshare
Malwarebytes Anti-Malware version 1.60.0.1800
Messenger Companion
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Mozilla Firefox 8.0.1 (x86 en-US)
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
PC Booster
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Spam Free Search Bar
Spybot - Search & Destroy
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Utility
VC80CRTRedist - 8.0.50727.762
Visual Studio 2008 x64 Redistributables
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
XviD MPEG-4 Video Codec
.
==== Event Viewer Messages From Past Week ========
.
11/01/2012 16:51:41, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
10/01/2012 20:39:27, Error: Service Control Manager [7001] - The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
09/01/2012 20:38:39, Error: Service Control Manager [7034] - The PC Tools Security Service service terminated unexpectedly. It has done this 1 time(s).
09/01/2012 19:18:58, Error: PCTCore [280] -
.
==== End Of File ===========================
You posted that log already earlier but these two questions you still haven't replied:
1) Did you note down what was removed in ESET scan?
2) How's the system doing, are there still issues left?
im very sorry i didnt note down what the infections were but i did run advanced spyware removal again and it still got 2 file infections called dynamic desktop media adware, kind regards martin
Hi,
I need to know what were filenames and locations of those two items advanced spyware remover detected.
hi there heres the files infected,
file infection spyware/adware dynamic desktop c:\windows\winsxs\amd64 microsoft window,
file infection spyware/adware dynamic desktop c:\windows\winsxs\wow64\\microsoft windows
Hi,
Seems that paths are not complete ones to say if those findings are possible false positives. Are those really all there is visible of them? A screenshot might help here.
hi heres a screenshot of infections
http:http://s1246.photobucket.com/albums/gg604/acko64/?action=view¤t=ss.png//i1246.photobucket.com/albums/gg604/acko64/th_ss.pnghttp://s1246.photobucket.com/albums/gg604/acko64/?action=view¤t=ss.png
Hi,
If you maximize that window does it show complete filepaths? Use that "Save Report" button to get report out.
hi i tried maximising report its just the same, this is the report
Advanced Spyware Remover Scan Report
Program Version Info: v1.84 (Free Edition)
Generated on 13/01/2012 19:47:09
Operation System:
HomePage: www.Evonsoft.com
Technical Support: support@evonsoft.com
------------
Infection Type Object Name Risk Entry
File Infection (Spyware/Adware) DynamicDesktopMediaadware High c:\windows\winsxs\amd64_microsoft-windows-i..ttpredirectbinaries_31bf3856ad364e35_6.1.7600.16385_none_0972e69a97c2edd2\redirect.dll
File Infection (Spyware/Adware) DynamicDesktopMediaadware High c:\windows\winsxs\wow64_microsoft-windows-i..ttpredirectbinaries_31bf3856ad364e35_6.1.7600.16385_none_13c790eccc23afcd\redirect.dll
Hi,
Those are most likely false positives but you may check the files at http://www.virustotal.com to see what other scanners say.
hi thanks ever so much for your help, the ywere false positives, does this mean im spyware free thanks to combofix, and your brilliant help, kind regards martin
Things look good :)
Let's see a list of the final steps.
THESE STEPS ARE VERY IMPORTANT
Let's reset system restore
Reset and Re-enable your System Restore to remove infected files that have been backed up by Windows. The files in System Restore are protected to prevent any programs changing those files. This is the only way to clean these files: You will lose all previous restore points which are likely to be infected. Please note you need Administrator Access to do clean the restore points.
A To disable the System Restore feature:
1. Click on the Start button.
2. Hover over the Computer option, right click on it and then click Properties.
3. On the left hand side, click Advanced Settings.
4. If asked to permit the action, click on Allow.
5. Click on the System Protection tab.
6. Select c: drive and click Configure...
7. Select Turn off protection
8. Press OK.
Repeat steps 6-8 for each hard drive.
B. Reboot.
C Turn ON System Restore.
Follow the steps like you did when disabling system restore but on step 7. select Restore system settings and previous versions of files -option.
Now lets uninstall ComboFix:
Click START then RUN
Now copy-paste Combofix /uninstall in the runbox and click OK
UPDATING WINDOWS AND INTERNET EXPLORER
IMPORTANT: You Need to Update Windows and Internet Explorer to protect your computer from the malware that is around on the Internet. Please go to the windows update site (http://windowsupdate.microsoft.com/) to get the critical updates.
If you are running Microsoft Office, or any portion thereof, go to the Microsoft's Office Update site and make sure you have at least all the critical updates installed (Free) Microsoft Office Update.
Download and run Secunia Personal Software Inspector (PSI) (http://secunia.com/vulnerability_scanning/personal/) and fix its findings. Leave the program installed so you'll stay alarmed about vulnerable components in future too.
Just a final reminder for you. I am trying to stress these two points.
UPDATE UPDATE UPDATE!!! Make sure you do this about every 1-2 weeks.
Make sure all of your security programs are up to date.
Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.
Once again, please post and tell me how things are going with your system... problems etc.
Have a great day,
Blade :cool:
hi mate just to let you no pc is great now
kind regards martin
Since this issue appears to be resolved ... this Topic has been closed. Glad I could help. :)
Note:If it has been three days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh DDS log and a link to your previous thread.
If it has been less than three days since your last response and you need the thread re-opened, please send me or other MOD a private message (pm). A valid, working link to the closed topic is required.