Vikingjo
2013-02-02, 18:59
Hi.
A scan of my computer using spybot showed that I have jZip.Toolbar adware. When I try to fix the problem using spybot I get this error message.
"Unexpected error in fixing problems (cannot create file "C:\windows\wininit.ini". Access is denied)
Help would be greatly appreciated!
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: BrowserJavaVersion: 10.11.2
Run by Joachim at 17:25:42 on 2013-02-02
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.47.1033.18.5926.3464 [GMT 1:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: COMODO Antivirus *Disabled/Outdated* {FEEA52D5-051E-08DD-07EF-2F009097607D}
FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\windows\system32\svchost.exe -k NetworkService
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\windows\system32\nvvsvc.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\windows\system32\wbem\unsecapp.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\System32\WUDFHost.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe
C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\windows\system32\taskeng.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe
C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe
C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
C:\windows\system32\taskeng.exe
C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
C:\windows\system32\igfxext.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
C:\windows\system32\hkcmd.exe
C:\windows\system32\igfxtray.exe
c:\Program Files\Microsoft Security Client\msseces.exe
C:\windows\system32\igfxpers.exe
C:\Program Files\COMODO\COMODO Internet Security\cis.exe
C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\windows\system32\WLANExt.exe
C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe
C:\windows\SysWOW64\NOTEPAD.EXE
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
c:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://samsung.msn.com
uDefault_Page_URL = hxxp://samsung.msn.com
mStart Page = hxxp://samsung.msn.com
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
mRun: [gbrspcontrol] "C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe" -controlservice -slave
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [VPNManager] C:\Program Files (x86)\Scothosts\VPN Manager\VPN Manager.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRunOnce: [removeiLividdatamngr] cmd.exe /c RD /S /Q "C:\Program Files (x86)\Search Results Toolbar"
StartupFolder: C:\Users\Joachim\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\STARTG~1.LNK - C:\Program Files (x86)\Comodo\GeekBuddy\launcher.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
TCP: NameServer = 10.0.1.1
TCP: Interfaces\{8229C30C-6C46-42EF-9894-045927DD5C75} : NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{8229C30C-6C46-42EF-9894-045927DD5C75} : DHCPNameServer = 10.0.1.1
TCP: Interfaces\{A6F02950-0851-40B2-84CA-604714B872EE} : NameServer = 8.26.56.26,156.154.70.22
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
AppInit_DLLs= C:\windows\SysWOW64\nvinit.dll
SSODL: WebCheck - <orphaned>
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Joachim\AppData\Roaming\Mozilla\Firefox\Profiles\wpubb36n.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.bbc.co.uk/
FF - prefs.js: keyword.URL - hxxp://dts.search-results.com/sr?src=ffb&gct=ds&appid=420&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=9258013603514034&o=APN10645&q=
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll
FF - plugin: C:\windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\windows\SysWOW64\npmproxy.dll
.
---- FIREFOX POLICIES ----
FF - user.js: general.useragent.extra.brc -
.
============= SERVICES / DRIVERS ===============
.
R0 excsd;ExpressCache Storage Filter Driver;C:\windows\System32\drivers\excsd.sys [2012-5-19 80688]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\windows\System32\drivers\iusb3hcs.sys [2012-2-1 16152]
R0 MpFilter;Microsoft Malware Protection Driver;C:\windows\System32\drivers\MpFilter.sys [2012-8-30 228768]
R0 nvpciflt;nvpciflt;C:\windows\System32\drivers\nvpciflt.sys [2012-5-19 28992]
R1 cmderd;COMODO Internet Security Eradication Driver;C:\windows\System32\drivers\cmderd.sys [2013-1-16 23176]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\windows\System32\drivers\cmdguard.sys [2013-1-16 699880]
R1 cmdHlp;COMODO Internet Security Helper Driver;C:\windows\System32\drivers\cmdhlp.sys [2013-1-16 48360]
R1 excfs;ExpressCache File System Filter Driver;C:\windows\System32\drivers\excfs.sys [2012-5-19 23344]
R1 SABI;SAMSUNG Kernel Driver For Windows 7;C:\windows\System32\drivers\SABI.sys [2012-5-19 13824]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-12-5 659968]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-2-21 1014096]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-2-21 1104208]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-12-5 135952]
R2 CLPSLauncher;COMODO LPS Launcher;C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe [2013-1-17 70352]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 ExpressCache;ExpressCache;C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [2011-9-23 79664]
R2 GeekBuddyRSP;GeekBuddyRSP Service;C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe [2013-1-15 1851088]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-2-2 628448]
R2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-5-19 128280]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-5-19 161560]
R2 NisDrv;Microsoft Network Inspection System;C:\windows\System32\drivers\NisDrvWFP.sys [2012-8-30 128456]
R2 SamsungDeviceConfigurationWinService;SamsungDeviceConfiguration;C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe [2012-5-19 31624]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-5-19 363800]
R2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2011-12-8 594704]
R3 acpials;ALS Sensor Filter;C:\windows\System32\drivers\acpials.sys [2010-11-21 9728]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;C:\windows\System32\drivers\AmpPal.sys [2011-12-5 195584]
R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2012-2-21 1304912]
R3 btmaux;Intel Bluetooth Auxiliary Service;C:\windows\System32\drivers\btmaux.sys [2011-11-30 94720]
R3 btmhsf;btmhsf;C:\windows\System32\drivers\btmhsf.sys [2011-11-30 747008]
R3 ETD;ELAN PS/2 Port Input Device;C:\windows\System32\drivers\ETD.sys [2012-5-10 280912]
R3 ibtfltcoex;ibtfltcoex;C:\windows\System32\drivers\iBtFltCoex.sys [2012-2-14 60928]
R3 IntcDAud;Intel(R) Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2012-2-6 331264]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\windows\System32\drivers\iusb3hub.sys [2012-2-1 355096]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\windows\System32\drivers\iusb3xhc.sys [2012-2-1 786200]
R3 iwdbus;IWD Bus Enumerator;C:\windows\System32\drivers\iwdbus.sys [2011-12-20 25496]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-9-12 368896]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2012-5-19 648808]
R3 Sftfs;Sftfs;C:\windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]
R3 Sftplay;Sftplay;C:\windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]
R3 Sftredir;Sftredir;C:\windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]
R3 Sftvol;Sftvol;C:\windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
R3 wdkmd;Intel WiDi KMD;C:\windows\System32\drivers\WDKMD.sys [2011-12-20 42392]
S2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2013-2-2 1153368]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;C:\windows\System32\drivers\AmpPal.sys [2011-12-5 195584]
S3 cmdvirth;COMODO Virtual Service Manager;C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2013-1-24 158928]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\windows\System32\drivers\intelaud.sys [2011-12-20 34200]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-12-8 273168]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2013-2-1 1255736]
.
=============== Created Last 30 ================
.
2013-02-02 15:49:22 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2013-02-02 15:49:22 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2013-02-02 15:30:33 32768 ----a-w- C:\windows\SysWow64\CMDLGFR.DLL
2013-02-02 15:30:33 152848 ----a-w- C:\windows\SysWow64\COMDLG32.OCX
2013-02-02 15:30:33 141312 ----a-w- C:\windows\SysWow64\MSCMCFR.DLL
2013-02-02 15:30:33 119568 ----a-w- C:\windows\SysWow64\VB6FR.DLL
2013-02-02 15:30:33 1081616 ----a-w- C:\windows\SysWow64\mscomctl.ocx
2013-02-02 15:30:33 101888 ----a-w- C:\windows\SysWow64\VB6STKIT.DLL
2013-02-02 15:30:33 -------- d-----w- C:\Users\Joachim\AppData\Roaming\TFP
2013-02-02 15:30:12 -------- d-----w- C:\Users\Joachim\AppData\Local\Torch
2013-02-02 15:24:56 -------- d-----w- C:\Program Files (x86)\Search Results Toolbar
2013-02-02 15:18:19 -------- d-----w- C:\ProgramData\HP Photo Creations
2013-02-02 15:18:19 -------- d-----w- C:\Program Files (x86)\HP Photo Creations
2013-02-02 15:18:13 -------- d-----w- C:\Users\Joachim\AppData\Roaming\HpUpdate
2013-02-02 15:17:25 -------- d-----w- C:\Program Files (x86)\HP
2013-02-02 15:16:26 -------- d-----w- C:\Program Files\HP
2013-02-02 15:15:37 -------- d-----w- C:\Users\Joachim\AppData\Local\HP
2013-02-01 11:10:02 -------- d-----w- C:\windows\SysWow64\Wat
2013-02-01 11:10:02 -------- d-----w- C:\windows\System32\Wat
2013-02-01 10:47:38 9728 ----a-w- C:\windows\System32\Wdfres.dll
2013-02-01 10:47:38 785512 ----a-w- C:\windows\System32\drivers\Wdf01000.sys
2013-02-01 10:47:38 54376 ----a-w- C:\windows\System32\drivers\WdfLdr.sys
2013-02-01 10:47:38 2560 ----a-w- C:\windows\System32\drivers\en-US\wdf01000.sys.mui
2013-02-01 10:44:12 294912 ----a-w- C:\windows\System32\browserchoice.exe
2013-02-01 10:41:01 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb
2013-02-01 10:41:01 2382848 ----a-w- C:\windows\System32\mshtml.tlb
2013-02-01 10:41:00 420864 ----a-w- C:\windows\SysWow64\vbscript.dll
2013-02-01 10:41:00 304640 ----a-w- C:\Program Files\Internet Explorer\IEShims.dll
2013-02-01 10:41:00 194048 ----a-w- C:\Program Files (x86)\Internet Explorer\IEShims.dll
2013-02-01 10:41:00 182816 ----a-w- C:\Program Files\Internet Explorer\sqmapi.dll
2013-02-01 10:41:00 149552 ----a-w- C:\Program Files (x86)\Internet Explorer\sqmapi.dll
2013-02-01 10:39:52 87040 ----a-w- C:\windows\System32\drivers\WUDFPf.sys
2013-02-01 10:39:52 198656 ----a-w- C:\windows\System32\drivers\WUDFRd.sys
2013-02-01 10:39:51 84992 ----a-w- C:\windows\System32\WUDFSvc.dll
2013-02-01 10:39:51 194048 ----a-w- C:\windows\System32\WUDFPlatform.dll
2013-02-01 10:39:50 45056 ----a-w- C:\windows\System32\WUDFCoinstaller.dll
2013-02-01 10:39:50 229888 ----a-w- C:\windows\System32\WUDFHost.exe
2013-02-01 10:39:49 744448 ----a-w- C:\windows\System32\WUDFx.dll
2013-02-01 10:38:11 81408 ----a-w- C:\windows\System32\imagehlp.dll
2013-02-01 10:38:11 5120 ----a-w- C:\windows\SysWow64\wmi.dll
2013-02-01 10:38:11 5120 ----a-w- C:\windows\System32\wmi.dll
2013-02-01 10:38:11 23408 ----a-w- C:\windows\System32\drivers\fs_rec.sys
2013-02-01 10:38:11 159232 ----a-w- C:\windows\SysWow64\imagehlp.dll
2013-02-01 08:43:57 -------- d-----w- C:\Users\Joachim\AppData\Local\Adobe
2013-02-01 07:39:03 1659760 ----a-w- C:\windows\System32\drivers\ntfs.sys
2013-02-01 07:37:54 5559664 ----a-w- C:\windows\System32\ntoskrnl.exe
2013-02-01 07:36:23 800768 ----a-w- C:\windows\System32\usp10.dll
2013-02-01 07:35:23 75120 ----a-w- C:\windows\System32\drivers\partmgr.sys
2013-02-01 07:34:55 68608 ----a-w- C:\windows\System32\taskhost.exe
2013-02-01 07:34:50 3149824 ----a-w- C:\windows\System32\win32k.sys
2013-02-01 07:34:47 59392 ----a-w- C:\windows\System32\browcli.dll
2013-02-01 07:34:47 41984 ----a-w- C:\windows\SysWow64\browcli.dll
2013-02-01 07:34:47 136704 ----a-w- C:\windows\System32\browser.dll
2013-02-01 07:34:46 503808 ----a-w- C:\windows\System32\srcore.dll
2013-02-01 07:34:45 43008 ----a-w- C:\windows\SysWow64\srclient.dll
2013-01-31 18:53:34 -------- d-----w- C:\Users\Joachim\AppData\Local\Diagnostics
2013-01-31 18:13:45 -------- d-----w- C:\Program Files (x86)\Scothosts
2013-01-31 18:04:19 -------- d-----w- C:\ProgramData\VirtualizedApplications
2013-01-31 15:49:19 780192 ----a-w- C:\windows\SysWow64\deployJava1.dll
2013-01-31 15:49:18 859552 ----a-w- C:\windows\SysWow64\npDeployJava1.dll
2013-01-31 15:49:14 95648 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-01-31 15:43:17 -------- d-----w- C:\Users\Joachim\AppData\Local\Macromedia
2013-01-31 15:42:12 74248 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-31 15:42:12 697864 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2013-01-31 15:24:57 -------- d-----w- C:\Program Files (x86)\Common Files\Steam
2013-01-31 15:24:56 -------- d-----w- C:\Program Files (x86)\Steam
2013-01-31 14:42:54 -------- d-----w- C:\Users\Joachim\AppData\Roaming\SoftGrid Client
2013-01-31 14:42:54 -------- d-----w- C:\Users\Joachim\AppData\Local\SoftGrid Client
2013-01-31 14:42:22 -------- d-----w- C:\Program Files (x86)\Microsoft Application Virtualization Client
2013-01-31 14:41:22 -------- d-----w- C:\Users\Joachim\AppData\Roaming\TP
2013-01-31 14:33:03 -------- d-----w- C:\Users\Joachim\AppData\Local\Cyberlink
2013-01-31 14:30:32 -------- d-----w- C:\Program Files (x86)\Common Files\Comodo
2013-01-31 14:16:05 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared
2013-01-31 14:07:12 -------- d-s---w- C:\ProgramData\Shared Space
2013-01-31 14:06:10 -------- d-----w- C:\Program Files\COMODO
2013-01-31 14:06:05 -------- d-----w- C:\ProgramData\COMODO
2013-01-31 14:05:44 -------- d-----w- C:\Program Files (x86)\Comodo
2013-01-31 14:05:42 1700352 ----a-w- C:\windows\SysWow64\gdiplus.dll
2013-01-31 14:05:42 1060864 ----a-w- C:\windows\SysWow64\mfc71.dll
2013-01-31 14:05:39 -------- d-----w- C:\ProgramData\Comodo Downloader
2013-01-31 13:44:32 972264 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2E091DF9-29BF-4B44-94C2-48FD620F6489}\gapaengine.dll
2013-01-31 13:44:29 9161176 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FB0E1C19-3A0B-4D18-BC3E-289EA1B4B999}\mpengine.dll
2013-01-31 13:29:56 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2013-01-31 13:29:54 -------- d-----w- C:\Program Files\Microsoft Security Client
2013-01-31 13:18:56 826880 ----a-w- C:\windows\SysWow64\rdpcore.dll
2013-01-31 13:18:56 23552 ----a-w- C:\windows\System32\drivers\tdtcp.sys
2013-01-31 13:18:56 1031680 ----a-w- C:\windows\System32\rdpcore.dll
2013-01-31 13:12:21 2622464 ----a-w- C:\windows\System32\wucltux.dll
2013-01-31 13:12:15 99840 ----a-w- C:\windows\System32\wudriver.dll
2013-01-31 13:12:05 36864 ----a-w- C:\windows\System32\wuapp.exe
2013-01-31 13:12:05 186752 ----a-w- C:\windows\System32\wuwebv.dll
2013-01-31 13:08:54 -------- d-----w- C:\Users\Joachim\AppData\Local\Power2Go
2013-01-31 13:06:10 -------- d-sh--w- C:\Recovery
2013-01-24 21:43:04 43216 ----a-w- C:\windows\System32\cmdcsr.dll
2013-01-24 21:43:02 461384 ----a-w- C:\windows\System32\guard64.dll
2013-01-24 21:43:02 354752 ----a-w- C:\windows\SysWow64\guard32.dll
2013-01-24 21:42:54 45776 ----a-w- C:\windows\System32\cmdkbd64.dll
2013-01-24 21:42:54 326352 ----a-w- C:\windows\System32\cmdvrt64.dll
2013-01-24 21:42:50 40656 ----a-w- C:\windows\SysWow64\cmdkbd32.dll
2013-01-24 21:42:50 263888 ----a-w- C:\windows\SysWow64\cmdvrt32.dll
2013-01-16 18:51:46 699880 ----a-w- C:\windows\System32\drivers\cmdguard.sys
2013-01-16 18:51:46 48360 ----a-w- C:\windows\System32\drivers\cmdhlp.sys
2013-01-16 18:51:44 23176 ----a-w- C:\windows\System32\drivers\cmderd.sys
.
==================== Find3M ====================
.
2013-01-30 10:53:22 273840 ------w- C:\windows\System32\MpSigStub.exe
2012-12-16 17:11:22 46080 ----a-w- C:\windows\System32\atmlib.dll
2012-12-16 14:45:03 367616 ----a-w- C:\windows\System32\atmfd.dll
2012-12-16 14:13:28 295424 ----a-w- C:\windows\SysWow64\atmfd.dll
2012-12-16 14:13:20 34304 ----a-w- C:\windows\SysWow64\atmlib.dll
2012-12-07 13:20:16 441856 ----a-w- C:\windows\System32\Wpc.dll
2012-12-07 13:15:31 2746368 ----a-w- C:\windows\System32\gameux.dll
2012-12-07 12:26:17 308736 ----a-w- C:\windows\SysWow64\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- C:\windows\SysWow64\gameux.dll
2012-12-07 11:20:04 30720 ----a-w- C:\windows\System32\usk.rs
2012-12-07 11:20:03 43520 ----a-w- C:\windows\System32\csrr.rs
2012-12-07 11:20:03 23552 ----a-w- C:\windows\System32\oflc.rs
2012-12-07 11:20:01 45568 ----a-w- C:\windows\System32\oflc-nz.rs
2012-12-07 11:20:01 44544 ----a-w- C:\windows\System32\pegibbfc.rs
2012-12-07 11:20:01 20480 ----a-w- C:\windows\System32\pegi-fi.rs
2012-12-07 11:20:00 20480 ----a-w- C:\windows\System32\pegi-pt.rs
2012-12-07 11:19:59 20480 ----a-w- C:\windows\System32\pegi.rs
2012-12-07 11:19:58 46592 ----a-w- C:\windows\System32\fpb.rs
2012-12-07 11:19:57 40960 ----a-w- C:\windows\System32\cob-au.rs
2012-12-07 11:19:57 21504 ----a-w- C:\windows\System32\grb.rs
2012-12-07 11:19:57 15360 ----a-w- C:\windows\System32\djctq.rs
2012-12-07 11:19:56 55296 ----a-w- C:\windows\System32\cero.rs
2012-12-07 11:19:55 51712 ----a-w- C:\windows\System32\esrb.rs
2012-11-30 05:45:35 362496 ----a-w- C:\windows\System32\wow64win.dll
2012-11-30 05:45:35 243200 ----a-w- C:\windows\System32\wow64.dll
2012-11-30 05:45:35 13312 ----a-w- C:\windows\System32\wow64cpu.dll
2012-11-30 05:45:14 215040 ----a-w- C:\windows\System32\winsrv.dll
2012-11-30 05:43:12 16384 ----a-w- C:\windows\System32\ntvdm64.dll
2012-11-30 05:41:07 424448 ----a-w- C:\windows\System32\KernelBase.dll
2012-11-30 04:54:00 5120 ----a-w- C:\windows\SysWow64\wow32.dll
2012-11-30 04:53:59 274944 ----a-w- C:\windows\SysWow64\KernelBase.dll
2012-11-30 03:23:48 338432 ----a-w- C:\windows\System32\conhost.exe
2012-11-30 02:44:06 25600 ----a-w- C:\windows\SysWow64\setup16.exe
2012-11-30 02:44:04 7680 ----a-w- C:\windows\SysWow64\instnm.exe
2012-11-30 02:44:04 14336 ----a-w- C:\windows\SysWow64\ntvdm64.dll
2012-11-30 02:44:03 2048 ----a-w- C:\windows\SysWow64\user.exe
2012-11-30 02:38:59 6144 ---ha-w- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59 4608 ---ha-w- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59 3584 ---ha-w- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59 3072 ---ha-w- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-11-22 04:45:03 626688 ----a-w- C:\windows\SysWow64\usp10.dll
2012-11-20 05:48:49 307200 ----a-w- C:\windows\System32\ncrypt.dll
2012-11-20 04:51:09 220160 ----a-w- C:\windows\SysWow64\ncrypt.dll
2012-11-14 06:11:44 2312704 ----a-w- C:\windows\System32\jscript9.dll
2012-11-14 06:04:11 1392128 ----a-w- C:\windows\System32\wininet.dll
2012-11-14 06:02:49 1494528 ----a-w- C:\windows\System32\inetcpl.cpl
2012-11-14 05:57:46 599040 ----a-w- C:\windows\System32\vbscript.dll
2012-11-14 05:57:35 173056 ----a-w- C:\windows\System32\ieUnatt.exe
2012-11-14 02:09:22 1800704 ----a-w- C:\windows\SysWow64\jscript9.dll
2012-11-14 01:58:15 1427968 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2012-11-14 01:57:37 1129472 ----a-w- C:\windows\SysWow64\wininet.dll
2012-11-14 01:49:25 142848 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2012-11-09 05:45:32 750592 ----a-w- C:\windows\System32\win32spl.dll
2012-11-09 05:45:09 2048 ----a-w- C:\windows\System32\tzres.dll
2012-11-09 04:43:04 492032 ----a-w- C:\windows\SysWow64\win32spl.dll
2012-11-09 04:42:49 2048 ----a-w- C:\windows\SysWow64\tzres.dll
.
============= FINISH: 17:26:23,43 ===============
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-02-02 17:29:55
-----------------------------
17:29:55.097 OS Version: Windows x64 6.1.7601 Service Pack 1
17:29:55.097 Number of processors: 4 586 0x3A09
17:29:55.097 ComputerName: JOACHIM-PC UserName: Joachim
17:29:56.219 Initialize success
17:35:02.664 AVAST engine defs: 13020200
17:35:29.237 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
17:35:29.239 Disk 0 Vendor: ST1000LM 2AR1 Size: 953869MB BusType: 3
17:35:29.242 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-2
17:35:29.243 Disk 1 Vendor: SanDisk_ 11.0 Size: 7641MB BusType: 3
17:35:29.279 Disk 0 MBR read successfully
17:35:29.282 Disk 0 MBR scan
17:35:29.312 Disk 0 unknown MBR code
17:35:29.320 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
17:35:29.356 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 927567 MB offset 206848
17:35:29.440 Disk 0 Partition 3 00 27 Hidden NTFS WinRE NTFS 26201 MB offset 1899864064
17:35:29.542 Disk 0 scanning C:\windows\system32\drivers
17:35:39.936 Service scanning
17:36:03.405 Modules scanning
17:36:03.749 Disk 0 trace - called modules:
17:36:03.790 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
17:36:03.798 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80081cd790]
17:36:03.806 3 CLASSPNP.SYS[fffff88001c5143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80081d1050]
17:36:04.859 AVAST engine scan C:\windows
17:36:08.851 AVAST engine scan C:\windows\system32
17:39:03.175 AVAST engine scan C:\windows\system32\drivers
17:39:31.751 AVAST engine scan C:\Users\Joachim
17:40:24.453 Disk 0 MBR has been saved successfully to "C:\Users\Joachim\Desktop\MBR.dat"
17:40:24.461 The log file has been saved successfully to "C:\Users\Joachim\Desktop\aswMBR.txt"
jZip.Toolbar: [SBI $00B67C94] Data (File, nothing done)
C:\Users\Joachim\AppData\Roaming\Mozilla\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E
jZip.Toolbar: [SBI $69A9B895] Data (File, nothing done)
C:\Program Files (x86)\Mozilla Firefox\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E
DoubleClick: Tracking cookie (Internet Explorer: Joachim) (Cookie, fixed)
--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---
2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDShred.exe (1.0.2.5)
2009-01-26 SDUpdate.exe (1.6.0.12)
2009-01-26 SDWinSec.exe (1.0.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-01-26 TeaTimer.exe (1.6.4.26)
2013-02-02 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-01-26 advcheck.dll (1.6.2.15)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2009-01-26 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-26 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2012-12-18 Includes\Adware.sbi (*)
2013-01-29 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2012-11-14 Includes\Dialer.sbi (*)
2012-11-14 Includes\DialerC.sbi (*)
2012-11-14 Includes\HeavyDuty.sbi (*)
2012-11-14 Includes\Hijackers.sbi (*)
2012-11-14 Includes\HijackersC.sbi (*)
2012-11-14 Includes\iPhone.sbi (*)
2012-11-14 Includes\Keyloggers.sbi (*)
2012-12-18 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2012-11-21 Includes\Malware.sbi (*)
2013-01-22 Includes\MalwareC.sbi (*)
2012-11-14 Includes\PUPS.sbi (*)
2013-01-28 Includes\PUPSC.sbi (*)
2010-01-25 Includes\Revision.sbi (*)
2012-11-14 Includes\Security.sbi (*)
2012-11-14 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2012-11-14 Includes\Spyware.sbi (*)
2012-11-14 Includes\SpywareC.sbi (*)
2012-11-19 Includes\Tracks.uti
2013-01-16 Includes\Trojans.sbi (*)
2013-01-17 Includes\TrojansC-02.sbi (*)
2013-01-30 Includes\TrojansC-03.sbi (*)
2013-01-28 Includes\TrojansC-04.sbi (*)
2012-11-14 Includes\TrojansC-05.sbi (*)
2013-01-30 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll
A scan of my computer using spybot showed that I have jZip.Toolbar adware. When I try to fix the problem using spybot I get this error message.
"Unexpected error in fixing problems (cannot create file "C:\windows\wininit.ini". Access is denied)
Help would be greatly appreciated!
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: BrowserJavaVersion: 10.11.2
Run by Joachim at 17:25:42 on 2013-02-02
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.47.1033.18.5926.3464 [GMT 1:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: COMODO Antivirus *Disabled/Outdated* {FEEA52D5-051E-08DD-07EF-2F009097607D}
FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\windows\system32\svchost.exe -k NetworkService
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\windows\system32\nvvsvc.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\windows\system32\wbem\unsecapp.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\System32\WUDFHost.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe
C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\windows\system32\taskeng.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe
C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe
C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
C:\windows\system32\taskeng.exe
C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
C:\windows\system32\igfxext.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
C:\windows\system32\hkcmd.exe
C:\windows\system32\igfxtray.exe
c:\Program Files\Microsoft Security Client\msseces.exe
C:\windows\system32\igfxpers.exe
C:\Program Files\COMODO\COMODO Internet Security\cis.exe
C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\windows\system32\WLANExt.exe
C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe
C:\windows\SysWOW64\NOTEPAD.EXE
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
c:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://samsung.msn.com
uDefault_Page_URL = hxxp://samsung.msn.com
mStart Page = hxxp://samsung.msn.com
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
mRun: [gbrspcontrol] "C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe" -controlservice -slave
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [VPNManager] C:\Program Files (x86)\Scothosts\VPN Manager\VPN Manager.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRunOnce: [removeiLividdatamngr] cmd.exe /c RD /S /Q "C:\Program Files (x86)\Search Results Toolbar"
StartupFolder: C:\Users\Joachim\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\STARTG~1.LNK - C:\Program Files (x86)\Comodo\GeekBuddy\launcher.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
TCP: NameServer = 10.0.1.1
TCP: Interfaces\{8229C30C-6C46-42EF-9894-045927DD5C75} : NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{8229C30C-6C46-42EF-9894-045927DD5C75} : DHCPNameServer = 10.0.1.1
TCP: Interfaces\{A6F02950-0851-40B2-84CA-604714B872EE} : NameServer = 8.26.56.26,156.154.70.22
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
AppInit_DLLs= C:\windows\SysWOW64\nvinit.dll
SSODL: WebCheck - <orphaned>
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Joachim\AppData\Roaming\Mozilla\Firefox\Profiles\wpubb36n.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.bbc.co.uk/
FF - prefs.js: keyword.URL - hxxp://dts.search-results.com/sr?src=ffb&gct=ds&appid=420&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=9258013603514034&o=APN10645&q=
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll
FF - plugin: C:\windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\windows\SysWOW64\npmproxy.dll
.
---- FIREFOX POLICIES ----
FF - user.js: general.useragent.extra.brc -
.
============= SERVICES / DRIVERS ===============
.
R0 excsd;ExpressCache Storage Filter Driver;C:\windows\System32\drivers\excsd.sys [2012-5-19 80688]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\windows\System32\drivers\iusb3hcs.sys [2012-2-1 16152]
R0 MpFilter;Microsoft Malware Protection Driver;C:\windows\System32\drivers\MpFilter.sys [2012-8-30 228768]
R0 nvpciflt;nvpciflt;C:\windows\System32\drivers\nvpciflt.sys [2012-5-19 28992]
R1 cmderd;COMODO Internet Security Eradication Driver;C:\windows\System32\drivers\cmderd.sys [2013-1-16 23176]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\windows\System32\drivers\cmdguard.sys [2013-1-16 699880]
R1 cmdHlp;COMODO Internet Security Helper Driver;C:\windows\System32\drivers\cmdhlp.sys [2013-1-16 48360]
R1 excfs;ExpressCache File System Filter Driver;C:\windows\System32\drivers\excfs.sys [2012-5-19 23344]
R1 SABI;SAMSUNG Kernel Driver For Windows 7;C:\windows\System32\drivers\SABI.sys [2012-5-19 13824]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-12-5 659968]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-2-21 1014096]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-2-21 1104208]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-12-5 135952]
R2 CLPSLauncher;COMODO LPS Launcher;C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe [2013-1-17 70352]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 ExpressCache;ExpressCache;C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [2011-9-23 79664]
R2 GeekBuddyRSP;GeekBuddyRSP Service;C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe [2013-1-15 1851088]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-2-2 628448]
R2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-5-19 128280]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-5-19 161560]
R2 NisDrv;Microsoft Network Inspection System;C:\windows\System32\drivers\NisDrvWFP.sys [2012-8-30 128456]
R2 SamsungDeviceConfigurationWinService;SamsungDeviceConfiguration;C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe [2012-5-19 31624]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-5-19 363800]
R2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2011-12-8 594704]
R3 acpials;ALS Sensor Filter;C:\windows\System32\drivers\acpials.sys [2010-11-21 9728]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;C:\windows\System32\drivers\AmpPal.sys [2011-12-5 195584]
R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2012-2-21 1304912]
R3 btmaux;Intel Bluetooth Auxiliary Service;C:\windows\System32\drivers\btmaux.sys [2011-11-30 94720]
R3 btmhsf;btmhsf;C:\windows\System32\drivers\btmhsf.sys [2011-11-30 747008]
R3 ETD;ELAN PS/2 Port Input Device;C:\windows\System32\drivers\ETD.sys [2012-5-10 280912]
R3 ibtfltcoex;ibtfltcoex;C:\windows\System32\drivers\iBtFltCoex.sys [2012-2-14 60928]
R3 IntcDAud;Intel(R) Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2012-2-6 331264]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\windows\System32\drivers\iusb3hub.sys [2012-2-1 355096]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\windows\System32\drivers\iusb3xhc.sys [2012-2-1 786200]
R3 iwdbus;IWD Bus Enumerator;C:\windows\System32\drivers\iwdbus.sys [2011-12-20 25496]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-9-12 368896]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2012-5-19 648808]
R3 Sftfs;Sftfs;C:\windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]
R3 Sftplay;Sftplay;C:\windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]
R3 Sftredir;Sftredir;C:\windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]
R3 Sftvol;Sftvol;C:\windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
R3 wdkmd;Intel WiDi KMD;C:\windows\System32\drivers\WDKMD.sys [2011-12-20 42392]
S2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2013-2-2 1153368]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;C:\windows\System32\drivers\AmpPal.sys [2011-12-5 195584]
S3 cmdvirth;COMODO Virtual Service Manager;C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2013-1-24 158928]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\windows\System32\drivers\intelaud.sys [2011-12-20 34200]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-12-8 273168]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2013-2-1 1255736]
.
=============== Created Last 30 ================
.
2013-02-02 15:49:22 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2013-02-02 15:49:22 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2013-02-02 15:30:33 32768 ----a-w- C:\windows\SysWow64\CMDLGFR.DLL
2013-02-02 15:30:33 152848 ----a-w- C:\windows\SysWow64\COMDLG32.OCX
2013-02-02 15:30:33 141312 ----a-w- C:\windows\SysWow64\MSCMCFR.DLL
2013-02-02 15:30:33 119568 ----a-w- C:\windows\SysWow64\VB6FR.DLL
2013-02-02 15:30:33 1081616 ----a-w- C:\windows\SysWow64\mscomctl.ocx
2013-02-02 15:30:33 101888 ----a-w- C:\windows\SysWow64\VB6STKIT.DLL
2013-02-02 15:30:33 -------- d-----w- C:\Users\Joachim\AppData\Roaming\TFP
2013-02-02 15:30:12 -------- d-----w- C:\Users\Joachim\AppData\Local\Torch
2013-02-02 15:24:56 -------- d-----w- C:\Program Files (x86)\Search Results Toolbar
2013-02-02 15:18:19 -------- d-----w- C:\ProgramData\HP Photo Creations
2013-02-02 15:18:19 -------- d-----w- C:\Program Files (x86)\HP Photo Creations
2013-02-02 15:18:13 -------- d-----w- C:\Users\Joachim\AppData\Roaming\HpUpdate
2013-02-02 15:17:25 -------- d-----w- C:\Program Files (x86)\HP
2013-02-02 15:16:26 -------- d-----w- C:\Program Files\HP
2013-02-02 15:15:37 -------- d-----w- C:\Users\Joachim\AppData\Local\HP
2013-02-01 11:10:02 -------- d-----w- C:\windows\SysWow64\Wat
2013-02-01 11:10:02 -------- d-----w- C:\windows\System32\Wat
2013-02-01 10:47:38 9728 ----a-w- C:\windows\System32\Wdfres.dll
2013-02-01 10:47:38 785512 ----a-w- C:\windows\System32\drivers\Wdf01000.sys
2013-02-01 10:47:38 54376 ----a-w- C:\windows\System32\drivers\WdfLdr.sys
2013-02-01 10:47:38 2560 ----a-w- C:\windows\System32\drivers\en-US\wdf01000.sys.mui
2013-02-01 10:44:12 294912 ----a-w- C:\windows\System32\browserchoice.exe
2013-02-01 10:41:01 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb
2013-02-01 10:41:01 2382848 ----a-w- C:\windows\System32\mshtml.tlb
2013-02-01 10:41:00 420864 ----a-w- C:\windows\SysWow64\vbscript.dll
2013-02-01 10:41:00 304640 ----a-w- C:\Program Files\Internet Explorer\IEShims.dll
2013-02-01 10:41:00 194048 ----a-w- C:\Program Files (x86)\Internet Explorer\IEShims.dll
2013-02-01 10:41:00 182816 ----a-w- C:\Program Files\Internet Explorer\sqmapi.dll
2013-02-01 10:41:00 149552 ----a-w- C:\Program Files (x86)\Internet Explorer\sqmapi.dll
2013-02-01 10:39:52 87040 ----a-w- C:\windows\System32\drivers\WUDFPf.sys
2013-02-01 10:39:52 198656 ----a-w- C:\windows\System32\drivers\WUDFRd.sys
2013-02-01 10:39:51 84992 ----a-w- C:\windows\System32\WUDFSvc.dll
2013-02-01 10:39:51 194048 ----a-w- C:\windows\System32\WUDFPlatform.dll
2013-02-01 10:39:50 45056 ----a-w- C:\windows\System32\WUDFCoinstaller.dll
2013-02-01 10:39:50 229888 ----a-w- C:\windows\System32\WUDFHost.exe
2013-02-01 10:39:49 744448 ----a-w- C:\windows\System32\WUDFx.dll
2013-02-01 10:38:11 81408 ----a-w- C:\windows\System32\imagehlp.dll
2013-02-01 10:38:11 5120 ----a-w- C:\windows\SysWow64\wmi.dll
2013-02-01 10:38:11 5120 ----a-w- C:\windows\System32\wmi.dll
2013-02-01 10:38:11 23408 ----a-w- C:\windows\System32\drivers\fs_rec.sys
2013-02-01 10:38:11 159232 ----a-w- C:\windows\SysWow64\imagehlp.dll
2013-02-01 08:43:57 -------- d-----w- C:\Users\Joachim\AppData\Local\Adobe
2013-02-01 07:39:03 1659760 ----a-w- C:\windows\System32\drivers\ntfs.sys
2013-02-01 07:37:54 5559664 ----a-w- C:\windows\System32\ntoskrnl.exe
2013-02-01 07:36:23 800768 ----a-w- C:\windows\System32\usp10.dll
2013-02-01 07:35:23 75120 ----a-w- C:\windows\System32\drivers\partmgr.sys
2013-02-01 07:34:55 68608 ----a-w- C:\windows\System32\taskhost.exe
2013-02-01 07:34:50 3149824 ----a-w- C:\windows\System32\win32k.sys
2013-02-01 07:34:47 59392 ----a-w- C:\windows\System32\browcli.dll
2013-02-01 07:34:47 41984 ----a-w- C:\windows\SysWow64\browcli.dll
2013-02-01 07:34:47 136704 ----a-w- C:\windows\System32\browser.dll
2013-02-01 07:34:46 503808 ----a-w- C:\windows\System32\srcore.dll
2013-02-01 07:34:45 43008 ----a-w- C:\windows\SysWow64\srclient.dll
2013-01-31 18:53:34 -------- d-----w- C:\Users\Joachim\AppData\Local\Diagnostics
2013-01-31 18:13:45 -------- d-----w- C:\Program Files (x86)\Scothosts
2013-01-31 18:04:19 -------- d-----w- C:\ProgramData\VirtualizedApplications
2013-01-31 15:49:19 780192 ----a-w- C:\windows\SysWow64\deployJava1.dll
2013-01-31 15:49:18 859552 ----a-w- C:\windows\SysWow64\npDeployJava1.dll
2013-01-31 15:49:14 95648 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-01-31 15:43:17 -------- d-----w- C:\Users\Joachim\AppData\Local\Macromedia
2013-01-31 15:42:12 74248 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-31 15:42:12 697864 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2013-01-31 15:24:57 -------- d-----w- C:\Program Files (x86)\Common Files\Steam
2013-01-31 15:24:56 -------- d-----w- C:\Program Files (x86)\Steam
2013-01-31 14:42:54 -------- d-----w- C:\Users\Joachim\AppData\Roaming\SoftGrid Client
2013-01-31 14:42:54 -------- d-----w- C:\Users\Joachim\AppData\Local\SoftGrid Client
2013-01-31 14:42:22 -------- d-----w- C:\Program Files (x86)\Microsoft Application Virtualization Client
2013-01-31 14:41:22 -------- d-----w- C:\Users\Joachim\AppData\Roaming\TP
2013-01-31 14:33:03 -------- d-----w- C:\Users\Joachim\AppData\Local\Cyberlink
2013-01-31 14:30:32 -------- d-----w- C:\Program Files (x86)\Common Files\Comodo
2013-01-31 14:16:05 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared
2013-01-31 14:07:12 -------- d-s---w- C:\ProgramData\Shared Space
2013-01-31 14:06:10 -------- d-----w- C:\Program Files\COMODO
2013-01-31 14:06:05 -------- d-----w- C:\ProgramData\COMODO
2013-01-31 14:05:44 -------- d-----w- C:\Program Files (x86)\Comodo
2013-01-31 14:05:42 1700352 ----a-w- C:\windows\SysWow64\gdiplus.dll
2013-01-31 14:05:42 1060864 ----a-w- C:\windows\SysWow64\mfc71.dll
2013-01-31 14:05:39 -------- d-----w- C:\ProgramData\Comodo Downloader
2013-01-31 13:44:32 972264 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2E091DF9-29BF-4B44-94C2-48FD620F6489}\gapaengine.dll
2013-01-31 13:44:29 9161176 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FB0E1C19-3A0B-4D18-BC3E-289EA1B4B999}\mpengine.dll
2013-01-31 13:29:56 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2013-01-31 13:29:54 -------- d-----w- C:\Program Files\Microsoft Security Client
2013-01-31 13:18:56 826880 ----a-w- C:\windows\SysWow64\rdpcore.dll
2013-01-31 13:18:56 23552 ----a-w- C:\windows\System32\drivers\tdtcp.sys
2013-01-31 13:18:56 1031680 ----a-w- C:\windows\System32\rdpcore.dll
2013-01-31 13:12:21 2622464 ----a-w- C:\windows\System32\wucltux.dll
2013-01-31 13:12:15 99840 ----a-w- C:\windows\System32\wudriver.dll
2013-01-31 13:12:05 36864 ----a-w- C:\windows\System32\wuapp.exe
2013-01-31 13:12:05 186752 ----a-w- C:\windows\System32\wuwebv.dll
2013-01-31 13:08:54 -------- d-----w- C:\Users\Joachim\AppData\Local\Power2Go
2013-01-31 13:06:10 -------- d-sh--w- C:\Recovery
2013-01-24 21:43:04 43216 ----a-w- C:\windows\System32\cmdcsr.dll
2013-01-24 21:43:02 461384 ----a-w- C:\windows\System32\guard64.dll
2013-01-24 21:43:02 354752 ----a-w- C:\windows\SysWow64\guard32.dll
2013-01-24 21:42:54 45776 ----a-w- C:\windows\System32\cmdkbd64.dll
2013-01-24 21:42:54 326352 ----a-w- C:\windows\System32\cmdvrt64.dll
2013-01-24 21:42:50 40656 ----a-w- C:\windows\SysWow64\cmdkbd32.dll
2013-01-24 21:42:50 263888 ----a-w- C:\windows\SysWow64\cmdvrt32.dll
2013-01-16 18:51:46 699880 ----a-w- C:\windows\System32\drivers\cmdguard.sys
2013-01-16 18:51:46 48360 ----a-w- C:\windows\System32\drivers\cmdhlp.sys
2013-01-16 18:51:44 23176 ----a-w- C:\windows\System32\drivers\cmderd.sys
.
==================== Find3M ====================
.
2013-01-30 10:53:22 273840 ------w- C:\windows\System32\MpSigStub.exe
2012-12-16 17:11:22 46080 ----a-w- C:\windows\System32\atmlib.dll
2012-12-16 14:45:03 367616 ----a-w- C:\windows\System32\atmfd.dll
2012-12-16 14:13:28 295424 ----a-w- C:\windows\SysWow64\atmfd.dll
2012-12-16 14:13:20 34304 ----a-w- C:\windows\SysWow64\atmlib.dll
2012-12-07 13:20:16 441856 ----a-w- C:\windows\System32\Wpc.dll
2012-12-07 13:15:31 2746368 ----a-w- C:\windows\System32\gameux.dll
2012-12-07 12:26:17 308736 ----a-w- C:\windows\SysWow64\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- C:\windows\SysWow64\gameux.dll
2012-12-07 11:20:04 30720 ----a-w- C:\windows\System32\usk.rs
2012-12-07 11:20:03 43520 ----a-w- C:\windows\System32\csrr.rs
2012-12-07 11:20:03 23552 ----a-w- C:\windows\System32\oflc.rs
2012-12-07 11:20:01 45568 ----a-w- C:\windows\System32\oflc-nz.rs
2012-12-07 11:20:01 44544 ----a-w- C:\windows\System32\pegibbfc.rs
2012-12-07 11:20:01 20480 ----a-w- C:\windows\System32\pegi-fi.rs
2012-12-07 11:20:00 20480 ----a-w- C:\windows\System32\pegi-pt.rs
2012-12-07 11:19:59 20480 ----a-w- C:\windows\System32\pegi.rs
2012-12-07 11:19:58 46592 ----a-w- C:\windows\System32\fpb.rs
2012-12-07 11:19:57 40960 ----a-w- C:\windows\System32\cob-au.rs
2012-12-07 11:19:57 21504 ----a-w- C:\windows\System32\grb.rs
2012-12-07 11:19:57 15360 ----a-w- C:\windows\System32\djctq.rs
2012-12-07 11:19:56 55296 ----a-w- C:\windows\System32\cero.rs
2012-12-07 11:19:55 51712 ----a-w- C:\windows\System32\esrb.rs
2012-11-30 05:45:35 362496 ----a-w- C:\windows\System32\wow64win.dll
2012-11-30 05:45:35 243200 ----a-w- C:\windows\System32\wow64.dll
2012-11-30 05:45:35 13312 ----a-w- C:\windows\System32\wow64cpu.dll
2012-11-30 05:45:14 215040 ----a-w- C:\windows\System32\winsrv.dll
2012-11-30 05:43:12 16384 ----a-w- C:\windows\System32\ntvdm64.dll
2012-11-30 05:41:07 424448 ----a-w- C:\windows\System32\KernelBase.dll
2012-11-30 04:54:00 5120 ----a-w- C:\windows\SysWow64\wow32.dll
2012-11-30 04:53:59 274944 ----a-w- C:\windows\SysWow64\KernelBase.dll
2012-11-30 03:23:48 338432 ----a-w- C:\windows\System32\conhost.exe
2012-11-30 02:44:06 25600 ----a-w- C:\windows\SysWow64\setup16.exe
2012-11-30 02:44:04 7680 ----a-w- C:\windows\SysWow64\instnm.exe
2012-11-30 02:44:04 14336 ----a-w- C:\windows\SysWow64\ntvdm64.dll
2012-11-30 02:44:03 2048 ----a-w- C:\windows\SysWow64\user.exe
2012-11-30 02:38:59 6144 ---ha-w- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59 4608 ---ha-w- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59 3584 ---ha-w- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59 3072 ---ha-w- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-11-22 04:45:03 626688 ----a-w- C:\windows\SysWow64\usp10.dll
2012-11-20 05:48:49 307200 ----a-w- C:\windows\System32\ncrypt.dll
2012-11-20 04:51:09 220160 ----a-w- C:\windows\SysWow64\ncrypt.dll
2012-11-14 06:11:44 2312704 ----a-w- C:\windows\System32\jscript9.dll
2012-11-14 06:04:11 1392128 ----a-w- C:\windows\System32\wininet.dll
2012-11-14 06:02:49 1494528 ----a-w- C:\windows\System32\inetcpl.cpl
2012-11-14 05:57:46 599040 ----a-w- C:\windows\System32\vbscript.dll
2012-11-14 05:57:35 173056 ----a-w- C:\windows\System32\ieUnatt.exe
2012-11-14 02:09:22 1800704 ----a-w- C:\windows\SysWow64\jscript9.dll
2012-11-14 01:58:15 1427968 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2012-11-14 01:57:37 1129472 ----a-w- C:\windows\SysWow64\wininet.dll
2012-11-14 01:49:25 142848 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2012-11-09 05:45:32 750592 ----a-w- C:\windows\System32\win32spl.dll
2012-11-09 05:45:09 2048 ----a-w- C:\windows\System32\tzres.dll
2012-11-09 04:43:04 492032 ----a-w- C:\windows\SysWow64\win32spl.dll
2012-11-09 04:42:49 2048 ----a-w- C:\windows\SysWow64\tzres.dll
.
============= FINISH: 17:26:23,43 ===============
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-02-02 17:29:55
-----------------------------
17:29:55.097 OS Version: Windows x64 6.1.7601 Service Pack 1
17:29:55.097 Number of processors: 4 586 0x3A09
17:29:55.097 ComputerName: JOACHIM-PC UserName: Joachim
17:29:56.219 Initialize success
17:35:02.664 AVAST engine defs: 13020200
17:35:29.237 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
17:35:29.239 Disk 0 Vendor: ST1000LM 2AR1 Size: 953869MB BusType: 3
17:35:29.242 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-2
17:35:29.243 Disk 1 Vendor: SanDisk_ 11.0 Size: 7641MB BusType: 3
17:35:29.279 Disk 0 MBR read successfully
17:35:29.282 Disk 0 MBR scan
17:35:29.312 Disk 0 unknown MBR code
17:35:29.320 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
17:35:29.356 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 927567 MB offset 206848
17:35:29.440 Disk 0 Partition 3 00 27 Hidden NTFS WinRE NTFS 26201 MB offset 1899864064
17:35:29.542 Disk 0 scanning C:\windows\system32\drivers
17:35:39.936 Service scanning
17:36:03.405 Modules scanning
17:36:03.749 Disk 0 trace - called modules:
17:36:03.790 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
17:36:03.798 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80081cd790]
17:36:03.806 3 CLASSPNP.SYS[fffff88001c5143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80081d1050]
17:36:04.859 AVAST engine scan C:\windows
17:36:08.851 AVAST engine scan C:\windows\system32
17:39:03.175 AVAST engine scan C:\windows\system32\drivers
17:39:31.751 AVAST engine scan C:\Users\Joachim
17:40:24.453 Disk 0 MBR has been saved successfully to "C:\Users\Joachim\Desktop\MBR.dat"
17:40:24.461 The log file has been saved successfully to "C:\Users\Joachim\Desktop\aswMBR.txt"
jZip.Toolbar: [SBI $00B67C94] Data (File, nothing done)
C:\Users\Joachim\AppData\Roaming\Mozilla\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E
jZip.Toolbar: [SBI $69A9B895] Data (File, nothing done)
C:\Program Files (x86)\Mozilla Firefox\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E
DoubleClick: Tracking cookie (Internet Explorer: Joachim) (Cookie, fixed)
--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---
2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDShred.exe (1.0.2.5)
2009-01-26 SDUpdate.exe (1.6.0.12)
2009-01-26 SDWinSec.exe (1.0.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-01-26 TeaTimer.exe (1.6.4.26)
2013-02-02 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-01-26 advcheck.dll (1.6.2.15)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2009-01-26 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-26 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2012-12-18 Includes\Adware.sbi (*)
2013-01-29 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2012-11-14 Includes\Dialer.sbi (*)
2012-11-14 Includes\DialerC.sbi (*)
2012-11-14 Includes\HeavyDuty.sbi (*)
2012-11-14 Includes\Hijackers.sbi (*)
2012-11-14 Includes\HijackersC.sbi (*)
2012-11-14 Includes\iPhone.sbi (*)
2012-11-14 Includes\Keyloggers.sbi (*)
2012-12-18 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2012-11-21 Includes\Malware.sbi (*)
2013-01-22 Includes\MalwareC.sbi (*)
2012-11-14 Includes\PUPS.sbi (*)
2013-01-28 Includes\PUPSC.sbi (*)
2010-01-25 Includes\Revision.sbi (*)
2012-11-14 Includes\Security.sbi (*)
2012-11-14 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2012-11-14 Includes\Spyware.sbi (*)
2012-11-14 Includes\SpywareC.sbi (*)
2012-11-19 Includes\Tracks.uti
2013-01-16 Includes\Trojans.sbi (*)
2013-01-17 Includes\TrojansC-02.sbi (*)
2013-01-30 Includes\TrojansC-03.sbi (*)
2013-01-28 Includes\TrojansC-04.sbi (*)
2012-11-14 Includes\TrojansC-05.sbi (*)
2013-01-30 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll