aeiouy
2013-09-11, 04:35
I really prefer to keep this thread as it already contains the description of the problem.
Edit
Then start a new topic here in the Malware Removal Forum providing the DDS and aswMBR logs so a volunteer analyst can advise when available.
Split off to new topic, link to original: http://forums.spybot.info/showthread.php?69312-mixidj-conduit-fragments-spywarehunter4-hoaxware-fragments
DDS
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16660 BrowserJavaVersion: 10.21.2
Run by Matthieu at 21:28:47 on 2013-09-10
Microsoft Windows 8 Professionnel 6.2.9200.0.1252.2.1036.18.8135.4803 [GMT -4:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Advanced SystemCare Ultimate *Enabled/Updated* {1C304DC4-1D72-5DB9-B33A-43B638ECFD30}
AV: Bitdefender Antivirus *Disabled/Outdated* {9B5F5313-CAF9-DD97-C460-E778420237B4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
SP: Bitdefender Antispyware *Disabled/Outdated* {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
FW: Bitdefender Firewall *Disabled* {A364D236-8096-DCCF-EF3F-4E4DBCD170CF}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ascsvc.exe
C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ascavsvc.exe
C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\dwm.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\nvvsvc.exe
C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\BtwRSupportService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\system32\dashost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe
C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\msiexec.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhostex.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\Monitor.exe
C:\Program Files (x86)\UnHackMe\hackmon.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
C:\Program Files\Tablet\Pen\WacomHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Tablet\Pen\Pen_Tablet.exe
C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe
C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCTray.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\ASUS\ASUS Sync\asusUPCTLoader.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wwahost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files (x86)\NCH Software\Debut\debut.exe
C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
C:\Users\Matthieu\AppData\Local\Temp\utt477B.tmp.exe
C:\Users\Matthieu\AppData\Local\Temp\utt477B.tmp.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\SysWOW64\cmd.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
mStart Page = about:blank
mURLSearchHooks: {d2cf9842-af95-48cd-b873-bfbb48cd7f5e} - <orphaned>
mWinlogon: Userinit = userinit.exe,
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\BrowerProtect\ASCPlugin_Protection.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [uTorrent] "C:\Users\Matthieu\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
uRun: [Advanced SystemCare Ultimate] "C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCTray.exe" /AutoStart
uRun: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe -expressboot
uRun: [Steam] "E:\Jeux\D.I.R\Steam.exe" -silent
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun: [ASUS Sync Loader] "C:\Program Files (x86)\ASUS\ASUS Sync\asusUPCTLoader.exe" -startup
mRun: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
StartupFolder: C:\Users\Matthieu\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNT AutoBackup.lnk - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE
StartupFolder: C:\Users\Matthieu\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Fences.lnk - C:\Program Files (x86)\Stardock\Fences\Fences.exe
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 67.69.239.49 207.164.234.129
TCP: Interfaces\{A1877BB8-32D6-43E0-99F6-E53522E0B805} : DHCPNameServer = 67.69.239.49 207.164.234.129
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = about:blank
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [Fences] "C:\Program Files (x86)\Stardock\Fences\Fences.exe" /startup
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [Bdagent] "C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe"
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-STS: FencesShlExt Class - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll
Hosts: 127.0.0.1 www.spywareinfo.com (http://www.spywareinfo.com)
.
============= SERVICES / DRIVERS ===============
.
R0 avc3;avc3;C:\Windows\System32\Drivers\avc3.sys [2013-8-1 727592]
R0 gzflt;gzflt;C:\Windows\System32\Drivers\gzflt.sys [2013-7-31 147232]
R1 bdfwfpf;bdfwfpf;C:\Program Files\Common Files\Bitdefender\BitDefender Firewall\bdfwfpf.sys [2010-1-4 106568]
R1 BDVEDISK;BDVEDISK;C:\Windows\System32\Drivers\bdvedisk.sys [2013-7-31 78752]
R2 AdvancedSystemCareService6;Advanced SystemCare Service 6;C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCSvc.exe [2013-9-4 1051088]
R2 aksdf;aksdf;C:\Windows\System32\Drivers\aksdf.sys [2013-4-14 83072]
R2 ASCAntivirusSrv;AdvancedSystemCareAntivirus;C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCAvSvc.exe [2013-9-4 621008]
R2 BcmBtRSupport;Bluetooth Radio Control Service;C:\Windows\System32\BtwRSupportService.exe [2011-12-15 2246184]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-4-12 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-4-12 701512]
R2 SafeBox;SafeBox;C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe [2013-7-31 95184]
R2 UPDATESRV;Bitdefender Desktop Update Service;C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe [2013-8-27 67320]
R2 WTabletServiceCon;Wacom Consumer Service;C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [2013-5-24 619904]
R3 avchv;avchv Function Driver;C:\Windows\System32\Drivers\avchv.sys [2013-7-31 261056]
R3 avckf;avckf;C:\Windows\System32\Drivers\avckf.sys [2013-8-1 601360]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter;C:\Windows\System32\Drivers\bcbtums.sys [2012-1-27 134696]
R3 BthA2DP;Stéréo Bluetooth;C:\Windows\System32\Drivers\BthA2DP.sys [2013-7-16 117632]
R3 BthLEEnum;Pilote Bluetooth Low Energy;C:\Windows\System32\Drivers\BthLEEnum.sys [2012-7-25 202752]
R3 debutfilter;Debut Filter Driver v6.20.00;C:\Windows\System32\Drivers\debutfilterx64.sys [2013-4-14 33488]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\Drivers\mbam.sys [2013-4-12 25928]
R3 RTL8168;Pilote Realtek 8168 NT;C:\Windows\System32\Drivers\Rt630x64.sys [2012-6-2 589824]
S0 bdelam;bdelam;C:\Windows\System32\Drivers\bdelam.sys [2013-7-31 23456]
S2 EsgScanner;EsgScanner;C:\Windows\System32\Drivers\EsgScanner.sys [2013-7-23 22704]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-6-21 162408]
S3 Arrakis3;BitDefender Serveur Arrakis;C:\Program Files\Common Files\Bitdefender\BitDefender Arrakis Server\bin\arrakis3.exe [2009-10-19 278224]
S3 BDSandBox;BDSandBox;C:\Windows\System32\Drivers\bdsandbox.sys [2013-8-1 82824]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\Drivers\ssudbus.sys [2013-2-6 102936]
S3 hidkmdf;KMDF Driver;C:\Windows\System32\Drivers\hidkmdf.sys [2013-5-24 13728]
S3 iDispService;iDispService;C:\Windows\System32\Drivers\idisplayminiport.sys [2013-8-14 14248]
S3 RegFilter;RegFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys [2013-7-20 34336]
S3 RTL8192su;Carte réseau local USB*2.0 sans fil 802.11n Realtek RTL8192SU;C:\Windows\System32\Drivers\RTL8192su.sys [2012-6-2 693864]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\Drivers\ssudmdm.sys [2013-2-6 203544]
S3 UrlFilter;UrlFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys [2013-7-20 23016]
S3 vmbusr;Fournisseur de bus d’ordinateur virtuel;C:\Windows\System32\Drivers\vmbusr.sys [2012-7-25 117248]
S3 WacHidRouter;Wacom Hid Router;C:\Windows\System32\Drivers\wachidrouter.sys [2013-5-24 81824]
S3 wacomrouterfilter;Wacom Router Filter Driver;C:\Windows\System32\Drivers\wacomrouterfilter.sys [2013-5-24 15776]
S3 WUDFWpdComp;WUDFWpdComp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-25 198656]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-25 198656]
S4 AnviCsbSvc;Anvi Cloud System Booster Speed Service;C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe [2012-12-14 318312]
S4 BdDesktopParental;Bitdefender Desktop Parental Control;C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe [2013-8-27 69392]
S4 CrazyRemoteServer;CrazyRemoteServer;C:\Program Files (x86)\CrazyRemote\CrazyRemoteServer.exe [2012-2-19 248576]
S4 FileMonitor;FileMonitor;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2013-7-20 23048]
S4 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-4-11 1432400]
S4 hasplms;Sentinel Local License Manager;C:\Windows\System32\hasplms.exe -run --> C:\Windows\System32\hasplms.exe -run [?]
S4 IMFservice;IMF Service;C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2013-7-20 335168]
S4 mi-raysat_3dsmax2010_32;mental ray 3.7 Satellite for Autodesk 3ds Max 2010 32-bit 32-bit;C:\Program Files (x86)\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe [2009-3-12 86016]
S4 mi-raysat_3dsmax2010_64;mental ray 3.7 Satellite for Autodesk 3ds Max 2010 64-bit 64-bit;C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_64server.exe [2009-3-12 86016]
S4 SBPIMSvc;SB Recovery Service;C:\Program Files (x86)\GFI Software\VIPRE\SBPIMSvc.exe [2012-10-29 175496]
S4 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2013-4-16 1153368]
.
=============== File Associations ===============
.
FileExt: .js: Applications\notepad.exe="C:\Windows\System32\notepad.exe" "%1" [UserChoice]
ShellExec: dreamweaver.exe: Open="E:\Logiciels\DreamWeaver\Adobe Dreamweaver CS6\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2013-09-04 16:47:02 382536 ----a-w- C:\Windows\System32\drivers\trufos.sys
2013-09-04 09:21:56 270512 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10215.bin
2013-09-03 06:30:14 -------- d-----w- C:\Program Files (x86)\SDA
2013-08-28 08:25:12 -------- d-----w- C:\ProgramData\{6F2F3866-38AD-4f48-852C-2FF5DE7A7588}
2013-08-22 21:18:07 -------- d-----w- C:\Users\Matthieu\AppData\Roaming\REAPER
2013-08-22 21:16:38 -------- d-----w- C:\Program Files\Common Files\Propellerhead Software
2013-08-22 21:15:38 -------- d-----w- C:\Program Files\REAPER (x64)
2013-08-18 00:50:21 -------- d-----w- C:\Users\Matthieu\AppData\Roaming\GHISLER
2013-08-18 00:50:21 -------- d-----w- C:\totalcmd
2013-08-17 08:31:50 -------- d-----w- C:\Users\Matthieu\AppData\Roaming\TeraCopy
2013-08-17 08:31:35 -------- d-----w- C:\Program Files\TeraCopy
2013-08-17 01:24:03 -------- d-----w- C:\Users\Matthieu\ultracopier
2013-08-16 09:58:51 -------- d-sh--w- C:\$RECYCLE.BIN
2013-08-15 10:30:50 -------- d-----w- C:\Users\Matthieu\AppData\Roaming\Unified Remote
2013-08-15 10:30:49 -------- d-----w- C:\Program Files (x86)\Unified Remote
2013-08-14 23:03:44 -------- d-----w- C:\Users\Matthieu\AppData\Local\Chromium
2013-08-14 23:03:31 -------- d-----w- C:\ProgramData\RELOADED
2013-08-14 04:24:53 -------- d-----w- C:\Program Files\Bonjour
2013-08-14 04:24:53 -------- d-----w- C:\Program Files (x86)\Bonjour
2013-08-14 04:24:52 19368 ----a-w- C:\Windows\System32\idisplay.dll
2013-08-14 04:24:52 14248 ----a-w- C:\Windows\System32\drivers\idisplayminiport.sys
2013-08-14 04:24:51 -------- d-----w- C:\Users\Matthieu\AppData\Roaming\SHAPE
2013-08-14 02:15:18 81408 ----a-w- C:\Windows\System32\setupcln.dll
2013-08-14 00:00:06 17536 ----a-w- C:\ProgramData\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2013-08-13 18:14:09 1314816 ----a-w- C:\Windows\System32\rpcrt4.dll
2013-08-13 18:14:08 694272 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2013-08-13 18:14:06 2233168 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-08-13 18:12:39 915968 ----a-w- C:\Windows\System32\uxtheme.dll
2013-08-13 18:11:16 1889280 ----a-w- C:\Windows\System32\crypt32.dll
2013-08-13 18:11:15 98304 ----a-w- C:\Windows\System32\apprepsync.dll
2013-08-13 18:11:15 87040 ----a-w- C:\Windows\SysWow64\apprepapi.dll
2013-08-13 18:11:15 74240 ----a-w- C:\Windows\SysWow64\apprepsync.dll
2013-08-13 18:11:15 68096 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-08-13 18:11:15 337408 ----a-w- C:\Windows\System32\wintrust.dll
2013-08-13 18:11:15 261120 ----a-w- C:\Windows\SysWow64\wintrust.dll
2013-08-13 18:11:15 1568256 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-08-13 18:11:15 124416 ----a-w- C:\Windows\System32\apprepapi.dll
2013-08-13 17:19:18 -------- d-----w- C:\Program Files (x86)\DVD Shrink
.
==================== Find3M ====================
.
2013-08-04 22:26:44 15453832 ----a-w- C:\Windows\System32\xlive.dll
2013-08-01 14:10:10 727592 ----a-w- C:\Windows\System32\drivers\avc3.sys
2013-08-01 14:10:10 601360 ----a-w- C:\Windows\System32\drivers\avckf.sys
2013-08-01 14:10:02 82824 ----a-w- C:\Windows\System32\drivers\bdsandbox.sys
2013-08-01 01:46:12 600011 ----a-w- C:\ProgramData\1375320981.bdinstall.bin
2013-08-01 00:16:18 209275 ----a-w- C:\ProgramData\1375316037.bdinstall.bin
2013-07-26 05:13:37 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-07-26 05:13:28 53760 ----a-w- C:\Windows\System32\UXInit.dll
2013-07-26 05:12:08 3958784 ----a-w- C:\Windows\System32\jscript9.dll
2013-07-26 05:12:04 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-07-26 05:12:03 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-07-26 03:35:08 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-07-26 03:13:24 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-07-26 03:13:15 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll
2013-07-26 03:12:04 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-07-26 03:12:00 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-07-26 03:12:00 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-07-26 02:49:14 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-07-26 02:15:22 40208 ----a-w- C:\Windows\System32\Partizan.exe
2013-07-26 00:54:34 534528 ----a-w- C:\Windows\SysWow64\uxtheme.dll
2013-07-26 00:36:42 35816 ----a-w- C:\Windows\SysWow64\drivers\Partizan.sys
2013-07-26 00:36:38 2 --shatr- C:\Windows\winstart.bat
2013-07-12 19:43:28 34496 ----a-w- C:\Windows\System32\PreTask.exe
2013-07-12 04:06:58 2371736 ----a-w- C:\Windows\System32\WSService.dll
2013-07-12 03:01:53 58200 ----a-w- C:\Windows\System32\drivers\dam.sys
2013-07-12 02:52:18 75952 ----a-w- C:\Windows\System32\NotificationUI.exe
2013-07-12 01:37:46 105984 ----a-w- C:\Windows\System32\WinSetupUI.dll
2013-07-12 01:30:21 34816 ----a-w- C:\Windows\SysWow64\wuapp.exe
2013-07-12 01:30:04 84480 ----a-w- C:\Windows\SysWow64\wudriver.dll
2013-07-12 01:30:04 126464 ----a-w- C:\Windows\SysWow64\wuwebv.dll
2013-07-12 01:29:58 83968 ----a-w- C:\Windows\SysWow64\OEMLicense.dll
2013-07-12 01:29:58 539136 ----a-w- C:\Windows\SysWow64\WSShared.dll
2013-07-12 01:29:58 167424 ----a-w- C:\Windows\SysWow64\WSClient.dll
2013-07-12 01:29:58 159232 ----a-w- C:\Windows\SysWow64\WSSync.dll
2013-07-12 01:29:58 143872 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.dll
2013-07-12 01:29:58 124928 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-07-12 01:29:43 76800 ----a-w- C:\Windows\SysWow64\setupcln.dll
2013-07-12 01:29:39 91648 ----a-w- C:\Windows\SysWow64\sppc.dll
2013-07-02 00:44:14 36288 ----a-w- C:\Windows\System32\drivers\WdBoot.sys
2013-07-01 22:08:49 247216 ----a-w- C:\Windows\System32\drivers\WdFilter.sys
2013-06-27 22:04:51 78200 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-27 22:04:51 693112 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-06-16 22:41:31 997632 ----a-w- C:\Windows\System32\drivers\ndis.sys
.
============= FINISH: 21:28:57,07 ===============
The ASWmbr scan crashed because of the avast database. I'll try to remove it and scan without it. It crashes while scanning hasplms.exe ...
~hmm.. I can't edit posts anymore ... :/ fact is that i don't trust avast utilities...
Edit
Then start a new topic here in the Malware Removal Forum providing the DDS and aswMBR logs so a volunteer analyst can advise when available.
Split off to new topic, link to original: http://forums.spybot.info/showthread.php?69312-mixidj-conduit-fragments-spywarehunter4-hoaxware-fragments
DDS
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16660 BrowserJavaVersion: 10.21.2
Run by Matthieu at 21:28:47 on 2013-09-10
Microsoft Windows 8 Professionnel 6.2.9200.0.1252.2.1036.18.8135.4803 [GMT -4:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Advanced SystemCare Ultimate *Enabled/Updated* {1C304DC4-1D72-5DB9-B33A-43B638ECFD30}
AV: Bitdefender Antivirus *Disabled/Outdated* {9B5F5313-CAF9-DD97-C460-E778420237B4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
SP: Bitdefender Antispyware *Disabled/Outdated* {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
FW: Bitdefender Firewall *Disabled* {A364D236-8096-DCCF-EF3F-4E4DBCD170CF}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ascsvc.exe
C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ascavsvc.exe
C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\dwm.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\nvvsvc.exe
C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\BtwRSupportService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\system32\dashost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe
C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\msiexec.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhostex.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\Monitor.exe
C:\Program Files (x86)\UnHackMe\hackmon.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
C:\Program Files\Tablet\Pen\WacomHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Tablet\Pen\Pen_Tablet.exe
C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe
C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCTray.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\ASUS\ASUS Sync\asusUPCTLoader.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wwahost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files (x86)\NCH Software\Debut\debut.exe
C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
C:\Users\Matthieu\AppData\Local\Temp\utt477B.tmp.exe
C:\Users\Matthieu\AppData\Local\Temp\utt477B.tmp.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\SysWOW64\cmd.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
mStart Page = about:blank
mURLSearchHooks: {d2cf9842-af95-48cd-b873-bfbb48cd7f5e} - <orphaned>
mWinlogon: Userinit = userinit.exe,
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\BrowerProtect\ASCPlugin_Protection.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [uTorrent] "C:\Users\Matthieu\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
uRun: [Advanced SystemCare Ultimate] "C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCTray.exe" /AutoStart
uRun: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe -expressboot
uRun: [Steam] "E:\Jeux\D.I.R\Steam.exe" -silent
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun: [ASUS Sync Loader] "C:\Program Files (x86)\ASUS\ASUS Sync\asusUPCTLoader.exe" -startup
mRun: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
StartupFolder: C:\Users\Matthieu\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNT AutoBackup.lnk - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE
StartupFolder: C:\Users\Matthieu\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Fences.lnk - C:\Program Files (x86)\Stardock\Fences\Fences.exe
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 67.69.239.49 207.164.234.129
TCP: Interfaces\{A1877BB8-32D6-43E0-99F6-E53522E0B805} : DHCPNameServer = 67.69.239.49 207.164.234.129
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = about:blank
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [Fences] "C:\Program Files (x86)\Stardock\Fences\Fences.exe" /startup
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [Bdagent] "C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe"
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-STS: FencesShlExt Class - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll
Hosts: 127.0.0.1 www.spywareinfo.com (http://www.spywareinfo.com)
.
============= SERVICES / DRIVERS ===============
.
R0 avc3;avc3;C:\Windows\System32\Drivers\avc3.sys [2013-8-1 727592]
R0 gzflt;gzflt;C:\Windows\System32\Drivers\gzflt.sys [2013-7-31 147232]
R1 bdfwfpf;bdfwfpf;C:\Program Files\Common Files\Bitdefender\BitDefender Firewall\bdfwfpf.sys [2010-1-4 106568]
R1 BDVEDISK;BDVEDISK;C:\Windows\System32\Drivers\bdvedisk.sys [2013-7-31 78752]
R2 AdvancedSystemCareService6;Advanced SystemCare Service 6;C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCSvc.exe [2013-9-4 1051088]
R2 aksdf;aksdf;C:\Windows\System32\Drivers\aksdf.sys [2013-4-14 83072]
R2 ASCAntivirusSrv;AdvancedSystemCareAntivirus;C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCAvSvc.exe [2013-9-4 621008]
R2 BcmBtRSupport;Bluetooth Radio Control Service;C:\Windows\System32\BtwRSupportService.exe [2011-12-15 2246184]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-4-12 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-4-12 701512]
R2 SafeBox;SafeBox;C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe [2013-7-31 95184]
R2 UPDATESRV;Bitdefender Desktop Update Service;C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe [2013-8-27 67320]
R2 WTabletServiceCon;Wacom Consumer Service;C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [2013-5-24 619904]
R3 avchv;avchv Function Driver;C:\Windows\System32\Drivers\avchv.sys [2013-7-31 261056]
R3 avckf;avckf;C:\Windows\System32\Drivers\avckf.sys [2013-8-1 601360]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter;C:\Windows\System32\Drivers\bcbtums.sys [2012-1-27 134696]
R3 BthA2DP;Stéréo Bluetooth;C:\Windows\System32\Drivers\BthA2DP.sys [2013-7-16 117632]
R3 BthLEEnum;Pilote Bluetooth Low Energy;C:\Windows\System32\Drivers\BthLEEnum.sys [2012-7-25 202752]
R3 debutfilter;Debut Filter Driver v6.20.00;C:\Windows\System32\Drivers\debutfilterx64.sys [2013-4-14 33488]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\Drivers\mbam.sys [2013-4-12 25928]
R3 RTL8168;Pilote Realtek 8168 NT;C:\Windows\System32\Drivers\Rt630x64.sys [2012-6-2 589824]
S0 bdelam;bdelam;C:\Windows\System32\Drivers\bdelam.sys [2013-7-31 23456]
S2 EsgScanner;EsgScanner;C:\Windows\System32\Drivers\EsgScanner.sys [2013-7-23 22704]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-6-21 162408]
S3 Arrakis3;BitDefender Serveur Arrakis;C:\Program Files\Common Files\Bitdefender\BitDefender Arrakis Server\bin\arrakis3.exe [2009-10-19 278224]
S3 BDSandBox;BDSandBox;C:\Windows\System32\Drivers\bdsandbox.sys [2013-8-1 82824]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\Drivers\ssudbus.sys [2013-2-6 102936]
S3 hidkmdf;KMDF Driver;C:\Windows\System32\Drivers\hidkmdf.sys [2013-5-24 13728]
S3 iDispService;iDispService;C:\Windows\System32\Drivers\idisplayminiport.sys [2013-8-14 14248]
S3 RegFilter;RegFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys [2013-7-20 34336]
S3 RTL8192su;Carte réseau local USB*2.0 sans fil 802.11n Realtek RTL8192SU;C:\Windows\System32\Drivers\RTL8192su.sys [2012-6-2 693864]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\Drivers\ssudmdm.sys [2013-2-6 203544]
S3 UrlFilter;UrlFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys [2013-7-20 23016]
S3 vmbusr;Fournisseur de bus d’ordinateur virtuel;C:\Windows\System32\Drivers\vmbusr.sys [2012-7-25 117248]
S3 WacHidRouter;Wacom Hid Router;C:\Windows\System32\Drivers\wachidrouter.sys [2013-5-24 81824]
S3 wacomrouterfilter;Wacom Router Filter Driver;C:\Windows\System32\Drivers\wacomrouterfilter.sys [2013-5-24 15776]
S3 WUDFWpdComp;WUDFWpdComp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-25 198656]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-25 198656]
S4 AnviCsbSvc;Anvi Cloud System Booster Speed Service;C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe [2012-12-14 318312]
S4 BdDesktopParental;Bitdefender Desktop Parental Control;C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe [2013-8-27 69392]
S4 CrazyRemoteServer;CrazyRemoteServer;C:\Program Files (x86)\CrazyRemote\CrazyRemoteServer.exe [2012-2-19 248576]
S4 FileMonitor;FileMonitor;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2013-7-20 23048]
S4 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-4-11 1432400]
S4 hasplms;Sentinel Local License Manager;C:\Windows\System32\hasplms.exe -run --> C:\Windows\System32\hasplms.exe -run [?]
S4 IMFservice;IMF Service;C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2013-7-20 335168]
S4 mi-raysat_3dsmax2010_32;mental ray 3.7 Satellite for Autodesk 3ds Max 2010 32-bit 32-bit;C:\Program Files (x86)\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe [2009-3-12 86016]
S4 mi-raysat_3dsmax2010_64;mental ray 3.7 Satellite for Autodesk 3ds Max 2010 64-bit 64-bit;C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_64server.exe [2009-3-12 86016]
S4 SBPIMSvc;SB Recovery Service;C:\Program Files (x86)\GFI Software\VIPRE\SBPIMSvc.exe [2012-10-29 175496]
S4 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2013-4-16 1153368]
.
=============== File Associations ===============
.
FileExt: .js: Applications\notepad.exe="C:\Windows\System32\notepad.exe" "%1" [UserChoice]
ShellExec: dreamweaver.exe: Open="E:\Logiciels\DreamWeaver\Adobe Dreamweaver CS6\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2013-09-04 16:47:02 382536 ----a-w- C:\Windows\System32\drivers\trufos.sys
2013-09-04 09:21:56 270512 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10215.bin
2013-09-03 06:30:14 -------- d-----w- C:\Program Files (x86)\SDA
2013-08-28 08:25:12 -------- d-----w- C:\ProgramData\{6F2F3866-38AD-4f48-852C-2FF5DE7A7588}
2013-08-22 21:18:07 -------- d-----w- C:\Users\Matthieu\AppData\Roaming\REAPER
2013-08-22 21:16:38 -------- d-----w- C:\Program Files\Common Files\Propellerhead Software
2013-08-22 21:15:38 -------- d-----w- C:\Program Files\REAPER (x64)
2013-08-18 00:50:21 -------- d-----w- C:\Users\Matthieu\AppData\Roaming\GHISLER
2013-08-18 00:50:21 -------- d-----w- C:\totalcmd
2013-08-17 08:31:50 -------- d-----w- C:\Users\Matthieu\AppData\Roaming\TeraCopy
2013-08-17 08:31:35 -------- d-----w- C:\Program Files\TeraCopy
2013-08-17 01:24:03 -------- d-----w- C:\Users\Matthieu\ultracopier
2013-08-16 09:58:51 -------- d-sh--w- C:\$RECYCLE.BIN
2013-08-15 10:30:50 -------- d-----w- C:\Users\Matthieu\AppData\Roaming\Unified Remote
2013-08-15 10:30:49 -------- d-----w- C:\Program Files (x86)\Unified Remote
2013-08-14 23:03:44 -------- d-----w- C:\Users\Matthieu\AppData\Local\Chromium
2013-08-14 23:03:31 -------- d-----w- C:\ProgramData\RELOADED
2013-08-14 04:24:53 -------- d-----w- C:\Program Files\Bonjour
2013-08-14 04:24:53 -------- d-----w- C:\Program Files (x86)\Bonjour
2013-08-14 04:24:52 19368 ----a-w- C:\Windows\System32\idisplay.dll
2013-08-14 04:24:52 14248 ----a-w- C:\Windows\System32\drivers\idisplayminiport.sys
2013-08-14 04:24:51 -------- d-----w- C:\Users\Matthieu\AppData\Roaming\SHAPE
2013-08-14 02:15:18 81408 ----a-w- C:\Windows\System32\setupcln.dll
2013-08-14 00:00:06 17536 ----a-w- C:\ProgramData\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2013-08-13 18:14:09 1314816 ----a-w- C:\Windows\System32\rpcrt4.dll
2013-08-13 18:14:08 694272 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2013-08-13 18:14:06 2233168 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-08-13 18:12:39 915968 ----a-w- C:\Windows\System32\uxtheme.dll
2013-08-13 18:11:16 1889280 ----a-w- C:\Windows\System32\crypt32.dll
2013-08-13 18:11:15 98304 ----a-w- C:\Windows\System32\apprepsync.dll
2013-08-13 18:11:15 87040 ----a-w- C:\Windows\SysWow64\apprepapi.dll
2013-08-13 18:11:15 74240 ----a-w- C:\Windows\SysWow64\apprepsync.dll
2013-08-13 18:11:15 68096 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-08-13 18:11:15 337408 ----a-w- C:\Windows\System32\wintrust.dll
2013-08-13 18:11:15 261120 ----a-w- C:\Windows\SysWow64\wintrust.dll
2013-08-13 18:11:15 1568256 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-08-13 18:11:15 124416 ----a-w- C:\Windows\System32\apprepapi.dll
2013-08-13 17:19:18 -------- d-----w- C:\Program Files (x86)\DVD Shrink
.
==================== Find3M ====================
.
2013-08-04 22:26:44 15453832 ----a-w- C:\Windows\System32\xlive.dll
2013-08-01 14:10:10 727592 ----a-w- C:\Windows\System32\drivers\avc3.sys
2013-08-01 14:10:10 601360 ----a-w- C:\Windows\System32\drivers\avckf.sys
2013-08-01 14:10:02 82824 ----a-w- C:\Windows\System32\drivers\bdsandbox.sys
2013-08-01 01:46:12 600011 ----a-w- C:\ProgramData\1375320981.bdinstall.bin
2013-08-01 00:16:18 209275 ----a-w- C:\ProgramData\1375316037.bdinstall.bin
2013-07-26 05:13:37 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-07-26 05:13:28 53760 ----a-w- C:\Windows\System32\UXInit.dll
2013-07-26 05:12:08 3958784 ----a-w- C:\Windows\System32\jscript9.dll
2013-07-26 05:12:04 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-07-26 05:12:03 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-07-26 03:35:08 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-07-26 03:13:24 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-07-26 03:13:15 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll
2013-07-26 03:12:04 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-07-26 03:12:00 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-07-26 03:12:00 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-07-26 02:49:14 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-07-26 02:15:22 40208 ----a-w- C:\Windows\System32\Partizan.exe
2013-07-26 00:54:34 534528 ----a-w- C:\Windows\SysWow64\uxtheme.dll
2013-07-26 00:36:42 35816 ----a-w- C:\Windows\SysWow64\drivers\Partizan.sys
2013-07-26 00:36:38 2 --shatr- C:\Windows\winstart.bat
2013-07-12 19:43:28 34496 ----a-w- C:\Windows\System32\PreTask.exe
2013-07-12 04:06:58 2371736 ----a-w- C:\Windows\System32\WSService.dll
2013-07-12 03:01:53 58200 ----a-w- C:\Windows\System32\drivers\dam.sys
2013-07-12 02:52:18 75952 ----a-w- C:\Windows\System32\NotificationUI.exe
2013-07-12 01:37:46 105984 ----a-w- C:\Windows\System32\WinSetupUI.dll
2013-07-12 01:30:21 34816 ----a-w- C:\Windows\SysWow64\wuapp.exe
2013-07-12 01:30:04 84480 ----a-w- C:\Windows\SysWow64\wudriver.dll
2013-07-12 01:30:04 126464 ----a-w- C:\Windows\SysWow64\wuwebv.dll
2013-07-12 01:29:58 83968 ----a-w- C:\Windows\SysWow64\OEMLicense.dll
2013-07-12 01:29:58 539136 ----a-w- C:\Windows\SysWow64\WSShared.dll
2013-07-12 01:29:58 167424 ----a-w- C:\Windows\SysWow64\WSClient.dll
2013-07-12 01:29:58 159232 ----a-w- C:\Windows\SysWow64\WSSync.dll
2013-07-12 01:29:58 143872 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.dll
2013-07-12 01:29:58 124928 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-07-12 01:29:43 76800 ----a-w- C:\Windows\SysWow64\setupcln.dll
2013-07-12 01:29:39 91648 ----a-w- C:\Windows\SysWow64\sppc.dll
2013-07-02 00:44:14 36288 ----a-w- C:\Windows\System32\drivers\WdBoot.sys
2013-07-01 22:08:49 247216 ----a-w- C:\Windows\System32\drivers\WdFilter.sys
2013-06-27 22:04:51 78200 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-27 22:04:51 693112 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-06-16 22:41:31 997632 ----a-w- C:\Windows\System32\drivers\ndis.sys
.
============= FINISH: 21:28:57,07 ===============
The ASWmbr scan crashed because of the avast database. I'll try to remove it and scan without it. It crashes while scanning hasplms.exe ...
~hmm.. I can't edit posts anymore ... :/ fact is that i don't trust avast utilities...