Did you note down what was removed? Please post dds.txt contents too (you posted attach.txt contents there).i forgot uncheck the option remove found threats, and it found 2 infections wich it cleaned
How's the system doing?
Did you note down what was removed? Please post dds.txt contents too (you posted attach.txt contents there).i forgot uncheck the option remove found threats, and it found 2 infections wich it cleaned
How's the system doing?
Microsoft Windows Insider MVP 2016-2020
Microsoft MVP Consumer Security 2008-2015
UNITE member since 2006
If you have problems create a thread in the forum, please.
Malware removal instructions are for the correspondent user's case only.
hi again i just relized i gave you dds report with internet explorer wich i dont very much use, i use google chrome 99percent of the time so heres my dds log from google chrome .
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by martin at 21:14:34 on 2012-01-12
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.8138.6225 [GMT 0:00]
.
AV: AVG Internet Security 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Internet Security 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
FW: AVG Firewall *Enabled* {621CC794-9486-F902-D092-0484E8EA828B}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2012\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\ATKFUSService.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe
C:\Program Files\ASUS\GamerOSD\ATKFastUserSwitching.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 4\PMonitor.exe
C:\Program Files (x86)\MAGIX\PC_Check_Tuning_2011_Download_Version\MxTray.exe
C:\Windows\DAODx.exe
C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
C:\Program Files (x86)\AVG\AVG2012\avgfws.exe
C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Windows\Integrator.exe
C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe
C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
C:\Windows\system32\DllHost.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\msiexec.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
BHO: Updater For Spam Free Search Bar: {20a0be68-8fd9-4539-8712-ce3d1c1fdfc6} - C:\Program Files (x86)\blekkotb\auxi\blekkoAu.dll
BHO: Spam Free Search Bar: {26c9e18c-3717-4be1-a225-04e4471f5b6e} - C:\Program Files (x86)\blekkotb\blekkoDx.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\9.0.0.23\AVG Secure Search_toolbar.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\9.0.0.23\AVG Secure Search_toolbar.dll
TB: Spam Free Search Bar: {26c9e18c-3717-4be1-a225-04e4471f5b6e} - C:\Program Files (x86)\blekkotb\blekkoDx.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
mRun: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe"
StartupFolder: C:\Users\martin\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ANTICR~1.LNK - C:\Program Files (x86)\Dachshund Software\AntiCrash\AntiCrash.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{053F4FB4-A421-4969-872A-359EFFFF95A1} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{053F4FB4-A421-4969-872A-359EFFFF95A1}\D616274796E646166796466343 : DhcpNameServer = 192.168.1.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\9.0.1\ViProtocol.dll
BHO-X64: Updater For Spam Free Search Bar: {20a0be68-8fd9-4539-8712-ce3d1c1fdfc6} - C:\Program Files (x86)\blekkotb\auxi\blekkoAu.dll
BHO-X64: Updater For Spam Free Search Bar - No File
BHO-X64: Spam Free Search Bar: {26c9e18c-3717-4be1-a225-04e4471f5b6e} - C:\Program Files (x86)\blekkotb\blekkoDx.dll
BHO-X64: Spam Free Search Bar - No File
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\9.0.0.23\AVG Secure Search_toolbar.dll
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\9.0.0.23\AVG Secure Search_toolbar.dll
TB-X64: Spam Free Search Bar: {26c9e18c-3717-4be1-a225-04e4471f5b6e} - C:\Program Files (x86)\blekkotb\blekkoDx.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
mRun-x64: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun-x64: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\martin\AppData\Roaming\Mozilla\Firefox\Profiles\kd283fb1.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.aol.co.uk/?icid=aoluk5logorefresh&dlact=dl1
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AiChargerPlus;ASUS Charger Plus Driver;C:\Windows\system32\DRIVERS\AiChargerPlus.sys --> C:\Windows\system32\DRIVERS\AiChargerPlus.sys [?]
R0 amd_sata;amd_sata;C:\Windows\system32\DRIVERS\amd_sata.sys --> C:\Windows\system32\DRIVERS\amd_sata.sys [?]
R0 amd_xata;amd_xata;C:\Windows\system32\DRIVERS\amd_xata.sys --> C:\Windows\system32\DRIVERS\amd_xata.sys [?]
R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]
R0 DiskSec;Magix Volume Filter Driver;C:\Windows\system32\drivers\DiskSec.sys --> C:\Windows\system32\drivers\DiskSec.sys [?]
R1 Avgfwfd;AVG network filter service;C:\Windows\system32\DRIVERS\avgfwd6a.sys --> C:\Windows\system32\DRIVERS\avgfwd6a.sys [?]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]
R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2011-7-19 140672]
R2 AdvancedSystemCareService;Advanced SystemCare Service;C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe [2011-12-13 328536]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-11-9 361984]
R2 AODDriver4.01;AODDriver4.01;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2011-6-24 55424]
R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [2010-11-3 918144]
R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [2010-12-2 915584]
R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [2011-12-12 586880]
R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG2012\avgfws.exe [2011-11-23 2391832]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 192776]
R2 vToolbarUpdater;vToolbarUpdater;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe [2011-12-28 869216]
R3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys --> C:\Windows\system32\DRIVERS\amdiox64.sys [?]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\system32\DRIVERS\asmthub3.sys --> C:\Windows\system32\DRIVERS\asmthub3.sys [?]
R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\system32\DRIVERS\asmtxhci.sys --> C:\Windows\system32\DRIVERS\asmtxhci.sys [?]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]
R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?]
R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-12 136176]
S2 MAGIX StartUp Analyze Service;MAGIX StartUp Analyze Service;C:\Program Files (x86)\MAGIX\PC_Check_Tuning_2011_Download_Version\MXSAS.exe [2010-10-12 196096]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-12 136176]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2012-01-12 21:06:09 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-01-12 20:49:56 -------- d-----w- C:\Users\martin\AppData\Local\{F3F9DE25-FC92-463E-8E0D-F14C53382563}
2012-01-12 20:49:45 -------- d-----w- C:\Users\martin\AppData\Local\{79BE121E-FD4A-42CA-A381-5C44C32E8CDB}
2012-01-12 20:02:14 -------- d-----w- C:\Program Files (x86)\ESET
2012-01-11 18:29:16 64512 ---ha-w- C:\Users\martin\AppData\Roaming\dach100.dll
2012-01-11 17:12:42 -------- d-sh--w- C:\$RECYCLE.BIN
2012-01-11 16:48:14 98816 ----a-w- C:\Windows\sed.exe
2012-01-11 16:48:14 518144 ----a-w- C:\Windows\SWREG.exe
2012-01-11 16:48:14 256000 ----a-w- C:\Windows\PEV.exe
2012-01-11 16:48:14 208896 ----a-w- C:\Windows\MBR.exe
2012-01-11 16:35:46 -------- d-----w- C:\Users\martin\AppData\Local\blekkotb
2012-01-11 16:35:45 -------- d-----w- C:\ProgramData\Anti-phishing Domain Advisor
2012-01-11 16:35:42 -------- d-----w- C:\Program Files (x86)\blekkotb
2012-01-11 13:06:43 1572864 ----a-w- C:\Windows\System32\quartz.dll
2012-01-11 13:06:42 77312 ----a-w- C:\Windows\System32\packager.dll
2012-01-11 13:06:42 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2012-01-11 13:06:42 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2012-01-11 13:06:42 366592 ----a-w- C:\Windows\System32\qdvd.dll
2012-01-11 13:06:42 1731920 ----a-w- C:\Windows\System32\ntdll.dll
2012-01-11 13:06:42 1328128 ----a-w- C:\Windows\SysWow64\quartz.dll
2012-01-11 13:06:42 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll
2012-01-11 13:01:08 -------- d-----w- C:\Users\martin\AppData\Local\{AEE908D3-7CA5-407E-88A9-EF6C12BC7571}
2012-01-11 13:00:55 -------- d-----w- C:\Users\martin\AppData\Local\{76BDBDEA-804F-4767-9992-E8729CA3B658}
2012-01-10 20:39:29 -------- d-----w- C:\Users\martin\AppData\Local\ElevatedDiagnostics
2012-01-10 20:30:13 25160 ----a-w- C:\Windows\System32\drivers\hitmanpro36.sys
2012-01-10 20:29:46 -------- d-----w- C:\Program Files\HitmanPro
2012-01-10 20:29:39 -------- d-----w- C:\ProgramData\HitmanPro
2012-01-10 18:24:06 55384 ----a-w- C:\Windows\System32\drivers\SBREDrv.sys
2012-01-10 17:47:33 -------- d-----w- C:\Users\martin\AppData\Local\{D6434A5C-FED7-4B7B-B9D5-05B71EC532CE}
2012-01-10 17:47:21 -------- d-----w- C:\Users\martin\AppData\Local\{9273BEEB-C639-4D7A-8DA4-7443F2E4D276}
2012-01-09 20:33:23 -------- d-----w- C:\ProgramData\XoftSpySE
2012-01-09 19:14:49 230952 ----a-w- C:\Windows\System32\drivers\PCTSD64.sys
2012-01-09 19:14:49 -------- d-----w- C:\Program Files (x86)\Common Files\PC Tools
2012-01-09 19:12:28 -------- d-----w- C:\Users\martin\AppData\Roaming\TestApp
2012-01-09 19:12:28 -------- d-----w- C:\ProgramData\PC Tools
2012-01-09 13:55:38 -------- d-----w- C:\Program Files (x86)\AMD APP
2012-01-09 13:55:34 -------- d-----w- C:\Program Files (x86)\Common Files\ATI Technologies
2012-01-09 13:53:31 -------- d-----w- C:\ATI
2012-01-09 13:50:24 -------- d-----w- C:\Users\martin\AppData\Local\{6CCB1F71-FA60-4670-8224-FD190291C950}
2012-01-09 13:50:12 -------- d-----w- C:\Users\martin\AppData\Local\{A6362FDF-C3C0-4A40-91C0-9C34BB642BC0}
2012-01-08 11:20:17 -------- d-----w- C:\Users\martin\AppData\Local\{5B48E6AE-3E3D-40B8-8E20-6A3C8E40B86D}
2012-01-08 11:20:06 -------- d-----w- C:\Users\martin\AppData\Local\{65EA5F3C-50AB-4C57-9FB6-627A0EC349DC}
2012-01-07 11:30:59 -------- d-----w- C:\Users\martin\AppData\Local\{EA42B4BE-F9A6-4F10-A8F6-EE189AC6C9AE}
2012-01-07 11:30:48 -------- d-----w- C:\Users\martin\AppData\Local\{7E0E6A56-D508-45F0-A0C1-5586543611BD}
2012-01-06 16:58:30 -------- d-----w- C:\Users\martin\AppData\Local\{1A2AF5B3-2052-4F62-9FB1-162FE39DEB74}
2012-01-06 16:58:19 -------- d-----w- C:\Users\martin\AppData\Local\{EF20225A-063B-4807-A693-119FA0605128}
2012-01-05 13:22:22 -------- d-----w- C:\Users\martin\AppData\Local\{18A26359-018B-409D-BEE5-8D12B1B64646}
2012-01-05 13:22:11 -------- d-----w- C:\Users\martin\AppData\Local\{A5CEDDB0-1082-4043-B956-F4F4F3CE97F1}
2012-01-04 11:55:27 -------- d-----w- C:\Users\martin\AppData\Local\{A4B00FEF-0B4A-410A-878F-3C33E0F91164}
2012-01-04 11:55:16 -------- d-----w- C:\Users\martin\AppData\Local\{64887C9D-BB24-428D-96EC-22EBDB20F1AB}
2012-01-03 13:17:53 -------- d-----w- C:\Users\martin\AppData\Local\{3D94F6DC-1386-46C9-AEA7-24F9EC6BD257}
2012-01-03 13:17:42 -------- d-----w- C:\Users\martin\AppData\Local\{20B601A3-DBD3-4922-9BC2-799D42BF5664}
2012-01-02 16:57:36 -------- d-----w- C:\Users\martin\AppData\Local\{3508D6BA-8363-47AF-8046-5D0F0D91BD8C}
2012-01-02 16:57:25 -------- d-----w- C:\Users\martin\AppData\Local\{196C92BC-12E3-46ED-9D8A-F60D5A458BD5}
2011-12-31 19:06:09 -------- d-----w- C:\Users\martin\AppData\Local\{1588EC49-587C-459C-9375-A5C43FE03BB2}
2011-12-31 19:05:54 -------- d-----w- C:\Users\martin\AppData\Local\{6196876E-35DC-48C2-AAA0-54842A321BAF}
2011-12-30 17:45:21 -------- d-----w- C:\Users\martin\AppData\Local\{D98DAFB0-298E-4167-9877-6E68E0D5C1AE}
2011-12-30 17:45:10 -------- d-----w- C:\Users\martin\AppData\Local\{EFA01C89-D566-4970-A9F7-8D862680A55D}
2011-12-29 21:02:10 -------- d-----w- C:\Users\martin\AppData\Roaming\Curiolab
2011-12-29 19:50:49 -------- d-----w- C:\Program Files (x86)\Advanced Spyware Remover
2011-12-29 13:53:20 -------- d-----w- C:\Users\martin\AppData\Local\{E2D1B3F8-51D8-4EFD-B2FF-47B48C32C933}
2011-12-29 13:53:09 -------- d-----w- C:\Users\martin\AppData\Local\{ABAE8172-E919-40A6-A9EE-6B139A96E32C}
2011-12-28 20:45:47 -------- d-----w- C:\Windows\pss
2011-12-28 14:34:44 -------- d-----w- C:\ProgramData\!SASCORE
2011-12-28 14:34:42 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2011-12-28 13:22:32 -------- d-----w- C:\Users\martin\AppData\Roaming\AVG2012
2011-12-28 13:22:12 -------- d-----w- C:\ProgramData\AVG Secure Search
2011-12-28 13:22:10 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search
2011-12-28 13:22:09 -------- d-----w- C:\Program Files (x86)\AVG Secure Search
2011-12-28 13:22:02 -------- d-----w- C:\Windows\SysWow64\drivers\AVG
2011-12-28 13:21:44 -------- d-----w- C:\Windows\System32\drivers\AVG
2011-12-28 13:21:44 -------- d-----w- C:\ProgramData\AVG2012
2011-12-28 13:21:00 -------- d-----w- C:\Program Files (x86)\AVG
2011-12-28 11:43:32 -------- d-----w- C:\Users\martin\AppData\Local\{625DA88F-8474-4A2C-A7B9-6AE25CBB97B2}
2011-12-28 11:43:20 -------- d-----w- C:\Users\martin\AppData\Local\{5D600DF1-3A95-4641-AAC3-1C31ECD0694F}
2011-12-27 14:53:41 -------- d-----w- C:\Users\martin\AppData\Local\{A81E2CDA-A488-48D0-8432-B876D72E80DB}
2011-12-27 14:53:30 -------- d-----w- C:\Users\martin\AppData\Local\{8BB41815-F082-4771-B25D-EDB54B988991}
2011-12-27 12:49:05 -------- d-----w- C:\Users\martin\AppData\Local\{3EDEA225-F3DE-40E3-B063-F70DEA70346F}
2011-12-27 12:48:54 -------- d-----w- C:\Users\martin\AppData\Local\{56FBA2E9-89DE-466E-B104-03279D274810}
2011-12-26 19:08:10 -------- d-----w- C:\Users\martin\AppData\Roaming\TuneUp Software
2011-12-26 19:07:57 -------- d-----w- C:\ProgramData\TuneUp Software
2011-12-26 19:07:54 -------- d-sh--w- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2011-12-26 18:56:50 -------- d-----w- C:\Users\martin\AppData\Roaming\Auslogics
2011-12-26 18:55:47 -------- d-----w- C:\Program Files (x86)\Auslogics
2011-12-26 12:02:09 -------- d-----w- C:\Users\martin\AppData\Local\{27BD5B4C-ADA1-4EEA-A04C-C9483A9E8A97}
2011-12-26 12:01:58 -------- d-----w- C:\Users\martin\AppData\Local\{709EB311-8B12-4EAA-8609-0743F5F344F3}
2011-12-25 15:38:12 -------- d-----w- C:\Users\martin\AppData\Local\{FA7E1B4F-F202-4F01-945C-D91C5A66F855}
2011-12-25 15:38:01 -------- d-----w- C:\Users\martin\AppData\Local\{1D4BF17D-B61E-4979-9D37-B3F1E18D0B7C}
2011-12-25 14:33:56 -------- d-----w- C:\Users\martin\AppData\Local\{A4DFA5A7-BBD0-4859-9C6A-31282D46EE6E}
2011-12-25 14:33:45 -------- d-----w- C:\Users\martin\AppData\Local\{B22209F6-47C2-4242-80E7-5262E002EC56}
2011-12-24 20:06:44 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-12-24 19:19:34 -------- d-----w- C:\Program Files (x86)\inKline Global
2011-12-24 18:21:47 -------- d-----w- C:\Users\martin\AppData\Local\{FDAF3472-2E95-44CF-810D-9F86FF0FAA00}
2011-12-24 18:21:35 -------- d-----w- C:\Users\martin\AppData\Local\{2CA25035-1B0A-415F-9267-8CAF53449178}
2011-12-24 16:58:03 -------- d-----w- C:\Users\martin\AppData\Roaming\SUPERAntiSpyware.com
2011-12-24 16:57:41 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2011-12-24 15:34:00 -------- d-----w- C:\Users\martin\AppData\Local\{36E2EC0C-9354-48C8-9F66-0EA5CC80FB63}
2011-12-24 15:33:49 -------- d-----w- C:\Users\martin\AppData\Local\{08BF9FB5-B43A-422E-AB53-31785BEB39E7}
2011-12-23 17:09:41 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2011-12-23 16:48:50 -------- d-----w- C:\Users\martin\AppData\Local\{77068C7F-7CCE-4F7F-A938-CAA682B9FE75}
2011-12-23 16:48:35 -------- d-----w- C:\Users\martin\AppData\Local\{335A06C6-D16F-4437-B17E-63D4B3691C0B}
2011-12-22 13:12:25 -------- d-----w- C:\ProgramData\IObit
2011-12-22 13:06:13 -------- d-----w- C:\Users\martin\AppData\Local\{65E40E6F-CF49-4434-90EC-06C63023BA4F}
2011-12-22 13:06:02 -------- d-----w- C:\Users\martin\AppData\Local\{1137D1A5-C278-4999-82EF-1A97D547A97F}
2011-12-21 19:21:58 -------- d-----w- C:\Users\martin\AppData\Local\{62B3CFDE-05D5-49EA-B186-F34808FCE3DD}
2011-12-21 19:21:47 -------- d-----w- C:\Users\martin\AppData\Local\{807A8034-298E-40FA-8DCB-CC70EF1CB669}
2011-12-20 21:04:15 -------- d-----w- C:\Program Files (x86)\Dachshund Software
2011-12-20 20:45:42 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2011-12-20 18:08:59 -------- d-----w- C:\Users\martin\AppData\Roaming\Malwarebytes
2011-12-20 18:08:56 -------- d-----w- C:\ProgramData\Malwarebytes
2011-12-20 18:08:53 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-12-20 17:27:25 -------- d-----w- C:\Users\martin\AppData\Local\{5A167E43-5691-4EF9-9D9A-2B13FA3856D4}
2011-12-20 17:27:13 -------- d-----w- C:\Users\martin\AppData\Local\{2A8D11DE-FF23-4478-86F2-CDE0F87C70C8}
2011-12-19 18:38:56 -------- d-----w- C:\Users\martin\AppData\Local\Apps
2011-12-19 18:26:54 -------- d-----w- C:\Program Files (x86)\Common Files\MAGIX shared
2011-12-19 17:47:53 663552 ----a-w- C:\Windows\SysWow64\mgxoschk.dll
2011-12-19 17:40:27 27616 ----a-w- C:\Windows\System32\drivers\disksec.sys
2011-12-19 17:40:15 -------- d-----w- C:\ProgramData\MAGIX
2011-12-19 17:40:15 -------- d-----w- C:\Program Files (x86)\MAGIX
2011-12-19 17:32:27 -------- d-----w- C:\Users\martin\AppData\Roaming\MAGIX
2011-12-19 16:42:23 -------- d-----w- C:\Users\martin\AppData\Local\{102062FD-3F97-4A51-8902-DC64B4BD6951}
2011-12-19 16:42:12 -------- d-----w- C:\Users\martin\AppData\Local\{63C98E52-337F-4C41-9FE2-23D6F7751254}
2011-12-18 11:38:00 -------- d-----w- C:\Users\martin\AppData\Local\{6053C415-B6F2-43D8-B8A8-0F4030D337A5}
2011-12-18 11:37:49 -------- d-----w- C:\Users\martin\AppData\Local\{493D444C-11F2-4BDE-A635-AA5106C2B024}
2011-12-17 17:56:19 -------- d-----w- C:\Users\martin\AppData\Local\{F3F1F5F8-454F-42FC-A850-6644D514034E}
2011-12-17 17:56:05 -------- d-----w- C:\Users\martin\AppData\Local\{F31F22BE-F87B-421E-B7C5-111675DD6E37}
2011-12-16 19:43:19 2513344 ----a-w- C:\Windows\PE_Rom.dll
2011-12-16 18:15:03 -------- d-----w- C:\Users\martin\AppData\Local\CrashDumps
2011-12-16 18:14:14 -------- d-----w- C:\Users\martin\AppData\Local\{2DE78E8F-E0E6-4F42-81CF-74C5493C3067}
2011-12-16 18:14:03 -------- d-----w- C:\Users\martin\AppData\Local\{EEACC7D8-817A-40A4-9E7E-C0E5C172B061}
2011-12-15 16:43:31 -------- d-----w- C:\Users\martin\AppData\Local\{8956503E-5741-4C59-B895-ABD9AD1F7ADF}
2011-12-15 16:43:20 -------- d-----w- C:\Users\martin\AppData\Local\{AB7AF5BD-95B5-45FD-A2D8-8F7B4064965A}
2011-12-15 16:43:20 -------- d-----w- C:\Users\martin\AppData\Local\{531140AC-FA50-4563-B843-EC1DBBA3D7F9}
2011-12-14 21:31:35 -------- d-----w- C:\Users\martin\AppData\Local\Diagnostics
2011-12-14 16:00:57 924632 ----a-w- C:\Program Files (x86)\Mozilla Firefox\nsnB443.tmp\firefox.exe
2011-12-14 15:54:51 -------- d-----w- C:\Users\martin\AppData\Local\{20525307-8D35-42B2-B9CD-3A6F41F42489}
2011-12-14 15:54:40 -------- d-----w- C:\Users\martin\AppData\Local\{41D7649A-16AD-4FE4-AA21-43C4444724EA}
2011-12-13 21:22:11 -------- d-----w- C:\ProgramData\CodecCheck
2011-12-13 21:22:09 -------- d-----w- C:\codec-info
2011-12-13 21:21:43 -------- d-----w- C:\Users\martin\AppData\Local\Babylon
2011-12-13 21:21:41 -------- d-----w- C:\Users\martin\AppData\Roaming\Babylon
2011-12-13 21:21:41 -------- d-----w- C:\ProgramData\Babylon
2011-12-13 21:21:11 -------- d-----w- C:\ProgramData\Premium
2011-12-13 21:21:11 -------- d-----w- C:\ProgramData\InstallMate
.
==================== Find3M ====================
.
2011-12-13 19:18:16 902656 ----a-w- C:\Windows\System32\d2d1.dll
2011-12-13 19:18:16 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
2011-12-13 19:18:16 1544192 ----a-w- C:\Windows\System32\DWrite.dll
2011-12-13 19:18:16 1139200 ----a-w- C:\Windows\System32\FntCache.dll
2011-12-13 19:18:16 1076736 ----a-w- C:\Windows\SysWow64\DWrite.dll
2011-12-12 16:10:59 0 ----a-w- C:\Windows\ativpsrm.bin
2011-11-24 04:52:09 3145216 ----a-w- C:\Windows\System32\win32k.sys
2011-11-15 14:29:56 270720 ------w- C:\Windows\System32\MpSigStub.exe
2011-11-10 03:45:30 10567680 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
2011-11-10 03:20:50 25218048 ----a-w- C:\Windows\System32\atio6axx.dll
2011-11-10 03:17:10 159744 ----a-w- C:\Windows\System32\atiapfxx.exe
2011-11-10 03:16:56 774656 ----a-w- C:\Windows\SysWow64\aticfx32.dll
2011-11-10 03:15:20 927232 ----a-w- C:\Windows\System32\aticfx64.dll
2011-11-10 03:12:24 466944 ----a-w- C:\Windows\System32\ATIDEMGX.dll
2011-11-10 03:12:10 516608 ----a-w- C:\Windows\System32\atieclxx.exe
2011-11-10 03:11:32 204288 ----a-w- C:\Windows\System32\atiesrxx.exe
2011-11-10 03:10:18 120320 ----a-w- C:\Windows\System32\atitmm64.dll
2011-11-10 03:09:58 423424 ----a-w- C:\Windows\System32\atipdl64.dll
2011-11-10 03:09:52 360448 ----a-w- C:\Windows\SysWow64\atipdlxx.dll
2011-11-10 03:09:40 278528 ----a-w- C:\Windows\SysWow64\Oemdspif.dll
2011-11-10 03:09:34 21504 ----a-w- C:\Windows\System32\atimuixx.dll
2011-11-10 03:09:30 59392 ----a-w- C:\Windows\System32\atiedu64.dll
2011-11-10 03:09:24 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll
2011-11-10 03:06:20 6077952 ----a-w- C:\Windows\SysWow64\atidxx32.dll
2011-11-10 02:58:20 18996224 ----a-w- C:\Windows\SysWow64\atioglxx.dll
2011-11-10 02:51:18 7405056 ----a-w- C:\Windows\System32\atidxx64.dll
2011-11-10 02:40:52 1113088 ----a-w- C:\Windows\System32\atiumd6v.dll
2011-11-10 02:40:18 1828864 ----a-w- C:\Windows\SysWow64\atiumdmv.dll
2011-11-10 02:40:04 4061696 ----a-w- C:\Windows\System32\atiumd6a.dll
2011-11-10 02:34:54 51200 ----a-w- C:\Windows\System32\aticalrt64.dll
2011-11-10 02:34:52 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll
2011-11-10 02:34:44 44544 ----a-w- C:\Windows\System32\aticalcl64.dll
2011-11-10 02:34:42 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll
2011-11-10 02:34:28 13552640 ----a-w- C:\Windows\System32\aticaldd64.dll
2011-11-10 02:33:52 5852672 ----a-w- C:\Windows\SysWow64\atiumdag.dll
2011-11-10 02:29:58 11300864 ----a-w- C:\Windows\SysWow64\aticaldd.dll
2011-11-10 02:29:46 4200960 ----a-w- C:\Windows\SysWow64\atiumdva.dll
2011-11-10 02:24:26 7439360 ----a-w- C:\Windows\System32\atiumd64.dll
2011-11-10 02:18:44 58880 ----a-w- C:\Windows\System32\coinst.dll
2011-11-10 02:13:32 494592 ----a-w- C:\Windows\System32\atiadlxx.dll
2011-11-10 02:13:22 348160 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
2011-11-10 02:13:08 17408 ----a-w- C:\Windows\System32\atig6pxx.dll
2011-11-10 02:13:04 14336 ----a-w- C:\Windows\SysWow64\atiglpxx.dll
2011-11-10 02:13:04 14336 ----a-w- C:\Windows\System32\atiglpxx.dll
2011-11-10 02:13:00 39936 ----a-w- C:\Windows\System32\atig6txx.dll
2011-11-10 02:12:52 32768 ----a-w- C:\Windows\SysWow64\atigktxx.dll
2011-11-10 02:12:44 325632 ----a-w- C:\Windows\System32\drivers\atikmpag.sys
2011-11-10 02:11:54 41984 ----a-w- C:\Windows\System32\atiuxp64.dll
2011-11-10 02:11:46 32256 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
2011-11-10 02:11:40 39424 ----a-w- C:\Windows\System32\atiu9p64.dll
2011-11-10 02:11:32 54784 ----a-w- C:\Windows\System32\atimpc64.dll
2011-11-10 02:11:32 54784 ----a-w- C:\Windows\System32\amdpcom64.dll
2011-11-10 02:11:32 29184 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
2011-11-10 02:11:26 53760 ----a-w- C:\Windows\SysWow64\atimpc32.dll
2011-11-10 02:11:26 53760 ----a-w- C:\Windows\SysWow64\amdpcom32.dll
2011-11-10 02:10:54 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll
2011-11-09 22:39:50 69632 ----a-w- C:\Windows\System32\OpenVideo64.dll
2011-11-09 22:39:44 59904 ----a-w- C:\Windows\SysWow64\OpenVideo.dll
2011-11-09 22:39:36 61952 ----a-w- C:\Windows\System32\OVDecode64.dll
2011-11-09 22:39:32 54784 ----a-w- C:\Windows\SysWow64\OVDecode.dll
2011-11-09 22:39:22 17442304 ----a-w- C:\Windows\System32\amdocl64.dll
2011-11-09 22:38:40 14375936 ----a-w- C:\Windows\SysWow64\amdocl.dll
2011-11-09 22:37:50 51200 ----a-w- C:\Windows\System32\OpenCL.dll
2011-11-09 22:37:46 44032 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2011-11-05 05:32:50 2048 ----a-w- C:\Windows\System32\tzres.dll
2011-11-05 04:26:03 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2011-11-04 01:53:39 2309120 ----a-w- C:\Windows\System32\jscript9.dll
2011-11-04 01:44:47 1390080 ----a-w- C:\Windows\System32\wininet.dll
2011-11-04 01:44:21 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
2011-11-04 01:34:43 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2011-11-03 22:47:42 1798144 ----a-w- C:\Windows\SysWow64\jscript9.dll
2011-11-03 22:40:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2011-11-03 22:39:47 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-11-03 22:31:57 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-10-26 05:21:20 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2011-10-21 20:16:12 1843200 ----a-w- C:\Windows\SysWow64\SlotMaximizerBe.dll
2011-10-21 20:15:46 104448 ----a-w- C:\Windows\SysWow64\SlotMaximizerAg.dll
2011-10-21 20:12:32 2763264 ----a-w- C:\Windows\System32\SlotMaximizerBe.dll
2011-10-21 20:07:42 125440 ----a-w- C:\Windows\System32\SlotMaximizerAg.dll
2011-10-17 17:40:50 93712 ----a-w- C:\Windows\System32\drivers\AtihdW76.sys
2011-10-15 06:31:56 723456 ----a-w- C:\Windows\System32\EncDec.dll
2011-10-15 05:38:59 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll
.
============= FINISH: 21:14:53.02 ===============
Kindly see my post before your latest one. I posted it at the same time with yours.
Microsoft Windows Insider MVP 2016-2020
Microsoft MVP Consumer Security 2008-2015
UNITE member since 2006
If you have problems create a thread in the forum, please.
Malware removal instructions are for the correspondent user's case only.
heres my attachment log http://forums.spybot.info/attachment...1&d=1326451064.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 12/12/2011 15:58:14
System Uptime: 13/01/2012 10:22:30 (0 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | M5A97
Processor: AMD FX(tm)-8120 Eight-Core Processor | AM3r2 | 3100/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 931 GiB total, 893.374 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP73: 28/12/2011 21:48:48 - Installed HiJackThis
RP74: 29/12/2011 17:58:02 - MAGIX PC Check & Tuning 2011 (PC Check)
RP75: 29/12/2011 18:08:47 - Installed Kaspersky Internet Security 2011.
RP76: 29/12/2011 21:28:18 - Removed HiJackThis
RP77: 30/12/2011 17:58:24 - Installed HiJackThis
RP78: 05/01/2012 20:40:13 - Removed HiJackThis
RP79: 08/01/2012 18:07:13 - Removed TuneUp Utilities 2012
RP80: 08/01/2012 18:07:57 - Removed TuneUp Utilities Language Pack (en-US)
RP81: 09/01/2012 18:45:46 - MAGIX PC Check & Tuning 2011 (PC Check)
RP82: 10/01/2012 18:20:11 - Installed Ad-Aware
RP83: 10/01/2012 18:20:38 - Installed Ad-Aware
RP84: 10/01/2012 19:17:00 - Removed Ad-Aware
RP85: 11/01/2012 20:42:41 - Windows Update
.
==== Installed Programs ======================
.
Adobe Flash Player 11 Plugin
Advanced Spyware Remover Free Edition
Advanced SystemCare 4
AI Suite II
AMD VISION Engine Control Center
Anti-phishing Domain Advisor
AntiCrash 3.6.1
Asmedia ASM104x USB 3.0 Host Controller Driver
ASUS Gamer OSD
ASUS VGA Driver
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
CCC Help English
D3DX10
DivX Web Player
ESET Online Scanner v3
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
HydraVision
Junk Mail filter update
MAGIX PC Check & Tuning 2011 Download Version
MAGIX Screenshare
Malwarebytes Anti-Malware version 1.60.0.1800
Messenger Companion
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Mozilla Firefox 8.0.1 (x86 en-US)
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
PC Booster
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Spam Free Search Bar
Spybot - Search & Destroy
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Utility
VC80CRTRedist - 8.0.50727.762
Visual Studio 2008 x64 Redistributables
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
XviD MPEG-4 Video Codec
.
==== Event Viewer Messages From Past Week ========
.
11/01/2012 16:51:41, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
10/01/2012 20:39:27, Error: Service Control Manager [7001] - The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
09/01/2012 20:38:39, Error: Service Control Manager [7034] - The PC Tools Security Service service terminated unexpectedly. It has done this 1 time(s).
09/01/2012 19:18:58, Error: PCTCore [280] -
.
==== End Of File ===========================
Questions I asked in my previous post but didn't get answer yet:
Originally Posted by Blade81
Microsoft Windows Insider MVP 2016-2020
Microsoft MVP Consumer Security 2008-2015
UNITE member since 2006
If you have problems create a thread in the forum, please.
Malware removal instructions are for the correspondent user's case only.
hi there heres my latest dds report.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 12/12/2011 15:58:14
System Uptime: 13/01/2012 10:22:30 (0 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | M5A97
Processor: AMD FX(tm)-8120 Eight-Core Processor | AM3r2 | 3100/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 931 GiB total, 893.374 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP73: 28/12/2011 21:48:48 - Installed HiJackThis
RP74: 29/12/2011 17:58:02 - MAGIX PC Check & Tuning 2011 (PC Check)
RP75: 29/12/2011 18:08:47 - Installed Kaspersky Internet Security 2011.
RP76: 29/12/2011 21:28:18 - Removed HiJackThis
RP77: 30/12/2011 17:58:24 - Installed HiJackThis
RP78: 05/01/2012 20:40:13 - Removed HiJackThis
RP79: 08/01/2012 18:07:13 - Removed TuneUp Utilities 2012
RP80: 08/01/2012 18:07:57 - Removed TuneUp Utilities Language Pack (en-US)
RP81: 09/01/2012 18:45:46 - MAGIX PC Check & Tuning 2011 (PC Check)
RP82: 10/01/2012 18:20:11 - Installed Ad-Aware
RP83: 10/01/2012 18:20:38 - Installed Ad-Aware
RP84: 10/01/2012 19:17:00 - Removed Ad-Aware
RP85: 11/01/2012 20:42:41 - Windows Update
.
==== Installed Programs ======================
.
Adobe Flash Player 11 Plugin
Advanced Spyware Remover Free Edition
Advanced SystemCare 4
AI Suite II
AMD VISION Engine Control Center
Anti-phishing Domain Advisor
AntiCrash 3.6.1
Asmedia ASM104x USB 3.0 Host Controller Driver
ASUS Gamer OSD
ASUS VGA Driver
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
CCC Help English
D3DX10
DivX Web Player
ESET Online Scanner v3
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
HydraVision
Junk Mail filter update
MAGIX PC Check & Tuning 2011 Download Version
MAGIX Screenshare
Malwarebytes Anti-Malware version 1.60.0.1800
Messenger Companion
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Mozilla Firefox 8.0.1 (x86 en-US)
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
PC Booster
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Spam Free Search Bar
Spybot - Search & Destroy
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Utility
VC80CRTRedist - 8.0.50727.762
Visual Studio 2008 x64 Redistributables
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
XviD MPEG-4 Video Codec
.
==== Event Viewer Messages From Past Week ========
.
11/01/2012 16:51:41, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
10/01/2012 20:39:27, Error: Service Control Manager [7001] - The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
09/01/2012 20:38:39, Error: Service Control Manager [7034] - The PC Tools Security Service service terminated unexpectedly. It has done this 1 time(s).
09/01/2012 19:18:58, Error: PCTCore [280] -
.
==== End Of File ===========================
You posted that log already earlier but these two questions you still haven't replied:
1) Did you note down what was removed in ESET scan?
2) How's the system doing, are there still issues left?
Microsoft Windows Insider MVP 2016-2020
Microsoft MVP Consumer Security 2008-2015
UNITE member since 2006
If you have problems create a thread in the forum, please.
Malware removal instructions are for the correspondent user's case only.
im very sorry i didnt note down what the infections were but i did run advanced spyware removal again and it still got 2 file infections called dynamic desktop media adware, kind regards martin
Hi,
I need to know what were filenames and locations of those two items advanced spyware remover detected.
Microsoft Windows Insider MVP 2016-2020
Microsoft MVP Consumer Security 2008-2015
UNITE member since 2006
If you have problems create a thread in the forum, please.
Malware removal instructions are for the correspondent user's case only.
hi there heres the files infected,
file infection spyware/adware dynamic desktop c:\windows\winsxs\amd64 microsoft window,
file infection spyware/adware dynamic desktop c:\windows\winsxs\wow64\\microsoft windows