I had to Post this?

[dEkxz]

i had the u%cash.exe virus on my pc and i deleted it with mbam-setup.170.0.exe ( Malwarebytes'Anti-malware) and that i had to download DDS-Bleeping Computer and run it when i did that i said post this on the forums

_________________________________

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16464 BrowserJavaVersion: 10.7.2
Run by Gebruiker at 12:14:18 on 2013-02-23
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.31.1043.18.2046.595 [GMT 1:00]
.
AV: ESET NOD32 Antivirus 4.0 *Enabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
SP: ESET NOD32 Antivirus 4.0 *Enabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
C:\Users\Gebruiker\AppData\Local\Temp\tmp6337.tmp.exe
C:\Program Files\Logitech\SetPoint II\SetPointII.exe
C:\Program Files (x86)\Xfire\Xfire.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Xfire\xfire64.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Xfire\xfire64.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\taskmgr.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.b1.org/?bsrc=4hixr&chid=c162341
uSearch Bar = hxxp://www.google.com
uSearch Page = hxxp://search.b1.org/?bsrc=4hixr&chid=c162341
uDefault_Page_URL = www.google.nl
uDefault_Search_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mSearch Bar = hxxp://www.google.com
mSearch Page = hxxp://www.google.com
mDefault_Search_URL = hxxp://www.google.com
uURLSearchHooks: {90eee664-34b1-422a-a782-779af65cdf6d} - <orphaned>
uURLSearchHooks: NCH EN Toolbar: {37483b40-c254-4a72-bda4-22ee90182c1e} -
mURLSearchHooks: NCH EN Toolbar: {37483b40-c254-4a72-bda4-22ee90182c1e} -
uWindows: Load = C:\Users\Gebruiker\mshtxf.exe
BHO: bflix Class: {0C9F4179-6CE2-4c6a-A3E5-67FF3592A12E} -
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: NCH EN Toolbar: {37483b40-c254-4a72-bda4-22ee90182c1e} -
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Aanmeldhulp voor Windows Live ID: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: DealPly: {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} -
BHO: MediaBar: {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} -
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: Yontoo: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} -
TB: NCH EN Toolbar: {37483B40-C254-4A72-BDA4-22EE90182C1E} -
TB: MediaBar: {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} -
TB: NCH EN Toolbar: {37483b40-c254-4a72-bda4-22ee90182c1e} -
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [IncrediMail] C:\Program Files (x86)\IncrediMail\bin\IncMail.exe /c
uRun: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
uRun: [Google Update] "C:\Users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [Clownfish] "C:\Program Files (x86)\Clownfish\Clownfish.exe"
uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [Java.exe] "C:\Users\Gebruiker\AppData\Local\Temp\tmp6337.tmp.exe"
uRun: [Mom] C:\Users\Gebruiker\AppData\Roaming\MoM.exe
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [KMConfig] K:\StartAutorun.exe KMConfig.exe
mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [wefhnijnwef] C:\Users\Gebruiker\mshtxf.exe
mRun: [Mom] C:\Users\Gebruiker\AppData\Roaming\MoM.exe
uExplorerRun: [] C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Internet.exe
mExplorerRun: [Mom] C:\Users\Gebruiker\AppData\Roaming\MoM.exe
StartupFolder: C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\fa7dfa16da.dat
StartupFolder: C:\Users\GEBRUI~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Xfire.lnk - C:\Program Files (x86)\Xfire\Xfire.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ROCKET~1.LNK - C:\Windows\Android Skin Pack\RocketDock\RocketDock.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SETPOI~1.LNK - C:\Program Files\Logitech\SetPoint II\SetPointII.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\UberIcon.lnk - C:\Windows\Android Skin Pack\UberIcon\UberIcon.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\YzShadow.lnk - C:\Windows\Android Skin Pack\YzShadow\YzShadow.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoResolveTrack = dword:1
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:0
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xporteren naar Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
IE: Zoek op het web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 212.54.40.25 212.54.35.25
TCP: Interfaces\{3381B3E8-03B5-41E3-839A-ACA066601459} : DHCPNameServer = 212.54.40.25 212.54.35.25
TCP: Interfaces\{3381B3E8-03B5-41E3-839A-ACA066601459}\3596475636F6D6635423549333 : DHCPNameServer = 192.168.0.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Notify: WgaLogon - <no file>
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
mASetup: {F5BC59A5-BA92-A45B-DFE5-9DB932F6E75F} - C:\Users\Gebruiker\AppData\Roaming\MoM.exe
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
x64-Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
x64-Run: [Eraser] "C:\PROGRA~1\Eraser\Eraser.exe" --atRestart
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 johci;JMicron 1394 Filter Driver;C:\Windows\System32\drivers\johci.sys [2010-9-29 18784]
R0 xfiltx64;VIA SATA IDE Hot-plug Driver;C:\Windows\System32\drivers\xfiltx64.sys [2010-9-29 26776]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2010-9-29 98208]
R2 ekrn;ESET Service;C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2009-5-14 731840]
R2 epfwwfpr;epfwwfpr;C:\Windows\System32\drivers\epfwwfpr.sys [2009-5-14 121152]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-2 382824]
R2 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-1-13 3467768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-1-8 161536]
S3 2310_00;2310_00;C:\Windows\System32\drivers\2310_00.sys [2010-9-29 170528]
S3 ahcix64s;ahcix64s;C:\Windows\System32\drivers\ahcix64s.sys [2010-9-29 231224]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\Windows\System32\drivers\ssadadb.sys [2011-5-13 36328]
S3 arcm_a64;arcm_a64;C:\Windows\System32\drivers\arcm_a64.sys [2010-9-29 52768]
S3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-9-29 70424]
S3 hptiop;hptiop;C:\Windows\System32\drivers\hptiop.sys [2010-9-29 17440]
S3 hptmv;hptmv;C:\Windows\System32\drivers\hptmv.sys [2010-9-29 93472]
S3 hptmv6;hptmv6;C:\Windows\System32\drivers\hptmv6.sys [2010-9-29 152096]
S3 IAMTVE;Stuurprogramma voor Intel(R) Active Management Technology - KCS;C:\Windows\System32\drivers\IAMTVE.sys [2010-9-29 43416]
S3 IAMTXPE;Stuurprogramma voor Intel(R) Active Management Technology - KCS;C:\Windows\System32\drivers\IAMTXPE.sys [2010-9-29 51096]
S3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-9-29 158976]
S3 ioatdma1;ioatdma1;C:\Windows\System32\drivers\qd162x64.sys [2010-9-29 40144]
S3 ioatdma2;Intel(R) QuickData Technology device ver.2;C:\Windows\System32\drivers\qd262x64.sys [2010-9-29 42192]
S3 MegaSR1;MegaSR1;C:\Windows\System32\drivers\MegaSR1.sys [2010-9-29 461320]
S3 nvamacpi;nvamacpi;C:\Windows\System32\drivers\nvamacpi.sys [2010-9-29 28192]
S3 Pnp680;Pnp680;C:\Windows\System32\drivers\PnP680.sys [2010-9-29 80424]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-3-17 20992]
S3 rr172x;rr172x;C:\Windows\System32\drivers\rr172x.sys [2010-9-29 124448]
S3 rr174x;rr174x;C:\Windows\System32\drivers\rr174x.sys [2010-9-29 159264]
S3 rr2210;rr2210;C:\Windows\System32\drivers\rr2210.sys [2010-9-29 153632]
S3 rr232x;rr232x;C:\Windows\System32\drivers\rr232x.sys [2010-9-29 152096]
S3 rr2340;rr2340;C:\Windows\System32\drivers\rr2340.sys [2010-9-29 162400]
S3 rr2522;rr2522;C:\Windows\System32\drivers\rr2522.sys [2010-9-29 168032]
S3 rr62x;rr62x;C:\Windows\System32\drivers\rr62x.sys [2010-9-29 155232]
S3 Ser2at;ATEN USB to Serial port driver;C:\Windows\System32\drivers\ser2at64.sys [2010-9-29 90112]
S3 SI3112r;SI3112r;C:\Windows\System32\drivers\SI3112r.sys [2010-9-29 164656]
S3 SI3114;SI3114;C:\Windows\System32\drivers\SI3114.sys [2010-9-29 99120]
S3 SI3124;SI3124;C:\Windows\System32\drivers\SI3124.sys [2010-9-29 113456]
S3 Si3124r5;Si3124r5;C:\Windows\System32\drivers\Si3124r5.sys [2010-9-29 334640]
S3 Si3531;Si3531;C:\Windows\System32\drivers\Si3531.sys [2010-9-29 330544]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\System32\drivers\ssadbus.sys [2011-5-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\System32\drivers\ssadmdfl.sys [2011-5-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\System32\drivers\ssadmdm.sys [2011-5-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\Windows\System32\drivers\ssadserd.sys [2011-5-13 146920]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-6-21 59392]
S3 vcrdrx64;VIA MSP Card Reader Host Controller;C:\Windows\System32\drivers\vcrdrx64.sys [2010-9-29 123544]
S3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);C:\Windows\System32\drivers\vcsvad.sys [2011-6-23 21504]
S3 viamrx64;viamrx64;C:\Windows\System32\drivers\viamrx64.sys [2010-9-29 158944]
S3 videX64;videX64;C:\Windows\System32\drivers\videX64.sys [2010-9-29 15000]
S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-10-4 1255736]
.
=============== Created Last 30 ================
.
2013-02-23 11:12:36 -------- d-----w- C:\Users\Gebruiker\AppData\Local\{54B48AAC-3C60-462E-9C25-827F471CC511}
2013-02-23 11:11:53 1169224 ----a-w- C:\Users\Gebruiker\AppData\Roaming\MoM.exe
2013-02-23 11:00:03 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\Malwarebytes
2013-02-23 10:59:48 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-02-23 10:59:48 -------- d-----w- C:\ProgramData\Malwarebytes
2013-02-23 10:59:48 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-02-23 10:59:27 -------- d-----w- C:\Users\Gebruiker\AppData\Local\Programs
2013-02-23 10:46:27 -------- d-sh--w- C:\$RECYCLE.BIN
2013-02-23 10:36:13 -------- d-----w- C:\zoek
2013-02-22 16:56:01 -------- d-----w- C:\Program Files (x86)\CodeHook
2013-02-21 12:07:18 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\explorer
2013-02-19 11:17:27 -------- d-----w- C:\Users\Gebruiker\AppData\Local\B1E
2013-02-19 11:17:25 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\B1Toolbar
2013-02-13 22:24:23 996352 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-13 22:24:23 768000 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-13 11:28:29 5553512 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-02-13 11:28:25 3967848 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-02-13 11:28:23 3913064 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-02-13 11:28:00 3153408 ----a-w- C:\Windows\System32\win32k.sys
2013-02-13 11:27:55 215040 ----a-w- C:\Windows\System32\winsrv.dll
2013-02-13 11:27:52 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-02-13 11:27:52 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-02-13 11:27:52 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-02-13 11:27:52 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-02-13 11:27:49 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-02-13 11:27:41 288088 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2013-02-13 11:27:41 1913192 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-02-13 00:26:34 42880 ----a-w- C:\Windows\SysWow64\xfcodec.dll
2013-02-13 00:26:34 28544 ----a-w- C:\Windows\System32\xfcodec64.dll
2013-01-31 16:28:13 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\Xfire
2013-01-29 15:56:35 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\TuneUp Software
2013-01-29 15:56:23 -------- d-----w- C:\ProgramData\TuneUp Software
2013-01-29 15:55:58 -------- d-----w- C:\Program Files (x86)\Winamp Detect
2013-01-29 15:55:56 -------- d-sh--w- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-01-29 15:40:43 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\ts3overlay
.
==================== Find3M ====================
.
2013-02-22 19:40:35 214520 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2013-02-22 19:40:35 214520 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2013-02-22 15:31:55 75064 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2013-01-09 01:19:09 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2013-01-09 01:12:03 1392128 ----a-w- C:\Windows\System32\wininet.dll
2013-01-09 01:11:06 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2013-01-09 01:07:51 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-01-09 01:07:47 599040 ----a-w- C:\Windows\System32\vbscript.dll
2013-01-09 01:04:42 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2013-01-08 22:11:21 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-01-08 22:03:20 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-01-08 22:03:12 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2013-01-08 21:59:02 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2013-01-08 21:58:29 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2013-01-08 21:56:23 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-01-04 04:43:21 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2013-01-01 15:08:22 202448 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2012-12-16 17:11:22 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-16 14:45:03 367616 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-16 14:13:28 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-16 14:13:20 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-07 13:20:16 441856 ----a-w- C:\Windows\System32\Wpc.dll
2012-12-07 13:15:31 2746368 ----a-w- C:\Windows\System32\gameux.dll
2012-12-07 12:26:17 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll
2012-12-07 11:20:04 30720 ----a-w- C:\Windows\System32\usk.rs
2012-12-07 11:20:03 43520 ----a-w- C:\Windows\System32\csrr.rs
2012-12-07 11:20:03 23552 ----a-w- C:\Windows\System32\oflc.rs
2012-12-07 11:20:01 45568 ----a-w- C:\Windows\System32\oflc-nz.rs
2012-12-07 11:20:01 44544 ----a-w- C:\Windows\System32\pegibbfc.rs
2012-12-07 11:20:01 20480 ----a-w- C:\Windows\System32\pegi-fi.rs
2012-12-07 11:20:00 20480 ----a-w- C:\Windows\System32\pegi-pt.rs
2012-12-07 11:19:59 20480 ----a-w- C:\Windows\System32\pegi.rs
2012-12-07 11:19:58 46592 ----a-w- C:\Windows\System32\fpb.rs
2012-12-07 11:19:57 40960 ----a-w- C:\Windows\System32\cob-au.rs
2012-12-07 11:19:57 21504 ----a-w- C:\Windows\System32\grb.rs
2012-12-07 11:19:57 15360 ----a-w- C:\Windows\System32\djctq.rs
2012-12-07 11:19:56 55296 ----a-w- C:\Windows\System32\cero.rs
2012-12-07 11:19:55 51712 ----a-w- C:\Windows\System32\esrb.rs
2012-11-30 05:45:35 362496 ----a-w- C:\Windows\System32\wow64win.dll
2012-11-30 05:45:35 243200 ----a-w- C:\Windows\System32\wow64.dll
2012-11-30 05:45:35 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2012-11-30 05:43:12 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2012-11-30 05:41:07 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2012-11-30 04:53:59 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2012-11-30 03:23:48 338432 ----a-w- C:\Windows\System32\conhost.exe
2012-11-30 02:38:59 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
.
============= FINISH: 12:16:12,14 ===============


and add this attach.txt in a zip/rar file ( download to attach.txt in a .rar file) Removed
What do i have to do after i posted this?
-------------------------------------------------

Edit
Forum FAQ
http://forums.spybot.info/showthread.php?t=288

[JonTom]

Hello dEkxz and

My name is JonTom

• Malware Logs can sometimes take a lot of time to research and interpret.
  
• Please be patient while I try to assist with your problem. If at any time you do not understand what is required, please ask for further explanation.
  
• Please note that there is no "Quick Fix" to modern malware infections and we may need to use several different approaches to get your system clean.
  
• Read every reply you receive carefully and thoroughly before carrying out the instructions. You may also find it helpful to print out the instructions you receive, as in some instances you may have to disconnect your computer from the Internet.
  
• PLEASE NOTE: If you do not reply after 3 days your thread will be closed.

When you ran DDS, two logs would have been produced.

You have posted the dds.txt log but I also need to see the attach.txt log.

Please post it in your next reply along with the log from the following tool:

1. aswMBR
   
   
   
   • Download aswMBR.exe to your desktop.
   • Double click the aswMBR.exe to run it.
   • When asked if you want to download Avast's virus definitions please select Yes.
   • Click the "Scan" button to start scan.
   
   
   
   
   
   • On completion of the scan click save log, save it to your desktop and post in your next reply.
   
   
   

[JonTom]

Do you still need help?

[JonTom]

Due to lack of response, this topic is now closed. If you need continued support, please begin a new thread.