Results 1 to 10 of 25

Thread: Spamware

Hybrid View

Previous Post Previous Post   Next Post Next Post
  1. #1
    Member egrogan1's Avatar
    Join Date
    Apr 2008
    Location
    Ireland
    Posts
    36

    Default

    Help needed please


    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 9.0.8112.16476 BrowserJavaVersion: 10.17.2
    Run by Eoin at 11:07:18 on 2013-04-22
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.353.1033.18.3996.1496 [GMT 1:00]
    .
    AV: Avira Desktop *Enabled/Outdated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
    SP: Avira Desktop *Enabled/Outdated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\WLANExt.exe
    C:\Windows\System32\spoolsv.exe
    C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    c:\Program Files\Intel\iCLS Client\HeciServer.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    C:\Windows\system32\mfevtps.exe
    c:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
    C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
    C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
    C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
    C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
    C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
    C:\Windows\SysWOW64\DllHost.exe
    C:\Windows\SysWOW64\DllHost.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
    C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
    C:\Windows\System32\alg.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\svchost.exe -k bthsvcs
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
    C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
    C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Users\Eoin\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
    C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
    C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
    C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
    C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
    C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe
    C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
    C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
    C:\Program Files\Sony\VAIO Care\VCPerfService.exe
    C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Program Files\Sony\VAIO Improvement\vim.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Program Files\Sony\VAIO Improvement\vim.exe
    C:\Windows\system32\wuauclt.exe
    C:\Program Files\Sony\VAIO Care\VCService.exe
    C:\Program Files\Sony\VAIO Care\VCAgent.exe
    C:\Windows\System32\vds.exe
    C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
    C:\Program Files\Sony\VAIO Care\VCAdmin.exe
    C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
    C:\Windows\explorer.exe
    C:\Windows\system32\taskhost.exe
    C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\toolbox\adblocker\ADBlockerSrv.exe
    C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDSrv.exe
    C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDTray.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\cvh.exe
    Q:\140066.enu\Office14\WINWORDC.EXE
    C:\Windows\splwow64.exe
    C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
    Q:\140066.enu\Office14\OffSpon.EXE
    C:\Windows\system32\notepad.exe
    C:\Windows\system32\notepad.exe
    C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
    C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    C:\Program Files (x86)\Skype\Phone\Skype.exe
    C:\Users\Eoin\AppData\Local\CrossLoop\CrossLoopService.exe
    C:\Users\Eoin\AppData\Local\CrossLoop\CrossLoopConnect.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
    C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_169_ActiveX.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files\Sony\VAIO Care\listener.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.ie
    uLocal Page = hxxp://www.google.ie
    uWindow Title = Microsoft Internet Explorer
    uDefault_Page_URL = hxxp://vaioportal.sony.eu
    mStart Page = hxxp://www.google.ie
    mLocal Page = hxxp://www.google.ie
    mWindow Title = Microsoft Internet Explorer
    mDefault_Page_URL = hxxp://www.google.ie
    uProxyOverride = <local>;*.local
    mWinlogon: Userinit = userinit.exe
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
    BHO: BrOwwse2Saavei: {6CCA71BB-4A17-554A-7B2B-8905AEC189DF} - C:\ProgramData\BrOwwse2Saavei\516bf6e2604b1.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20121012182632.dll
    BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    BHO: SeaaRchh--NewTAb: {FFBF941B-B45E-56DF-E662-7141F54D7983} - C:\ProgramData\SeaaRchh--NewTAb\516bf70307b9b.dll
    TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
    uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    uRun: [SkyDrive] "C:\Users\Eoin\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
    uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
    uRun: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
    uRun: [CrossLoop] "C:\Users\Eoin\AppData\Local\CrossLoop\CrossLoopConnect.exe" -ap=crossloop -port=5910 -udp=www.CrossLoop.com -webserver=server.crossloop.com -webservice=www.crossloop.com -startup=server -minimize
    uRunOnce: [SpybotDeletingF9213] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\WebSearch\sprotector.dll"
    uRunOnce: [SpybotDeletingF462] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\WebSearch\uninstall.exe"
    uRunOnce: [SpybotDeletingF2150] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\BrowseToSave\sprotector.dll"
    uRunOnce: [SpybotDeletingF156] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\BrowseToSave\uninstall.exe"
    uRunOnce: [SpybotDeletingF5817] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\WebSearch\sprotector.dll"
    uRunOnce: [SpybotDeletingF8588] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\WebSearch\uninstall.exe"
    uRunOnce: [SpybotDeletingF5275] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\BrowseToSave\sprotector.dll"
    uRunOnce: [SpybotDeletingF7711] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\BrowseToSave\uninstall.exe"
    uRunOnce: [SpybotDeletingF6627] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\WebSearch\sprotector.dll_old"
    uRunOnce: [SpybotDeletingF9702] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\BrowseToSave\sprotector.dll_old"
    uRunOnce: [SpybotDeletingF3652] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\WebSearch\sprotector.dll_old"
    uRunOnce: [SpybotDeletingF6887] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\BrowseToSave\sprotector.dll_old"
    uRunOnce: [SpybotDeletingF8878] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\WebSearch\sprotector.dll_old"
    uRunOnce: [SpybotDeletingF5697] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\BrowseToSave\sprotector.dll_old"
    uRunOnce: [SpybotDeletingF3281] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\WebSearch\sprotector.dll_old"
    uRunOnce: [SpybotDeletingF5916] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\BrowseToSave\sprotector.dll_old"
    mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
    mRun: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
    mRun: [PMBVolumeWatcher] c:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
    mRun: [MobileBroadband] C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe /silent
    mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
    mRun: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
    mRun: [ShaPlus Bandwidth Meter] "C:\Program Files (x86)\ShaPlus Bandwidth Meter\ShaPlus Bandwidth Meter.exe" /s
    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
    mRun: [ADBlocker] C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\toolbox\adblocker\ADBlockerTray.exe -tray
    mRun: [Anvi Smart Defender] C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDTray.exe
    mRunOnce: [SpybotDeletingE9833] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\WebSearch\sprotector.dll_old"
    mRunOnce: [SpybotDeletingE4020] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\BrowseToSave\sprotector.dll_old"
    mRunOnce: [SpybotDeletingE5901] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\WebSearch\sprotector.dll_old"
    mRunOnce: [SpybotDeletingE8534] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\BrowseToSave\sprotector.dll_old"
    StartupFolder: C:\Users\Eoin\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE
    StartupFolder: C:\Users\Eoin\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\NCDOWN~1.LNK - C:\Program Files (x86)\Solibo Ltd\NCdownloader\NCdownloader.exe
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    mPolicies-System: SoftwareSASGeneration = dword:3
    .
    INFO: HKCU has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    .
    INFO: HKLM has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    TCP: Interfaces\{204075A0-3C79-4EC6-ADCB-9C1406296244} : DHCPNameServer = 8.8.4.4
    TCP: Interfaces\{4C67F788-B788-42CE-9E44-562ED4D265A7} : DHCPNameServer = 172.31.140.69 172.30.140.69
    TCP: Interfaces\{55606A95-2C0D-4635-8BB8-75C01926828F} : NameServer = 89.19.64.164 89.19.64.36
    TCP: Interfaces\{7787CE1A-FC98-4EEF-8D4C-2DBCEA5736EA}\54962736F6D6 : DHCPNameServer = 10.0.0.6
    TCP: Interfaces\{B91DE24D-00AD-4036-A20A-B54F260E9DE7} : NameServer = 89.19.64.164 89.19.64.36
    TCP: Interfaces\{F84F9782-03FD-4F96-9127-821FBC75F442} : NameServer = 89.19.64.164 89.19.64.36
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    SSODL: WebCheck - <orphaned>
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    x64-BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20121012182632.dll
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
    x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SONYAPO
    x64-Run: [AtherosBtStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
    x64-Run: [AthBtTray] "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
    x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
    x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
    x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
    x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
    x64-Run: [NetWorx] "C:\Users\Eoin\Downloads\networx_portable\64-bit\networx.exe" /auto
    .
    INFO: x64-HKLM has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
    x64-DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
    x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
    x64-Notify: igfxcui - igfxdev.dll
    x64-SSODL: WebCheck - <orphaned>
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Eoin\AppData\Roaming\Mozilla\Firefox\Profiles\kgt8vqf0.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://websearch.pu-results.info/?pid=726&r=2013/04/15&hid=665674988&lg=EN&cc=IE&l=1&q=
    FF - prefs.js: browser.search.selectedEngine - WebSearch
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.ie/
    FF - prefs.js: keyword.URL - hxxp://websearch.pu-results.info/?pid=726&r=2013/04/15&hid=665674988&lg=EN&cc=IE&l=1&q=
    FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
    FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll
    FF - plugin: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
    FF - plugin: C:\Program Files (x86)\Sony\Media Go\npmediago.dll
    FF - plugin: C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll
    FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
    FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
    FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
    FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
    FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
    FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2012-2-28 16152]
    R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2011-8-15 647208]
    R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2011-8-15 289664]
    R1 asdnet;asdnet;C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\toolbox\adblocker\sys\amd64\asdnet.sys [2013-4-15 19280]
    R1 avkmgr;avkmgr;C:\Windows\System32\drivers\avkmgr.sys [2013-3-30 28600]
    R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\System32\drivers\mfenlfk.sys [2011-8-15 75936]
    R2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2012-11-16 86752]
    R2 AntiVirService;Avira Real-Time Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2012-11-16 110816]
    R2 asdrs;AntiMalware Host-based Intrusion Prevention System;C:\Windows\System32\drivers\asdrs.sys [2013-4-15 23376]
    R2 asdws;AnviSmartDefender Web Guard;C:\Windows\System32\drivers\asdws.sys [2013-4-15 17232]
    R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2012-2-23 106144]
    R2 avgntflt;avgntflt;C:\Windows\System32\drivers\avgntflt.sys [2013-3-30 100712]
    R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
    R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-5-12 13592]
    R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-5-12 2429544]
    R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-2-2 628448]
    R2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-5-12 128280]
    R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-5-12 161560]
    R2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\systemcore\mcshield.exe [2012-5-12 199304]
    R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\systemcore\mfefire.exe [2012-5-12 210616]
    R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2012-5-12 162224]
    R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2012-2-21 473960]
    R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2012-11-29 38608]
    R2 SampleCollector;VAIO Care Performance Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2011-11-30 260768]
    R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-4-14 1103392]
    R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-4-14 1369624]
    R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-4-14 168384]
    R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
    R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\System32\drivers\ArcSoftKsUFilter.sys [2012-5-12 19968]
    R3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2012-2-23 36000]
    R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2012-2-23 339616]
    R3 btath_avdt;Atheros Bluetooth AVDT Service;C:\Windows\System32\drivers\btath_avdt.sys [2012-2-23 110752]
    R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2012-2-23 30368]
    R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2012-2-23 167584]
    R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2012-2-23 68256]
    R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2012-2-23 280992]
    R3 BTATH_VDP;Bluetooth VDP Driver;C:\Windows\System32\drivers\btath_vdp.sys [2012-2-23 421664]
    R3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2012-2-23 550560]
    R3 ew_usbenumfilter;huawei_CompositeFilter;C:\Windows\System32\drivers\ew_usbenumfilter.sys [2012-10-12 13952]
    R3 huawei_cdcacm;huawei_cdcacm;C:\Windows\System32\drivers\ew_jucdcacm.sys [2012-10-12 98816]
    R3 huawei_enumerator;huawei_enumerator;C:\Windows\System32\drivers\ew_jubusenum.sys [2012-10-12 86016]
    R3 huawei_ext_ctrl;huawei_ext_ctrl;C:\Windows\System32\drivers\ew_juextctrl.sys [2012-10-12 28672]
    R3 huawei_wwanecm;huawei_wwanecm;C:\Windows\System32\drivers\ew_juwwanecm.sys [2012-10-12 213504]
    R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-3-14 331264]
    R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2012-2-28 356120]
    R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2012-2-28 787736]
    R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2011-8-15 229528]
    R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2011-8-15 487296]
    R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2012-5-12 339048]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-2-27 675432]
    R3 SFEP;Sony Firmware Extension Parser;C:\Windows\System32\drivers\SFEP.sys [2012-1-16 14336]
    R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]
    R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]
    R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]
    R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]
    R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
    S3 ATHDFU;Atheros Valkyrie USB BootROM;C:\Windows\System32\drivers\AthDfu.sys [2012-2-23 51872]
    S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-1 183560]
    S3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2011-8-15 65264]
    S3 DCDhcpService;DCDhcpService;C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [2012-5-12 112256]
    S3 e1yexpress;Intel(R) Gigabit Network Connections Driver;C:\Windows\System32\drivers\e1y60x64.sys [2009-6-10 281088]
    S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\Windows\System32\drivers\ew_hwusbdev.sys [2012-10-12 117248]
    S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
    S3 lehidmini;Bluetooth Low Energy Hid Device;C:\Windows\System32\drivers\leath_hid.sys [2012-2-23 36128]
    S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\System32\drivers\mferkdet.sys [2011-8-15 100912]
    S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2012-3-26 22528]
    S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-12-25 19456]
    S3 SmbDrv;SmbDrv;C:\Windows\System32\drivers\Smb_driver.sys [2012-3-14 21264]
    S3 SOHCImp;VAIO Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2012-1-6 138392]
    S3 SOHDs;VAIO Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2012-1-6 74904]
    S3 SpfService;VAIO Entertainment Common Service;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-12-1 289952]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-12-25 57856]
    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-12-25 30208]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-9-28 53760]
    .
    =============== File Associations ===============
    .
    FileExt: .vbs: VBSFile=C:\Windows\SysWow64\WScript.exe "%1" %*
    FileExt: .js: jsfile=C:\Windows\SysWow64\WScript.exe "%1" %*
    .
    =============== Created Last 30 ================
    .
    2013-04-22 09:58:11 -------- d-----w- C:\Users\Eoin\AppData\Local\{B9B0DAAC-1BD0-4027-AD7E-F953F5C3472E}
    2013-04-21 21:45:25 -------- d-----w- C:\Users\Eoin\AppData\Local\{EC477530-4A7A-4DEC-8BF8-29C6214C03B2}
    2013-04-20 21:07:12 -------- d-----w- C:\Users\Eoin\AppData\Local\CrossLoop
    2013-04-20 20:29:58 -------- d-----w- C:\Program Files\CCleaner
    2013-04-20 19:35:42 -------- d-----w- C:\Users\Eoin\AppData\Local\{9714F002-CD9D-426F-AE32-8ADF0C2429E9}
    2013-04-18 15:10:38 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{804BF8CC-918A-4124-A831-56239B848A4C}\offreg.dll
    2013-04-18 15:06:08 9311288 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{804BF8CC-918A-4124-A831-56239B848A4C}\mpengine.dll
    2013-04-15 18:48:21 -------- d-----w- C:\Users\Eoin\AppData\Roaming\Anvisoft
    2013-04-15 18:48:08 23376 ----a-w- C:\Windows\System32\drivers\asdrs.sys
    2013-04-15 18:48:08 18768 ----a-w- C:\Windows\System32\drivers\asdrm.sys
    2013-04-15 18:48:08 17232 ----a-w- C:\Windows\System32\drivers\asdws.sys
    2013-04-15 18:47:48 -------- d-----w- C:\ProgramData\Anvisoft
    2013-04-15 18:47:44 -------- d-----w- C:\Program Files (x86)\Anvisoft
    2013-04-15 12:10:29 -------- d-----w- C:\ProgramData\SeaaRchh--NewTAb
    2013-04-15 12:10:11 -------- d-----w- C:\ProgramData\BrOwwse2Saavei
    2013-04-15 12:09:53 -------- d-----w- C:\Windows\SysWow64\X86
    2013-04-15 12:09:53 -------- d-----w- C:\Windows\SysWow64\AMD64
    2013-04-15 12:09:53 -------- d-----w- C:\Program Files (x86)\Solibo Ltd
    2013-04-15 12:09:22 -------- d-----w- C:\ProgramData\InstallMate
    2013-04-15 10:15:25 -------- d-----w- C:\Users\Eoin\AppData\Local\{ED471A26-CA0C-48A0-8EB4-A93CC3163F57}
    2013-04-15 09:02:38 424448 ----a-w- C:\Windows\System32\KernelBase.dll
    2013-04-15 09:01:10 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
    2013-04-15 09:01:10 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
    2013-04-15 09:01:10 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
    2013-04-15 09:01:10 215040 ----a-w- C:\Windows\System32\winsrv.dll
    2013-04-15 09:01:10 2048 ----a-w- C:\Windows\SysWow64\user.exe
    2013-04-15 09:01:10 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
    2013-04-15 09:01:07 307200 ----a-w- C:\Windows\System32\ncrypt.dll
    2013-04-15 09:01:07 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
    2013-04-15 09:00:06 288088 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
    2013-04-15 09:00:06 1913192 ----a-w- C:\Windows\System32\drivers\tcpip.sys
    2013-04-15 09:00:02 2002432 ----a-w- C:\Windows\System32\msxml6.dll
    2013-04-15 09:00:01 1882624 ----a-w- C:\Windows\System32\msxml3.dll
    2013-04-15 09:00:01 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll
    2013-04-15 09:00:01 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
    2013-04-15 08:58:54 800768 ----a-w- C:\Windows\System32\usp10.dll
    2013-04-15 08:58:54 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
    2013-04-15 08:57:52 68608 ----a-w- C:\Windows\System32\taskhost.exe
    2013-04-15 08:57:51 750592 ----a-w- C:\Windows\System32\win32spl.dll
    2013-04-15 08:57:50 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll
    2013-04-15 08:57:00 3153408 ----a-w- C:\Windows\System32\win32k.sys
    2013-04-15 08:56:59 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe
    2013-04-15 08:56:58 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
    2013-04-15 08:56:58 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
    2013-04-15 08:56:57 112640 ----a-w- C:\Windows\System32\smss.exe
    2013-04-15 08:56:56 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll
    2013-04-15 08:56:56 43520 ----a-w- C:\Windows\System32\csrsrv.dll
    2013-04-15 08:56:00 223752 ----a-w- C:\Windows\System32\drivers\fvevol.sys
    2013-04-14 13:01:23 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
    2013-04-14 13:01:11 17272 ----a-w- C:\Windows\System32\sdnclean64.exe
    2013-04-14 13:01:06 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
    2013-04-14 13:00:21 -------- d-----w- C:\Users\Eoin\AppData\Local\Programs
    2013-04-08 20:48:41 -------- d-----w- C:\Users\Eoin\AppData\Local\{9D7FCF6B-2783-43C4-ABC2-4D9561264A86}
    2013-04-01 15:46:03 861088 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
    2013-04-01 15:45:43 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
    2013-03-30 01:03:47 28600 ----a-w- C:\Windows\System32\drivers\avkmgr.sys
    2013-03-30 01:03:47 100712 ----a-w- C:\Windows\System32\drivers\avgntflt.sys
    2013-03-29 19:30:38 -------- d-----w- C:\Program Files\iPod
    2013-03-29 19:30:37 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
    2013-03-29 19:30:37 -------- d-----w- C:\Program Files\iTunes
    2013-03-29 19:30:37 -------- d-----w- C:\Program Files (x86)\iTunes
    2013-03-29 17:26:43 -------- d-----w- C:\Users\Eoin\AppData\Local\{D97FF038-D245-4C9E-9246-AC7E4AA24732}
    2013-03-23 22:58:49 -------- d-----w- C:\Users\Eoin\AppData\Local\{0B67321A-1C22-4FF5-A497-F6D1DB96E529}
    .
    ==================== Find3M ====================
    .
    2013-04-20 19:33:54 60 ----a-w- C:\Windows\wpd99.drv
    2013-04-15 09:43:47 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2013-04-15 09:43:47 691592 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2013-04-01 15:45:37 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll
    2013-03-12 00:10:56 282744 ------w- C:\Windows\System32\MpSigStub.exe
    2013-02-22 06:27:49 2312704 ----a-w- C:\Windows\System32\jscript9.dll
    2013-02-22 06:20:51 1392128 ----a-w- C:\Windows\System32\wininet.dll
    2013-02-22 06:19:37 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
    2013-02-22 06:15:48 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
    2013-02-22 06:15:23 599040 ----a-w- C:\Windows\System32\vbscript.dll
    2013-02-22 06:12:41 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
    2013-02-22 03:46:00 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2013-02-22 03:38:00 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
    2013-02-22 03:37:50 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2013-02-22 03:34:17 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
    2013-02-22 03:34:03 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
    2013-02-22 03:31:46 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2013-02-12 05:45:24 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
    2013-02-12 05:45:22 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
    2013-02-12 05:45:22 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
    2013-02-12 05:45:22 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
    2013-02-12 04:48:31 474112 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
    2013-02-12 04:48:26 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
    .
    ============= FINISH: 11:09:58.82 ===============

    aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
    Run date: 2013-04-22 11:11:46
    -----------------------------
    11:11:46.384 OS Version: Windows x64 6.1.7601 Service Pack 1
    11:11:46.384 Number of processors: 4 586 0x2A07
    11:11:46.385 ComputerName: EOIN_LAPTOP UserName: Eoin
    11:11:50.803 Initialize success
    11:18:05.415 AVAST engine defs: 13042201
    11:20:13.954 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
    11:20:13.956 Disk 0 Vendor: WDC_WD64 01.0 Size: 610480MB BusType: 3
    11:20:14.064 Disk 0 MBR read successfully
    11:20:14.067 Disk 0 MBR scan
    11:20:14.073 Disk 0 Windows 7 default MBR code
    11:20:14.076 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 16773 MB offset 2048
    11:20:14.107 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 350 MB offset 34353152
    11:20:14.117 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 593355 MB offset 35069952
    11:20:14.177 Disk 0 scanning C:\Windows\system32\drivers
    11:20:27.764 Service scanning
    11:21:03.539 Modules scanning
    11:21:03.557 Disk 0 trace - called modules:
    11:21:03.568
    11:21:05.402 AVAST engine scan C:\Windows
    11:21:08.646 AVAST engine scan C:\Windows\system32
    11:25:21.543 AVAST engine scan C:\Windows\system32\drivers
    11:25:46.883 AVAST engine scan C:\Users\Eoin
    11:38:48.283 Disk 0 MBR has been saved successfully to "C:\Users\Eoin\Desktop\MBR.dat"
    11:38:48.293 The log file has been saved successfully to "C:\Users\Eoin\Desktop\aswMBR.txt"

    Search results from Spybot - Search & Destroy

    20/04/2013 21:43:54
    Scan took 00:25:10.
    41 items found.

    KeywordHijacker: [SBI $63D7C158] Application data folder (Directory, nothing done)
    C:\Program Files (x86)\WebSearch\
    Directory.subfile=C:\Program Files (x86)\WebSearch\sprotector.dll_old
    Directory.subfile.size=1044480
    Directory.subfile.md5=D59FB8A196CC8AD8E8BDE0C437070CC6
    Directory.subfile.filedate=1359026702
    Directory.subfile.filedatetext=2013-01-24 12:25:02

    Barowwsoe2Save: [SBI $EBD45A68] Program directory (Directory, nothing done)
    C:\Program Files (x86)\BrowseToSave\
    Directory.subfile=C:\Program Files (x86)\BrowseToSave\sprotector.dll_old
    Directory.subfile.size=1050112
    Directory.subfile.md5=2E705785860F95358DC9AA6ED402198B
    Directory.subfile.filedate=1359026214
    Directory.subfile.filedatetext=2013-01-24 12:16:54

    Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
    C:\Users\Eoin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UTZ5NQFH\assets.tp-cdn.com\dealspot.sol
    Properties.size=84
    Properties.md5=A3C844689757A37BAB2BE9DD8DF96FBF
    Properties.filedate=1366295945
    Properties.filedatetext=2013-04-18 15:39:05

    Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
    C:\Users\Eoin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UTZ5NQFH\cdn.zopim.com\uysmwvCAsocTdZxFSaGkuDCxGQFV3jnfSession_SO.sol
    Properties.size=1118
    Properties.md5=C3173C439BAA62576727EB8DD0CAA1FB
    Properties.filedate=1366060415
    Properties.filedatetext=2013-04-15 22:13:35

    Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
    C:\Users\Eoin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UTZ5NQFH\cdn.zopim.com\uysmwvCAsocTdZxFSaGkuDCxGQFV3jnfVolatile_SO.sol
    Properties.size=225
    Properties.md5=8F0B399BA2221FF6F265864656115593
    Properties.filedate=1366060415
    Properties.filedatetext=2013-04-15 22:13:35

    Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
    C:\Users\Eoin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UTZ5NQFH\plarium.hs.llnwd.net\analytics.sol
    Properties.size=394
    Properties.md5=8D35B32829304ADDCF54FA3152B50202
    Properties.filedate=1366404898
    Properties.filedatetext=2013-04-19 21:54:57

    Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
    C:\Users\Eoin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UTZ5NQFH\plarium.hs.llnwd.net\dealspot.sol
    Properties.size=125
    Properties.md5=4BA752798CEC78C815779A67338F0F9C
    Properties.filedate=1366389739
    Properties.filedatetext=2013-04-19 17:42:18

    Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
    C:\Users\Eoin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UTZ5NQFH\s.ytimg.com\soundData.sol
    Properties.size=49
    Properties.md5=F2945B8419B125F71FC8FD7CDDB59948
    Properties.filedate=1366295478
    Properties.filedatetext=2013-04-18 15:31:17

    Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
    C:\Users\Eoin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UTZ5NQFH\s.ytimg.com\videostats.sol
    Properties.size=275
    Properties.md5=54857831AC26FA6BFE2DF31EC7F5B851
    Properties.filedate=1366295507
    Properties.filedatetext=2013-04-18 15:31:47

    Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
    C:\Users\Eoin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UTZ5NQFH\software.hiro.tv\HIRO_REPO.sol
    Properties.size=108
    Properties.md5=310DD4B2D014BEF87E184FA4CAD2CAA9
    Properties.filedate=1366487223
    Properties.filedatetext=2013-04-20 20:47:03

    Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
    C:\Users\Eoin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UTZ5NQFH\tag.audiencetv.hiro.tv\dbg.sol
    Properties.size=51
    Properties.md5=CFD4D4C0F07C595513D7025003616E9D
    Properties.filedate=1366051782
    Properties.filedatetext=2013-04-15 19:49:41

    Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
    C:\Users\Eoin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UTZ5NQFH\tag.audiencetv.hiro.tv\hiro_companion_cookie.sol
    Properties.size=106
    Properties.md5=338A1515EAFFDE5FD5D1C3FE2B9FE5F5
    Properties.filedate=1366053245
    Properties.filedatetext=2013-04-15 20:14:04

    Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
    C:\Users\Eoin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UTZ5NQFH\tag.audiencetv.hiro.tv\HIRO_NETWORK_CAPPING_COOKIE.sol
    Properties.size=4339
    Properties.md5=74FDBBD7E51B6D424C32F7C46B86AD49
    Properties.filedate=1366053286
    Properties.filedatetext=2013-04-15 20:14:45

    Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
    C:\Users\Eoin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UTZ5NQFH\tag.audiencetv.hiro.tv\mb.sol
    Properties.size=55
    Properties.md5=4489AD0FEC9425D59115564920A01383
    Properties.filedate=1366052303
    Properties.filedatetext=2013-04-15 19:58:23

    Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
    C:\Users\Eoin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UTZ5NQFH\tag.audiencetv.hiro.tv\US_FARM_AudienceTV.hiro.tv_STREMING_CLIENT_ID_COOKIE.sol
    Properties.size=182
    Properties.md5=5FEAB201FD2753DCA8CCD88FB796850E
    Properties.filedate=1366053205
    Properties.filedatetext=2013-04-15 20:13:24

    Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
    C:\Users\Eoin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UTZ5NQFH\tag.audiencetv.hiro.tv\US_FARM__STREMING_CLIENT_ID_COOKIE.sol
    Properties.size=164
    Properties.md5=2B3163A6A1D696F016A5E19B541BBD18
    Properties.filedate=1366053245
    Properties.filedatetext=2013-04-15 20:14:04

    Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
    C:\Users\Eoin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UTZ5NQFH\tag.matomy.hiro.tv\dbg.sol
    Properties.size=51
    Properties.md5=633E952FD00F31A0A8AA514FC8407265
    Properties.filedate=1366485099
    Properties.filedatetext=2013-04-20 20:11:39

    Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
    C:\Users\Eoin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UTZ5NQFH\tag.matomy.hiro.tv\hiro_companion_cookie.sol
    Properties.size=106
    Properties.md5=DA54FAF1165EAEC445FC0CECB41F80EB
    Properties.filedate=1366486755
    Properties.filedatetext=2013-04-20 20:39:14

    Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
    C:\Users\Eoin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UTZ5NQFH\tag.matomy.hiro.tv\HIRO_NETWORK_CAPPING_COOKIE.sol
    Properties.size=1477
    Properties.md5=DE9F3C36886F1C2861B73F1287708D6E
    Properties.filedate=1366487590
    Properties.filedatetext=2013-04-20 20:53:10

    Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
    C:\Users\Eoin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UTZ5NQFH\tag.matomy.hiro.tv\mb.sol
    Properties.size=55
    Properties.md5=55A6BD74A124F896745466FDC43ADF63
    Properties.filedate=1366486617
    Properties.filedatetext=2013-04-20 20:36:56

    Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
    C:\Users\Eoin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UTZ5NQFH\tag.matomy.hiro.tv\US_FARM_Matomy.hiro.tv_STREMING_CLIENT_ID_COOKIE.sol
    Properties.size=178
    Properties.md5=F5D3E2835AD1F79B1BE0421928A6D1B0
    Properties.filedate=1366487223
    Properties.filedatetext=2013-04-20 20:47:03

    Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
    C:\Users\Eoin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UTZ5NQFH\tag.matomy.hiro.tv\US_FARM__STREMING_CLIENT_ID_COOKIE.sol
    Properties.size=164
    Properties.md5=403160B7E480D2B9C58BAD0F91C84C00
    Properties.filedate=1366486691
    Properties.filedatetext=2013-04-20 20:38:10

    Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
    C:\Users\Eoin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UTZ5NQFH\zcache.zgncdn.com\bubblesafari-1.sol
    Properties.size=70
    Properties.md5=B11E6C18D7B90B32D6DC9BA5884F7DED
    Properties.filedate=1366053284
    Properties.filedatetext=2013-04-15 20:14:44

    Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
    C:\Users\Eoin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UTZ5NQFH\zynga2-a.akamaihd.net\analytics.sol
    Properties.size=189
    Properties.md5=8E61EB2FEA821EAED6B4BFC86E025CA5
    Properties.filedate=1366240196
    Properties.filedatetext=2013-04-18 00:09:56

    Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
    C:\Users\Eoin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UTZ5NQFH\zynga2-a.akamaihd.net\com.jeroenwijering.sol
    Properties.size=47
    Properties.md5=1040E99E03EEE58909886B2268FF85DC
    Properties.filedate=1366052385
    Properties.filedatetext=2013-04-15 19:59:45

    Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7] Text file (File, nothing done)
    C:\Users\Eoin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UTZ5NQFH\cdn.zopim.com\swf\ZClientController2.swf\ZopConfig.sol
    Properties.size=135
    Properties.md5=AE7FBAFF1B41A09C72126BAA77DC4EB0
    Properties.filedate=1366060402
    Properties.filedatetext=2013-04-15 22:13:21

    Internet Explorer: [SBI $1E8157BE] Typed URL list (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-4170974503-3432114913-2014430358-1000\Software\Microsoft\Internet Explorer\TypedURLs

    Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
    HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

    Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
    HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

    MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
    HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name

    MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-4170974503-3432114913-2014430358-1000\Software\Microsoft\Direct3D\MostRecentApplication\Name

    MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
    HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name

    MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name

    MS DirectInput: [SBI $9A063C91] Most recent application (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-4170974503-3432114913-2014430358-1000\Software\Microsoft\DirectInput\MostRecentApplication\Name

    MS DirectInput: [SBI $7B184199] Most recent application ID (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-4170974503-3432114913-2014430358-1000\Software\Microsoft\DirectInput\MostRecentApplication\Id

    Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources

    Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources

    Cookie: [SBI $49804B54] Browser: Cookie (12) (Browser: Cookie, nothing done)


    Cache: [SBI $49804B54] Browser: Cache (80) (Browser: Cache, nothing done)


    History: [SBI $49804B54] Browser: History (229) (Browser: History, nothing done)


    Cookie: [SBI $49804B54] Browser: Cookie (68) (Browser: Cookie, nothing done)



    --- Spybot - Search & Destroy version: 2.0.12.131 DLL (build: 20121113) ---

    2012-11-13 blindman.exe (2.0.12.151)
    2012-11-13 explorer.exe (2.0.12.173)
    2012-11-13 SDBootCD.exe (2.0.12.109)
    2012-11-13 SDCleaner.exe (2.0.12.110)
    2012-11-13 SDDelFile.exe (2.0.12.94)
    2012-11-13 SDFiles.exe (2.0.12.135)
    2012-11-13 SDFileScanHelper.exe (2.0.12.1)
    2012-11-13 SDFSSvc.exe (2.0.12.205)
    2012-11-13 SDImmunize.exe (2.0.12.130)
    2012-11-13 SDLogReport.exe (2.0.12.107)
    2012-11-13 SDPESetup.exe (2.0.12.3)
    2012-11-13 SDPEStart.exe (2.0.12.86)
    2012-11-13 SDPhoneScan.exe (2.0.12.27)
    2012-11-13 SDPRE.exe (2.0.12.13)
    2012-11-13 SDPrepPos.exe (2.0.12.10)
    2012-11-13 SDQuarantine.exe (2.0.12.103)
    2012-11-13 SDRootAlyzer.exe (2.0.12.116)
    2012-11-13 SDSBIEdit.exe (2.0.12.39)
    2012-11-13 SDScan.exe (2.0.12.173)
    2012-11-13 SDScript.exe (2.0.12.53)
    2012-11-13 SDSettings.exe (2.0.12.130)
    2012-11-13 SDShred.exe (2.0.12.105)
    2012-11-13 SDSysRepair.exe (2.0.12.101)
    2012-11-13 SDTools.exe (2.0.12.150)
    2012-11-13 SDTray.exe (2.0.12.127)
    2012-11-13 SDUpdate.exe (2.0.12.89)
    2012-11-13 SDUpdSvc.exe (2.0.12.76)
    2012-11-13 SDWelcome.exe (2.0.12.126)
    2012-11-13 SDWSCSvc.exe (2.0.12.2)
    2013-04-14 unins000.exe (51.1052.0.0)
    1999-12-02 xcacls.exe
    2012-08-23 borlndmm.dll (10.0.2288.42451)
    2012-09-05 DelZip190.dll (1.9.0.107)
    2012-09-10 libeay32.dll (1.0.0.4)
    2012-09-10 libssl32.dll (1.0.0.4)
    2012-11-13 SDAdvancedCheckLibrary.dll (2.0.12.98)
    2012-11-13 SDECon32.dll (2.0.12.113)
    2012-11-13 SDECon64.dll (2.0.12.113)
    2012-11-13 SDEvents.dll (2.0.12.2)
    2012-11-13 SDFileScanLibrary.dll (2.0.12.9)
    2012-11-13 SDHelper.dll (2.0.12.88)
    2012-11-13 SDImmunizeLibrary.dll (2.0.12.2)
    2012-11-13 SDLists.dll (2.0.12.4)
    2012-11-13 SDResources.dll (2.0.12.7)
    2012-11-13 SDScanLibrary.dll (2.0.12.131)
    2012-11-13 SDTasks.dll (2.0.12.15)
    2012-11-13 SDWinLogon.dll (2.0.12.0)
    2012-08-23 sqlite3.dll
    2012-09-10 ssleay32.dll (1.0.0.4)
    2012-11-13 Tools.dll (2.0.12.36)
    2012-11-13 UninsSrv.dll (2.0.12.52)
    2012-12-18 Includes\Adware.sbi (*)
    2013-04-09 Includes\AdwareC.sbi (*)
    2010-08-13 Includes\Cookies.sbi (*)
    2012-11-14 Includes\Dialer.sbi (*)
    2012-11-14 Includes\DialerC.sbi (*)
    2012-11-14 Includes\HeavyDuty.sbi (*)
    2012-11-14 Includes\Hijackers.sbi (*)
    2012-11-14 Includes\HijackersC.sbi (*)
    2012-11-14 Includes\iPhone.sbi (*)
    2012-11-14 Includes\Keyloggers.sbi (*)
    2012-12-18 Includes\KeyloggersC.sbi (*)
    2012-11-21 Includes\Malware.sbi (*)
    2013-04-09 Includes\MalwareC.sbi (*)
    2012-11-14 Includes\PUPS.sbi (*)
    2013-04-09 Includes\PUPSC.sbi (*)
    2012-11-14 Includes\Security.sbi (*)
    2012-11-14 Includes\SecurityC.sbi (*)
    2008-06-03 Includes\Spybots.sbi (*)
    2008-06-03 Includes\SpybotsC.sbi (*)
    2013-04-09 Includes\Spyware.sbi (*)
    2013-04-09 Includes\SpywareC.sbi (*)
    2011-06-07 Includes\Tracks.sbi (*)
    2012-11-19 Includes\Tracks.uti (*)
    2013-01-16 Includes\Trojans.sbi (*)
    2013-03-19 Includes\TrojansC-02.sbi (*)
    2013-04-09 Includes\TrojansC-03.sbi (*)
    2013-03-14 Includes\TrojansC-04.sbi (*)
    2012-11-14 Includes\TrojansC-05.sbi (*)
    2013-03-01 Includes\TrojansC.sbi (*)
    Last edited by tashi; 2013-04-22 at 17:29. Reason: Merged three posts as per forum FAQ

  2. #2
    Security Expert: Emeritus Blade81's Avatar
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    25,288

    Default

    Hi,

    Please post fresh dds.txt log.
    Microsoft Windows Insider MVP 2016-2020
    Microsoft MVP Consumer Security 2008-2015
    UNITE member since 2006

    If you have problems create a thread in the forum, please.

    Malware removal instructions are for the correspondent user's case only.

  3. #3
    Member egrogan1's Avatar
    Join Date
    Apr 2008
    Location
    Ireland
    Posts
    36

    Smile

    Many thanks for your help. Below is the new dds file

    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 9.0.8112.16476 BrowserJavaVersion: 10.21.2
    Run by Eoin at 16:59:45 on 2013-04-29
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.353.1033.18.3996.1937 [GMT 1:00]
    .
    AV: Avira Desktop *Enabled/Outdated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
    SP: Avira Desktop *Enabled/Outdated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\WLANExt.exe
    C:\Windows\System32\spoolsv.exe
    C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
    C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\toolbox\adblocker\ADBlockerSrv.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDSrv.exe
    C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Users\Eoin\AppData\Local\CrossLoop\CrossLoopService.exe
    C:\Windows\system32\taskhost.exe
    c:\Program Files\Intel\iCLS Client\HeciServer.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    C:\Windows\system32\mfevtps.exe
    C:\Windows\Explorer.EXE
    c:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
    C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
    C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
    C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
    C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\SysWOW64\DllHost.exe
    C:\Windows\SysWOW64\DllHost.exe
    C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
    C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Users\Eoin\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
    C:\Users\Eoin\AppData\Local\CrossLoop\CrossLoopConnect.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
    C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\System32\alg.exe
    C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
    C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe
    C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
    C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
    C:\Windows\system32\svchost.exe -k bthsvcs
    C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
    C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
    C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\toolbox\adblocker\ADBlockerTray.exe
    C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDTray.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
    C:\Program Files\Sony\VAIO Care\VCPerfService.exe
    C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
    C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\wuauclt.exe
    C:\Program Files\Sony\VAIO Improvement\vim.exe
    C:\Program Files\Sony\VAIO Care\VCService.exe
    C:\Program Files\Sony\VAIO Care\VCAgent.exe
    C:\Program Files\Sony\VAIO Improvement\vim.exe
    C:\Windows\System32\vds.exe
    C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
    C:\Program Files\Sony\VAIO Care\VCAdmin.exe
    C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\cvh.exe
    C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
    C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
    C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
    C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
    C:\Windows\system32\taskhost.exe
    C:\Program Files (x86)\Internet Explorer\IELowutil.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_169_ActiveX.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files\Sony\VAIO Care\listener.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.ie
    uLocal Page = hxxp://www.google.ie
    uWindow Title = Microsoft Internet Explorer
    uDefault_Page_URL = hxxp://vaioportal.sony.eu
    mStart Page = hxxp://www.google.ie
    mLocal Page = hxxp://www.google.ie
    mWindow Title = Microsoft Internet Explorer
    mDefault_Page_URL = hxxp://www.google.ie
    uProxyOverride = <local>;*.local
    mWinlogon: Userinit = userinit.exe
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
    BHO: BrOwwse2Saavei: {6CCA71BB-4A17-554A-7B2B-8905AEC189DF} - C:\ProgramData\BrOwwse2Saavei\516bf6e2604b1.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20121012182632.dll
    BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    uRun: [SkyDrive] "C:\Users\Eoin\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
    uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
    uRun: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
    uRun: [CrossLoop] "C:\Users\Eoin\AppData\Local\CrossLoop\CrossLoopConnect.exe" -ap=crossloop -port=5910 -udp=www.CrossLoop.com -webserver=server.crossloop.com -webservice=www.crossloop.com -startup=server -minimize
    mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
    mRun: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
    mRun: [PMBVolumeWatcher] c:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
    mRun: [MobileBroadband] C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe /silent
    mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
    mRun: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
    mRun: [ShaPlus Bandwidth Meter] "C:\Program Files (x86)\ShaPlus Bandwidth Meter\ShaPlus Bandwidth Meter.exe" /s
    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
    mRun: [ADBlocker] C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\toolbox\adblocker\ADBlockerTray.exe -tray
    mRun: [Anvi Smart Defender] C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDTray.exe
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    StartupFolder: C:\Users\Eoin\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE
    StartupFolder: C:\Users\Eoin\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\NCDOWN~1.LNK - C:\Program Files (x86)\Solibo Ltd\NCdownloader\NCdownloader.exe
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    mPolicies-System: SoftwareSASGeneration = dword:3
    .
    INFO: HKCU has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    .
    INFO: HKLM has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    TCP: Interfaces\{204075A0-3C79-4EC6-ADCB-9C1406296244} : DHCPNameServer = 8.8.4.4
    TCP: Interfaces\{4C67F788-B788-42CE-9E44-562ED4D265A7} : DHCPNameServer = 172.31.140.69 172.30.140.69
    TCP: Interfaces\{55606A95-2C0D-4635-8BB8-75C01926828F} : NameServer = 89.19.64.164 89.19.64.36
    TCP: Interfaces\{7787CE1A-FC98-4EEF-8D4C-2DBCEA5736EA}\54962736F6D6 : DHCPNameServer = 10.0.0.6
    TCP: Interfaces\{B91DE24D-00AD-4036-A20A-B54F260E9DE7} : NameServer = 89.19.64.164 89.19.64.36
    TCP: Interfaces\{F84F9782-03FD-4F96-9127-821FBC75F442} : NameServer = 89.19.64.36 89.19.64.164
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    Notify: SDWinLogon - SDWinLogon.dll
    SSODL: WebCheck - <orphaned>
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    x64-BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20121012182632.dll
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
    x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SONYAPO
    x64-Run: [AtherosBtStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
    x64-Run: [AthBtTray] "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
    x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
    x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
    x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
    x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
    x64-Run: [NetWorx] "C:\Users\Eoin\Downloads\networx_portable\64-bit\networx.exe" /auto
    .
    INFO: x64-HKLM has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
    x64-DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
    x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
    x64-Notify: igfxcui - igfxdev.dll
    x64-SSODL: WebCheck - <orphaned>
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Eoin\AppData\Roaming\Mozilla\Firefox\Profiles\kgt8vqf0.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://websearch.pu-results.info/?pid=726&r=2013/04/15&hid=665674988&lg=EN&cc=IE&l=1&q=
    FF - prefs.js: browser.search.selectedEngine - WebSearch
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.ie/
    FF - prefs.js: keyword.URL - hxxp://websearch.pu-results.info/?pid=726&r=2013/04/15&hid=665674988&lg=EN&cc=IE&l=1&q=
    FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
    FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll
    FF - plugin: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
    FF - plugin: C:\Program Files (x86)\Sony\Media Go\npmediago.dll
    FF - plugin: C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll
    FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
    FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
    FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
    FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R1 asdnet;asdnet;C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\toolbox\adblocker\sys\amd64\asdnet.sys [2013-4-15 19280]
    R1 asdrm;asdrm;C:\Windows\System32\drivers\asdrm.sys [2013-4-15 18768]
    R1 avkmgr;avkmgr;C:\Windows\System32\drivers\avkmgr.sys [2013-3-30 28600]
    R2 asdrs;AntiMalware Host-based Intrusion Prevention System;C:\Windows\System32\drivers\asdrs.sys [2013-4-15 23376]
    R2 asdws;AnviSmartDefender Web Guard;C:\Windows\System32\drivers\asdws.sys [2013-4-15 17232]
    R2 avgntflt;avgntflt;C:\Windows\System32\drivers\avgntflt.sys [2013-3-30 100712]
    R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\System32\drivers\ArcSoftKsUFilter.sys [2012-5-12 19968]
    R3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2012-2-23 36000]
    R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2012-2-23 339616]
    R3 btath_avdt;Atheros Bluetooth AVDT Service;C:\Windows\System32\drivers\btath_avdt.sys [2012-2-23 110752]
    R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2012-2-23 30368]
    R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2012-2-23 167584]
    R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2012-2-23 68256]
    R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2012-2-23 280992]
    R3 BTATH_VDP;Bluetooth VDP Driver;C:\Windows\System32\drivers\btath_vdp.sys [2012-2-23 421664]
    R3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2012-2-23 550560]
    R3 ew_usbenumfilter;huawei_CompositeFilter;C:\Windows\System32\drivers\ew_usbenumfilter.sys [2012-10-12 13952]
    R3 huawei_cdcacm;huawei_cdcacm;C:\Windows\System32\drivers\ew_jucdcacm.sys [2012-10-12 98816]
    S3 ATHDFU;Atheros Valkyrie USB BootROM;C:\Windows\System32\drivers\AthDfu.sys [2012-2-23 51872]
    S3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2011-8-15 65264]
    S3 e1yexpress;Intel(R) Gigabit Network Connections Driver;C:\Windows\System32\drivers\e1y60x64.sys [2009-6-10 281088]
    S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\Windows\System32\drivers\ew_hwusbdev.sys [2012-10-12 117248]
    .
    =============== File Associations ===============
    .
    FileExt: .vbs: VBSFile=C:\Windows\SysWow64\WScript.exe "%1" %*
    FileExt: .js: jsfile=C:\Windows\SysWow64\WScript.exe "%1" %*
    .
    =============== Created Last 30 ================
    .
    2013-04-25 21:02:09 -------- d-----w- C:\Users\Eoin\AppData\Local\{ED53CFDC-939E-490D-B5FE-0109566D5955}
    2013-04-24 10:24:50 -------- d-----w- C:\Users\Eoin\AppData\Local\{3C2EF2D8-C77C-4509-9D85-83B244C5D50E}
    2013-04-23 13:18:06 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
    2013-04-23 10:10:12 -------- d-----w- C:\Users\Eoin\AppData\Local\{057902C9-86B9-4A67-A371-792D4676ED0A}
    2013-04-22 10:45:28 -------- d-----w- C:\Users\Eoin\AppData\Roaming\NCdownloader
    2013-04-22 09:58:11 -------- d-----w- C:\Users\Eoin\AppData\Local\{B9B0DAAC-1BD0-4027-AD7E-F953F5C3472E}
    2013-04-21 21:45:25 -------- d-----w- C:\Users\Eoin\AppData\Local\{EC477530-4A7A-4DEC-8BF8-29C6214C03B2}
    2013-04-20 21:07:12 -------- d-----w- C:\Users\Eoin\AppData\Local\CrossLoop
    2013-04-20 20:29:58 -------- d-----w- C:\Program Files\CCleaner
    2013-04-20 19:35:42 -------- d-----w- C:\Users\Eoin\AppData\Local\{9714F002-CD9D-426F-AE32-8ADF0C2429E9}
    2013-04-18 15:10:38 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{804BF8CC-918A-4124-A831-56239B848A4C}\offreg.dll
    2013-04-18 15:06:08 9311288 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{804BF8CC-918A-4124-A831-56239B848A4C}\mpengine.dll
    2013-04-15 18:48:21 -------- d-----w- C:\Users\Eoin\AppData\Roaming\Anvisoft
    2013-04-15 18:48:08 23376 ----a-w- C:\Windows\System32\drivers\asdrs.sys
    2013-04-15 18:48:08 18768 ----a-w- C:\Windows\System32\drivers\asdrm.sys
    2013-04-15 18:48:08 17232 ----a-w- C:\Windows\System32\drivers\asdws.sys
    2013-04-15 18:47:48 -------- d-----w- C:\ProgramData\Anvisoft
    2013-04-15 18:47:44 -------- d-----w- C:\Program Files (x86)\Anvisoft
    2013-04-15 12:10:29 -------- d-----w- C:\ProgramData\SeaaRchh--NewTAb
    2013-04-15 12:10:11 -------- d-----w- C:\ProgramData\BrOwwse2Saavei
    2013-04-15 12:09:53 -------- d-----w- C:\Windows\SysWow64\X86
    2013-04-15 12:09:53 -------- d-----w- C:\Windows\SysWow64\AMD64
    2013-04-15 12:09:53 -------- d-----w- C:\Program Files (x86)\Solibo Ltd
    2013-04-15 12:09:22 -------- d-----w- C:\ProgramData\InstallMate
    2013-04-15 10:15:25 -------- d-----w- C:\Users\Eoin\AppData\Local\{ED471A26-CA0C-48A0-8EB4-A93CC3163F57}
    2013-04-15 09:02:38 424448 ----a-w- C:\Windows\System32\KernelBase.dll
    2013-04-15 09:01:10 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
    2013-04-15 09:01:10 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
    2013-04-15 09:01:10 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
    2013-04-15 09:01:10 215040 ----a-w- C:\Windows\System32\winsrv.dll
    2013-04-15 09:01:10 2048 ----a-w- C:\Windows\SysWow64\user.exe
    2013-04-15 09:01:10 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
    2013-04-15 09:01:07 307200 ----a-w- C:\Windows\System32\ncrypt.dll
    2013-04-15 09:01:07 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
    2013-04-15 09:00:06 288088 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
    2013-04-15 09:00:06 1913192 ----a-w- C:\Windows\System32\drivers\tcpip.sys
    2013-04-15 09:00:02 2002432 ----a-w- C:\Windows\System32\msxml6.dll
    2013-04-15 09:00:01 1882624 ----a-w- C:\Windows\System32\msxml3.dll
    2013-04-15 09:00:01 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll
    2013-04-15 09:00:01 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
    2013-04-15 08:58:54 800768 ----a-w- C:\Windows\System32\usp10.dll
    2013-04-15 08:58:54 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
    2013-04-15 08:57:52 68608 ----a-w- C:\Windows\System32\taskhost.exe
    2013-04-15 08:57:51 750592 ----a-w- C:\Windows\System32\win32spl.dll
    2013-04-15 08:57:50 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll
    2013-04-15 08:57:00 3153408 ----a-w- C:\Windows\System32\win32k.sys
    2013-04-15 08:56:59 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe
    2013-04-15 08:56:58 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
    2013-04-15 08:56:58 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
    2013-04-15 08:56:57 112640 ----a-w- C:\Windows\System32\smss.exe
    2013-04-15 08:56:56 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll
    2013-04-15 08:56:56 43520 ----a-w- C:\Windows\System32\csrsrv.dll
    2013-04-15 08:56:00 223752 ----a-w- C:\Windows\System32\drivers\fvevol.sys
    2013-04-14 13:01:23 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
    2013-04-14 13:01:11 17272 ----a-w- C:\Windows\System32\sdnclean64.exe
    2013-04-14 13:01:06 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
    2013-04-14 13:00:21 -------- d-----w- C:\Users\Eoin\AppData\Local\Programs
    2013-04-08 20:48:41 -------- d-----w- C:\Users\Eoin\AppData\Local\{9D7FCF6B-2783-43C4-ABC2-4D9561264A86}
    2013-04-01 15:46:03 861088 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
    .
    ==================== Find3M ====================
    .
    2013-04-28 21:39:51 60 ----a-w- C:\Windows\wpd99.drv
    2013-04-23 16:48:48 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2013-04-23 16:48:48 691592 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2013-04-01 15:45:37 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll
    2013-03-30 01:03:41 28600 ----a-w- C:\Windows\System32\drivers\avkmgr.sys
    2013-03-30 01:03:41 100712 ----a-w- C:\Windows\System32\drivers\avgntflt.sys
    2013-03-12 00:10:56 282744 ------w- C:\Windows\System32\MpSigStub.exe
    2013-02-22 06:27:49 2312704 ----a-w- C:\Windows\System32\jscript9.dll
    2013-02-22 06:20:51 1392128 ----a-w- C:\Windows\System32\wininet.dll
    2013-02-22 06:19:37 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
    2013-02-22 06:15:48 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
    2013-02-22 06:15:23 599040 ----a-w- C:\Windows\System32\vbscript.dll
    2013-02-22 06:12:41 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
    2013-02-22 03:46:00 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2013-02-22 03:38:00 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
    2013-02-22 03:37:50 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2013-02-22 03:34:17 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
    2013-02-22 03:34:03 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
    2013-02-22 03:31:46 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2013-02-12 05:45:24 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
    2013-02-12 05:45:22 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
    2013-02-12 05:45:22 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
    2013-02-12 05:45:22 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
    2013-02-12 04:48:31 474112 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
    2013-02-12 04:48:26 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
    .
    ============= FINISH: 17:04:05.48 ===============

  4. #4
    Security Expert: Emeritus Blade81's Avatar
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    25,288

    Default

    Hi


    Please visit this webpage for download links, and instructions for running ComboFix tool:

    http://www.bleepingcomputer.com/comb...o-use-combofix

    Please ensure you read this guide carefully first.

    Please continue as follows:

    1. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix, link
      Remember to re-enable them afterwards.

    2. Click Yes to allow ComboFix to continue scanning for malware.


    When the tool is finished, it will produce a report for you.

    Please include the following reports for further review, and so we may continue cleansing the system:

    C:\ComboFix.txt
    New dds log.


    A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix. This tool is not a toy and not for everyday use.
    Microsoft Windows Insider MVP 2016-2020
    Microsoft MVP Consumer Security 2008-2015
    UNITE member since 2006

    If you have problems create a thread in the forum, please.

    Malware removal instructions are for the correspondent user's case only.

  5. #5
    Member egrogan1's Avatar
    Join Date
    Apr 2008
    Location
    Ireland
    Posts
    36

    Default dds and combofix

    ComboFix 13-04-29.01 - Eoin 30/04/2013 21:49:09.1.4 - x64
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.353.1033.18.3996.2381 [GMT 1:00]
    Running from: C:\Users\Eoin\Desktop\ComboFix.exe
    AV: Avira Desktop *Disabled/Outdated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
    SP: Avira Desktop *Disabled/Outdated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
    SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}


    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


    C:\ProgramData\BrOwwse2Saavei
    C:\ProgramData\BrOwwse2Saavei\516bf6e2604b1.dll
    C:\ProgramData\BrOwwse2Saavei\516bf6e2604b1.tlb
    C:\ProgramData\BrOwwse2Saavei\settings.ini
    C:\ProgramData\BrOwwse2Saavei\uninstall.exe
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BrOwwse2Saavei
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BrOwwse2Saavei\BrOwwse2Saavei.lnk
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BrOwwse2Saavei\Uninstall.lnk
    C:\ProgramData\SeaaRchh--NewTAb
    C:\ProgramData\SeaaRchh--NewTAb\516bf70307b9b.dll
    C:\ProgramData\SeaaRchh--NewTAb\516bf70307b9b.tlb
    C:\ProgramData\SeaaRchh--NewTAb\settings.ini
    C:\Windows\SysWow64\X86
    C:\Windows\wininit.ini


    ((((((((((((((((((((((((( Files Created from 2013-03-28 to 2013-04-30 )))))))))))))))))))))))))))))))


    2013-04-30 21:10:10 . 2013-04-30 21:10:10 -------- d-----w- C:\Users\Default\AppData\Local\temp
    2013-04-23 15:38:04 . 2013-04-23 15:38:08 -------- d-----w- C:\Windows\LastGood
    2013-04-23 13:18:31 . 2013-04-23 13:18:31 -------- d-----w- C:\Program Files (x86)\Common Files\Java
    2013-04-23 13:18:06 . 2013-04-04 04:35:05 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
    2013-04-22 10:45:28 . 2013-04-22 10:45:28 -------- d-----w- C:\Users\Eoin\AppData\Roaming\NCdownloader
    2013-04-22 10:02:58 . 2013-04-22 10:03:05 -------- d-----w- C:\Program Files (x86)\ERUNT
    2013-04-20 21:07:12 . 2013-04-23 09:58:50 -------- d-----w- C:\Users\Eoin\AppData\Local\CrossLoop
    2013-04-20 20:54:43 . 2013-04-22 10:01:56 -------- d-----w- C:\Users\Eoin\AppData\Roaming\Skype
    2013-04-20 20:29:58 . 2013-04-20 20:30:03 -------- d-----w- C:\Program Files\CCleaner
    2013-04-18 15:10:38 . 2013-04-23 16:53:09 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{804BF8CC-918A-4124-A831-56239B848A4C}\offreg.dll
    2013-04-18 15:06:08 . 2013-03-15 06:28:52 9311288 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{804BF8CC-918A-4124-A831-56239B848A4C}\mpengine.dll
    2013-04-15 18:48:21 . 2013-04-15 18:48:21 -------- d-----w- C:\Users\Eoin\AppData\Roaming\Anvisoft
    2013-04-15 18:48:08 . 2012-11-07 07:16:18 17232 ----a-w- C:\Windows\system32\drivers\asdws.sys
    2013-04-15 18:48:08 . 2012-11-07 07:16:16 23376 ----a-w- C:\Windows\system32\drivers\asdrs.sys
    2013-04-15 18:48:08 . 2012-11-07 07:16:16 18768 ----a-w- C:\Windows\system32\drivers\asdrm.sys
    2013-04-15 18:47:48 . 2013-04-15 18:47:48 -------- d-----w- C:\ProgramData\Anvisoft
    2013-04-15 18:47:44 . 2013-04-15 18:47:44 -------- d-----w- C:\Program Files (x86)\Anvisoft
    2013-04-15 12:09:53 . 2013-04-15 12:09:53 -------- d-----w- C:\Windows\SysWow64\AMD64
    2013-04-15 12:09:53 . 2013-04-15 12:09:53 -------- d-----w- C:\Program Files (x86)\Solibo Ltd
    2013-04-15 12:09:22 . 2013-04-15 12:10:34 -------- d-----w- C:\ProgramData\InstallMate
    2013-04-15 09:15:58 . 2013-02-22 06:57:13 17817088 ----a-w- C:\Windows\system32\mshtml.dll
    2013-04-15 09:15:56 . 2013-02-22 06:29:21 10925568 ----a-w- C:\Windows\system32\ieframe.dll
    2013-04-15 09:07:41 . 2013-04-15 09:07:41 -------- d-----w- C:\Program Files\Microsoft Silverlight
    2013-04-15 09:07:41 . 2013-04-15 09:07:41 -------- d-----w- C:\Program Files (x86)\Microsoft Silverlight
    2013-04-15 09:02:38 . 2012-11-30 05:41:07 424448 ----a-w- C:\Windows\system32\KernelBase.dll
    2013-04-15 09:01:10 . 2013-01-04 05:46:09 215040 ----a-w- C:\Windows\system32\winsrv.dll
    2013-04-15 09:01:10 . 2013-01-04 04:51:16 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
    2013-04-15 09:01:10 . 2013-01-04 02:47:35 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
    2013-04-15 09:01:10 . 2013-01-04 02:47:34 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
    2013-04-15 09:01:10 . 2013-01-04 02:47:34 2048 ----a-w- C:\Windows\SysWow64\user.exe
    2013-04-15 09:01:10 . 2013-01-04 02:47:33 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
    2013-04-15 09:01:07 . 2012-11-20 05:48:49 307200 ----a-w- C:\Windows\system32\ncrypt.dll
    2013-04-15 09:01:07 . 2012-11-20 04:51:09 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
    2013-04-15 09:00:06 . 2013-01-03 06:00:54 1913192 ----a-w- C:\Windows\system32\drivers\tcpip.sys
    2013-04-15 09:00:06 . 2013-01-03 06:00:42 288088 ----a-w- C:\Windows\system32\drivers\FWPKCLNT.SYS
    2013-04-15 09:00:02 . 2012-11-01 05:43:42 2002432 ----a-w- C:\Windows\system32\msxml6.dll
    2013-04-15 09:00:01 . 2012-11-01 05:43:42 1882624 ----a-w- C:\Windows\system32\msxml3.dll
    2013-04-15 09:00:01 . 2012-11-01 04:47:54 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll
    2013-04-15 09:00:01 . 2012-11-01 04:47:54 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
    2013-04-15 08:58:54 . 2012-11-22 05:44:23 800768 ----a-w- C:\Windows\system32\usp10.dll
    2013-04-15 08:58:54 . 2012-11-22 04:45:03 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
    2013-04-15 08:57:52 . 2012-11-23 03:13:57 68608 ----a-w- C:\Windows\system32\taskhost.exe
    2013-04-15 08:57:51 . 2012-11-09 05:45:32 750592 ----a-w- C:\Windows\system32\win32spl.dll
    2013-04-15 08:57:50 . 2012-11-09 04:43:04 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll
    2013-04-15 08:57:00 . 2013-03-01 03:36:04 3153408 ----a-w- C:\Windows\system32\win32k.sys
    2013-04-15 08:56:59 . 2013-03-19 06:04:06 5550424 ----a-w- C:\Windows\system32\ntoskrnl.exe
    2013-04-15 08:56:58 . 2013-03-19 05:04:13 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
    2013-04-15 08:56:58 . 2013-03-19 05:04:10 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
    2013-04-15 08:56:57 . 2013-03-19 03:06:33 112640 ----a-w- C:\Windows\system32\smss.exe
    2013-04-15 08:56:56 . 2013-03-19 05:46:56 43520 ----a-w- C:\Windows\system32\csrsrv.dll
    2013-04-15 08:56:56 . 2013-03-19 04:47:50 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll
    2013-04-15 08:56:00 . 2013-01-24 06:01:01 223752 ----a-w- C:\Windows\system32\drivers\fvevol.sys
    2013-04-14 13:01:23 . 2013-04-22 10:50:22 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
    2013-04-14 13:01:11 . 2009-01-25 11:14:02 17272 ----a-w- C:\Windows\system32\sdnclean64.exe
    2013-04-14 13:01:06 . 2013-04-14 13:01:20 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
    2013-04-14 13:00:21 . 2013-04-14 13:00:21 -------- d-----w- C:\Users\Eoin\AppData\Local\Programs
    2013-04-01 15:46:03 . 2013-04-01 15:45:37 861088 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
    2013-04-01 15:45:36 . 2013-04-23 13:18:06 -------- d-----w- C:\Program Files (x86)\Java
    .


    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

    2013-04-23 16:48:48 . 2012-05-12 09:28:58 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2013-04-23 16:48:48 . 2012-05-12 09:28:58 691592 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2013-04-01 18:58:38 . 2012-12-25 13:47:49 72702784 ----a-w- C:\Windows\system32\MRT.exe
    2013-04-01 15:45:37 . 2012-05-12 09:11:53 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll
    2013-03-30 01:03:41 . 2013-03-30 01:03:47 28600 ----a-w- C:\Windows\system32\drivers\avkmgr.sys
    2013-03-30 01:03:41 . 2013-03-30 01:03:47 130016 ----a-w- C:\Windows\system32\drivers\avipbb.sys
    2013-03-30 01:03:41 . 2013-03-30 01:03:47 100712 ----a-w- C:\Windows\system32\drivers\avgntflt.sys
    2013-03-12 00:10:56 . 2010-11-21 03:27:21 282744 ------w- C:\Windows\system32\MpSigStub.exe
    2013-02-12 05:45:24 . 2013-04-15 08:59:55 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
    2013-02-12 05:45:22 . 2013-04-15 08:59:56 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
    2013-02-12 05:45:22 . 2013-04-15 08:59:55 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
    2013-02-12 05:45:22 . 2013-04-15 08:59:55 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
    2013-02-12 04:48:31 . 2013-04-15 08:59:56 474112 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
    2013-02-12 04:48:26 . 2013-04-15 08:59:56 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll






    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 9.0.8112.16476 BrowserJavaVersion: 10.21.2
    Run by Eoin at 22:32:29 on 2013-04-30
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.353.1033.18.3996.1864 [GMT 1:00]
    .
    AV: Avira Desktop *Disabled/Outdated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
    SP: Avira Desktop *Disabled/Outdated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\WLANExt.exe
    C:\Windows\System32\spoolsv.exe
    C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
    C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\toolbox\adblocker\ADBlockerSrv.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDSrv.exe
    C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskhost.exe
    c:\Program Files\Intel\iCLS Client\HeciServer.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    C:\Windows\system32\mfevtps.exe
    C:\Windows\Explorer.EXE
    c:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
    C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
    C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
    C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
    C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
    C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
    C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\System32\alg.exe
    C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
    C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
    C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
    C:\Windows\system32\svchost.exe -k bthsvcs
    C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
    C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
    C:\Program Files\Sony\VAIO Care\VCPerfService.exe
    C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
    C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\wuauclt.exe
    C:\Program Files\Sony\VAIO Improvement\vim.exe
    C:\Program Files\Sony\VAIO Care\VCService.exe
    C:\Program Files\Sony\VAIO Care\VCAgent.exe
    C:\Windows\System32\vds.exe
    C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
    C:\Program Files\Sony\VAIO Care\VCAdmin.exe
    C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\cvh.exe
    C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
    C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
    C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
    C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
    C:\Windows\system32\taskhost.exe
    C:\Program Files (x86)\Internet Explorer\IELowutil.exe
    C:\Program Files\Sony\VAIO Care\listener.exe
    C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
    C:\ComboFix\CF7837.3XE
    C:\Windows\system32\NOTEPAD.EXE
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_169_ActiveX.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\SysWow64\cmd.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\ComboFix\pev.3XE
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.ie
    uLocal Page = hxxp://www.google.ie
    mStart Page = hxxp://www.google.ie
    mLocal Page = hxxp://www.google.ie
    mWindow Title = Microsoft Internet Explorer
    mDefault_Page_URL = hxxp://www.google.ie
    uProxyOverride = <local>;*.local
    mWinlogon: Userinit = userinit.exe
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
    BHO: BrOwwse2Saavei: {6CCA71BB-4A17-554A-7B2B-8905AEC189DF} -
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20121012182632.dll
    BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    uRun: [SkyDrive] "C:\Users\Eoin\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
    uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
    uRun: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
    uRun: [CrossLoop] "C:\Users\Eoin\AppData\Local\CrossLoop\CrossLoopConnect.exe" -ap=crossloop -port=5910 -udp=www.CrossLoop.com -webserver=server.crossloop.com -webservice=www.crossloop.com -startup=server -minimize
    mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
    mRun: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
    mRun: [PMBVolumeWatcher] c:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
    mRun: [MobileBroadband] C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe /silent
    mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
    mRun: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
    mRun: [ShaPlus Bandwidth Meter] "C:\Program Files (x86)\ShaPlus Bandwidth Meter\ShaPlus Bandwidth Meter.exe" /s
    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
    mRun: [ADBlocker] C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\toolbox\adblocker\ADBlockerTray.exe -tray
    mRun: [Anvi Smart Defender] C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDTray.exe
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    StartupFolder: C:\Users\Eoin\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE
    StartupFolder: C:\Users\Eoin\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\NCDOWN~1.LNK - C:\Program Files (x86)\Solibo Ltd\NCdownloader\NCdownloader.exe
    uPolicies-Explorer: NoDrives = dword:0
    mPolicies-Explorer: NoDrives = dword:0
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    mPolicies-System: SoftwareSASGeneration = dword:3
    .
    INFO: HKCU has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    .
    INFO: HKLM has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    TCP: Interfaces\{204075A0-3C79-4EC6-ADCB-9C1406296244} : DHCPNameServer = 8.8.4.4
    TCP: Interfaces\{4C67F788-B788-42CE-9E44-562ED4D265A7} : DHCPNameServer = 172.31.140.69 172.30.140.69
    TCP: Interfaces\{55606A95-2C0D-4635-8BB8-75C01926828F} : NameServer = 89.19.64.164 89.19.64.36
    TCP: Interfaces\{7787CE1A-FC98-4EEF-8D4C-2DBCEA5736EA}\54962736F6D6 : DHCPNameServer = 10.0.0.6
    TCP: Interfaces\{B91DE24D-00AD-4036-A20A-B54F260E9DE7} : NameServer = 89.19.64.164 89.19.64.36
    TCP: Interfaces\{F84F9782-03FD-4F96-9127-821FBC75F442} : NameServer = 89.19.64.36 89.19.64.164
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    Notify: SDWinLogon - SDWinLogon.dll
    SSODL: WebCheck - <orphaned>
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    x64-BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20121012182632.dll
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
    x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SONYAPO
    x64-Run: [AtherosBtStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
    x64-Run: [AthBtTray] "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
    x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
    x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
    x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
    x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
    x64-Run: [NetWorx] "C:\Users\Eoin\Downloads\networx_portable\64-bit\networx.exe" /auto
    .
    INFO: x64-HKLM has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
    x64-DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
    x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
    x64-Notify: igfxcui - igfxdev.dll
    x64-SSODL: WebCheck - <orphaned>
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Eoin\AppData\Roaming\Mozilla\Firefox\Profiles\kgt8vqf0.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://websearch.pu-results.info/?pid=726&r=2013/04/15&hid=665674988&lg=EN&cc=IE&l=1&q=
    FF - prefs.js: browser.search.selectedEngine - WebSearch
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.ie/
    FF - prefs.js: keyword.URL - hxxp://websearch.pu-results.info/?pid=726&r=2013/04/15&hid=665674988&lg=EN&cc=IE&l=1&q=
    FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
    FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll
    FF - plugin: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
    FF - plugin: C:\Program Files (x86)\Sony\Media Go\npmediago.dll
    FF - plugin: C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll
    FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
    FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
    FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
    FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2012-2-28 16152]
    R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2011-8-15 647208]
    R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2011-8-15 289664]
    R1 asdnet;asdnet;C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\toolbox\adblocker\sys\amd64\asdnet.sys [2013-4-15 19280]
    R1 asdrm;asdrm;C:\Windows\System32\drivers\asdrm.sys [2013-4-15 18768]
    R1 avkmgr;avkmgr;C:\Windows\System32\drivers\avkmgr.sys [2013-3-30 28600]
    R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\System32\drivers\mfenlfk.sys [2011-8-15 75936]
    R2 ADBlockerSrv;AD Blocker Service;C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\toolbox\adblocker\ADBlockerSrv.exe [2013-4-15 279368]
    R2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2012-11-16 86752]
    R2 AntiVirService;Avira Real-Time Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2012-11-16 110816]
    R2 asdrs;AntiMalware Host-based Intrusion Prevention System;C:\Windows\System32\drivers\asdrs.sys [2013-4-15 23376]
    R2 asdsrv;Anvi Smart Defender Realtime Guard Service;C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDSrv.exe [2012-12-21 735592]
    R2 asdws;AnviSmartDefender Web Guard;C:\Windows\System32\drivers\asdws.sys [2013-4-15 17232]
    R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2012-2-23 106144]
    R2 avgntflt;avgntflt;C:\Windows\System32\drivers\avgntflt.sys [2013-3-30 100712]
    R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
    R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-5-12 13592]
    R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-5-12 2429544]
    R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-2-2 628448]
    R2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-5-12 128280]
    R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-5-12 161560]
    R2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\systemcore\mcshield.exe [2012-5-12 199304]
    R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\systemcore\mfefire.exe [2012-5-12 210616]
    R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2012-5-12 162224]
    R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2012-2-21 473960]
    R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2012-11-29 38608]
    R2 SampleCollector;VAIO Care Performance Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2011-11-30 260768]
    R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-4-14 1103392]
    R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-4-14 1369624]
    R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-4-14 168384]
    R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
    R2 uCamMonitor;CamMonitor;C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2012-5-12 105024]
    R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-5-12 363800]
    R2 VmbService;Vodafone Mobile Broadband Service;C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe [2011-5-23 9216]
    R2 VSNService;VSNService;C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2012-5-12 978056]
    R2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2012-2-23 158880]
    R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\System32\drivers\ArcSoftKsUFilter.sys [2012-5-12 19968]
    R3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2012-2-23 36000]
    R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2012-2-23 339616]
    R3 btath_avdt;Atheros Bluetooth AVDT Service;C:\Windows\System32\drivers\btath_avdt.sys [2012-2-23 110752]
    R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2012-2-23 30368]
    R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2012-2-23 167584]
    R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2012-2-23 68256]
    R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2012-2-23 280992]
    R3 BTATH_VDP;Bluetooth VDP Driver;C:\Windows\System32\drivers\btath_vdp.sys [2012-2-23 421664]
    R3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2012-2-23 550560]
    R3 ew_usbenumfilter;huawei_CompositeFilter;C:\Windows\System32\drivers\ew_usbenumfilter.sys [2012-10-12 13952]
    R3 huawei_cdcacm;huawei_cdcacm;C:\Windows\System32\drivers\ew_jucdcacm.sys [2012-10-12 98816]
    R3 huawei_enumerator;huawei_enumerator;C:\Windows\System32\drivers\ew_jubusenum.sys [2012-10-12 86016]
    R3 huawei_ext_ctrl;huawei_ext_ctrl;C:\Windows\System32\drivers\ew_juextctrl.sys [2012-10-12 28672]
    R3 huawei_wwanecm;huawei_wwanecm;C:\Windows\System32\drivers\ew_juwwanecm.sys [2012-10-12 213504]
    R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-3-14 331264]
    R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2012-2-28 356120]
    R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2012-2-28 787736]
    R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2011-8-15 229528]
    R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2011-8-15 487296]
    R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2012-5-12 339048]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-2-27 675432]
    R3 SFEP;Sony Firmware Extension Parser;C:\Windows\System32\drivers\SFEP.sys [2012-1-16 14336]
    R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]
    R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]
    R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]
    R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]
    R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
    R3 VCService;VCService;C:\Program Files\Sony\VAIO Care\VCService.exe [2012-1-20 54432]
    R3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update Common\VUAgent.exe [2012-1-13 1256040]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 CrossLoopService;CrossLoop Service;C:\Users\Eoin\AppData\Local\CrossLoop\CrossLoopService.exe [2013-4-20 569072]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
    S3 ATHDFU;Atheros Valkyrie USB BootROM;C:\Windows\System32\drivers\AthDfu.sys [2012-2-23 51872]
    S3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2011-8-15 65264]
    S3 DCDhcpService;DCDhcpService;C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [2012-5-12 112256]
    S3 e1yexpress;Intel(R) Gigabit Network Connections Driver;C:\Windows\System32\drivers\e1y60x64.sys [2009-6-10 281088]
    S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\Windows\System32\drivers\ew_hwusbdev.sys [2012-10-12 117248]
    S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
    S3 lehidmini;Bluetooth Low Energy Hid Device;C:\Windows\System32\drivers\leath_hid.sys [2012-2-23 36128]
    S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\System32\drivers\mferkdet.sys [2011-8-15 100912]
    S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2012-3-26 22528]
    S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-12-25 19456]
    S3 SmbDrv;SmbDrv;C:\Windows\System32\drivers\Smb_driver.sys [2012-3-14 21264]
    S3 SOHCImp;VAIO Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2012-1-6 138392]
    S3 SOHDs;VAIO Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2012-1-6 74904]
    S3 SpfService;VAIO Entertainment Common Service;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-12-1 289952]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-12-25 57856]
    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-12-25 30208]
    S3 tvnserver;TightVNC Server;C:\Users\Eoin\AppData\Local\CrossLoop\tvnserver.exe [2013-4-20 814080]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
    S3 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2012-5-12 535688]
    S3 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-12-29 960160]
    S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-12-21 550128]
    S3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2011-12-21 382720]
    S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-8-26 101600]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-10-15 1255736]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
    .
    =============== Created Last 30 ================
    .
    2013-04-30 20:45:51 98816 ----a-w- C:\Windows\sed.exe
    2013-04-30 20:45:51 256000 ----a-w- C:\Windows\PEV.exe
    2013-04-30 20:45:51 208896 ----a-w- C:\Windows\MBR.exe
    2013-04-30 20:45:43 -------- d-----w- C:\ComboFix
    2013-04-25 21:02:09 -------- d-----w- C:\Users\Eoin\AppData\Local\{ED53CFDC-939E-490D-B5FE-0109566D5955}
    2013-04-24 10:24:50 -------- d-----w- C:\Users\Eoin\AppData\Local\{3C2EF2D8-C77C-4509-9D85-83B244C5D50E}
    2013-04-23 13:18:06 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
    2013-04-23 10:10:12 -------- d-----w- C:\Users\Eoin\AppData\Local\{057902C9-86B9-4A67-A371-792D4676ED0A}
    2013-04-22 10:45:28 -------- d-----w- C:\Users\Eoin\AppData\Roaming\NCdownloader
    2013-04-22 09:58:11 -------- d-----w- C:\Users\Eoin\AppData\Local\{B9B0DAAC-1BD0-4027-AD7E-F953F5C3472E}
    2013-04-21 21:45:25 -------- d-----w- C:\Users\Eoin\AppData\Local\{EC477530-4A7A-4DEC-8BF8-29C6214C03B2}
    2013-04-20 21:07:12 -------- d-----w- C:\Users\Eoin\AppData\Local\CrossLoop
    2013-04-20 20:29:58 -------- d-----w- C:\Program Files\CCleaner
    2013-04-20 19:35:42 -------- d-----w- C:\Users\Eoin\AppData\Local\{9714F002-CD9D-426F-AE32-8ADF0C2429E9}
    2013-04-18 15:10:38 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{804BF8CC-918A-4124-A831-56239B848A4C}\offreg.dll
    2013-04-18 15:06:08 9311288 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{804BF8CC-918A-4124-A831-56239B848A4C}\mpengine.dll
    2013-04-15 18:48:21 -------- d-----w- C:\Users\Eoin\AppData\Roaming\Anvisoft
    2013-04-15 18:48:08 23376 ----a-w- C:\Windows\System32\drivers\asdrs.sys
    2013-04-15 18:48:08 18768 ----a-w- C:\Windows\System32\drivers\asdrm.sys
    2013-04-15 18:48:08 17232 ----a-w- C:\Windows\System32\drivers\asdws.sys
    2013-04-15 18:47:48 -------- d-----w- C:\ProgramData\Anvisoft
    2013-04-15 18:47:44 -------- d-----w- C:\Program Files (x86)\Anvisoft
    2013-04-15 12:09:53 -------- d-----w- C:\Windows\SysWow64\AMD64
    2013-04-15 12:09:53 -------- d-----w- C:\Program Files (x86)\Solibo Ltd
    2013-04-15 12:09:22 -------- d-----w- C:\ProgramData\InstallMate
    2013-04-15 10:15:25 -------- d-----w- C:\Users\Eoin\AppData\Local\{ED471A26-CA0C-48A0-8EB4-A93CC3163F57}
    2013-04-15 09:02:38 424448 ----a-w- C:\Windows\System32\KernelBase.dll
    2013-04-15 09:01:10 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
    2013-04-15 09:01:10 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
    2013-04-15 09:01:10 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
    2013-04-15 09:01:10 215040 ----a-w- C:\Windows\System32\winsrv.dll
    2013-04-15 09:01:10 2048 ----a-w- C:\Windows\SysWow64\user.exe
    2013-04-15 09:01:10 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
    2013-04-15 09:01:07 307200 ----a-w- C:\Windows\System32\ncrypt.dll
    2013-04-15 09:01:07 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
    2013-04-15 09:00:06 288088 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
    2013-04-15 09:00:06 1913192 ----a-w- C:\Windows\System32\drivers\tcpip.sys
    2013-04-15 09:00:02 2002432 ----a-w- C:\Windows\System32\msxml6.dll
    2013-04-15 09:00:01 1882624 ----a-w- C:\Windows\System32\msxml3.dll
    2013-04-15 09:00:01 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll
    2013-04-15 09:00:01 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
    2013-04-15 08:58:54 800768 ----a-w- C:\Windows\System32\usp10.dll
    2013-04-15 08:58:54 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
    2013-04-15 08:57:52 68608 ----a-w- C:\Windows\System32\taskhost.exe
    2013-04-15 08:57:51 750592 ----a-w- C:\Windows\System32\win32spl.dll
    2013-04-15 08:57:50 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll
    2013-04-15 08:57:00 3153408 ----a-w- C:\Windows\System32\win32k.sys
    2013-04-15 08:56:59 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe
    2013-04-15 08:56:58 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
    2013-04-15 08:56:58 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
    2013-04-15 08:56:57 112640 ----a-w- C:\Windows\System32\smss.exe
    2013-04-15 08:56:56 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll
    2013-04-15 08:56:56 43520 ----a-w- C:\Windows\System32\csrsrv.dll
    2013-04-15 08:56:00 223752 ----a-w- C:\Windows\System32\drivers\fvevol.sys
    2013-04-14 13:01:23 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
    2013-04-14 13:01:11 17272 ----a-w- C:\Windows\System32\sdnclean64.exe
    2013-04-14 13:01:06 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
    2013-04-14 13:00:21 -------- d-----w- C:\Users\Eoin\AppData\Local\Programs
    2013-04-08 20:48:41 -------- d-----w- C:\Users\Eoin\AppData\Local\{9D7FCF6B-2783-43C4-ABC2-4D9561264A86}
    2013-04-01 15:46:03 861088 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
    .
    ==================== Find3M ====================
    .
    2013-04-28 21:39:51 60 ----a-w- C:\Windows\wpd99.drv
    2013-04-23 16:48:48 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2013-04-23 16:48:48 691592 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2013-04-01 15:45:37 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll
    2013-03-30 01:03:41 28600 ----a-w- C:\Windows\System32\drivers\avkmgr.sys
    2013-03-30 01:03:41 100712 ----a-w- C:\Windows\System32\drivers\avgntflt.sys
    2013-03-12 00:10:56 282744 ------w- C:\Windows\System32\MpSigStub.exe
    2013-02-22 06:27:49 2312704 ----a-w- C:\Windows\System32\jscript9.dll
    2013-02-22 06:20:51 1392128 ----a-w- C:\Windows\System32\wininet.dll
    2013-02-22 06:19:37 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
    2013-02-22 06:15:48 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
    2013-02-22 06:15:23 599040 ----a-w- C:\Windows\System32\vbscript.dll
    2013-02-22 06:12:41 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
    2013-02-22 03:46:00 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2013-02-22 03:38:00 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
    2013-02-22 03:37:50 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2013-02-22 03:34:17 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
    2013-02-22 03:34:03 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
    2013-02-22 03:31:46 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2013-02-12 05:45:24 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
    2013-02-12 05:45:22 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
    2013-02-12 05:45:22 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
    2013-02-12 05:45:22 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
    2013-02-12 04:48:31 474112 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
    2013-02-12 04:48:26 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
    .
    ============= FINISH: 22:32:49.06 ===============

  6. #6
    Security Expert: Emeritus Blade81's Avatar
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    25,288

    Default

    Hi,

    It seems complete ComboFix log wasn't copy-pasted. Please post it.
    Microsoft Windows Insider MVP 2016-2020
    Microsoft MVP Consumer Security 2008-2015
    UNITE member since 2006

    If you have problems create a thread in the forum, please.

    Malware removal instructions are for the correspondent user's case only.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •