Jump to content

aseke

Members
 View Profile  See their activity

  • Posts

    1

  • Joined

  • Last visited

 Content Type 

Everything posted by aseke

  1. aseke
    Hi, For around one month now a virus has been hijacking my browser. The name of the site it opens changes all the time "famoussearchsystem.com" "coolsearchsystem.com" etc. I use TrendMicro and TrendMicro always blocks the new site from opening but still a new tab is opened all the time. At first I scanned my computer by TrendMicro but it did not find anything, then I scanned it with SpyBot and it did not find anything either. Since it does not seem to be harming me right now I did not take any more action then. Today I decided to try again and installed MWB and it found one registry value something like “HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell”. I deleted it but it did not solve the problem. The logs from DDS are attached. I will appreciate any help. Thanks, Aseke . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_26 Run by altintas at 23:15:40 on 2011-11-25 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.7656.5170 [GMT -5:00] . AV: Trend Micro Titanium Internet Security *Enabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902} SP: Trend Micro Titanium Internet Security *Enabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\atieclxx.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe C:\Windows\Explorer.EXE C:\Windows\system32\conhost.exe C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe C:\Windows\system32\conhost.exe C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe C:\Program Files (x86)\Splashtop\Browser Configuration Utility\BCUService.exe C:\Program Files (x86)\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Windows\Philips\SPC230NC\Monitor.exe C:\Program Files\Zune\ZuneLauncher.exe C:\Program Files (x86)\ATI Technologies\HydraVision\HydraGrd.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Steam\Steam.exe C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe C:\Program Files (x86)\ATI Technologies\HydraVision\Grid64.exe C:\Program Files (x86)\Philips\Philips SPC230NC Webcam\TrayMin230.exe C:\Program Files (x86)\Splashtop\Browser Configuration Utility\BCU.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe C:\Users\Public\Conduit\ConduitHelper\ConduitHelper.exe C:\Program Files (x86)\Brownie\BrStsW64.exe C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\sysWOW64\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Brownie\brpjp04a.exe C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files (x86)\Common Files\Steam\SteamService.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Windows\servicing\TrustedInstaller.exe C:\Windows\system32\wuauclt.exe C:\Program Files (x86)\VideoLAN\VLC\vlc.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\NOTEPAD.EXE C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uSearch Page = hxxp://www.google.com uStart Page = hxxp://search.splashtop.com/asusexpressgate/mb/searchAPI.php?SE=google&QS=http%3A%2F%2Fwww.google.com%2Fcse%3Fcx%3Dpartner-pub-3794288947762788%253A7229006738%26ie%3DUTF-8%26q%3D%26sa%3DSearch%26siteurl%3Dwww.google.com%252Fcse%252Fhome%253Fcx%253Dpartner-pub-3794288947762788%253A7229006738 uSearch Bar = hxxp://www.google.com/ie uDefault_Search_URL = hxxp://www.google.com/ie uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s uURLSearchHooks: SearchHook Class: {bc86e1ab-eda5-4059-938f-ce307b0c6f0a} - C:\Program Files (x86)\Splashtop\Browser Configuration Utility\AddressBarSearch.dll uURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll mURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll mWinlogon: Userinit=userinit.exe, BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: TmIEPlugInBHO Class: {1ca1377b-dc1d-4a52-9585-6e06050fac53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1504\6.6.1088\TmIEPlg32.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL BHO: TmBpIeBHO Class: {bbacbafd-fa5e-4079-8b33-00eb9f13d4ac} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File uRun: [Grid] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraGrd.exe" uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized uRun: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent uRun: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" mRun: [bCU] "C:\Program Files (x86)\Splashtop\Browser Configuration Utility\BCU.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s mRun: [ConduitHelper] "C:\Users\Public\Conduit\ConduitHelper\ConduitHelper.exe" mRun: [brStsWnd] C:\Program Files (x86)\Brownie\BrstsW64.exe Autorun mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" mRun: [<NO NAME>] mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" mRun: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\TRAYMI~1.LNK - C:\Program Files (x86)\Philips\Philips SPC230NC Webcam\TrayMin230.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200 IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab TCP: DhcpNameServer = 206.248.154.22 206.248.154.170 TCP: Interfaces\{70EB7FC5-1F7F-463B-A42D-7E785186BC90} : DhcpNameServer = 206.248.154.22 206.248.154.170 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe32.dll Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1504\6.6.1088\TmIEPlg32.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1504\6.6.1088\TmIEPlg32.dll BHO-X64: Trend Micro NSC BHO - No File BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO-X64: SkypeIEPluginBHO - No File BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL BHO-X64: URLRedirectionBHO - No File BHO-X64: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll BHO-X64: TmBpIeBHO - No File BHO-X64: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll BHO-X64: uTorrentBar - No File BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO-X64: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll BHO-X64: SmartSelect - No File TB-X64: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File mRun-x64: [bCU] "C:\Program Files (x86)\Splashtop\Browser Configuration Utility\BCU.exe" mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s mRun-x64: [ConduitHelper] "C:\Users\Public\Conduit\ConduitHelper\ConduitHelper.exe" mRun-x64: [brStsWnd] C:\Program Files (x86)\Brownie\BrstsW64.exe Autorun mRun-x64: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRun-x64: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" mRun-x64: [(Default)] mRun-x64: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" mRun-x64: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\altintas\AppData\Roaming\Mozilla\Firefox\Profiles\kmdm3gd5.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - www.google.com FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npPDFXCviewNPPlugin.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll . ============= SERVICES / DRIVERS =============== . R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?] R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-9-8 361984] R2 Amsp;Trend Micro Solution Platform;C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2011-11-9 256336] R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe [2011-9-10 922240] R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [2011-9-10 915584] R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [2011-9-10 586880] R2 BCUService;Browser Configuration Utility Service;C:\Program Files (x86)\Splashtop\Browser Configuration Utility\BCUService.exe [2011-4-8 235368] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-11-25 366152] R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-11-10 1153368] R2 tmevtmgr;tmevtmgr;C:\Windows\system32\DRIVERS\tmevtmgr.sys --> C:\Windows\system32\DRIVERS\tmevtmgr.sys [?] R2 TomTomHOMEService;TomTomHOMEService;C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2011-4-22 92592] R3 amdhub30;AMD USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\amdhub30.sys --> C:\Windows\system32\DRIVERS\amdhub30.sys [?] R3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys --> C:\Windows\system32\DRIVERS\amdiox64.sys [?] R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?] R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?] R3 amdxhc;AMD USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\amdxhc.sys --> C:\Windows\system32\DRIVERS\amdxhc.sys [?] R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\system32\DRIVERS\asmthub3.sys --> C:\Windows\system32\DRIVERS\asmthub3.sys [?] R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\system32\DRIVERS\asmtxhci.sys --> C:\Windows\system32\DRIVERS\asmtxhci.sys [?] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?] R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] R3 PAEAFLT.sys;USB Composite Device;C:\Windows\system32\DRIVERS\PAEAFLT.sys --> C:\Windows\system32\DRIVERS\PAEAFLT.sys [?] R3 SPC230NC;Philips SPC230NC Webcam;C:\Windows\system32\DRIVERS\SPC230NC.SYS --> C:\Windows\system32\DRIVERS\SPC230NC.SYS [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2011-9-10 130976] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-3-25 30969208] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S3 WMZuneComm;Zune Windows Mobile Connectivity Service;C:\Program Files\Zune\WMZuneComm.exe [2011-8-5 306400] . =============== Created Last 30 ================ . 2011-11-26 02:40:42 -------- d-----w- C:\Users\altintas\AppData\Roaming\Malwarebytes 2011-11-26 02:40:37 -------- d-----w- C:\ProgramData\Malwarebytes 2011-11-26 02:40:33 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys 2011-11-26 02:40:33 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2011-11-24 04:30:25 -------- d-----w- C:\Users\altintas\Calibre Library 2011-11-24 04:30:22 -------- d-----w- C:\Users\altintas\AppData\Roaming\calibre 2011-11-24 04:30:06 -------- d-----w- C:\Program Files (x86)\Calibre2 2011-11-23 00:19:53 -------- d-----w- C:\Program Files (x86)\AMD APP 2011-11-23 00:19:24 -------- d-----w- C:\Program Files\ATI Technologies 2011-11-22 13:05:59 31744 ----a-w- C:\Windows\System32\drivers\RimSerial_AMD64.sys 2011-11-22 13:05:30 -------- d-----w- C:\Program Files (x86)\Research In Motion 2011-11-22 13:05:30 -------- d-----w- C:\Program Files (x86)\Common Files\Research In Motion 2011-11-11 04:04:32 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy 2011-11-11 04:04:32 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2011-11-10 02:05:34 200976 ----a-w- C:\Windows\SysWow64\drivers\tmcomm.sys 2011-11-10 01:03:14 105552 ----a-w- C:\Windows\System32\drivers\tmtdi.sys 2011-11-10 01:03:12 90704 ----a-w- C:\Windows\System32\drivers\tmactmon.sys 2011-11-10 01:03:12 67664 ----a-w- C:\Windows\System32\drivers\tmevtmgr.sys 2011-11-10 01:03:12 144464 ----a-w- C:\Windows\System32\drivers\tmcomm.sys 2011-11-10 00:52:44 -------- d-----w- C:\Program Files\Trend Micro 2011-11-09 06:37:57 -------- d-sh--w- C:\Users\altintas\AppData\Local\a311c3b5 2011-11-08 01:13:36 -------- d-----w- C:\ProgramData\TomTom 2011-11-08 01:12:29 -------- d-----w- C:\Users\altintas\AppData\Roaming\TomTom 2011-11-08 01:12:29 -------- d-----w- C:\Users\altintas\AppData\Local\TomTom 2011-11-08 01:12:19 -------- d-----w- C:\Program Files (x86)\TomTom International B.V 2011-11-08 01:12:07 -------- d-----w- C:\Program Files (x86)\TomTom HOME 2 2011-10-30 03:07:52 -------- d-----w- C:\Program Files (x86)\Bonjour 2011-10-30 03:04:58 -------- d-----w- C:\Windows\SysWow64\spool 2011-10-28 01:54:27 12800 ----a-w- C:\Windows\DCEBoot64.exe . ==================== Find3M ==================== . 2011-11-09 06:38:27 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2011-10-08 03:15:53 466456 ----a-w- C:\Windows\System32\wrap_oal.dll 2011-10-08 03:15:53 122904 ----a-w- C:\Windows\System32\OpenAL32.dll 2011-10-08 03:15:52 444952 ----a-w- C:\Windows\SysWow64\wrap_oal.dll 2011-10-08 03:15:52 109080 ----a-w- C:\Windows\SysWow64\OpenAL32.dll 2011-09-14 16:47:42 60416 ----a-w- C:\Windows\System32\OVDecode64.dll 2011-09-14 16:47:40 53760 ----a-w- C:\Windows\SysWow64\OVDecode.dll 2011-09-14 16:47:10 16652288 ----a-w- C:\Windows\System32\amdocl64.dll 2011-09-14 16:38:30 44032 ----a-w- C:\Windows\System32\amdoclcl64.dll 2011-09-14 16:38:28 37376 ----a-w- C:\Windows\SysWow64\amdoclcl.dll 2011-09-11 02:53:23 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2011-09-10 07:24:28 175616 ----a-w- C:\Windows\System32\msclmd.dll 2011-09-10 07:24:28 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll 2011-09-09 23:04:21 0 ----a-w- C:\Windows\ativpsrm.bin 2011-09-08 18:27:22 10203648 ----a-w- C:\Windows\System32\drivers\atikmdag.sys 2011-09-08 17:59:44 24229376 ----a-w- C:\Windows\System32\atio6axx.dll 2011-09-08 17:39:44 18534912 ----a-w- C:\Windows\SysWow64\atioglxx.dll 2011-09-08 17:34:20 151552 ----a-w- C:\Windows\System32\atiapfxx.exe 2011-09-08 17:34:10 732672 ----a-w- C:\Windows\SysWow64\aticfx32.dll 2011-09-08 17:32:58 862720 ----a-w- C:\Windows\System32\aticfx64.dll 2011-09-08 17:30:38 466944 ----a-w- C:\Windows\System32\ATIDEMGX.dll 2011-09-08 17:30:26 486912 ----a-w- C:\Windows\System32\atieclxx.exe 2011-09-08 17:29:56 204288 ----a-w- C:\Windows\System32\atiesrxx.exe 2011-09-08 17:28:54 120320 ----a-w- C:\Windows\System32\atitmm64.dll 2011-09-08 17:28:38 423424 ----a-w- C:\Windows\System32\atipdl64.dll 2011-09-08 17:28:32 356352 ----a-w- C:\Windows\SysWow64\atipdlxx.dll 2011-09-08 17:28:22 278528 ----a-w- C:\Windows\SysWow64\Oemdspif.dll 2011-09-08 17:28:18 21504 ----a-w- C:\Windows\System32\atimuixx.dll 2011-09-08 17:28:14 59392 ----a-w- C:\Windows\System32\atiedu64.dll 2011-09-08 17:28:10 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll 2011-09-08 17:24:38 4204032 ----a-w- C:\Windows\SysWow64\atidxx32.dll 2011-09-08 17:18:56 1113088 ----a-w- C:\Windows\System32\atiumd6v.dll 2011-09-08 17:18:22 1828864 ----a-w- C:\Windows\SysWow64\atiumdmv.dll 2011-09-08 17:18:08 3888640 ----a-w- C:\Windows\System32\atiumd6a.dll 2011-09-08 17:16:00 4944896 ----a-w- C:\Windows\System32\atidxx64.dll 2011-09-08 17:09:42 51200 ----a-w- C:\Windows\System32\aticalrt64.dll 2011-09-08 17:09:40 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll 2011-09-08 17:09:30 44544 ----a-w- C:\Windows\System32\aticalcl64.dll 2011-09-08 17:09:28 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll 2011-09-08 17:09:18 8723456 ----a-w- C:\Windows\System32\aticaldd64.dll 2011-09-08 17:08:24 4064768 ----a-w- C:\Windows\SysWow64\atiumdva.dll 2011-09-08 17:05:52 7331840 ----a-w- C:\Windows\SysWow64\aticaldd.dll 2011-09-08 17:05:44 4289024 ----a-w- C:\Windows\SysWow64\atiumdag.dll 2011-09-08 17:00:02 5428736 ----a-w- C:\Windows\System32\atiumd64.dll 2011-09-08 16:59:48 58880 ----a-w- C:\Windows\System32\coinst.dll 2011-09-08 16:53:20 381952 ----a-w- C:\Windows\System32\atiadlxx.dll 2011-09-08 16:53:12 270336 ----a-w- C:\Windows\SysWow64\atiadlxy.dll 2011-09-08 16:52:58 15360 ----a-w- C:\Windows\System32\atig6pxx.dll 2011-09-08 16:52:56 13312 ----a-w- C:\Windows\SysWow64\atiglpxx.dll 2011-09-08 16:52:56 13312 ----a-w- C:\Windows\System32\atiglpxx.dll 2011-09-08 16:52:54 39936 ----a-w- C:\Windows\System32\atig6txx.dll 2011-09-08 16:52:46 32768 ----a-w- C:\Windows\SysWow64\atigktxx.dll 2011-09-08 16:52:40 310784 ----a-w- C:\Windows\System32\drivers\atikmpag.sys 2011-09-08 16:52:00 40960 ----a-w- C:\Windows\System32\atiuxp64.dll 2011-09-08 16:51:54 31744 ----a-w- C:\Windows\SysWow64\atiuxpag.dll 2011-09-08 16:51:50 38912 ----a-w- C:\Windows\System32\atiu9p64.dll 2011-09-08 16:51:44 29184 ----a-w- C:\Windows\SysWow64\atiu9pag.dll 2011-09-08 16:51:12 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll 2011-09-08 16:51:02 54784 ----a-w- C:\Windows\System32\atimpc64.dll 2011-09-08 16:51:02 54784 ----a-w- C:\Windows\System32\amdpcom64.dll 2011-09-08 16:50:54 53760 ----a-w- C:\Windows\SysWow64\atimpc32.dll 2011-09-08 16:50:54 53760 ----a-w- C:\Windows\SysWow64\amdpcom32.dll . ============= FINISH: 23:16:30.00 =============== DDS.txt Attach.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.