Johnycan

Thank you very much for your patiance and help

Results of screen317's Security Check version 0.99.68 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 10 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! avast! Antivirus Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.75.0.1300 JavaFX 2.1.0 Java 6 Update 31 Java 7 Update 21 Java version out of Date! Adobe Flash Player 11.7.700.224 Adobe Reader XI Mozilla Firefox 15.0.1 Firefox out of Date! Google Chrome 14.0.835.202 Google Chrome 15.0.874.106 ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe Malwarebytes' Anti-Malware mbamscheduler.exe AVAST Software Avast AvastSvc.exe AVAST Software Avast AvastUI.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 0% ````````````````````End of Log``````````````````````

# AdwCleaner v2.303 - Logfile created 06/29/2013 at 14:45:32 # Updated 08/06/2013 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : Jon - JON-PC # Boot Mode : Normal # Running from : C:\Users\Jon\Downloads\adwcleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** Folder Deleted : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB Folder Deleted : C:\ProgramData\Partner Folder Deleted : C:\ProgramData\Trymedia Folder Deleted : C:\Users\Jon\AppData\Roaming\dvdvideosoftiehelpers ***** [Registry] ***** Key Deleted : HKCU\Software\Softonic Key Deleted : HKLM\SOFTWARE\Wow6432Node\14919ea49a8f3b4aa3cf1058d9a64cec ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16447 [OK] Registry is clean. -\\ Mozilla Firefox v15.0.1 (en-US) File : C:\Users\Jon\AppData\Roaming\Mozilla\Firefox\Profiles\fjnta102.default\prefs.js [OK] File is clean. -\\ Google Chrome v27.0.1453.116 File : C:\Users\Jon\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[s1].txt - [1137 octets] - [29/06/2013 14:45:32] ########## EOF - C:\AdwCleaner[s1].txt - [1197 octets] ##########

Threads found. C:\Program Files (x86)\Race2Play\Setup Developer\Setup Developer.exe Win32/BadJoke.Delf.NAC applicationC:\Users\Jon\Downloads\SoftonicDownloader_for_google-sketchup.exe a variant of Win32/SoftonicDownloader.E application

Done.

ComboFix 13-06-26.01 - Jon 26.06.2013 21:23:01.2.8 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1250.386.1033.18.4007.2407 [GMT 2:00] Running from: c:\users\Jon\Desktop\ComboFix.exe Command switches used :: c:\users\Jon\Desktop\CFScript.txt AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . FILE :: "c:\windows\SysWOW64\Drivers\X6va009" "c:\windows\SysWOW64\Drivers\X6va011" . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Jon\AppData\Local\Temp\ed8f7b8d-69a9-41c6-be9d-809d9b8ac301\CliSecureRT64.dll . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_X6VA009 -------\Legacy_X6VA011 -------\Service_X6va009 -------\Service_X6va011 . . ((((((((((((((((((((((((( Files Created from 2013-05-26 to 2013-06-26 ))))))))))))))))))))))))))))))) . . 2013-06-26 19:30 . 2013-06-26 19:30 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2013-06-25 19:17 . 2013-06-25 19:44 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable) 2013-06-24 18:40 . 2013-06-24 18:40 -------- d-----w- c:\users\Jon\AppData\Roaming\Malwarebytes 2013-06-24 18:39 . 2013-06-24 18:39 -------- d-----w- c:\programdata\Malwarebytes 2013-06-24 18:39 . 2013-06-24 18:39 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2013-06-24 18:39 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-06-24 14:01 . 2013-06-12 03:08 9552976 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7F85888B-6BED-4EE7-A973-FAA458717C83}\mpengine.dll 2013-06-24 11:58 . 2013-06-24 11:58 -------- d-----w- c:\users\Jon\AppData\Local\SteelSeries_ApS 2013-06-24 11:58 . 2013-06-24 11:58 -------- d-----w- c:\users\Jon\AppData\Roaming\SteelSeries 2013-06-24 11:57 . 2013-06-24 11:57 -------- d-----w- c:\programdata\SteelSeries 2013-06-24 11:55 . 2013-06-24 11:55 -------- d-----w- c:\program files\SteelSeries 2013-06-21 15:23 . 2013-06-21 15:23 -------- d-----w- c:\users\Default\AppData\Local\Google 2013-05-31 14:19 . 2013-05-31 14:19 38016 ----a-w- c:\windows\system32\drivers\SAlpham64.sys . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-06-26 17:47 . 2012-04-12 18:43 378944 ----a-w- c:\windows\system32\drivers\aswSP.sys 2013-06-26 17:47 . 2012-04-12 18:43 1030440 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2013-06-25 18:56 . 2011-09-24 18:01 45056 ----a-w- c:\windows\system32\acovcnt.exe 2013-06-12 15:37 . 2012-07-03 12:21 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2013-06-12 15:37 . 2011-09-25 17:15 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-05-20 08:02 . 2010-06-24 18:33 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2013-05-09 08:59 . 2013-04-26 14:28 189936 ----a-w- c:\windows\system32\drivers\aswVmm.sys 2013-05-09 08:59 . 2013-04-26 14:28 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys 2013-05-09 08:59 . 2012-04-12 18:43 72016 ----a-w- c:\windows\system32\drivers\aswRdr2.sys 2013-05-09 08:59 . 2012-04-12 18:43 64288 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2013-05-09 08:59 . 2012-04-12 18:43 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2013-05-09 08:59 . 2012-04-12 18:43 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2013-05-09 08:58 . 2012-04-12 18:43 41664 ----a-w- c:\windows\avastSS.scr 2013-05-09 08:58 . 2012-03-27 23:10 287840 ----a-w- c:\windows\system32\aswBoot.exe 2013-05-02 00:06 . 2012-03-27 21:17 278800 ------w- c:\windows\system32\MpSigStub.exe 2013-04-26 13:00 . 2013-04-26 13:00 134656 ----a-w- c:\windows\system32\drivers\SteelBus64.sys 2013-04-22 11:11 . 2013-04-22 11:11 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2013-04-22 11:11 . 2012-05-22 20:37 866720 ----a-w- c:\windows\SysWow64\npDeployJava1.dll 2013-04-22 11:11 . 2011-09-24 10:36 788896 ----a-w- c:\windows\SysWow64\deployJava1.dll 2013-04-06 18:28 . 2013-04-06 18:28 94208 ----a-w- c:\windows\pyw.exe 2013-04-06 18:25 . 2013-04-06 18:25 2653184 ----a-w- c:\windows\SysWow64\python33.dll 2013-04-06 18:24 . 2013-04-06 18:24 93696 ----a-w- c:\windows\py.exe 2011-11-01 21:28 . 2011-11-01 21:28 2371167168 ----a-w- c:\program files\Vindictus_EU.exe . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2012-10-23 3093624] "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-06-24 1840424] "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-04-19 18678376] "Akamai NetSession Interface"="c:\users\Jon\AppData\Local\Akamai\netsession_win.exe" [2013-01-26 4480768] "SteelSeries Engine"="c:\program files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe" [2013-06-12 241152] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2011-04-01 2018032] "ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624] "HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016] "SonicMasterTray"="c:\program files (x86)\ASUS\SonicMaster\SonicMasterTray.exe" [2010-07-10 984400] "FLxHCIm"="c:\program files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe" [2011-04-08 43008] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968] "NBKeyScan"="c:\program files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-06-08 2221352] "Boomslang"="c:\program files (x86)\Razer\Boomslang\razerhid.exe" [2007-11-22 147456] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-02-20 152392] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-8-3 1080608] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x] R3 1394hub;1394 Enabled Hub;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x] R3 boomslangFltr;Razer Boomslang;c:\windows\system32\drivers\boomslang.sys;c:\windows\SYSNATIVE\drivers\boomslang.sys [x] R3 dump_wmimmc;dump_wmimmc;c:\program files (x86)\NCsoft\Lineage II\system\GameGuard\dump_wmimmc.sys;c:\program files (x86)\NCsoft\Lineage II\system\GameGuard\dump_wmimmc.sys [x] R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x] R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x] R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena Plus\Room\safedrv.sys;c:\program files (x86)\Garena Plus\Room\safedrv.sys [x] R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x] R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys;c:\windows\SYSNATIVE\DRIVERS\SiSG664.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [x] R4 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x] R4 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x] R4 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [x] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x] S0 aswRvrt;aswRvrt; [x] S0 aswVmm;aswVmm; [x] S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x] S1 aswKbd;aswKbd; [x] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [x] S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe;c:\windows\SYSNATIVE\FBAgent.exe [x] S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x] S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x] S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x] S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x] S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [x] S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x] S2 TurboBoost;Intel® Turbo Boost Technology Monitor;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x] S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys;c:\windows\SYSNATIVE\drivers\btusbflt.sys [x] S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x] S3 busenum;SteelBusSvc;c:\windows\system32\DRIVERS\SteelBus64.sys;c:\windows\SYSNATIVE\DRIVERS\SteelBus64.sys [x] S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x] S3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\DRIVERS\FLxHCIc.sys;c:\windows\SYSNATIVE\DRIVERS\FLxHCIc.sys [x] S3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;c:\windows\system32\DRIVERS\FLxHCIh.sys;c:\windows\SYSNATIVE\DRIVERS\FLxHCIh.sys [x] S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x] S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x] S3 SAlphamHid;SteelHIDSvc;c:\windows\system32\DRIVERS\SAlpham64.sys;c:\windows\SYSNATIVE\DRIVERS\SAlpham64.sys [x] S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x] S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x] S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x] S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x] S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x] S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys;c:\windows\SYSNATIVE\DRIVERS\WDKMD.sys [x] . . Contents of the 'Scheduled Tasks' folder . 2013-06-26 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-03 15:37] . 2013-06-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-01 08:58] . 2013-06-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-01 08:58] . 2013-06-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2805722272-3616351480-1880852690-1001Core.job - c:\users\Jon\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-09 18:29] . 2013-06-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2805722272-3616351480-1880852690-1001UA.job - c:\users\Jon\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-09 18:29] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2013-05-09 08:58 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}] 2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}" . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}] 2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}" . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}] 2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}] 2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}] 2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}] 2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IntelTBRunOnce"="wscript.exe" [2009-07-14 168960] "AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2010-05-03 324096] "ETDWare"="c:\program files (x86)\Elantech\ETDCtrl.exe" [bU] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-02-14 170264] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-02-14 398616] "Persistence"="c:\windows\system32\igfxpers.exe" [2012-02-14 440600] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=c:\windows\System32\nvinitx.dll . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local;<local> IE: Free YouTube Download - c:\users\Jon\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm IE: Free YouTube to MP3 Converter - c:\users\Jon\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm TCP: DhcpNameServer = 192.168.0.1 TCP: Interfaces\{D9C0BC95-4D42-40BA-AAB8-F89A2C478D90}: DhcpNameServer = 84.255.209.79 84.255.210.79 FF - ProfilePath - c:\users\Jon\AppData\Roaming\Mozilla\Firefox\Profiles\fjnta102.default\ FF - prefs.js: browser.search.selectedEngine - Google . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) AddRemove-Dežne gume - c:\users\Jon\Desktop\rFactor\Uninstal.exe . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc] "ImagePath"="c:\windows\system32\GameMon.des -service" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe c:\program files (x86)\ASUS\SmartLogon\smartlogon.exe c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe c:\program files\AVAST Software\Avast\AvastSvc.exe c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe c:\program files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe c:\windows\SysWOW64\IoctlSvc.exe c:\windows\SysWOW64\PnkBstrA.exe c:\windows\SysWOW64\PnkBstrB.exe c:\windows\AsScrPro.exe . ************************************************************************** . Completion time: 2013-06-26 21:38:13 - machine was rebooted ComboFix-quarantined-files.txt 2013-06-26 19:38 ComboFix2.txt 2013-06-26 17:37 . Pre-Run: 23.142.764.544 bytes free Post-Run: 22.875.844.608 bytes free . - - End Of File - - 083D5CEA1273A3FD32B8CAD155F5FD98 D41D8CD98F00B204E9800998ECF8427E

I restarted my computer and now i can open chrome but cant find the log of combofix.

Ok i have a problem, I am writing from another computer. I disabled avast again and scanned with combofix. After the scann my computer restarted and the log showed up but when i try to open chorme or other programs it says "Illegal operation attempted on a registry key that has been marked for deletion".

Ok i dragged the file into the combofix icon, and it tells me to close AV programs which i did but it still warns me that they are active. Should I proceede

And my sites that wasnt working are now working

Sorry for the delay but i had a busy day :/ Here's the Combofix log: ComboFix 13-06-26.01 - Jon 26.06.2013 19:12:19.1.8 - x64Microsoft Windows 7 Home Premium 6.1.7601.1.1250.386.1033.18.4007.2469 [GMT 2:00]Running from: c:\users\Jon\Desktop\ComboFix.exeAV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point..((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))..c:\programdata\FullRemove.exec:\users\Jon\AppData\Local\assembly\tmpc:\users\Jon\AppData\Local\Temp\ed8f7b8d-69a9-41c6-be9d-809d9b8ac301\CliSecureRT64.dllc:\users\Public\sdelevURL.tmpc:\windows\msvcr71.dllc:\windows\SysWow64\tmp48A3.tmpc:\windows\SysWow64\tmp48B4.tmpc:\windows\SysWow64\tmpE593.tmpc:\windows\SysWow64\tmpE5A3.tmpD:\install.exe..((((((((((((((((((((((((( Files Created from 2013-05-26 to 2013-06-26 )))))))))))))))))))))))))))))))..2013-06-26 17:24 . 2013-06-26 17:24 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp2013-06-26 17:24 . 2013-06-26 17:24 -------- d-----w- c:\users\Default\AppData\Local\temp2013-06-25 19:17 . 2013-06-25 19:44 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)2013-06-25 19:00 . 2013-06-25 19:00 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7F85888B-6BED-4EE7-A973-FAA458717C83}\offreg.dll2013-06-24 18:40 . 2013-06-24 18:40 -------- d-----w- c:\users\Jon\AppData\Roaming\Malwarebytes2013-06-24 18:39 . 2013-06-24 18:39 -------- d-----w- c:\programdata\Malwarebytes2013-06-24 18:39 . 2013-06-24 18:39 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware2013-06-24 18:39 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys2013-06-24 14:01 . 2013-06-12 03:08 9552976 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7F85888B-6BED-4EE7-A973-FAA458717C83}\mpengine.dll2013-06-24 11:58 . 2013-06-24 11:58 -------- d-----w- c:\users\Jon\AppData\Local\SteelSeries_ApS2013-06-24 11:58 . 2013-06-24 11:58 -------- d-----w- c:\users\Jon\AppData\Roaming\SteelSeries2013-06-24 11:57 . 2013-06-24 11:57 -------- d-----w- c:\programdata\SteelSeries2013-06-24 11:55 . 2013-06-24 11:55 -------- d-----w- c:\program files\SteelSeries2013-06-21 15:23 . 2013-06-21 15:23 -------- d-----w- c:\users\Default\AppData\Local\Google2013-05-31 14:19 . 2013-05-31 14:19 38016 ----a-w- c:\windows\system32\drivers\SAlpham64.sys...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2013-06-25 18:56 . 2011-09-24 18:01 45056 ----a-w- c:\windows\system32\acovcnt.exe2013-06-12 15:37 . 2012-07-03 12:21 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe2013-06-12 15:37 . 2011-09-25 17:15 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl2013-05-20 08:02 . 2010-06-24 18:33 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll2013-05-09 08:59 . 2013-04-26 14:28 189936 ----a-w- c:\windows\system32\drivers\aswVmm.sys2013-05-09 08:59 . 2013-04-26 14:28 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys2013-05-09 08:59 . 2012-04-12 18:43 378432 ----a-w- c:\windows\system32\drivers\aswSP.sys2013-05-09 08:59 . 2012-04-12 18:43 72016 ----a-w- c:\windows\system32\drivers\aswRdr2.sys2013-05-09 08:59 . 2012-04-12 18:43 64288 ----a-w- c:\windows\system32\drivers\aswTdi.sys2013-05-09 08:59 . 2012-04-12 18:43 1025808 ----a-w- c:\windows\system32\drivers\aswSnx.sys2013-05-09 08:59 . 2012-04-12 18:43 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys2013-05-09 08:59 . 2012-04-12 18:43 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys2013-05-09 08:58 . 2012-04-12 18:43 41664 ----a-w- c:\windows\avastSS.scr2013-05-09 08:58 . 2012-03-27 23:10 287840 ----a-w- c:\windows\system32\aswBoot.exe2013-05-02 00:06 . 2012-03-27 21:17 278800 ------w- c:\windows\system32\MpSigStub.exe2013-04-26 13:00 . 2013-04-26 13:00 134656 ----a-w- c:\windows\system32\drivers\SteelBus64.sys2013-04-22 11:11 . 2013-04-22 11:11 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll2013-04-22 11:11 . 2012-05-22 20:37 866720 ----a-w- c:\windows\SysWow64\npDeployJava1.dll2013-04-22 11:11 . 2011-09-24 10:36 788896 ----a-w- c:\windows\SysWow64\deployJava1.dll2013-04-06 18:28 . 2013-04-06 18:28 94208 ----a-w- c:\windows\pyw.exe2013-04-06 18:25 . 2013-04-06 18:25 2653184 ----a-w- c:\windows\SysWow64\python33.dll2013-04-06 18:24 . 2013-04-06 18:24 93696 ----a-w- c:\windows\py.exe2011-11-01 21:28 . 2011-11-01 21:28 2371167168 ----a-w- c:\program files\Vindictus_EU.exe..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4.[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"GoogleChromeAutoLaunch_1476D5075BFDEEA31B57A901BC660F86"="c:\users\Jon\AppData\Local\Google\Chrome\Application\chrome.exe" [2013-06-15 825808]"Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2012-10-23 3093624]"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-06-24 1840424]"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-04-19 18678376]"Akamai NetSession Interface"="c:\users\Jon\AppData\Local\Akamai\netsession_win.exe" [2013-01-26 4480768]"SteelSeries Engine"="c:\program files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe" [2013-06-12 241152].[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2011-04-01 2018032]"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]"SonicMasterTray"="c:\program files (x86)\ASUS\SonicMaster\SonicMasterTray.exe" [2010-07-10 984400]"FLxHCIm"="c:\program files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe" [2011-04-08 43008]"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]"NBKeyScan"="c:\program files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-06-08 2221352]"Boomslang"="c:\program files (x86)\Razer\Boomslang\razerhid.exe" [2007-11-22 147456]"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-02-20 152392].c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-8-3 1080608].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"ConsentPromptBehaviorAdmin"= 5 (0x5)"ConsentPromptBehaviorUser"= 3 (0x3)"EnableUIADesktopToggle"= 0 (0x0).[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]"LoadAppInit_DLLs"=1 (0x1)"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll.R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]R3 1394hub;1394 Enabled Hub;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]R3 boomslangFltr;Razer Boomslang;c:\windows\system32\drivers\boomslang.sys;c:\windows\SYSNATIVE\drivers\boomslang.sys [x]R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys;c:\windows\SYSNATIVE\drivers\btusbflt.sys [x]R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]R3 dump_wmimmc;dump_wmimmc;c:\program files (x86)\NCsoft\Lineage II\system\GameGuard\dump_wmimmc.sys;c:\program files (x86)\NCsoft\Lineage II\system\GameGuard\dump_wmimmc.sys [x]R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena Plus\Room\safedrv.sys;c:\program files (x86)\Garena Plus\Room\safedrv.sys [x]R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys;c:\windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [x]R3 X6va009;X6va009;c:\windows\SysWOW64\Drivers\X6va009;c:\windows\SysWOW64\Drivers\X6va009 [x]R3 X6va011;X6va011;c:\windows\SysWOW64\Drivers\X6va011;c:\windows\SysWOW64\Drivers\X6va011 [x]R4 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]R4 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]R4 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [x]R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]S0 aswRvrt;aswRvrt; [x]S0 aswVmm;aswVmm; [x]S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]S1 aswKbd;aswKbd; [x]S1 aswSnx;aswSnx; [x]S1 aswSP;aswSP; [x]S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [x]S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe;c:\windows\SYSNATIVE\FBAgent.exe [x]S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]S2 aswFsBlk;aswFsBlk; [x]S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [x]S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]S2 TurboBoost;Intel® Turbo Boost Technology Monitor;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]S3 busenum;SteelBusSvc;c:\windows\system32\DRIVERS\SteelBus64.sys;c:\windows\SYSNATIVE\DRIVERS\SteelBus64.sys [x]S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]S3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\DRIVERS\FLxHCIc.sys;c:\windows\SYSNATIVE\DRIVERS\FLxHCIc.sys [x]S3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;c:\windows\system32\DRIVERS\FLxHCIh.sys;c:\windows\SYSNATIVE\DRIVERS\FLxHCIh.sys [x]S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]S3 SAlphamHid;SteelHIDSvc;c:\windows\system32\DRIVERS\SAlpham64.sys;c:\windows\SYSNATIVE\DRIVERS\SAlpham64.sys [x]S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys;c:\windows\SYSNATIVE\DRIVERS\WDKMD.sys [x]..Contents of the 'Scheduled Tasks' folder.2013-06-26 c:\windows\Tasks\Adobe Flash Player Updater.job- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-03 15:37].2013-06-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-01 08:58].2013-06-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-01 08:58].2013-06-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2805722272-3616351480-1880852690-1001Core.job- c:\users\Jon\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-09 18:29].2013-06-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2805722272-3616351480-1880852690-1001UA.job- c:\users\Jon\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-09 18:29]..--------- X64 Entries -----------..[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]@="{472083B0-C522-11CF-8763-00608CC02F24}"[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]2013-05-09 08:58 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}".[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}".[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2010-05-03 324096]"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-02-14 170264]"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-02-14 398616]"Persistence"="c:\windows\system32\igfxpers.exe" [2012-02-14 440600].[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]"AppInit_DLLs"=c:\windows\System32\nvinitx.dll.------- Supplementary Scan -------.uLocal Page = c:\windows\system32\blank.htmmLocal Page = c:\windows\SysWOW64\blank.htmuInternet Settings,ProxyOverride = *.local;<local>IE: Free YouTube Download - c:\users\Jon\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htmIE: Free YouTube to MP3 Converter - c:\users\Jon\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htmTCP: DhcpNameServer = 192.168.0.1TCP: Interfaces\{D9C0BC95-4D42-40BA-AAB8-F89A2C478D90}: DhcpNameServer = 84.255.209.79 84.255.210.79FF - ProfilePath - c:\users\Jon\AppData\Roaming\Mozilla\Firefox\Profiles\fjnta102.default\FF - prefs.js: browser.search.selectedEngine - Google.- - - - ORPHANS REMOVED - - - -.Toolbar-Locked - (no file)Toolbar-Locked - (no file)HKLM-Run-ETDWare - c:\program files (x86)\Elantech\ETDCtrl.exeAddRemove-Dežne gume - c:\users\Jon\Desktop\rFactor\Uninstal.exeAddRemove-kers in drs - c:\users\Jon\Desktop\rFactor\Uninstal.exe...[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]"ImagePath"="c:\windows\system32\GameMon.des -service".[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va009]"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va009".[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va011]"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va011".--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="IFlashBroker5".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Shockwave Flash Object".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]@="0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]@="ShockwaveFlash.ShockwaveFlash.11".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="ShockwaveFlash.ShockwaveFlash".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Macromedia Flash Factory Object".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]@="FlashFactory.FlashFactory.1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="FlashFactory.FlashFactory".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="IFlashBroker5".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]@Denied: (Full) (Everyone).Completion time: 2013-06-26 19:37:12ComboFix-quarantined-files.txt 2013-06-26 17:37.Pre-Run: 23.349.886.976 bytes freePost-Run: 23.187.738.624 bytes free.- - End Of File - - 48362DFF8A8046F9ED4E50049379428BD41D8CD98F00B204E9800998ECF8427E

Malwarebytes Anti-Rootkit BETA 1.06.0.1004 www.malwarebytes.org Database version: v2013.06.25.08 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Jon :: JON-PC [administrator] 25.6.2013 21:17:33 mbar-log-2013-06-25 (21-17-33).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit | MBR | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUM | P2P Scan options disabled: Drivers | Physical Sectors | PUP Objects scanned: 294249 Time elapsed: 13 minute(s), 59 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) Physical Sectors Detected: 0 (No malicious items detected) (end)

The scan found no malware. Should I post the log?

Should i press "Yes" or "No" Probable rootkit activity detected Registry value "AppInit_Dlls" has been found, which may be caused by rootkit activity. Note: press "No" button if you're not sure. If the tool crashes or terminates unexpectedly during a system scan, restart the tool and press "Yes" should this massage appear again. Do you want to remove this value and restart the tool?

If I forgot to post something or did something wrong just tell me.

Gmer scan GMER 2.1.19163 - http://www.gmer.netRootkit scan 2013-06-24 23:29:16Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ST950042 rev.0002 465,76GBRunning: 5sesddyj.exe; Driver: C:\Users\Jon\AppData\Local\Temp\pwldypow.sys ---- Devices - GMER 2.1 ---- Device \Driver\a9ushk7b \Device\Scsi\a9ushk7b1 fffffa80072c62c0Device \Driver\a9ushk7b \Device\Scsi\a9ushk7b1Port1Path0Target0Lun0 fffffa80072c62c0Device \FileSystem\Ntfs \Ntfs fffffa8004d332c0Device \FileSystem\fastfat \Fat fffffa800b78e2c0Device \Driver\NetBT \Device\NetBT_Tcpip_{EDC38F53-6DC1-4D64-8CD3-30D095954C8E} fffffa8006fb22c0Device \Driver\usbehci \Device\USBPDO-1 fffffa80072502c0Device \Driver\cdrom \Device\CdRom0 fffffa80053152c0Device \Driver\cdrom \Device\CdRom1 fffffa80053152c0Device \Driver\NetBT \Device\NetBT_Tcpip_{4E2E99F8-AB68-48E4-AFAF-D16E7ABEFC2F} fffffa8006fb22c0Device \Driver\usbehci \Device\USBFDO-0 fffffa80072502c0Device \Driver\NetBT \Device\NetBT_Tcpip_{4E942B33-0B70-457B-BACC-8D042BF39D0E} fffffa8006fb22c0Device \Driver\NetBT \Device\NetBT_Tcpip_{D9C0BC95-4D42-40BA-AAB8-F89A2C478D90} fffffa8006fb22c0Device \Driver\usbehci \Device\USBFDO-1 fffffa80072502c0Device \Driver\NetBT \Device\NetBT_Tcpip_{AA080E4A-BF22-40EB-8AA5-C52E79EB5182} fffffa8006fb22c0Device \Driver\volmgr \Device\HarddiskVolume1 fffffa80040f22c0Device \Driver\volmgr \Device\FtControl fffffa80040f22c0Device \Driver\volmgr \Device\VolMgrControl fffffa80040f22c0Device \Driver\volmgr \Device\HarddiskVolume2 fffffa80040f22c0Device \Driver\volmgr \Device\HarddiskVolume3 fffffa80040f22c0Device \Driver\NetBT \Device\NetBt_Wins_Export fffffa8006fb22c0Device \Driver\usbehci \Device\USBPDO-0 fffffa80072502c0Device \Driver\a9ushk7b \Device\ScsiPort1 fffffa80072c62c0 ---- Modules - GMER 2.1 ---- Module \SystemRoot\System32\Drivers\a9ushk7b.SYS fffff88011172000-fffff880111b7000 (282624 bytes) ---- Threads - GMER 2.1 ---- Thread C:\Windows\system32\svchost.exe [604:3540] 000007fef46c506cThread C:\Windows\system32\svchost.exe [604:3536] 000007fef4821c20Thread C:\Windows\system32\svchost.exe [604:3532] 000007fef4821c20Thread C:\Windows\system32\svchost.exe [604:6416] 000007fef9de5124Thread C:\Windows\system32\svchost.exe [604:6948] 000007fef6701ab0Thread C:\Windows\system32\svchost.exe [604:8112] 000007fef6084164Thread C:\Windows\system32\svchost.exe [1132:6940] 000007fef3d7b1b0Thread C:\Windows\system32\svchost.exe [1132:7032] 000007fef3d56ed4Thread C:\Windows\system32\svchost.exe [1132:7012] 000007fef3d56b8cThread C:\Windows\System32\spoolsv.exe [1896:5960] 000007fef32c10c8Thread C:\Windows\System32\spoolsv.exe [1896:1532] 000007fef3286144Thread C:\Windows\System32\spoolsv.exe [1896:3892] 000007fef3075fd0Thread C:\Windows\System32\spoolsv.exe [1896:4536] 000007fef3063438Thread C:\Windows\System32\spoolsv.exe [1896:2016] 000007fef30763ecThread C:\Windows\System32\spoolsv.exe [1896:6116] 000007fef3355e5cThread C:\Windows\system32\wbem\wmiprvse.exe [3552:4756] 000007fef4821c20Thread C:\Windows\system32\wbem\wmiprvse.exe [3552:2644] 0000000180006e60Thread C:\Windows\system32\svchost.exe [5868:6012] 000007fef9fb2f9cThread C:\Windows\System32\svchost.exe [6444:3468] 000007fef4409688Thread C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [3788:4232] 000007feedebdb84Thread C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [3788:4900] 000007feedd7b184Thread C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [3788:1484] 000007feedd7b184 ---- Registry - GMER 2.1 ---- Reg HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk@Type 2Reg HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk@Start 2Reg HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk@ErrorControl 1Reg HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk@DisplayName aswFsBlkReg HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk@Group FSFilter Activity MonitorReg HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk@DependOnService FltMgr?Reg HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk@Description avast! mini-filter driver (aswFsBlk)Reg HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk@Tag 2Reg HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk\Instances Reg HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk\Instances@DefaultInstance aswFsBlk InstanceReg HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk\Instances\aswFsBlk Instance Reg HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk\Instances\aswFsBlk Instance@Altitude 388400Reg HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk\Instances\aswFsBlk Instance@Flags 0Reg HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk Reg HKLM\SYSTEM\CurrentControlSet\services\aswKbd@Type 1Reg HKLM\SYSTEM\CurrentControlSet\services\aswKbd@Start 1Reg HKLM\SYSTEM\CurrentControlSet\services\aswKbd@ErrorControl 1Reg HKLM\SYSTEM\CurrentControlSet\services\aswKbd@DisplayName aswKbdReg HKLM\SYSTEM\CurrentControlSet\services\aswKbd@Group Keyboard PortReg HKLM\SYSTEM\CurrentControlSet\services\aswKbd@Description avast! keyboard filter driver (aswKbd)Reg HKLM\SYSTEM\CurrentControlSet\services\aswKbd@Tag 8Reg HKLM\SYSTEM\CurrentControlSet\services\aswKbd Reg HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt@Type 2Reg HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt@Start 2Reg HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt@ErrorControl 1Reg HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt@ImagePath \??\C:\Windows\system32\drivers\aswMonFlt.sysReg HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt@DisplayName aswMonFltReg HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt@Group FSFilter Anti-VirusReg HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt@DependOnService FltMgr?Reg HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt@Description avast! mini-filter driver (aswMonFlt)Reg HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt\Instances Reg HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt\Instances@DefaultInstance aswMonFlt InstanceReg HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt\Instances\aswMonFlt Instance Reg HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt\Instances\aswMonFlt Instance@Altitude 320700Reg HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt\Instances\aswMonFlt Instance@Flags 0Reg HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt Reg HKLM\SYSTEM\CurrentControlSet\services\aswRdr@ImagePath \SystemRoot\System32\Drivers\aswrdr2.sysReg HKLM\SYSTEM\CurrentControlSet\services\aswRdr@Type 1Reg HKLM\SYSTEM\CurrentControlSet\services\aswRdr@Start 1Reg HKLM\SYSTEM\CurrentControlSet\services\aswRdr@ErrorControl 1Reg HKLM\SYSTEM\CurrentControlSet\services\aswRdr@DisplayName aswRdrReg HKLM\SYSTEM\CurrentControlSet\services\aswRdr@Group PNP_TDIReg HKLM\SYSTEM\CurrentControlSet\services\aswRdr@DependOnService tcpip?Reg HKLM\SYSTEM\CurrentControlSet\services\aswRdr@Description avast! WFP Redirect driverReg HKLM\SYSTEM\CurrentControlSet\services\aswRdr\Parameters Reg HKLM\SYSTEM\CurrentControlSet\services\aswRdr\Parameters@MSIgnoreLSPDefault Reg HKLM\SYSTEM\CurrentControlSet\services\aswRdr\Parameters@WSIgnoreLSPDefault nl_lsp.dll,imon.dll,xfire_lsp.dll,mslsp.dll,mssplsp.dll,cwhook.dll,spi.dll,bmnet.dll,winsflt.dllReg HKLM\SYSTEM\CurrentControlSet\services\aswRdr Reg HKLM\SYSTEM\CurrentControlSet\services\aswRvrt@Type 1Reg HKLM\SYSTEM\CurrentControlSet\services\aswRvrt@Start 0Reg HKLM\SYSTEM\CurrentControlSet\services\aswRvrt@ErrorControl 1Reg HKLM\SYSTEM\CurrentControlSet\services\aswRvrt@DisplayName aswRvrtReg HKLM\SYSTEM\CurrentControlSet\services\aswRvrt@Description avast! RevertReg HKLM\SYSTEM\CurrentControlSet\services\aswRvrt\Parameters Reg HKLM\SYSTEM\CurrentControlSet\services\aswRvrt\Parameters@BootCounter 9Reg HKLM\SYSTEM\CurrentControlSet\services\aswRvrt\Parameters@TickCounter 1302058Reg HKLM\SYSTEM\CurrentControlSet\services\aswRvrt\Parameters@SystemRoot \Device\Harddisk0\Partition2\WindowsReg HKLM\SYSTEM\CurrentControlSet\services\aswRvrt\Parameters@ImproperShutdown 1Reg HKLM\SYSTEM\CurrentControlSet\services\aswRvrt Reg HKLM\SYSTEM\CurrentControlSet\services\aswSnx@Type 2Reg HKLM\SYSTEM\CurrentControlSet\services\aswSnx@Start 1Reg HKLM\SYSTEM\CurrentControlSet\services\aswSnx@ErrorControl 1Reg HKLM\SYSTEM\CurrentControlSet\services\aswSnx@DisplayName aswSnxReg HKLM\SYSTEM\CurrentControlSet\services\aswSnx@Group FSFilter VirtualizationReg HKLM\SYSTEM\CurrentControlSet\services\aswSnx@DependOnService FltMgr?Reg HKLM\SYSTEM\CurrentControlSet\services\aswSnx@Description avast! virtualization driver (aswSnx)Reg HKLM\SYSTEM\CurrentControlSet\services\aswSnx@Tag 2Reg HKLM\SYSTEM\CurrentControlSet\services\aswSnx\Instances Reg HKLM\SYSTEM\CurrentControlSet\services\aswSnx\Instances@DefaultInstance aswSnx InstanceReg HKLM\SYSTEM\CurrentControlSet\services\aswSnx\Instances\aswSnx Instance Reg HKLM\SYSTEM\CurrentControlSet\services\aswSnx\Instances\aswSnx Instance@Altitude 137600Reg HKLM\SYSTEM\CurrentControlSet\services\aswSnx\Instances\aswSnx Instance@Flags 0Reg HKLM\SYSTEM\CurrentControlSet\services\aswSnx\Parameters Reg HKLM\SYSTEM\CurrentControlSet\services\aswSnx\Parameters@ProgramFolder \DosDevices\C:\Program Files\AVAST Software\AvastReg HKLM\SYSTEM\CurrentControlSet\services\aswSnx\Parameters@DataFolder \DosDevices\C:\ProgramData\AVAST Software\AvastReg HKLM\SYSTEM\CurrentControlSet\services\aswSnx Reg HKLM\SYSTEM\CurrentControlSet\services\aswSP@Type 1Reg HKLM\SYSTEM\CurrentControlSet\services\aswSP@Start 1Reg HKLM\SYSTEM\CurrentControlSet\services\aswSP@ErrorControl 1Reg HKLM\SYSTEM\CurrentControlSet\services\aswSP@DisplayName aswSPReg HKLM\SYSTEM\CurrentControlSet\services\aswSP@Description avast! Self ProtectionReg HKLM\SYSTEM\CurrentControlSet\services\aswSP\Parameters Reg HKLM\SYSTEM\CurrentControlSet\services\aswSP\Parameters@BehavShield 1Reg HKLM\SYSTEM\CurrentControlSet\services\aswSP\Parameters@ProgramFolder \DosDevices\C:\Program Files\AVAST Software\AvastReg HKLM\SYSTEM\CurrentControlSet\services\aswSP\Parameters@DataFolder \DosDevices\C:\ProgramData\AVAST Software\AvastReg HKLM\SYSTEM\CurrentControlSet\services\aswSP\Parameters@ProgramFilesFolder \DosDevices\C:\Program FilesReg HKLM\SYSTEM\CurrentControlSet\services\aswSP\Parameters@GadgetFolder \DosDevices\C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadgetReg HKLM\SYSTEM\CurrentControlSet\services\aswSP Reg HKLM\SYSTEM\CurrentControlSet\services\aswTdi@Type 1Reg HKLM\SYSTEM\CurrentControlSet\services\aswTdi@Start 1Reg HKLM\SYSTEM\CurrentControlSet\services\aswTdi@ErrorControl 1Reg HKLM\SYSTEM\CurrentControlSet\services\aswTdi@DisplayName avast! Network Shield SupportReg HKLM\SYSTEM\CurrentControlSet\services\aswTdi@Group PNP_TDIReg HKLM\SYSTEM\CurrentControlSet\services\aswTdi@DependOnService tcpip?Reg HKLM\SYSTEM\CurrentControlSet\services\aswTdi@Description avast! Network Shield TDI driverReg HKLM\SYSTEM\CurrentControlSet\services\aswTdi@Tag 10Reg HKLM\SYSTEM\CurrentControlSet\services\aswTdi Reg HKLM\SYSTEM\CurrentControlSet\services\aswVmm@Type 1Reg HKLM\SYSTEM\CurrentControlSet\services\aswVmm@Start 0Reg HKLM\SYSTEM\CurrentControlSet\services\aswVmm@ErrorControl 1Reg HKLM\SYSTEM\CurrentControlSet\services\aswVmm@DisplayName aswVmmReg HKLM\SYSTEM\CurrentControlSet\services\aswVmm@Description avast! VM MonitorReg HKLM\SYSTEM\CurrentControlSet\services\aswVmm\Parameters Reg HKLM\SYSTEM\CurrentControlSet\services\aswVmm Reg HKLM\SYSTEM\CurrentControlSet\services\avast! Antivirus@Type 32Reg HKLM\SYSTEM\CurrentControlSet\services\avast! Antivirus@Start 2Reg HKLM\SYSTEM\CurrentControlSet\services\avast! Antivirus@ErrorControl 1Reg HKLM\SYSTEM\CurrentControlSet\services\avast! Antivirus@ImagePath "C:\Program Files\AVAST Software\Avast\AvastSvc.exe"Reg HKLM\SYSTEM\CurrentControlSet\services\avast! Antivirus@DisplayName avast! AntivirusReg HKLM\SYSTEM\CurrentControlSet\services\avast! Antivirus@Group ShellSvcGroupReg HKLM\SYSTEM\CurrentControlSet\services\avast! Antivirus@DependOnService aswMonFlt?RpcSS?Reg HKLM\SYSTEM\CurrentControlSet\services\avast! Antivirus@WOW64 1Reg HKLM\SYSTEM\CurrentControlSet\services\avast! Antivirus@ObjectName LocalSystemReg HKLM\SYSTEM\CurrentControlSet\services\avast! Antivirus@ServiceSidType 1Reg HKLM\SYSTEM\CurrentControlSet\services\avast! Antivirus@Description avast! antivirus servisi, ki delujejo na tem ra?unalniku. Servisi vklju?ujejo stalno za??ito, virusni zabojnik in na?rtovanje opravil.Reg HKLM\SYSTEM\CurrentControlSet\services\avast! Antivirus Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0025d3b2962e Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\74f06df0d5c2 Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\74f06df0d5c2@00240378120b 0x5B 0x95 0x1F 0xFD ...Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\74f06df0d5c2@10f9ee49379e 0xE2 0x8E 0x1C 0x47 ...Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\74f06df0d5c2@f8db7f1759d5 0xCD 0x33 0x10 0xD9 ...Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1 771343423Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2 285507792Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@h0 1Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Lite\Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x6D 0xEE 0x7F 0xBF ...Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x3E 0x6A 0x0E 0xAB ...Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xA1 0xD6 0xA2 0xCC ...Reg HKLM\SYSTEM\ControlSet002\services\aswFsBlk@Type 2Reg HKLM\SYSTEM\ControlSet002\services\aswFsBlk@Start 2Reg HKLM\SYSTEM\ControlSet002\services\aswFsBlk@ErrorControl 1Reg HKLM\SYSTEM\ControlSet002\services\aswFsBlk@DisplayName aswFsBlkReg HKLM\SYSTEM\ControlSet002\services\aswFsBlk@Group FSFilter Activity MonitorReg HKLM\SYSTEM\ControlSet002\services\aswFsBlk@DependOnService FltMgr?Reg HKLM\SYSTEM\ControlSet002\services\aswFsBlk@Description avast! mini-filter driver (aswFsBlk)Reg HKLM\SYSTEM\ControlSet002\services\aswFsBlk@Tag 2Reg HKLM\SYSTEM\ControlSet002\services\aswFsBlk\Instances (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\aswFsBlk\Instances@DefaultInstance aswFsBlk InstanceReg HKLM\SYSTEM\ControlSet002\services\aswFsBlk\Instances\aswFsBlk Instance (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\aswFsBlk\Instances\aswFsBlk Instance@Altitude 388400Reg HKLM\SYSTEM\ControlSet002\services\aswFsBlk\Instances\aswFsBlk Instance@Flags 0Reg HKLM\SYSTEM\ControlSet002\services\aswKbd@Type 1Reg HKLM\SYSTEM\ControlSet002\services\aswKbd@Start 1Reg HKLM\SYSTEM\ControlSet002\services\aswKbd@ErrorControl 1Reg HKLM\SYSTEM\ControlSet002\services\aswKbd@DisplayName aswKbdReg HKLM\SYSTEM\ControlSet002\services\aswKbd@Group Keyboard PortReg HKLM\SYSTEM\ControlSet002\services\aswKbd@Description avast! keyboard filter driver (aswKbd)Reg HKLM\SYSTEM\ControlSet002\services\aswKbd@Tag 8Reg HKLM\SYSTEM\ControlSet002\services\aswMonFlt@Type 2Reg HKLM\SYSTEM\ControlSet002\services\aswMonFlt@Start 2Reg HKLM\SYSTEM\ControlSet002\services\aswMonFlt@ErrorControl 1Reg HKLM\SYSTEM\ControlSet002\services\aswMonFlt@ImagePath \??\C:\Windows\system32\drivers\aswMonFlt.sysReg HKLM\SYSTEM\ControlSet002\services\aswMonFlt@DisplayName aswMonFltReg HKLM\SYSTEM\ControlSet002\services\aswMonFlt@Group FSFilter Anti-VirusReg HKLM\SYSTEM\ControlSet002\services\aswMonFlt@DependOnService FltMgr?Reg HKLM\SYSTEM\ControlSet002\services\aswMonFlt@Description avast! mini-filter driver (aswMonFlt)Reg HKLM\SYSTEM\ControlSet002\services\aswMonFlt\Instances (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\aswMonFlt\Instances@DefaultInstance aswMonFlt InstanceReg HKLM\SYSTEM\ControlSet002\services\aswMonFlt\Instances\aswMonFlt Instance (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\aswMonFlt\Instances\aswMonFlt Instance@Altitude 320700Reg HKLM\SYSTEM\ControlSet002\services\aswMonFlt\Instances\aswMonFlt Instance@Flags 0Reg HKLM\SYSTEM\ControlSet002\services\aswRdr@ImagePath \SystemRoot\System32\Drivers\aswrdr2.sysReg HKLM\SYSTEM\ControlSet002\services\aswRdr@Type 1Reg HKLM\SYSTEM\ControlSet002\services\aswRdr@Start 1Reg HKLM\SYSTEM\ControlSet002\services\aswRdr@ErrorControl 1Reg HKLM\SYSTEM\ControlSet002\services\aswRdr@DisplayName aswRdrReg HKLM\SYSTEM\ControlSet002\services\aswRdr@Group PNP_TDIReg HKLM\SYSTEM\ControlSet002\services\aswRdr@DependOnService tcpip?Reg HKLM\SYSTEM\ControlSet002\services\aswRdr@Description avast! WFP Redirect driverReg HKLM\SYSTEM\ControlSet002\services\aswRdr\Parameters (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\aswRdr\Parameters@MSIgnoreLSPDefault Reg HKLM\SYSTEM\ControlSet002\services\aswRdr\Parameters@WSIgnoreLSPDefault nl_lsp.dll,imon.dll,xfire_lsp.dll,mslsp.dll,mssplsp.dll,cwhook.dll,spi.dll,bmnet.dll,winsflt.dllReg HKLM\SYSTEM\ControlSet002\services\aswRvrt@Type 1Reg HKLM\SYSTEM\ControlSet002\services\aswRvrt@Start 0Reg HKLM\SYSTEM\ControlSet002\services\aswRvrt@ErrorControl 1Reg HKLM\SYSTEM\ControlSet002\services\aswRvrt@DisplayName aswRvrtReg HKLM\SYSTEM\ControlSet002\services\aswRvrt@Description avast! RevertReg HKLM\SYSTEM\ControlSet002\services\aswRvrt\Parameters (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\aswRvrt\Parameters@BootCounter 9Reg HKLM\SYSTEM\ControlSet002\services\aswRvrt\Parameters@TickCounter 1302058Reg HKLM\SYSTEM\ControlSet002\services\aswRvrt\Parameters@SystemRoot \Device\Harddisk0\Partition2\WindowsReg HKLM\SYSTEM\ControlSet002\services\aswRvrt\Parameters@ImproperShutdown 1Reg HKLM\SYSTEM\ControlSet002\services\aswSnx@Type 2Reg HKLM\SYSTEM\ControlSet002\services\aswSnx@Start 1Reg HKLM\SYSTEM\ControlSet002\services\aswSnx@ErrorControl 1Reg HKLM\SYSTEM\ControlSet002\services\aswSnx@DisplayName aswSnxReg HKLM\SYSTEM\ControlSet002\services\aswSnx@Group FSFilter VirtualizationReg HKLM\SYSTEM\ControlSet002\services\aswSnx@DependOnService FltMgr?Reg HKLM\SYSTEM\ControlSet002\services\aswSnx@Description avast! virtualization driver (aswSnx)Reg HKLM\SYSTEM\ControlSet002\services\aswSnx@Tag 2Reg HKLM\SYSTEM\ControlSet002\services\aswSnx\Instances (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\aswSnx\Instances@DefaultInstance aswSnx InstanceReg HKLM\SYSTEM\ControlSet002\services\aswSnx\Instances\aswSnx Instance (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\aswSnx\Instances\aswSnx Instance@Altitude 137600Reg HKLM\SYSTEM\ControlSet002\services\aswSnx\Instances\aswSnx Instance@Flags 0Reg HKLM\SYSTEM\ControlSet002\services\aswSnx\Parameters (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\aswSnx\Parameters@ProgramFolder \DosDevices\C:\Program Files\AVAST Software\AvastReg HKLM\SYSTEM\ControlSet002\services\aswSnx\Parameters@DataFolder \DosDevices\C:\ProgramData\AVAST Software\AvastReg HKLM\SYSTEM\ControlSet002\services\aswSP@Type 1Reg HKLM\SYSTEM\ControlSet002\services\aswSP@Start 1Reg HKLM\SYSTEM\ControlSet002\services\aswSP@ErrorControl 1Reg HKLM\SYSTEM\ControlSet002\services\aswSP@DisplayName aswSPReg HKLM\SYSTEM\ControlSet002\services\aswSP@Description avast! Self ProtectionReg HKLM\SYSTEM\ControlSet002\services\aswSP\Parameters (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\aswSP\Parameters@BehavShield 1Reg HKLM\SYSTEM\ControlSet002\services\aswSP\Parameters@ProgramFolder \DosDevices\C:\Program Files\AVAST Software\AvastReg HKLM\SYSTEM\ControlSet002\services\aswSP\Parameters@DataFolder \DosDevices\C:\ProgramData\AVAST Software\AvastReg HKLM\SYSTEM\ControlSet002\services\aswSP\Parameters@ProgramFilesFolder \DosDevices\C:\Program FilesReg HKLM\SYSTEM\ControlSet002\services\aswSP\Parameters@GadgetFolder \DosDevices\C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadgetReg HKLM\SYSTEM\ControlSet002\services\aswTdi@Type 1Reg HKLM\SYSTEM\ControlSet002\services\aswTdi@Start 1Reg HKLM\SYSTEM\ControlSet002\services\aswTdi@ErrorControl 1Reg HKLM\SYSTEM\ControlSet002\services\aswTdi@DisplayName avast! Network Shield SupportReg HKLM\SYSTEM\ControlSet002\services\aswTdi@Group PNP_TDIReg HKLM\SYSTEM\ControlSet002\services\aswTdi@DependOnService tcpip?Reg HKLM\SYSTEM\ControlSet002\services\aswTdi@Description avast! Network Shield TDI driverReg HKLM\SYSTEM\ControlSet002\services\aswTdi@Tag 10Reg HKLM\SYSTEM\ControlSet002\services\aswVmm@Type 1Reg HKLM\SYSTEM\ControlSet002\services\aswVmm@Start 0Reg HKLM\SYSTEM\ControlSet002\services\aswVmm@ErrorControl 1Reg HKLM\SYSTEM\ControlSet002\services\aswVmm@DisplayName aswVmmReg HKLM\SYSTEM\ControlSet002\services\aswVmm@Description avast! VM MonitorReg HKLM\SYSTEM\ControlSet002\services\aswVmm\Parameters (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\avast! Antivirus@Type 32Reg HKLM\SYSTEM\ControlSet002\services\avast! Antivirus@Start 2Reg HKLM\SYSTEM\ControlSet002\services\avast! Antivirus@ErrorControl 1Reg HKLM\SYSTEM\ControlSet002\services\avast! Antivirus@ImagePath "C:\Program Files\AVAST Software\Avast\AvastSvc.exe"Reg HKLM\SYSTEM\ControlSet002\services\avast! Antivirus@DisplayName avast! AntivirusReg HKLM\SYSTEM\ControlSet002\services\avast! Antivirus@Group ShellSvcGroupReg HKLM\SYSTEM\ControlSet002\services\avast! Antivirus@DependOnService aswMonFlt?RpcSS?Reg HKLM\SYSTEM\ControlSet002\services\avast! Antivirus@WOW64 1Reg HKLM\SYSTEM\ControlSet002\services\avast! Antivirus@ObjectName LocalSystemReg HKLM\SYSTEM\ControlSet002\services\avast! Antivirus@ServiceSidType 1Reg HKLM\SYSTEM\ControlSet002\services\avast! Antivirus@Description avast! antivirus servisi, ki delujejo na tem ra?unalniku. Servisi vklju?ujejo stalno za??ito, virusni zabojnik in na?rtovanje opravil.Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0025d3b2962e (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\74f06df0d5c2 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\74f06df0d5c2@00240378120b 0x5B 0x95 0x1F 0xFD ...Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\74f06df0d5c2@10f9ee49379e 0xE2 0x8E 0x1C 0x47 ...Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\74f06df0d5c2@f8db7f1759d5 0xCD 0x33 0x10 0xD9 ...Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Lite\Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x6D 0xEE 0x7F 0xBF ...Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x3E 0x6A 0x0E 0xAB ...Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xA1 0xD6 0xA2 0xCC ... ---- EOF - GMER 2.1 ----

DDS DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16447 BrowserJavaVersion: 10.21.2Run by Jon at 23:15:16 on 2013-06-24Microsoft Windows 7 Home Premium 6.1.7601.1.1250.386.1033.18.4007.1128 [GMT 2:00].AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\nvvsvc.exeC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k NetworkServiceC:\Program Files\NVIDIA Corporation\Display\nvxdsync.exeC:\Windows\system32\nvvsvc.exeC:\Windows\system32\FBAgent.exeC:\Windows\system32\WLANExt.exeC:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exeC:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exeC:\Program Files\AVAST Software\Avast\AvastSvc.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Windows\system32\taskhost.exeC:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exeC:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exeC:\Windows\system32\taskeng.exeC:\Program Files\P4G\BatteryLife.exeC:\Program Files (x86)\ASUS\Splendid\ACMON.exeC:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exeC:\Windows\system32\taskeng.exeC:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exeC:\Windows\SysWOW64\ACEngSvr.exeC:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exeC:\Program Files\Elantech\ETDCtrl.exeC:\Windows\System32\hkcmd.exeC:\Windows\System32\igfxpers.exeC:\Program Files (x86)\DAEMON Tools Lite\DTLite.exeC:\Users\Jon\AppData\Local\Google\Update\1.3.21.145\GoogleCrashHandler.exeC:\Users\Jon\AppData\Local\Google\Update\1.3.21.145\GoogleCrashHandler64.exeC:\Program Files\NVIDIA Corporation\Display\nvtray.exeC:\Windows\SysWOW64\IoctlSvc.exeC:\Windows\SysWOW64\PnkBstrA.exeC:\Windows\SysWOW64\PnkBstrB.exeC:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exeC:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exeC:\Program Files (x86)\Pando Networks\Media Booster\PMB.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exeC:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exeC:\Program Files (x86)\Skype\Phone\Skype.exeC:\Users\Jon\AppData\Local\Akamai\netsession_win.exeC:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exeC:\Users\Jon\AppData\Local\Akamai\netsession_win.exeC:\Program Files\Intel\TurboBoost\TurboBoost.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exeC:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exeC:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exeC:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exeC:\Program Files\AVAST Software\Avast\AvastUI.exeC:\Program Files\Intel\WiFi\bin\EvtEng.exeC:\Windows\AsScrPro.exeC:\Program Files (x86)\Razer\Boomslang\razerhid.exeC:\Program Files (x86)\iTunes\iTunesHelper.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exeC:\Program Files\Realtek\Audio\HDA\RAVCpl64.exeC:\Windows\system32\wbem\unsecapp.exeC:\Program Files (x86)\Razer\Boomslang\razerofa.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXEC:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exeC:\Program Files\iPod\bin\iPodService.exeC:\Windows\system32\SearchIndexer.exeC:\Windows\system32\svchost.exe -k bthsvcsC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Program Files\Elantech\ETDCtrlHelper.exeC:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exeC:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exeC:\Windows\System32\svchost.exe -k secsvcsC:\Windows\system32\wuauclt.exeC:\Windows\system32\svchost.exe -k SDRSVCC:\Program Files (x86)\Steam\steam.exeC:\Program Files (x86)\Common Files\Steam\SteamService.exeC:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exeC:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exeC:\Program Files (x86)\Last.fm\LastFM.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exeC:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXEC:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exeC:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXEC:\Windows\system32\taskhost.exeC:\Users\Jon\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Jon\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Jon\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Jon\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Jon\AppData\Local\Google\Chrome\Application\chrome.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.mWinlogon: Userinit = userinit.exeBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllBHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dllBHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllBHO: Google Dictionary Compression sdch: {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllTB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dlluRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorunuRun: [Google Update] "C:\Users\Jon\AppData\Local\Google\Update\GoogleUpdate.exe" /cuRun: [GoogleChromeAutoLaunch_1476D5075BFDEEA31B57A901BC660F86] "C:\Users\Jon\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-windowuRun: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exeuRun: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrunuRun: [Akamai NetSession Interface] "C:\Users\Jon\AppData\Local\Akamai\netsession_win.exe"uRun: [steelSeries Engine] C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exemRun: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exemRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exemRun: [sonicMasterTray] C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exemRun: [FLxHCIm] "C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe"mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /noguimRun: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"mRun: [boomslang] C:\Program Files (x86)\Razer\Boomslang\razerhid.exemRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silentStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exemPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoActiveDesktopChanges = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0IE: Free YouTube Download - C:\Users\Jon\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htmIE: Free YouTube to MP3 Converter - C:\Users\Jon\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htmIE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllIE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllTCP: NameServer = 192.168.0.1TCP: Interfaces\{AA080E4A-BF22-40EB-8AA5-C52E79EB5182} : DHCPNameServer = 192.168.0.1TCP: Interfaces\{AA080E4A-BF22-40EB-8AA5-C52E79EB5182}\24F637479777C616E6 : DHCPNameServer = 192.168.1.1TCP: Interfaces\{AA080E4A-BF22-40EB-8AA5-C52E79EB5182}\54469643 : DHCPNameServer = 193.189.160.13 193.189.160.23TCP: Interfaces\{AA080E4A-BF22-40EB-8AA5-C52E79EB5182}\B4F637 : DHCPNameServer = 192.168.1.254TCP: Interfaces\{D9C0BC95-4D42-40BA-AAB8-F89A2C478D90} : DHCPNameServer = 84.255.209.79 84.255.210.79Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dllHandler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllAppInit_DLLs= C:\Windows\SysWOW64\nvinit.dllSSODL: WebCheck - <orphaned>x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dllx64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllx64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dllx64-Run: [intelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"x64-Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exex64-Run: [ETDWare] C:\Program Files (x86)\Elantech\ETDCtrl.exex64-Run: [igfxTray] C:\Windows\System32\igfxtray.exex64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exex64-Run: [Persistence] C:\Windows\System32\igfxpers.exex64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>x64-Notify: igfxcui - igfxdev.dllx64-SSODL: WebCheck - <orphaned>Hosts: 173.83.222.101 tomshardware.co.ukHosts: 173.83.222.101 www.tomshardware.co.ukHosts: 173.83.222.101 www.gmail.comHosts: 173.83.222.101 gmail.comHosts: 173.83.222.101 www.hotmail.com.Note: multiple HOSTS entries found. Please refer to Attach.txt.================= FIREFOX ===================.FF - ProfilePath - C:\Users\Jon\AppData\Roaming\Mozilla\Firefox\Profiles\fjnta102.default\FF - prefs.js: browser.search.selectedEngine - GoogleFF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLLFF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dllFF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dllFF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dllFF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dllFF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dllFF - plugin: C:\Users\Jon\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dllFF - plugin: C:\Users\Jon\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dllFF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dllFF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dllFF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dllFF - plugin: C:\Windows\SysWOW64\npDeployJava1.dllFF - plugin: C:\Windows\SysWOW64\npmproxy.dll.============= SERVICES / DRIVERS ===============.R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-4-26 65336]R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-4-26 189936]R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2012-9-15 30056]R1 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2013-4-26 22600]R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2012-4-12 1025808]R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2012-4-12 378432]R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-7-26 17024]R2 AFBAgent;AFBAgent;C:\Windows\System32\FBAgent.exe [2011-9-24 379520]R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-3 15416]R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2012-4-12 33400]R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2012-4-12 80816]R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-5-14 46808]R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-6-24 418376]R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-6-24 701512]R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]R2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-7-16 2673064]R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-4-17 13832]R2 TurboBoost;Intel® Turbo Boost Technology Monitor;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-4-17 134928]R3 boomslangFltr;Razer Boomslang;C:\Windows\System32\drivers\boomslang.sys [2007-6-5 13824]R3 btusbflt;Bluetooth USB Filter;C:\Windows\System32\drivers\btusbflt.sys [2011-4-20 52264]R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2011-9-24 35104]R3 busenum;SteelBusSvc;C:\Windows\System32\drivers\SteelBus64.sys [2013-4-26 134656]R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2011-4-20 129024]R3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;C:\Windows\System32\drivers\FLxHCIc.sys [2011-4-9 177152]R3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;C:\Windows\System32\drivers\FLxHCIh.sys [2011-4-9 56320]R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-4-20 317440]R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2011-4-20 76912]R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-6-24 25928]R3 SAlphamHid;SteelHIDSvc;C:\Windows\System32\drivers\SAlpham64.sys [2013-5-31 38016]R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]R3 wdkmd;Intel WiDi KMD;C:\Windows\System32\drivers\WDKMD.sys [2010-6-18 39832]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-8 123856]S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384]S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-10-4 1471352]S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2011-4-1 48488]S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]S3 npggsvc;nProtect GameGuard Service;C:\Windows\System32\GameMon.des -service --> C:\Windows\System32\GameMon.des -service [?]S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\System32\drivers\SiSG664.sys [2009-6-10 56832]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-2-18 59392]S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2011-2-18 31232]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-9-25 1255736]S4 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-7-20 340240]S4 TeamViewer6;TeamViewer 6;C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-11-3 2358656]S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184].=============== File Associations ===============.FileExt: .scr: AutoCADScriptFile=C:\Windows\System32\notepad.exe "%1".=============== Created Last 30 ================.2013-06-24 18:40:09 -------- d-----w- C:\Users\Jon\AppData\Roaming\Malwarebytes2013-06-24 18:39:56 -------- d-----w- C:\ProgramData\Malwarebytes2013-06-24 18:39:54 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys2013-06-24 18:39:54 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-06-24 14:02:52 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7F85888B-6BED-4EE7-A973-FAA458717C83}\offreg.dll2013-06-24 14:01:09 9552976 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7F85888B-6BED-4EE7-A973-FAA458717C83}\mpengine.dll2013-06-24 11:58:17 -------- d-----w- C:\Users\Jon\AppData\Local\SteelSeries_ApS2013-06-24 11:58:03 -------- d-----w- C:\Users\Jon\AppData\Roaming\SteelSeries2013-06-24 11:57:07 -------- d-----w- C:\ProgramData\SteelSeries2013-06-24 11:55:57 -------- d-----w- C:\Program Files\SteelSeries2013-05-31 14:19:10 38016 ----a-w- C:\Windows\System32\drivers\SAlpham64.sys.==================== Find3M ====================.2013-06-12 15:37:16 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2013-06-12 15:37:16 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2013-06-11 08:14:15 45056 ----a-w- C:\Windows\System32\acovcnt.exe2013-05-09 08:59:07 72016 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys2013-05-09 08:59:07 65336 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys2013-05-09 08:59:07 189936 ----a-w- C:\Windows\System32\drivers\aswVmm.sys2013-05-09 08:59:07 1025808 ----a-w- C:\Windows\System32\drivers\aswSnx.sys2013-05-09 08:59:06 80816 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys2013-05-09 08:58:37 41664 ----a-w- C:\Windows\avastSS.scr2013-05-02 00:06:08 278800 ------w- C:\Windows\System32\MpSigStub.exe2013-04-26 13:00:24 134656 ----a-w- C:\Windows\System32\drivers\SteelBus64.sys2013-04-22 11:11:33 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll2013-04-22 11:11:31 866720 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll2013-04-22 11:11:31 788896 ----a-w- C:\Windows\SysWow64\deployJava1.dll2013-04-06 18:28:08 94208 ----a-w- C:\Windows\pyw.exe2013-04-06 18:25:14 2653184 ----a-w- C:\Windows\SysWow64\python33.dll2013-04-06 18:24:36 93696 ----a-w- C:\Windows\py.exe2011-11-01 21:28:46 2371167168 ----a-w- C:\Program Files\Vindictus_EU.exe.============= FINISH: 23:16:03,10 ===============attach.rar

I have a problem, I get a pop-up box on my screen that says Malwarebytes has successfully blocked access to a potentionaly malicious website: 173.83.222.101 Type: outgoing Port:50200, Process: chrome.exe or avastsvc.exe And my google/youtube/facebook/yahoo/twitter wont open. I tried different browsers but it the same on all of them. Please help Thanks.