Jump to content

Nyarla

Members
 View Profile  See their activity

  • Posts

    9

  • Joined

  • Last visited

Reputation

0 Neutral
  1. Nyarla
    Done. Thanks alot for your help and tips. Good to know that there is nice, friendly and helpfull people still in internet, maybe i should get your full antimalware program later.. THX.
  2. Nyarla
    Seems to be alright now, no spams and working faster now, wow thanks is it done now already?
  3. Nyarla
    Scan took over 15hours is this normal? C:\Users\Nyarlathotep\Downloads\avira_free_antivirus_en.exe a variant of Win32/Bundled.Toolbar.Ask application C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5\ApnIC[1].0 a variant of Win32/Bundled.Toolbar.Ask application C:\Documents and Settings\Nyarlathotep\Downloads\avira_free_antivirus_en.exe a variant of Win32/Bundled.Toolbar.Ask application deleted - quarantinedC:\Program Files (x86)\Avira\AntiVir Desktop\apnic.dll a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting (after the next restart) - quarantinedC:\Program Files (x86)\Avira\AntiVir Desktop\apntoolbarinstaller.exe a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting (after the next restart) - quarantinedC:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5\ApnIC[1].0 a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantined
  4. Nyarla
    Ok done and done, what now?
  5. Nyarla
    There, i removed bittorrent and avast. And my windows is Finnish i hope it doesnt matter for now. ofc i can change it if you need
  6. Nyarla
    ComboFix 13-06-24.01 - Nyarlathotep 25.06.2013 16:50:36.1.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.358.1035.18.7658.5406 [GMT 3:00] Sijainti: c:\users\Nyarlathotep\Downloads\ComboFix.exe AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C} SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((((((( Muut poistot )))))))))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\Install.exe c:\users\NYARLA~1\AppData\Local\Temp\tsiVi032.dll c:\users\Nyarlathotep\AppData\Local\Temp\tsiVi032.dll c:\windows\wininit.ini . . ((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2013-05-25 to 2013-06-25 ))))))))))))))))) . . 2013-06-25 14:06 . 2013-06-25 14:06 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-06-25 13:53 . 2013-06-25 13:53 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{54EC2586-2B99-413C-9770-149F89E4CD0B}\offreg.dll 2013-06-25 13:48 . 2013-06-12 03:08 9552976 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{54EC2586-2B99-413C-9770-149F89E4CD0B}\mpengine.dll 2013-06-24 21:53 . 2013-06-24 21:53 -------- d-----w- c:\users\Nyarlathotep\AppData\Roaming\Malwarebytes 2013-06-24 21:53 . 2013-06-24 21:53 -------- d-----w- c:\programdata\Malwarebytes 2013-06-24 21:53 . 2013-06-24 21:53 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2013-06-24 21:53 . 2013-04-04 11:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-06-24 21:52 . 2013-06-24 21:52 -------- d-----w- c:\users\Nyarlathotep\AppData\Local\Programs 2013-06-24 16:23 . 2013-06-24 16:23 -------- d-----w- c:\users\Nyarlathotep\AppData\Roaming\DriverCure 2013-06-24 16:23 . 2013-06-24 16:23 -------- d-----w- c:\users\Nyarlathotep\AppData\Roaming\ParetoLogic 2013-06-24 16:23 . 2013-06-24 16:43 -------- d-----w- c:\programdata\ParetoLogic 2013-06-24 13:53 . 2013-06-24 13:53 -------- d-----w- c:\program files\Enigma Software Group 2013-06-24 13:52 . 2013-06-24 15:51 -------- d-----w- c:\windows\BCD5545077AC4347B24F654B1189F8D4.TMP 2013-06-24 13:36 . 2013-06-24 16:46 -------- d-----w- c:\program files (x86)\Google 2013-06-24 13:36 . 2013-05-09 08:58 287840 ----a-w- c:\windows\system32\aswBoot.exe 2013-06-24 13:35 . 2013-06-24 13:35 -------- d-----w- c:\program files\AVAST Software 2013-06-24 13:33 . 2013-06-25 13:39 -------- d-----w- c:\programdata\AVAST Software 2013-06-12 15:35 . 2013-05-17 01:25 257536 ----a-w- c:\program files (x86)\Internet Explorer\ieproxy.dll 2013-06-12 11:27 . 2013-05-08 06:39 1910632 ----a-w- c:\windows\system32\drivers\tcpip.sys 2013-06-04 12:23 . 2013-06-04 12:23 -------- d-----w- c:\program files (x86)\Common Files\Nokia 2013-06-04 12:22 . 2012-10-17 11:53 26112 ----a-w- c:\windows\system32\drivers\pccsmcfdx64.sys 2013-06-04 12:22 . 2013-06-04 12:22 -------- d-----w- c:\program files (x86)\PC Connectivity Solution 2013-05-28 12:49 . 2013-05-28 12:48 535552 ----a-w- c:\windows\system32\drivers\stwrt64.sys 2013-05-28 12:49 . 2013-05-28 12:48 654336 ------w- c:\windows\system32\stapi64.dll 2013-05-28 12:49 . 2013-05-28 12:48 448512 ----a-w- c:\windows\system32\stcplx64.dll 2013-05-28 12:49 . 2013-05-28 12:48 1987072 ----a-w- c:\windows\system32\stapo64.dll 2013-05-28 12:49 . 2013-05-28 12:51 -------- d-----w- c:\program files\IDT . . . (((((((((((((((((((((((((((((((((((( Find3M-raportti )))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-06-12 18:40 . 2012-04-03 19:52 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2013-06-12 18:40 . 2011-11-16 21:01 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-06-03 15:16 . 2013-05-24 12:12 75898224 ----a-w- c:\windows\system32\MRT.exe 2013-05-28 12:48 . 2012-01-28 04:26 5298688 ----a-w- c:\windows\system32\IDTNHP.dll 2013-05-28 12:48 . 2012-01-28 04:26 4444672 ----a-w- c:\windows\system32\stlang64.dll 2013-05-28 12:48 . 2012-01-28 04:26 249344 ----a-w- c:\windows\system32\IDTNJ.exe 2013-05-28 12:48 . 2012-01-28 04:26 1425408 ----a-w- c:\windows\sttray64.exe 2013-05-28 12:48 . 2012-01-28 04:26 1085440 ----a-w- c:\windows\system32\IDTNX.dll 2013-05-28 12:48 . 2012-01-28 04:25 251904 ----a-w- c:\windows\system32\staco64.dll 2013-05-28 12:48 . 2012-01-28 04:26 90624 ----a-w- c:\windows\system32\AESTCo64.dll 2013-05-28 12:48 . 2012-01-28 04:26 68608 ----a-w- c:\windows\system32\AESTAR64.dll 2013-05-28 12:48 . 2012-01-28 04:26 6344704 ----a-w- c:\windows\system32\IDTNGUI.exe 2013-05-28 12:48 . 2012-01-28 04:26 442368 ----a-w- c:\windows\system32\AESTEC64.dll 2013-05-28 12:48 . 2012-01-28 04:26 223744 ----a-w- c:\windows\system32\HPToneCtrls64.dll 2013-05-28 12:48 . 2012-01-28 04:26 1819136 ----a-w- c:\windows\system32\IDTNC64.cpl 2013-05-28 12:48 . 2012-01-28 04:26 162304 ----a-w- c:\windows\system32\AESTAC64.dll 2013-05-23 20:21 . 2013-05-23 20:21 226304 ----a-w- c:\windows\system32\elshyph.dll 2013-05-23 20:21 . 2013-05-23 20:21 185344 ----a-w- c:\windows\SysWow64\elshyph.dll 2013-05-23 20:21 . 2013-05-23 20:21 158720 ----a-w- c:\windows\SysWow64\msls31.dll 2013-05-23 20:21 . 2013-05-23 20:21 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe 2013-05-23 20:21 . 2013-05-23 20:21 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll 2013-05-23 20:21 . 2013-05-23 20:21 97280 ----a-w- c:\windows\system32\mshtmled.dll 2013-05-23 20:21 . 2013-05-23 20:21 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll 2013-05-23 20:21 . 2013-05-23 20:21 81408 ----a-w- c:\windows\system32\icardie.dll 2013-05-23 20:21 . 2013-05-23 20:21 762368 ----a-w- c:\windows\system32\ieapfltr.dll 2013-05-23 20:21 . 2013-05-23 20:21 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe 2013-05-23 20:21 . 2013-05-23 20:21 61952 ----a-w- c:\windows\SysWow64\tdc.ocx 2013-05-23 20:21 . 2013-05-23 20:21 523264 ----a-w- c:\windows\SysWow64\vbscript.dll 2013-05-23 20:21 . 2013-05-23 20:21 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll 2013-05-23 20:21 . 2013-05-23 20:21 452096 ----a-w- c:\windows\system32\dxtmsft.dll 2013-05-23 20:21 . 2013-05-23 20:21 441856 ----a-w- c:\windows\system32\html.iec 2013-05-23 20:21 . 2013-05-23 20:21 38400 ----a-w- c:\windows\SysWow64\imgutil.dll 2013-05-23 20:21 . 2013-05-23 20:21 361984 ----a-w- c:\windows\SysWow64\html.iec 2013-05-23 20:21 . 2013-05-23 20:21 281600 ----a-w- c:\windows\system32\dxtrans.dll 2013-05-23 20:21 . 2013-05-23 20:21 27648 ----a-w- c:\windows\system32\licmgr10.dll 2013-05-23 20:21 . 2013-05-23 20:21 270848 ----a-w- c:\windows\system32\iedkcs32.dll 2013-05-23 20:21 . 2013-05-23 20:21 247296 ----a-w- c:\windows\system32\webcheck.dll 2013-05-23 20:21 . 2013-05-23 20:21 235008 ----a-w- c:\windows\system32\url.dll 2013-05-23 20:21 . 2013-05-23 20:21 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll 2013-05-23 20:21 . 2013-05-23 20:21 216064 ----a-w- c:\windows\system32\msls31.dll 2013-05-23 20:21 . 2013-05-23 20:21 197120 ----a-w- c:\windows\system32\msrating.dll 2013-05-23 20:21 . 2013-05-23 20:21 167424 ----a-w- c:\windows\system32\iexpress.exe 2013-05-23 20:21 . 2013-05-23 20:21 1509376 ----a-w- c:\windows\system32\inetcpl.cpl 2013-05-23 20:21 . 2013-05-23 20:21 150528 ----a-w- c:\windows\SysWow64\iexpress.exe 2013-05-23 20:21 . 2013-05-23 20:21 144896 ----a-w- c:\windows\system32\wextract.exe 2013-05-23 20:21 . 2013-05-23 20:21 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl 2013-05-23 20:21 . 2013-05-23 20:21 1400416 ----a-w- c:\windows\system32\ieapfltr.dat 2013-05-23 20:21 . 2013-05-23 20:21 138752 ----a-w- c:\windows\SysWow64\wextract.exe 2013-05-23 20:21 . 2013-05-23 20:21 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe 2013-05-23 20:21 . 2013-05-23 20:21 12800 ----a-w- c:\windows\SysWow64\mshta.exe 2013-05-23 20:21 . 2013-05-23 20:21 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll 2013-05-23 20:21 . 2013-05-23 20:21 102912 ----a-w- c:\windows\system32\inseng.dll 2013-05-23 20:21 . 2013-05-23 20:21 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2013-05-23 20:21 . 2013-05-23 20:21 77312 ----a-w- c:\windows\system32\tdc.ocx 2013-05-23 20:21 . 2013-05-23 20:21 62976 ----a-w- c:\windows\system32\pngfilt.dll 2013-05-23 20:21 . 2013-05-23 20:21 599552 ----a-w- c:\windows\system32\vbscript.dll 2013-05-23 20:21 . 2013-05-23 20:21 52224 ----a-w- c:\windows\system32\msfeedsbs.dll 2013-05-23 20:21 . 2013-05-23 20:21 51200 ----a-w- c:\windows\system32\imgutil.dll 2013-05-23 20:21 . 2013-05-23 20:21 48640 ----a-w- c:\windows\system32\mshtmler.dll 2013-05-23 20:21 . 2013-05-23 20:21 173568 ----a-w- c:\windows\system32\ieUnatt.exe 2013-05-23 20:21 . 2013-05-23 20:21 149504 ----a-w- c:\windows\system32\occache.dll 2013-05-23 20:21 . 2013-05-23 20:21 13824 ----a-w- c:\windows\system32\mshta.exe 2013-05-23 20:21 . 2013-05-23 20:21 136192 ----a-w- c:\windows\system32\iepeers.dll 2013-05-23 20:21 . 2013-05-23 20:21 135680 ----a-w- c:\windows\system32\IEAdvpack.dll 2013-05-23 20:21 . 2013-05-23 20:21 12800 ----a-w- c:\windows\system32\msfeedssync.exe 2013-05-15 11:47 . 2011-03-29 02:36 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2013-05-07 11:17 . 2013-05-07 11:17 83160 ----a-w- c:\windows\system32\drivers\avnetflt.sys 2013-05-01 23:06 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe 2013-04-13 05:49 . 2013-05-15 20:50 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll 2013-04-13 05:49 . 2013-05-15 20:50 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll 2013-04-13 05:49 . 2013-05-15 20:50 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll 2013-04-13 05:49 . 2013-05-15 20:50 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll 2013-04-13 04:45 . 2013-05-15 20:50 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll 2013-04-13 04:45 . 2013-05-15 20:50 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll 2013-04-12 14:45 . 2013-04-24 11:25 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys 2013-04-10 05:24 . 2013-05-15 20:50 983912 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys 2013-04-10 05:24 . 2013-05-15 20:50 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys 2013-04-10 03:30 . 2013-05-15 20:50 3153920 ----a-w- c:\windows\system32\win32k.sys 2013-04-04 02:35 . 2013-04-26 13:14 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2013-03-29 21:48 . 2013-03-29 21:48 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys 2013-03-29 21:48 . 2013-03-29 21:48 130016 ----a-w- c:\windows\system32\drivers\avipbb.sys 2013-03-29 21:48 . 2013-03-29 21:48 100712 ----a-w- c:\windows\system32\drivers\avgntflt.sys . . (((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet ))))))))))))))))))))))))))))))))))))))))))))) . . *Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NokiaSuite.exe"="c:\program files (x86)\Nokia\Nokia Suite\NokiaSuite.exe" [2013-04-18 1090912] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-09-28 343168] "HPQuickWebProxy"="c:\program files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" [2011-10-08 169528] "RemoteControl10"="c:\program files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [2011-03-30 87336] "BDRegion"="c:\program files (x86)\Cyberlink\Shared files\brs.exe" [2011-08-04 75048] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352] "HPOSD"="c:\program files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" [2011-08-19 379960] "HP CoolSense"="c:\program files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe" [2012-11-05 1343904] "Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2011-09-15 61112] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720] "HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2012-02-15 577408] "amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824] "avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-05-07 345312] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-02-20 152392] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816] . c:\users\Nyarlathotep\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ CurseClientStartup.ccip [2012-6-27 0] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe [2013-2-5 272248] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "HideFastUserSwitching"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "EnableShellExecuteHooks"= 1 (0x1) . [hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon] "Userinit"="userinit.exe" . R2 CLKMSVC10_38F51D56;CyberLink Product - 2012/01/27 20:43;c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe;c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [x] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x] R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x] R2 Mobile Broadband HL Service;Mobile Broadband HL Service;c:\programdata\MobileBrServ\mbbservice.exe;c:\programdata\MobileBrServ\mbbservice.exe [x] R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x] R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x] R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x] R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe;c:\program files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [x] R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x] R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x] R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x] R3 WatAdminSvc;Windowsin aktivointitekniikoiden palvelu;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x] S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x] S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x] S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x] S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x] S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x] S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x] S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe;c:\windows\SYSNATIVE\ezSharedSvcHost.exe [x] S2 FPLService;TrueSuiteService;c:\program files (x86)\HP SimplePass 2012\TrueSuiteService.exe;c:\program files (x86)\HP SimplePass 2012\TrueSuiteService.exe [x] S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x] S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [x] S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x] S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x] S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x] S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x] S3 amdhub30;AMD USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\amdhub30.sys;c:\windows\SYSNATIVE\DRIVERS\amdhub30.sys [x] S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x] S3 amdxhc;AMD USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\amdxhc.sys;c:\windows\SYSNATIVE\DRIVERS\amdxhc.sys [x] S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x] S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x] S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x] S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys;c:\windows\SYSNATIVE\DRIVERS\rtl8192Ce.sys [x] . . --- Muut muistissa olevat ajurit/palvelut --- . *Deregistered* - CLKMDRV10_38F51D56 . 'Ajoitetut tehtävät'-kansion sisältö . 2013-06-25 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 18:40] . 2013-06-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2258288600-979424359-1637490865-1001Core.job - c:\users\Nyarlathotep\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-19 19:22] . 2013-06-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2258288600-979424359-1637490865-1001UA.job - c:\users\Nyarlathotep\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-19 19:22] . 2013-05-29 c:\windows\Tasks\HPCeeScheduleForNyarlathotep.job - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 12:43] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SetDefault"="c:\program files\Hewlett-Packard\HP LaunchBox\SetDefault.exe" [2011-09-30 43320] "EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152] "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2013-05-28 1425408] . ------- Täydentävä tarkistus ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\Nyarlathotep\AppData\Roaming\Mozilla\Firefox\Profiles\dk9nvjhk.default\ FF - ExtSQL: 2013-06-24 16:35; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF . - - - - POISTETUT JÄMÄRIVIT - - - - . HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start HKLM_Wow6432Node-ActiveSetup-{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} - msiexec HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe . . . --------------------- LUKITUT REKISTERIAVAIMET --------------------- . [HKEY_USERS\S-1-5-21-2258288600-979424359-1637490865-1001\Software\SecuROM\License information*] "datasecu"=hex:85,fc,9d,68,4f,b4,9a,d8,e3,66,d0,db,e5,a2,86,36,98,e0,44,fe,a5, db,7f,8c,2f,78,f6,a7,ed,aa,05,92,26,0e,bd,3f,ae,3d,1b,54,26,41,de,d4,3f,bf,\ "rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Valmistumisajankohta: 2013-06-25 17:10:28 ComboFix-quarantined-files.txt 2013-06-25 14:10 . Ennen ajoa: 52 761 112 576 tavua vapaana Ajon jälkeen: 53 383 475 200 tavua vapaana . - - End Of File - - B35E2888A0A499A05BCD45116AFC2378 A36C5E4F47E84449FF07ED3517B43A31
  7. Nyarla
    . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 19.3.2012 21:08:30 System Uptime: 25.6.2013 15:01:12 (1 hours ago) . Motherboard: Hewlett-Packard | | 1807 Processor: AMD A8-3530MX APU with Radeon HD Graphics | Socket FS1 | 1900/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 436 GiB total, 48,656 GiB free. D: is FIXED (NTFS) - 26 GiB total, 2,655 GiB free. E: is FIXED (FAT32) - 4 GiB total, 1,08 GiB free. F: is CDROM (UDF) . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP209: 23.6.2013 22:08:19 - Windows Update RP210: 24.6.2013 15:18:52 - Removed James Cameron's AVATAR: THE GAME RP211: 24.6.2013 16:35:09 - avast! Free Antivirus Asennus RP212: 24.6.2013 16:52:53 - Installed SpyHunter RP213: 24.6.2013 18:49:29 - Removed SpyHunter RP214: 24.6.2013 18:53:33 - Removed Google Drive . ==== Installed Programs ====================== . ActiveX-kontroll för fjärranslutningar för Windows Live Mesh Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader X (10.1.4) MUI Adobe Shockwave Player 11.6 AirBuccaneers AMD APP SDK Runtime AMD Catalyst Install Manager AMD Fuel AMD Steady Video Plug-In AMD System Monitor AMD VISION Engine Control Center Apple Mobile Device Support Apple Software Update Applen ohjelmatuki Arma 2 Arma 2: DayZ Mod Arma 2: Operation Arrowhead Arma 2: Operation Arrowhead Beta AuthenTec TrueAPI avast! Free Antivirus Avira Free Antivirus Bejeweled 3 BitTorrent Blackhawk Striker 2 Bonjour Borderlands 2 Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish Chuzzle Deluxe Cisco EAP-FAST Module Cisco LEAP Module Cisco PEAP Module Counter-Strike: Global Offensive Counter-Strike: Global Offensive - SDK Counter-Strike: Source Cradle of Rome 2 Curse Client CyberLink PowerDVD CyberLink YouCam D3DX10 Dawn of War - Dark Crusade Dawn of War - Soulstorm Deus Ex: Human Revolution Diablo III Dora's World Adventure Dota 2 Dual-Core Optimizer Empire: Total War ESU for Microsoft Windows 7 SP1 Fallout 3 - Game of the Year Edition Farm Frenzy Farmscapes FATE Final Drive Fury Google Chrome Grand Theft Auto IV Hewlett-Packard ACLM.NET v1.2.1.1 Hoyle Card Games HP 3D DriveGuard HP Auto HP Client Services HP CoolSense HP Customer Experience Enhancements HP Documentation HP DVB-T TV Tuner 8.0.64.43 HP Games HP Launch Box HP On Screen Display HP Power Manager HP Quick Launch HP QuickWeb HP Recovery Manager HP Security Assistant HP Setup HP Setup Manager HP SimplePass 2012 HP Software Framework HP Support Assistant IDT Audio iTunes Java 7 Update 21 Java 7 Update 7 (64-bit) Java Auto Updater Java SE Development Kit 7 Update 7 (64-bit) Java 6 Update 32 JavaFX 2.1.1 Jewel Match 3 Jewel Quest Mysteries: The Seventh Gate Collector's Edition John Deere Drive Green Junk Mail filter update Left 4 Dead 2 Letters from Nowhere 2 Logitech SetPoint 6.32 Luxor HD Magic Desktop Mah Jong Medley Malwarebytes Anti-Malware version 1.75.0.1300 McAfee Security Scan Plus Mesh Runtime Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Application Error Reporting Microsoft Games for Windows - LIVE Redistributable Microsoft Games for Windows Marketplace Microsoft Office 2010 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft_VC100_CRT_SP1_x64 Microsoft_VC100_CRT_SP1_x86 Mobile Broadband HL Service Mozilla Firefox 11.0 (x86 fi) Mozilla Firefox 20.0.1 (x86 fi) MSVC80_x64_v2 MSVC80_x86_v2 MSVC90_x64 MSVC90_x86 MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Nokia Connectivity Cable Driver Nokia Suite NVIDIA PhysX OpenOffice.org 3.3 opensource Origin PC Connectivity Solution Penguins! Plants vs. Zombies - Game of the Year Poker Superstars III Polar Bowler Polar Golfer Portal 2 PunkBuster Services QuickTime RAY Kasino Realtek Ethernet Controller Driver Realtek PCIE Card Reader REALTEK Wireless LAN Driver RollerCoaster Tycoon 3: Platinum Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2736428) Security Update for Microsoft .NET Framework 4 Extended (KB2742595) Skype Click to Call Skype™ 6.1 Spybot - Search & Destroy StarCraft II Steam swMSM Synaptics TouchPad Driver Team Fortress 2 The Elder Scrolls V: Skyrim The Treasures of Mystery Island: The Ghost Ship The Witcher 2: Assassins of Kings Enhanced Edition The Witcher Enhanced Edition Torchlight Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update Installer for WildTangent Games App Uplay Validity WBF DDK Warcraft III Warhammer 40,000: Dawn Of War - Gold Edition WildTangent Games App (HP Games) Winamp Winamp Detector Plug-in Windows Live Communications Platform Windows Live Essentials Windows Live Fotogalleri Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger Windows Live Mesh ActiveX-objekt til fjernforbindelser Windows Live Mesh ActiveX Control for Remote Connections Windows Live Meshin etäyhteyksien ActiveX-komponentti Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Liven asennustyökalu Windows Liven sähköposti Windows Liven valokuvavalikoima Windowsin ohjainpaketti - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) WinRAR 4.20 (32-bit) Virtual Villagers 4 - The Tree of Life VLC media player 2.0.1 World of Warcraft Xfire (remove only) Zuma's Revenge . ==== End Of File ===========================
  8. Nyarla
    Ok here i go! DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16611 BrowserJavaVersion: 10.21.2Run by Nyarlathotep at 16:06:12 on 2013-06-25Microsoft Windows 7 Home Premium 6.1.7601.1.1252.358.1035.18.7658.5363 [GMT 3:00].AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exeC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\system32\atiesrxx.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k netsvcsC:\Program Files\IDT\WDM\STacSV64.exeC:\Windows\system32\atieclxx.exeC:\Windows\system32\Hpservice.exeC:\Windows\System32\WUDFHost.exeC:\Windows\system32\svchost.exe -k NetworkServiceC:\Program Files\AVAST Software\Avast\AvastSvc.exeC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k WbioSvcGroupC:\Program Files (x86)\Avira\AntiVir Desktop\sched.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Program Files\IDT\WDM\AESTSr64.exeC:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exeC:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exeC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Windows\SysWOW64\ezSharedSvcHost.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exeC:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exeC:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exeC:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeC:\ProgramData\MobileBrServ\mbbservice.exeC:\Windows\SysWOW64\PnkBstrA.exeC:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Program Files (x86)\HP SimplePass 2012\TouchControl.exeC:\Windows\system32\Dwm.exeC:\Windows\system32\taskhost.exeC:\Windows\Explorer.EXEC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\Program Files (x86)\HP SimplePass 2012\BioMonitor.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\system32\wbem\unsecapp.exeC:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exeC:\Windows\system32\msiexec.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\Logitech\SetPointP\SetPoint.exeC:\Program Files\IDT\WDM\sttray64.exeC:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exeC:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exeC:\Windows\SysWOW64\rundll32.exeC:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exeC:\Windows\system32\SearchIndexer.exeC:\Program Files\Synaptics\SynTP\SynTPHelper.exeC:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exeC:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exeC:\Program Files (x86)\CyberLink\Shared files\brs.exeC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exeC:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exeC:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exeC:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXEC:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exeC:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exeC:\Program Files (x86)\iTunes\iTunesHelper.exeC:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files\AVAST Software\Avast\AvastUI.exeC:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exeC:\Program Files\iPod\bin\iPodService.exeC:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exeC:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\System32\svchost.exe -k LocalServicePeerNetC:\Windows\System32\svchost.exe -k secsvcsC:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exeC:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exeC:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exeC:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exeC:\Program Files (x86)\Internet Explorer\IELowutil.exeC:\Users\Nyarlathotep\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Nyarlathotep\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Nyarlathotep\AppData\Local\Google\Chrome\Application\chrome.exeC:\Windows\system32\SearchProtocolHost.exeC:\Windows\system32\SearchFilterHost.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.mWinlogon: Userinit = userinit.exeBHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dllBHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dllBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllBHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2012\IEBHO.dllBHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dllBHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllBHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dllTB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dlluRun: [Google Update] "C:\Users\Nyarlathotep\AppData\Local\Google\Update\GoogleUpdate.exe" /cuRun: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -trayuRun: [tsiVideo] C:\Windows\SysWOW64\rundll32.exe C:\Users\NYARLA~1\AppData\Local\Temp\\tsiVi032.dll,startmRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRunmRun: [HPQuickWebProxy] "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"mRun: [bDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exemRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exemRun: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkeymRun: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exemRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exemRun: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exemRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /minmRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottimemRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /noguiStartupFolder: C:\Users\Nyarlathotep\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccipStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exemPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoActiveDesktopChanges = dword:1mPolicies-Explorer: EnableShellExecuteHooks = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0mPolicies-System: HideFastUserSwitching = dword:0IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllIE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exeIE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllTCP: NameServer = 192.168.1.1TCP: Interfaces\{56B4AD0C-9678-431F-8FFA-DDD47520808D} : DHCPNameServer = 192.168.1.1TCP: Interfaces\{58C3FA92-9264-47DE-B6F5-EBB26D3C74EF} : DHCPNameServer = 192.168.1.1 192.168.1.1TCP: Interfaces\{EB6E0000-A6F1-4E89-8221-90062433E38A} : DHCPNameServer = 192.168.1.1TCP: Interfaces\{EB6E0000-A6F1-4E89-8221-90062433E38A}\140707C65602E4564777F627B602631683030373 : DHCPNameServer = 62.241.198.245 62.241.198.246TCP: Interfaces\{EB6E0000-A6F1-4E89-8221-90062433E38A}\25570757D225549435B414030373 : DHCPNameServer = 62.241.198.245 62.241.198.246Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dllFilter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dllHandler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dllHandler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllSSODL: WebCheck - <orphaned>SEH: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dllmASetup: {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} - msiexec /fu {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} /qnx64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dllx64-BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dllx64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dllx64-BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2012\x64\IEBHO.dllx64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllx64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dllx64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dllx64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dllx64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exex64-Run: [setDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exex64-Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGamingx64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exex64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dllx64-Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dllx64-Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dllx64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dllx64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dllx64-SSODL: WebCheck - <orphaned>.================= FIREFOX ===================.FF - ProfilePath - C:\Users\Nyarlathotep\AppData\Roaming\Mozilla\Firefox\Profiles\dk9nvjhk.default\FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dllFF - plugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMSS.dllFF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dllFF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dllFF - plugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dllFF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dllFF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypchub.dllFF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dllFF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dllFF - plugin: C:\Users\Nyarlathotep\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dllFF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dllFF - ExtSQL: 2013-06-24 16:35; wrc@avast.com; C:\Program Files\AVAST Software\Avast\WebRep\FF.============= SERVICES / DRIVERS ===============.R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2011-4-16 79488]R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2011-4-16 40064]R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-6-24 65336]R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-6-24 189936]R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-6-24 1025808]R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2013-6-24 378432]R1 avkmgr;avkmgr;C:\Windows\System32\drivers\avkmgr.sys [2013-3-30 28600]R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2013-5-28 89600]R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-9-29 204288]R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-9-28 361984]R2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2012-11-1 86752]R2 AntiVirService;Avira Real-Time Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2012-11-1 110816]R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2013-6-24 33400]R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-6-24 80816]R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-6-24 46808]R2 avgntflt;avgntflt;C:\Windows\System32\drivers\avgntflt.sys [2013-3-30 100712]R2 ezSharedSvc;Easybits Services for Windows;C:\Windows\System32\ezSharedSvcHost.exe --> C:\Windows\System32\ezSharedSvcHost.exe [?]R2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe [2011-8-26 260424]R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2012-8-10 197536]R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2011-5-27 30520]R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-2-15 34872]R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-1-28 2413056]R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-6-25 418376]R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-6-25 701512]R2 Mobile Broadband HL Service;Mobile Broadband HL Service;C:\ProgramData\MobileBrServ\mbbService.exe [2012-7-18 230240]R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-2 3064000]R3 amdhub30;AMD USB 3.0 Hub Driver;C:\Windows\System32\drivers\amdhub30.sys [2011-7-16 96896]R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2012-1-28 46136]R3 amdxhc;AMD USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\amdxhc.sys [2011-7-16 214144]R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2010-11-17 115216]R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-7-28 31088]R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-6-25 25928]R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2012-1-28 338536]R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-1-28 428136]R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\System32\drivers\rtl8192ce.sys [2012-1-28 1145448]S2 CLKMSVC10_38F51D56;CyberLink Product - 2012/01/27 20:43:41;C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2011-2-25 241648]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-1-8 161536]S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-2-5 235216]S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-14 292864]S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-14 1485312]S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-14 740864]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]S3 WatAdminSvc;Windowsin aktivointitekniikoiden palvelu;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-3-24 1255736]S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184].=============== Created Last 30 ================.2013-06-24 21:53:20 -------- d-----w- C:\Users\Nyarlathotep\AppData\Roaming\Malwarebytes2013-06-24 21:53:06 -------- d-----w- C:\ProgramData\Malwarebytes2013-06-24 21:53:05 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys2013-06-24 21:53:05 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-06-24 21:52:55 -------- d-----w- C:\Users\Nyarlathotep\AppData\Local\Programs2013-06-24 16:23:44 -------- d-----w- C:\Users\Nyarlathotep\AppData\Roaming\DriverCure2013-06-24 16:23:43 -------- d-----w- C:\Users\Nyarlathotep\AppData\Roaming\ParetoLogic2013-06-24 16:23:30 -------- d-----w- C:\ProgramData\ParetoLogic2013-06-24 14:04:36 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C7A0E20E-42DD-4951-9D55-BABD10FEFB51}\offreg.dll2013-06-24 13:53:33 -------- d-----w- C:\Program Files\Enigma Software Group2013-06-24 13:52:48 -------- d-----w- C:\Windows\BCD5545077AC4347B24F654B1189F8D4.TMP2013-06-24 13:36:08 72016 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys2013-06-24 13:36:04 189936 ----a-w- C:\Windows\System32\drivers\aswVmm.sys2013-06-24 13:36:04 1025808 ----a-w- C:\Windows\System32\drivers\aswSnx.sys2013-06-24 13:36:03 65336 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys2013-06-24 13:36:02 80816 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys2013-06-24 13:35:36 41664 ----a-w- C:\Windows\avastSS.scr2013-06-24 13:35:19 -------- d-----w- C:\Program Files\AVAST Software2013-06-24 13:33:58 -------- d-----w- C:\ProgramData\AVAST Software2013-06-23 19:09:21 9552976 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C7A0E20E-42DD-4951-9D55-BABD10FEFB51}\mpengine.dll2013-06-12 15:35:22 701952 ----a-w- C:\Program Files\Internet Explorer\ieproxy.dll2013-06-12 11:27:34 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys2013-06-04 12:23:33 -------- d-----w- C:\Program Files (x86)\Common Files\Nokia2013-06-04 12:22:12 26112 ----a-w- C:\Windows\System32\drivers\pccsmcfdx64.sys2013-06-04 12:22:03 -------- d-----w- C:\Program Files (x86)\PC Connectivity Solution2013-05-28 12:49:26 535552 ----a-w- C:\Windows\System32\drivers\stwrt64.sys2013-05-28 12:49:21 654336 ------w- C:\Windows\System32\stapi64.dll2013-05-28 12:49:21 448512 ----a-w- C:\Windows\System32\stcplx64.dll2013-05-28 12:49:21 1987072 ----a-w- C:\Windows\System32\stapo64.dll2013-05-28 12:49:06 -------- d-----w- C:\Program Files\IDT.==================== Find3M ====================.2013-06-12 18:40:30 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2013-06-12 18:40:30 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2013-06-08 12:28:46 2706432 ----a-w- C:\Windows\System32\mshtml.tlb2013-06-08 11:13:19 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb2013-05-23 20:21:42 719360 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll2013-05-17 01:25:57 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll2013-05-17 01:25:27 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll2013-05-17 01:25:26 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll2013-05-17 01:25:26 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll2013-05-17 00:59:03 2241024 ----a-w- C:\Windows\System32\wininet.dll2013-05-17 00:58:10 3958784 ----a-w- C:\Windows\System32\jscript9.dll2013-05-17 00:58:08 67072 ----a-w- C:\Windows\System32\iesetup.dll2013-05-17 00:58:08 136704 ----a-w- C:\Windows\System32\iesysprep.dll2013-05-14 12:23:25 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe2013-05-14 08:40:13 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe2013-05-13 05:51:01 184320 ----a-w- C:\Windows\System32\cryptsvc.dll2013-05-13 05:51:00 1464320 ----a-w- C:\Windows\System32\crypt32.dll2013-05-13 05:51:00 139776 ----a-w- C:\Windows\System32\cryptnet.dll2013-05-13 05:50:40 52224 ----a-w- C:\Windows\System32\certenc.dll2013-05-13 04:45:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll2013-05-13 04:45:55 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll2013-05-13 04:45:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll2013-05-13 03:43:55 1192448 ----a-w- C:\Windows\System32\certutil.exe2013-05-13 03:08:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe2013-05-13 03:08:06 43008 ----a-w- C:\Windows\SysWow64\certenc.dll2013-05-10 05:49:27 30720 ----a-w- C:\Windows\System32\cryptdlg.dll2013-05-10 03:20:54 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll2013-05-07 11:17:14 83160 ----a-w- C:\Windows\System32\drivers\avnetflt.sys2013-05-01 23:06:08 278800 ------w- C:\Windows\System32\MpSigStub.exe2013-04-26 05:51:36 751104 ----a-w- C:\Windows\System32\win32spl.dll2013-04-26 04:55:21 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll2013-04-25 23:30:32 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll2013-04-17 07:02:06 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll2013-04-17 06:24:46 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys2013-04-10 05:24:10 983912 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys2013-04-10 05:24:10 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys2013-04-10 03:30:50 3153920 ----a-w- C:\Windows\System32\win32k.sys2013-04-04 02:35:05 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll2013-03-31 22:52:16 1887232 ----a-w- C:\Windows\System32\d3d11.dll2013-03-29 21:48:36 28600 ----a-w- C:\Windows\System32\drivers\avkmgr.sys2013-03-29 21:48:36 100712 ----a-w- C:\Windows\System32\drivers\avgntflt.sys.============= FINISH: 16:07:49,60 ===============
  9. Nyarla
    Hello guys from Malwarebytes, and greetings from Finland. Couple of days ago my computer got finally infected for good. Malicious file called TR/BitCoinMinerAL.A.11 has infected my laptop. I did some research and found out that you guys have been helping to remove this manually. I have avira and avast but they can't get rid of it, they just keep spamming warnings/blocks etc.. also my comp has turned to be fast as a snail nowdays sigh.. I downloaded your malwarebytes anti-malware program but it didin't work either, so i figured i just ask from you guys can you help me out? Help me Mal-ware-bytes, you are my only hope..
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.