Tilmandra
-
Posts
6 -
Joined
-
Last visited
-
Sorry to double post here, forgot to type in some info before i clicked post.. (cant find a edit button ;o ) Anyhow, it stood that AVG was active, but i have uninstalled it, deleted all remaining files of AVG in appdata etc. Also checked my task manager for services / processes to see if it was active (which is was not), so i dont understand why it promted me with it being enabled/active. However i ran the scan either way as i was sure it was not active.
-
ComboFix 11-03-19.06 - Tilmandra 21.03.2011 14:43:01.1.4 - x64 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.47.1033.18.4094.2619 [GMT 1:00] Kj
-
Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Database version: 6116 Windows 6.1.7601 Service Pack 1 Internet Explorer 8.0.7601.17514 21.03.2011 08:09:55 mbam-log-2011-03-21 (08-09-55).txt Scan type: Quick scan Objects scanned: 161414 Time elapsed: 2 minute(s), 6 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) ------------------ Surfing on the internet with firefox / Google Chrome work's just fine, but when i try run a few programs that uses a launcher before starting the actual program/game i get up a message; "An error has occured in the script on this page" "line: 1" "Char: 1" "Error: Syntax Error" "Code: 0" "url: http://fls.doubleclick.net/activityi;src=2796661;type=wowup275;cat=wowla690;ord=730753.5451850853?" "Do you want to continue running scrips on this page? "Yes/no" No mather what option i choose, it blocks internet on that application/game (in this case, my world of warcraft launcher). So i cant update the game / launcher just stops cause (It cuts the internet off for that application/game). The computer itself works just fine i belive, no slow booting up only a error message each time i start it up -> "RunDLL" "C:\Users\Tilmandra\AppData\Roaming\vlc\systbbvcl2\tb.dll" "The specified module could not be found"
-
. DDS (Ver_11-03-05.01) - NTFS_AMD64 Run by Tilmandra at 16:44:59,91 on 20.03.2011 Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_24 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.47.1033.18.4094.2408 [GMT 1:00] . AV: AVG Internet Security 2011 *Enabled/Outdated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Internet Security 2011 *Enabled/Outdated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: AVG Firewall *Disabled* {621CC794-9486-F902-D092-0484E8EA828B} . ============== Running Processes =============== . C:\PROGRA~2\AVG\AVG10\avgchsva.exe C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\atieclxx.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe C:\Program Files (x86)\AVG\AVG10\avgfws.exe C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\AVG\AVG10\avgam.exe C:\Program Files (x86)\AVG\AVG10\avgnsa.exe C:\Windows\System32\rundll32.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe E:\Steam\Steam.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Users\Tilmandra\AppData\Local\Google\Update\1.2.183.39\GoogleCrashHandler.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\AVG\AVG10\avgtray.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe C:\Windows\system32\conhost.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\PROGRA~2\Raptr\raptr.exe C:\PROGRA~2\Raptr\raptr_im.exe C:\Windows\system32\DllHost.exe C:\Program Files (x86)\Raptr\raptr_ep32.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files (x86)\Raptr\raptr_ep64.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\PROGRA~2\AVG\AVG10\avgrsa.exe C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe C:\Program Files (x86)\uTorrent\uTorrent.exe C:\Users\Tilmandra\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Tilmandra\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Tilmandra\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\Tilmandra\Desktop\dds.scr C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll mURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll mWinlogon: Userinit=userinit.exe, BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background uRun: [Raptr] C:\PROGRA~2\Raptr\raptrstub.exe --startup uRun: [steam] "E:\Steam\steam.exe" -silent uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uRun: [Google Update] "C:\Users\Tilmandra\AppData\Local\Google\Update\GoogleUpdate.exe" /c mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" mRun: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe StartupFolder: C:\Users\TILMAN~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Update.lnk - C:\Windows\System32\rundll32.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: E&ksporter til Microsoft Excel - C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll TB-X64: {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File mRun-x64: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\TILMAN~1\AppData\Roaming\Mozilla\Firefox\Profiles\crsrc59r.default\ FF - component: C:\Program Files (x86)\AVG\AVG10\Firefox\components\avgssff.dll FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll FF - component: C:\Users\Tilmandra\AppData\Roaming\Mozilla\Firefox\Profiles\crsrc59r.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCoreGecko19.dll FF - component: C:\Users\Tilmandra\AppData\Roaming\Mozilla\Firefox\Profiles\crsrc59r.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\Tilmandra\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll FF - plugin: C:\Windows\system32\Wat\npWatWeb.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Skype extension: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com FF - Ext: uTorrentBar Community Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - %profile%\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} FF - Ext: AVG Safe Search: {3f963a5b-e555-4543-90e2-c3908898db71} - C:\Program Files (x86)\AVG\AVG10\Firefox . ============= SERVICES / DRIVERS =============== . R0 AVGIDSEH;AVGIDSEH;C:\Windows\System32\drivers\AVGIDSEH.sys [2010-9-13 27216] R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2010-9-7 30288] R1 Avgfwfd;AVG network filter service;C:\Windows\System32\drivers\avgfwd6a.sys [2010-7-12 57696] R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2010-12-8 308304] R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2010-9-7 41040] R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2010-11-12 382032] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2011-3-7 254528] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-1-26 203776] R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-1-26 354304] R2 AMD Reservation Manager;AMD Reservation Manager;C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-6-17 194496] R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG10\avgfws.exe [2010-11-22 3226632] R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2011-1-6 6128720] R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [2010-10-22 265400] R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2011-2-26 46136] R3 amdkmdag;amdkmdag;C:\Windows\System32\drivers\atikmdag.sys [2011-1-27 9085952] R3 amdkmdap;amdkmdap;C:\Windows\System32\drivers\atikmpag.sys [2011-1-26 299520] R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\AVGIDSDriver.sys [2010-8-19 157264] R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\System32\drivers\AVGIDSFilter.sys [2010-8-19 35920] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-6-23 344680] S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2010-11-17 115216] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2011-3-6 20992] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-3-6 59392] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-2-26 1255736] . =============== Created Last 30 ================ . 2011-03-20 08:15:02 -------- d-----w- C:\Users\TILMAN~1\AppData\Local\{6F2EF8EF-1F3F-4FC5-93E9-AC196C529806} 2011-03-20 08:05:31 -------- d-----w- C:\Users\TILMAN~1\AppData\Roaming\Malwarebytes 2011-03-20 08:05:23 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys 2011-03-20 08:05:22 -------- d-----w- C:\PROGRA~3\Malwarebytes 2011-03-20 08:05:19 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys 2011-03-20 08:05:19 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2011-03-20 07:35:40 -------- d-----w- C:\Users\TILMAN~1\AppData\Local\Apps 2011-03-19 12:14:04 1139200 ----a-w- C:\Windows\System32\FntCache.dll 2011-03-19 12:14:03 902656 ----a-w- C:\Windows\System32\d2d1.dll 2011-03-19 12:14:03 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll 2011-03-19 12:14:03 1544192 ----a-w- C:\Windows\System32\DWrite.dll 2011-03-19 12:14:03 1076736 ----a-w- C:\Windows\SysWow64\DWrite.dll 2011-03-19 12:14:01 870912 ----a-w- C:\Windows\SysWow64\XpsPrint.dll 2011-03-19 12:14:01 475648 ----a-w- C:\Windows\System32\XpsGdiConverter.dll 2011-03-19 12:14:01 288256 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll 2011-03-19 12:14:01 1465344 ----a-w- C:\Windows\System32\XpsPrint.dll 2011-03-19 12:13:41 197120 ----a-w- C:\Windows\System32\d3d10_1.dll 2011-03-19 12:13:41 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll 2011-03-18 15:44:11 -------- d-----w- C:\Users\TILMAN~1\AppData\Local\{D605F005-DC39-4227-94AD-12B8ABBE90ED} 2011-03-18 14:38:42 -------- d-----w- C:\Program Files (x86)\Common Files\Blizzard Entertainment 2011-03-15 13:53:38 -------- d-----w- C:\Users\TILMAN~1\AppData\Roaming\Spotify 2011-03-15 13:53:38 -------- d-----w- C:\Users\TILMAN~1\AppData\Local\Spotify 2011-03-15 13:53:34 -------- d-----w- C:\Program Files (x86)\Spotify 2011-03-14 00:15:35 -------- d-----w- C:\Users\TILMAN~1\AppData\Local\{2A490790-89C2-484A-9B52-F9E6EBA281BF} 2011-03-13 22:31:40 -------- d-----w- C:\Users\TILMAN~1\AppData\Local\Google 2011-03-11 21:14:45 -------- d-----w- C:\Users\TILMAN~1\AppData\Local\{BFA0D9EE-8F1C-4D64-B9C3-2E8D254AA0AC} 2011-03-11 07:38:20 -------- d--h--w- C:\$AVG 2011-03-10 21:06:10 -------- d-----w- C:\Users\TILMAN~1\AppData\Roaming\AVG 2011-03-10 20:43:48 -------- d-----w- C:\Users\TILMAN~1\AppData\Roaming\AVG10 2011-03-10 20:23:13 -------- d--h--w- C:\PROGRA~3\Common Files 2011-03-10 20:22:58 -------- d-----w- C:\Windows\SysWow64\drivers\AVG 2011-03-10 20:22:14 -------- d-----w- C:\Windows\System32\drivers\AVG 2011-03-10 20:22:14 -------- d-----w- C:\PROGRA~3\AVG10 2011-03-10 20:22:00 -------- d-----w- C:\Program Files (x86)\AVG 2011-03-10 20:19:42 65536 ----a-w- C:\Program Files (x86)\win64checkKBDK.exe 2011-03-10 19:30:49 -------- d-----w- C:\PROGRA~3\MFAData 2011-03-10 19:22:33 -------- d-----w- C:\Users\TILMAN~1\AppData\Local\{6900DBD5-546A-4996-8906-D41D9C0E7AB4} 2011-03-10 19:07:32 961024 ----a-w- C:\Windows\System32\CPFilters.dll 2011-03-10 19:07:32 723968 ----a-w- C:\Windows\System32\EncDec.dll 2011-03-10 19:07:31 642048 ----a-w- C:\Windows\SysWow64\CPFilters.dll 2011-03-10 19:07:31 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll 2011-03-10 19:07:31 259072 ----a-w- C:\Windows\System32\mpg2splt.ax 2011-03-10 19:07:31 1118720 ----a-w- C:\Windows\System32\sbe.dll 2011-03-10 19:07:30 850944 ----a-w- C:\Windows\SysWow64\sbe.dll 2011-03-10 19:07:30 199680 ----a-w- C:\Windows\SysWow64\mpg2splt.ax 2011-03-10 06:59:28 -------- d-----w- C:\Users\TILMAN~1\AppData\Local\{48846C0E-07FC-42BA-B3AA-91EA6A60081C} 2011-03-09 16:57:38 -------- d-----w- C:\Program Files (x86)\Common Files\Steam 2011-03-07 13:01:26 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8 2011-03-07 13:00:56 -------- d-----w- C:\Users\TILMAN~1\AppData\Local\Microsoft Help 2011-03-07 12:56:19 254528 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys 2011-03-07 12:56:11 -------- d-----w- C:\Program Files (x86)\DAEMON Tools Lite 2011-03-07 12:55:45 -------- d-----w- C:\Users\TILMAN~1\AppData\Roaming\DAEMON Tools Lite 2011-03-07 12:55:45 -------- d-----w- C:\PROGRA~3\DAEMON Tools Lite 2011-03-06 11:24:07 419840 ----a-w- C:\Windows\System32\systemcplx64.dll 2011-03-06 11:24:07 14848 ----a-w- C:\Windows\System32\slwga.dll 2011-03-06 11:24:07 13824 ----a-w- C:\Windows\slwga32.dll 2011-03-06 10:02:46 -------- d-----w- C:\Program Files (x86)\VideoLAN 2011-03-06 09:58:03 -------- d-----w- C:\Windows\System32\SPReview 2011-03-06 09:57:17 -------- d-----w- C:\Windows\System32\EventProviders 2011-03-06 09:54:59 428032 ----a-w- C:\Windows\SysWow64\secproc.dll 2011-03-06 09:53:59 551936 ----a-w- C:\Windows\System32\localsec.dll 2011-03-06 09:52:59 54272 ----a-w- C:\Windows\System32\iyuv_32.dll 2011-03-06 09:51:54 6144 ----a-w- C:\Windows\System32\drivers\en-US\IPMIDrv.sys.mui 2011-03-06 09:51:54 4608 ----a-w- C:\Windows\System32\drivers\en-US\kbdclass.sys.mui 2011-03-06 09:51:48 209920 ----a-w- C:\Windows\SysWow64\PkgMgr.exe 2011-03-06 09:51:48 189952 ----a-w- C:\Windows\SysWow64\wdscore.dll 2011-03-06 09:51:42 323072 ----a-w- C:\Windows\SysWow64\drvstore.dll 2011-03-06 09:51:42 257024 ----a-w- C:\Windows\SysWow64\dpx.dll 2011-03-06 09:51:40 606208 ----a-w- C:\Windows\SysWow64\wbem\fastprox.dll 2011-03-06 09:51:40 363008 ----a-w- C:\Windows\SysWow64\wbemcomn.dll 2011-03-06 09:50:05 529408 ----a-w- C:\Windows\System32\wbemcomn.dll 2011-03-06 09:50:05 524288 ----a-w- C:\Windows\System32\wmicmiplugin.dll 2011-03-06 09:50:05 1225216 ----a-w- C:\Windows\System32\wbem\wbemcore.dll 2011-03-06 09:49:54 933376 ----a-w- C:\Windows\System32\SmiEngine.dll 2011-03-06 09:49:49 199168 ----a-w- C:\Windows\System32\PkgMgr.exe 2011-03-06 09:49:27 422912 ----a-w- C:\Windows\System32\drvstore.dll 2011-03-06 09:49:27 399872 ----a-w- C:\Windows\System32\dpx.dll 2011-03-06 09:29:56 -------- d-----w- C:\Users\TILMAN~1\AppData\Local\{BCE1DA38-7A9D-4AA8-BEBF-197196D734FB} 2011-03-05 09:25:01 -------- d-----w- C:\Users\TILMAN~1\AppData\Local\{61FF3BC2-C1B8-45DC-8413-4B16AE02E4C7} 2011-03-01 00:47:27 -------- d-----w- C:\Program Files\Ventrilo 2011-03-01 00:47:02 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard 2011-03-01 00:19:21 -------- d-----w- C:\Users\TILMAN~1\AppData\Local\{227C5280-E6DC-4B14-93EA-5C5E9EC6C039} 2011-03-01 00:19:20 -------- d-----w- C:\Users\TILMAN~1\AppData\Local\{46872397-E0D2-4CBD-ADA3-1EB885D04B23} 2011-02-28 18:55:00 -------- d-----w- C:\Users\TILMAN~1\AppData\Roaming\Raptr 2011-02-28 18:55:00 -------- d-----w- C:\Program Files (x86)\Raptr 2011-02-28 11:03:30 -------- d-----w- C:\Users\TILMAN~1\AppData\Local\{004B5545-A4BD-4B49-A85D-FEB3EBC15524} 2011-02-27 20:27:05 -------- d-----w- C:\Users\TILMAN~1\AppData\Local\{3F2B4AC1-EB26-4EA9-994D-95E4428C72C3} 2011-02-26 23:30:18 -------- d-----w- C:\Program Files (x86)\Western Digital Corporation 2011-02-26 20:26:31 -------- d-----w- C:\Users\TILMAN~1\AppData\Local\{38902CB2-2CED-4D6F-8F9F-F3BB133C0FF8} 2011-02-26 20:26:16 -------- d-----w- C:\Users\Tilmandra\Tracing 2011-02-26 20:09:22 -------- d-----w- C:\Windows\no 2011-02-26 20:09:01 -------- d-----w- C:\Windows\en 2011-02-26 20:08:28 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2011-02-26 20:06:28 -------- d-----w- C:\Windows\PCHEALTH 2011-02-26 20:02:47 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\2223bdfb1cbd5f007\DSETUP.dll 2011-02-26 20:02:47 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\2223bdfb1cbd5f007\DXSETUP.exe 2011-02-26 20:02:47 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\2223bdfb1cbd5f007\dsetup32.dll 2011-02-26 20:02:42 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\1eb387d11cbd5f006\DXSETUP.exe 2011-02-26 20:02:42 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\1eb387d11cbd5f006\dsetup32.dll 2011-02-26 20:02:41 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\1eb387d11cbd5f006\DSETUP.dll 2011-02-26 20:01:50 -------- d-----w- C:\Users\TILMAN~1\AppData\Local\Windows Live 2011-02-26 20:01:49 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live 2011-02-26 12:52:19 -------- d-----w- C:\PROGRA~3\Blizzard Entertainment 2011-02-26 11:30:59 469264 ----a-w- C:\Windows\System32\d3dx10.dll 2011-02-26 11:28:37 -------- d-----w- C:\Windows\SysWow64\directx 2011-02-26 11:27:37 -------- d-----w- C:\Users\TILMAN~1\AppData\Roaming\Rift 2011-02-26 11:25:49 -------- d-----w- C:\Windows\SysWow64\Wat 2011-02-26 11:25:49 -------- d-----w- C:\Windows\System32\Wat 2011-02-26 10:17:23 -------- d-----w- C:\Windows\Panther 2011-02-26 03:36:30 -------- d-----w- C:\Program Files (x86)\Conduit 2011-02-26 03:36:28 -------- d-----w- C:\Program Files (x86)\ConduitEngine 2011-02-26 03:36:26 -------- d-----w- C:\Program Files (x86)\uTorrentBar 2011-02-26 03:36:21 -------- d-----w- C:\Program Files (x86)\uTorrent 2011-02-26 03:35:51 -------- d-----w- C:\Users\TILMAN~1\AppData\Roaming\uTorrent 2011-02-26 03:34:55 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2011-02-26 03:34:55 472808 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll 2011-02-26 03:28:18 294912 ----a-w- C:\Windows\System32\browserchoice.exe 2011-02-26 02:36:28 -------- d-----w- C:\Program Files (x86)\GIGABYTE 2011-02-26 02:35:58 69714 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll 2011-02-26 02:35:58 63488 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ISBEW64.exe 2011-02-26 02:35:58 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe 2011-02-26 02:35:58 274432 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll 2011-02-26 02:35:58 25640 ----a-w- C:\Windows\gdrv.sys 2011-02-26 02:35:58 184320 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll 2011-02-26 02:35:57 753664 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll 2011-02-26 02:35:57 331908 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll 2011-02-26 02:35:57 200836 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll 2011-02-26 02:29:19 -------- d-----r- C:\Program Files (x86)\Skype 2011-02-26 02:20:08 -------- d-----w- C:\Users\TILMAN~1\AppData\Local\AMD 2011-02-26 02:20:03 -------- d-----w- C:\Users\TILMAN~1\AppData\Local\Mozilla 2011-02-26 02:19:55 -------- d-----w- C:\Users\TILMAN~1\AppData\Local\ATI 2011-02-26 02:17:39 0 ----a-w- C:\Windows\ativpsrm.bin 2011-02-26 02:15:08 -------- d-----w- C:\Program Files\Common Files\ATI Technologies 2011-02-26 02:15:08 -------- d-----w- C:\Program Files (x86)\Common Files\ATI Technologies 2011-02-26 02:15:05 -------- d-----w- C:\Program Files (x86)\ATI Stream 2011-02-26 02:15:03 -------- d-----w- C:\Program Files (x86)\ATI 2011-02-26 02:14:55 -------- d-----w- C:\PROGRA~3\AMD 2011-02-26 02:14:52 46136 ----a-w- C:\Windows\System32\drivers\amdiox64.sys 2011-02-26 02:14:22 -------- d-----w- C:\Program Files (x86)\ATI Technologies 2011-02-26 02:14:19 -------- d-sh--w- C:\Windows\Installer 2011-02-26 02:14:19 -------- d-----w- C:\Program Files\ATI 2011-02-26 02:13:48 -------- d-----w- C:\Program Files\ATI Technologies 2011-02-26 01:50:43 -------- d-sh--w- C:\Recovery 2011-02-26 01:36:42 7947600 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{1312F7F6-CA1B-45F2-A334-7F91AE68303A}\mpengine.dll 2011-02-26 01:36:40 270720 ------w- C:\Windows\System32\MpSigStub.exe . ==================== Find3M ==================== . 2011-03-06 17:57:09 833024 ----a-w- C:\Windows\SysWow64\user32.dll 2011-03-06 17:57:09 1008640 ----a-w- C:\Windows\System32\user32.dll 2011-03-06 11:14:47 419840 ----a-w- C:\Windows\System32\systemcpl.dll 2011-03-06 11:14:47 13824 ----a-w- C:\Windows\SysWow64\slwga.dll 2011-03-06 10:04:27 175616 ----a-w- C:\Windows\System32\msclmd.dll 2011-03-06 10:04:27 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll 2011-01-26 23:37:20 9085952 ----a-w- C:\Windows\System32\drivers\atikmdag.sys 2011-01-26 23:22:18 22295040 ----a-w- C:\Windows\System32\atio6axx.dll 2011-01-26 23:00:44 143360 ----a-w- C:\Windows\System32\atiapfxx.exe 2011-01-26 23:00:30 596480 ----a-w- C:\Windows\SysWow64\aticfx32.dll 2011-01-26 22:59:46 17204736 ----a-w- C:\Windows\SysWow64\atioglxx.dll 2011-01-26 22:59:10 708608 ----a-w- C:\Windows\System32\aticfx64.dll 2011-01-26 22:56:30 462848 ----a-w- C:\Windows\System32\ATIDEMGX.dll 2011-01-26 22:56:14 479232 ----a-w- C:\Windows\System32\atieclxx.exe 2011-01-26 22:55:36 203776 ----a-w- C:\Windows\System32\atiesrxx.exe 2011-01-26 22:54:20 120320 ----a-w- C:\Windows\System32\atitmm64.dll 2011-01-26 22:54:00 423424 ----a-w- C:\Windows\System32\atipdl64.dll 2011-01-26 22:53:54 356352 ----a-w- C:\Windows\SysWow64\atipdlxx.dll 2011-01-26 22:53:42 278528 ----a-w- C:\Windows\SysWow64\Oemdspif.dll 2011-01-26 22:53:36 16384 ----a-w- C:\Windows\System32\atimuixx.dll 2011-01-26 22:53:32 59392 ----a-w- C:\Windows\System32\atiedu64.dll 2011-01-26 22:53:26 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll 2011-01-26 22:49:44 4105728 ----a-w- C:\Windows\SysWow64\atidxx32.dll 2011-01-26 22:40:02 4847616 ----a-w- C:\Windows\System32\atidxx64.dll 2011-01-26 22:32:46 1208320 ----a-w- C:\Windows\System32\atiumd6v.dll 2011-01-26 22:32:12 1912832 ----a-w- C:\Windows\SysWow64\atiumdmv.dll 2011-01-26 22:32:00 3222016 ----a-w- C:\Windows\System32\atiumd6a.dll 2011-01-26 22:28:52 4170752 ----a-w- C:\Windows\SysWow64\atiumdag.dll 2011-01-26 22:27:52 51200 ----a-w- C:\Windows\System32\aticalrt64.dll 2011-01-26 22:27:50 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll 2011-01-26 22:27:42 44544 ----a-w- C:\Windows\System32\aticalcl64.dll 2011-01-26 22:27:40 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll 2011-01-26 22:27:30 6982144 ----a-w- C:\Windows\System32\aticaldd64.dll 2011-01-26 22:25:50 5580800 ----a-w- C:\Windows\SysWow64\aticaldd.dll 2011-01-26 22:24:18 3463680 ----a-w- C:\Windows\SysWow64\atiumdva.dll 2011-01-26 22:21:58 5316096 ----a-w- C:\Windows\System32\atiumd64.dll 2011-01-26 22:20:46 58880 ----a-w- C:\Windows\System32\coinst.dll 2011-01-26 22:14:14 354304 ----a-w- C:\Windows\System32\atiadlxx.dll 2011-01-26 22:14:08 249856 ----a-w- C:\Windows\SysWow64\atiadlxy.dll 2011-01-26 22:13:56 14848 ----a-w- C:\Windows\System32\atig6pxx.dll 2011-01-26 22:13:52 12800 ----a-w- C:\Windows\SysWow64\atiglpxx.dll 2011-01-26 22:13:52 12800 ----a-w- C:\Windows\System32\atiglpxx.dll 2011-01-26 22:13:50 39936 ----a-w- C:\Windows\System32\atig6txx.dll 2011-01-26 22:13:42 32768 ----a-w- C:\Windows\SysWow64\atigktxx.dll 2011-01-26 22:13:32 299520 ----a-w- C:\Windows\System32\drivers\atikmpag.sys 2011-01-26 22:12:46 39936 ----a-w- C:\Windows\System32\atiuxp64.dll 2011-01-26 22:12:40 30720 ----a-w- C:\Windows\SysWow64\atiuxpag.dll 2011-01-26 22:12:32 38400 ----a-w- C:\Windows\System32\atiu9p64.dll 2011-01-26 22:12:24 28672 ----a-w- C:\Windows\SysWow64\atiu9pag.dll 2011-01-26 22:11:46 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll 2011-01-26 22:08:46 53760 ----a-w- C:\Windows\System32\atimpc64.dll 2011-01-26 22:08:46 53760 ----a-w- C:\Windows\System32\amdpcom64.dll 2011-01-26 22:08:40 52736 ----a-w- C:\Windows\SysWow64\atimpc32.dll 2011-01-26 22:08:40 52736 ----a-w- C:\Windows\SysWow64\amdpcom32.dll 2011-01-07 12:14:11 46080 ----a-w- C:\Windows\System32\atmlib.dll 2011-01-07 09:51:01 1638912 ----a-w- C:\Windows\System32\mshtml.tlb 2011-01-07 09:20:44 366592 ----a-w- C:\Windows\System32\atmfd.dll 2011-01-07 07:45:57 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll 2011-01-07 06:01:22 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2011-01-07 05:43:36 294400 ----a-w- C:\Windows\SysWow64\atmfd.dll 2011-01-05 10:34:00 612864 ----a-w- C:\Windows\System32\vbscript.dll 2011-01-05 06:56:24 3129344 ----a-w- C:\Windows\System32\win32k.sys 2011-01-05 05:55:55 428032 ----a-w- C:\Windows\SysWow64\vbscript.dll . ============= FINISH: 16:45:19,98 ===============
-
Surfing on the internet with firefox / Google Chrome work's just fine, but when i try run a few programs that uses a launcher before starting the actual program/game i get up a message; "An error has occured in the script on this page" "line: 1" "Char: 1" "Error: Syntax Error" "Code: 0" "url: http://fls.doubleclick.net/activityi;src=2796661;type=wowup275;cat=wowla690;ord=730753.5451850853?" "Do you want to continue running scrips on this page? "Yes/no" No mather what option i choose, it blocks internet on that application/game (in this case, my world of warcraft launcher). So i cant update the game / launcher just stops cause of no connection to the tracker. Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Database version: 6110 Windows 6.1.7601 Service Pack 1 Internet Explorer 8.0.7601.17514 20.03.2011 09:11:44 mbam-log-2011-03-20 (09-11-44).txt Scan type: Quick scan Objects scanned: 162713 Time elapsed: 3 minute(s), 3 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 1 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: c:\Users\tilmandra\AppData\Roaming\78646.exe (HackTool.Wpakill) -> Quarantined and deleted successfully. ----- Ran a scan after rebooting my computer also, it show's no infections -------- . DDS (Ver_11-03-05.01) - NTFS_AMD64 Run by Tilmandra at 9:26:23,73 on 20.03.2011 Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_24 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.47.1033.18.4094.2656 [GMT 1:00] . AV: AVG Internet Security 2011 *Enabled/Outdated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Internet Security 2011 *Enabled/Outdated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: AVG Firewall *Disabled* {621CC794-9486-F902-D092-0484E8EA828B} . ============== Running Processes =============== . C:\PROGRA~2\AVG\AVG10\avgchsva.exe C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\atieclxx.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe C:\Program Files (x86)\AVG\AVG10\avgfws.exe C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\AVG\AVG10\avgam.exe C:\Program Files (x86)\AVG\AVG10\avgnsa.exe C:\Windows\System32\rundll32.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe E:\Steam\Steam.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Users\Tilmandra\AppData\Local\Google\Update\1.2.183.39\GoogleCrashHandler.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\AVG\AVG10\avgtray.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe C:\Windows\system32\conhost.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\PROGRA~2\Raptr\raptr.exe C:\PROGRA~2\Raptr\raptr_im.exe C:\Windows\system32\DllHost.exe C:\Program Files (x86)\Raptr\raptr_ep32.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files (x86)\Raptr\raptr_ep64.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Users\Tilmandra\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Tilmandra\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\servicing\TrustedInstaller.exe C:\PROGRA~2\AVG\AVG10\avgrsa.exe C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\AUDIODG.EXE C:\Users\Tilmandra\Desktop\dds.scr C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll mURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll mWinlogon: Userinit=userinit.exe, BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background uRun: [Raptr] C:\PROGRA~2\Raptr\raptrstub.exe --startup uRun: [steam] "E:\Steam\steam.exe" -silent uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uRun: [Google Update] "C:\Users\Tilmandra\AppData\Local\Google\Update\GoogleUpdate.exe" /c mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" mRun: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe StartupFolder: C:\Users\TILMAN~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Update.lnk - C:\Windows\System32\rundll32.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: E&ksporter til Microsoft Excel - C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll TB-X64: {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File mRun-x64: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\TILMAN~1\AppData\Roaming\Mozilla\Firefox\Profiles\crsrc59r.default\ FF - component: C:\Program Files (x86)\AVG\AVG10\Firefox\components\avgssff.dll FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll FF - component: C:\Users\Tilmandra\AppData\Roaming\Mozilla\Firefox\Profiles\crsrc59r.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCoreGecko19.dll FF - component: C:\Users\Tilmandra\AppData\Roaming\Mozilla\Firefox\Profiles\crsrc59r.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\Tilmandra\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll FF - plugin: C:\Windows\system32\Wat\npWatWeb.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Skype extension: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com FF - Ext: uTorrentBar Community Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - %profile%\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} FF - Ext: AVG Safe Search: {3f963a5b-e555-4543-90e2-c3908898db71} - C:\Program Files (x86)\AVG\AVG10\Firefox . ============= SERVICES / DRIVERS =============== . R0 AVGIDSEH;AVGIDSEH;C:\Windows\System32\drivers\AVGIDSEH.sys [2010-9-13 27216] R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2010-9-7 30288] R1 Avgfwfd;AVG network filter service;C:\Windows\System32\drivers\avgfwd6a.sys [2010-7-12 57696] R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2010-12-8 308304] R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2010-9-7 41040] R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2010-11-12 382032] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2011-3-7 254528] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-1-26 203776] R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-1-26 354304] R2 AMD Reservation Manager;AMD Reservation Manager;C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-6-17 194496] R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG10\avgfws.exe [2010-11-22 3226632] R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2011-1-6 6128720] R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [2010-10-22 265400] R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2011-2-26 46136] R3 amdkmdag;amdkmdag;C:\Windows\System32\drivers\atikmdag.sys [2011-1-27 9085952] R3 amdkmdap;amdkmdap;C:\Windows\System32\drivers\atikmpag.sys [2011-1-26 299520] R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\AVGIDSDriver.sys [2010-8-19 157264] R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\System32\drivers\AVGIDSFilter.sys [2010-8-19 35920] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-6-23 344680] S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2010-11-17 115216] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2011-3-6 20992] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-3-6 59392] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-2-26 1255736] . =============== Created Last 30 ================ . 2011-03-20 08:15:02 -------- d-----w- C:\Users\TILMAN~1\AppData\Local\{6F2EF8EF-1F3F-4FC5-93E9-AC196C529806} 2011-03-20 08:05:31 -------- d-----w- C:\Users\TILMAN~1\AppData\Roaming\Malwarebytes 2011-03-20 08:05:23 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys 2011-03-20 08:05:22 -------- d-----w- C:\PROGRA~3\Malwarebytes 2011-03-20 08:05:19 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys 2011-03-20 08:05:19 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2011-03-20 07:35:40 -------- d-----w- C:\Users\TILMAN~1\AppData\Local\Apps 2011-03-19 12:14:04 1139200 ----a-w- C:\Windows\System32\FntCache.dll 2011-03-19 12:14:03 902656 ----a-w- C:\Windows\System32\d2d1.dll 2011-03-19 12:14:03 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll 2011-03-19 12:14:03 1544192 ----a-w- C:\Windows\System32\DWrite.dll 2011-03-19 12:14:03 1076736 ----a-w- C:\Windows\SysWow64\DWrite.dll 2011-03-19 12:14:01 870912 ----a-w- C:\Windows\SysWow64\XpsPrint.dll 2011-03-19 12:14:01 475648 ----a-w- C:\Windows\System32\XpsGdiConverter.dll 2011-03-19 12:14:01 288256 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll 2011-03-19 12:14:01 1465344 ----a-w- C:\Windows\System32\XpsPrint.dll 2011-03-19 12:13:41 197120 ----a-w- C:\Windows\System32\d3d10_1.dll 2011-03-19 12:13:41 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll 2011-03-18 15:44:11 -------- d-----w- C:\Users\TILMAN~1\AppData\Local\{D605F005-DC39-4227-94AD-12B8ABBE90ED} 2011-03-18 14:38:42 -------- d-----w- C:\Program Files (x86)\Common Files\Blizzard Entertainment 2011-03-15 13:53:38 -------- d-----w- C:\Users\TILMAN~1\AppData\Roaming\Spotify 2011-03-15 13:53:38 -------- d-----w- C:\Users\TILMAN~1\AppData\Local\Spotify 2011-03-15 13:53:34 -------- d-----w- C:\Program Files (x86)\Spotify 2011-03-14 00:15:35 -------- d-----w- C:\Users\TILMAN~1\AppData\Local\{2A490790-89C2-484A-9B52-F9E6EBA281BF} 2011-03-13 22:31:40 -------- d-----w- C:\Users\TILMAN~1\AppData\Local\Google 2011-03-11 21:14:45 -------- d-----w- C:\Users\TILMAN~1\AppData\Local\{BFA0D9EE-8F1C-4D64-B9C3-2E8D254AA0AC} 2011-03-11 07:38:20 -------- d--h--w- C:\$AVG 2011-03-10 21:06:10 -------- d-----w- C:\Users\TILMAN~1\AppData\Roaming\AVG 2011-03-10 20:43:48 -------- d-----w- C:\Users\TILMAN~1\AppData\Roaming\AVG10 2011-03-10 20:23:13 -------- d--h--w- C:\PROGRA~3\Common Files 2011-03-10 20:22:58 -------- d-----w- C:\Windows\SysWow64\drivers\AVG 2011-03-10 20:22:14 -------- d-----w- C:\Windows\System32\drivers\AVG 2011-03-10 20:22:14 -------- d-----w- C:\PROGRA~3\AVG10 2011-03-10 20:22:00 -------- d-----w- C:\Program Files (x86)\AVG 2011-03-10 20:19:42 65536 ----a-w- C:\Program Files (x86)\win64checkKBDK.exe 2011-03-10 19:30:49 -------- d-----w- C:\PROGRA~3\MFAData 2011-03-10 19:22:33 -------- d-----w- C:\Users\TILMAN~1\AppData\Local\{6900DBD5-546A-4996-8906-D41D9C0E7AB4} 2011-03-10 19:07:32 961024 ----a-w- C:\Windows\System32\CPFilters.dll 2011-03-10 19:07:32 723968 ----a-w- C:\Windows\System32\EncDec.dll 2011-03-10 19:07:31 642048 ----a-w- C:\Windows\SysWow64\CPFilters.dll 2011-03-10 19:07:31 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll 2011-03-10 19:07:31 259072 ----a-w- C:\Windows\System32\mpg2splt.ax 2011-03-10 19:07:31 1118720 ----a-w- C:\Windows\System32\sbe.dll 2011-03-10 19:07:30 850944 ----a-w- C:\Windows\SysWow64\sbe.dll 2011-03-10 19:07:30 199680 ----a-w- C:\Windows\SysWow64\mpg2splt.ax 2011-03-10 06:59:28 -------- d-----w- C:\Users\TILMAN~1\AppData\Local\{48846C0E-07FC-42BA-B3AA-91EA6A60081C} 2011-03-09 16:57:38 -------- d-----w- C:\Program Files (x86)\Common Files\Steam 2011-03-07 13:01:26 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8 2011-03-07 13:00:56 -------- d-----w- C:\Users\TILMAN~1\AppData\Local\Microsoft Help 2011-03-07 12:56:19 254528 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys 2011-03-07 12:56:11 -------- d-----w- C:\Program Files (x86)\DAEMON Tools Lite 2011-03-07 12:55:45 -------- d-----w- C:\Users\TILMAN~1\AppData\Roaming\DAEMON Tools Lite 2011-03-07 12:55:45 -------- d-----w- C:\PROGRA~3\DAEMON Tools Lite 2011-03-06 11:24:07 419840 ----a-w- C:\Windows\System32\systemcplx64.dll 2011-03-06 11:24:07 14848 ----a-w- C:\Windows\System32\slwga.dll 2011-03-06 11:24:07 13824 ----a-w- C:\Windows\slwga32.dll 2011-03-06 10:02:46 -------- d-----w- C:\Program Files (x86)\VideoLAN 2011-03-06 09:58:03 -------- d-----w- C:\Windows\System32\SPReview 2011-03-06 09:57:17 -------- d-----w- C:\Windows\System32\EventProviders 2011-03-06 09:54:59 428032 ----a-w- C:\Windows\SysWow64\secproc.dll 2011-03-06 09:53:59 551936 ----a-w- C:\Windows\System32\localsec.dll 2011-03-06 09:52:59 54272 ----a-w- C:\Windows\System32\iyuv_32.dll 2011-03-06 09:51:54 6144 ----a-w- C:\Windows\System32\drivers\en-US\IPMIDrv.sys.mui 2011-03-06 09:51:54 4608 ----a-w- C:\Windows\System32\drivers\en-US\kbdclass.sys.mui 2011-03-06 09:51:48 209920 ----a-w- C:\Windows\SysWow64\PkgMgr.exe 2011-03-06 09:51:48 189952 ----a-w- C:\Windows\SysWow64\wdscore.dll 2011-03-06 09:51:42 323072 ----a-w- C:\Windows\SysWow64\drvstore.dll 2011-03-06 09:51:42 257024 ----a-w- C:\Windows\SysWow64\dpx.dll 2011-03-06 09:51:40 606208 ----a-w- C:\Windows\SysWow64\wbem\fastprox.dll 2011-03-06 09:51:40 363008 ----a-w- C:\Windows\SysWow64\wbemcomn.dll 2011-03-06 09:50:05 529408 ----a-w- C:\Windows\System32\wbemcomn.dll 2011-03-06 09:50:05 524288 ----a-w- C:\Windows\System32\wmicmiplugin.dll 2011-03-06 09:50:05 1225216 ----a-w- C:\Windows\System32\wbem\wbemcore.dll 2011-03-06 09:49:54 933376 ----a-w- C:\Windows\System32\SmiEngine.dll 2011-03-06 09:49:49 199168 ----a-w- C:\Windows\System32\PkgMgr.exe 2011-03-06 09:49:27 422912 ----a-w- C:\Windows\System32\drvstore.dll 2011-03-06 09:49:27 399872 ----a-w- C:\Windows\System32\dpx.dll 2011-03-06 09:29:56 -------- d-----w- C:\Users\TILMAN~1\AppData\Local\{BCE1DA38-7A9D-4AA8-BEBF-197196D734FB} 2011-03-05 09:25:01 -------- d-----w- C:\Users\TILMAN~1\AppData\Local\{61FF3BC2-C1B8-45DC-8413-4B16AE02E4C7} 2011-03-01 00:47:27 -------- d-----w- C:\Program Files\Ventrilo 2011-03-01 00:47:02 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard 2011-03-01 00:19:21 -------- d-----w- C:\Users\TILMAN~1\AppData\Local\{227C5280-E6DC-4B14-93EA-5C5E9EC6C039} 2011-03-01 00:19:20 -------- d-----w- C:\Users\TILMAN~1\AppData\Local\{46872397-E0D2-4CBD-ADA3-1EB885D04B23} 2011-02-28 18:55:00 -------- d-----w- C:\Users\TILMAN~1\AppData\Roaming\Raptr 2011-02-28 18:55:00 -------- d-----w- C:\Program Files (x86)\Raptr 2011-02-28 11:03:30 -------- d-----w- C:\Users\TILMAN~1\AppData\Local\{004B5545-A4BD-4B49-A85D-FEB3EBC15524} 2011-02-27 20:27:05 -------- d-----w- C:\Users\TILMAN~1\AppData\Local\{3F2B4AC1-EB26-4EA9-994D-95E4428C72C3} 2011-02-26 23:30:18 -------- d-----w- C:\Program Files (x86)\Western Digital Corporation 2011-02-26 20:26:31 -------- d-----w- C:\Users\TILMAN~1\AppData\Local\{38902CB2-2CED-4D6F-8F9F-F3BB133C0FF8} 2011-02-26 20:26:16 -------- d-----w- C:\Users\Tilmandra\Tracing 2011-02-26 20:09:22 -------- d-----w- C:\Windows\no 2011-02-26 20:09:01 -------- d-----w- C:\Windows\en 2011-02-26 20:08:28 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2011-02-26 20:06:28 -------- d-----w- C:\Windows\PCHEALTH 2011-02-26 20:02:47 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\2223bdfb1cbd5f007\DSETUP.dll 2011-02-26 20:02:47 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\2223bdfb1cbd5f007\DXSETUP.exe 2011-02-26 20:02:47 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\2223bdfb1cbd5f007\dsetup32.dll 2011-02-26 20:02:42 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\1eb387d11cbd5f006\DXSETUP.exe 2011-02-26 20:02:42 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\1eb387d11cbd5f006\dsetup32.dll 2011-02-26 20:02:41 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\1eb387d11cbd5f006\DSETUP.dll 2011-02-26 20:01:50 -------- d-----w- C:\Users\TILMAN~1\AppData\Local\Windows Live 2011-02-26 20:01:49 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live 2011-02-26 12:52:19 -------- d-----w- C:\PROGRA~3\Blizzard Entertainment 2011-02-26 11:30:59 469264 ----a-w- C:\Windows\System32\d3dx10.dll 2011-02-26 11:28:37 -------- d-----w- C:\Windows\SysWow64\directx 2011-02-26 11:27:37 -------- d-----w- C:\Users\TILMAN~1\AppData\Roaming\Rift 2011-02-26 11:25:49 -------- d-----w- C:\Windows\SysWow64\Wat 2011-02-26 11:25:49 -------- d-----w- C:\Windows\System32\Wat 2011-02-26 10:17:23 -------- d-----w- C:\Windows\Panther 2011-02-26 03:36:30 -------- d-----w- C:\Program Files (x86)\Conduit 2011-02-26 03:36:28 -------- d-----w- C:\Program Files (x86)\ConduitEngine 2011-02-26 03:36:26 -------- d-----w- C:\Program Files (x86)\uTorrentBar 2011-02-26 03:36:21 -------- d-----w- C:\Program Files (x86)\uTorrent 2011-02-26 03:35:51 -------- d-----w- C:\Users\TILMAN~1\AppData\Roaming\uTorrent 2011-02-26 03:34:55 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2011-02-26 03:34:55 472808 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll 2011-02-26 03:28:18 294912 ----a-w- C:\Windows\System32\browserchoice.exe 2011-02-26 02:36:28 -------- d-----w- C:\Program Files (x86)\GIGABYTE 2011-02-26 02:35:58 69714 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll 2011-02-26 02:35:58 63488 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ISBEW64.exe 2011-02-26 02:35:58 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe 2011-02-26 02:35:58 274432 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll 2011-02-26 02:35:58 25640 ----a-w- C:\Windows\gdrv.sys 2011-02-26 02:35:58 184320 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll 2011-02-26 02:35:57 753664 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll 2011-02-26 02:35:57 331908 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll 2011-02-26 02:35:57 200836 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll 2011-02-26 02:29:19 -------- d-----r- C:\Program Files (x86)\Skype 2011-02-26 02:20:08 -------- d-----w- C:\Users\TILMAN~1\AppData\Local\AMD 2011-02-26 02:20:03 -------- d-----w- C:\Users\TILMAN~1\AppData\Local\Mozilla 2011-02-26 02:19:55 -------- d-----w- C:\Users\TILMAN~1\AppData\Local\ATI 2011-02-26 02:17:39 0 ----a-w- C:\Windows\ativpsrm.bin 2011-02-26 02:15:08 -------- d-----w- C:\Program Files\Common Files\ATI Technologies 2011-02-26 02:15:08 -------- d-----w- C:\Program Files (x86)\Common Files\ATI Technologies 2011-02-26 02:15:05 -------- d-----w- C:\Program Files (x86)\ATI Stream 2011-02-26 02:15:03 -------- d-----w- C:\Program Files (x86)\ATI 2011-02-26 02:14:55 -------- d-----w- C:\PROGRA~3\AMD 2011-02-26 02:14:52 46136 ----a-w- C:\Windows\System32\drivers\amdiox64.sys 2011-02-26 02:14:22 -------- d-----w- C:\Program Files (x86)\ATI Technologies 2011-02-26 02:14:19 -------- d-sh--w- C:\Windows\Installer 2011-02-26 02:14:19 -------- d-----w- C:\Program Files\ATI 2011-02-26 02:13:48 -------- d-----w- C:\Program Files\ATI Technologies 2011-02-26 01:50:43 -------- d-sh--w- C:\Recovery 2011-02-26 01:36:42 7947600 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{1312F7F6-CA1B-45F2-A334-7F91AE68303A}\mpengine.dll 2011-02-26 01:36:40 270720 ------w- C:\Windows\System32\MpSigStub.exe . ==================== Find3M ==================== . 2011-03-06 17:57:09 833024 ----a-w- C:\Windows\SysWow64\user32.dll 2011-03-06 17:57:09 1008640 ----a-w- C:\Windows\System32\user32.dll 2011-03-06 11:14:47 419840 ----a-w- C:\Windows\System32\systemcpl.dll 2011-03-06 11:14:47 13824 ----a-w- C:\Windows\SysWow64\slwga.dll 2011-03-06 10:04:27 175616 ----a-w- C:\Windows\System32\msclmd.dll 2011-03-06 10:04:27 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll 2011-01-26 23:37:20 9085952 ----a-w- C:\Windows\System32\drivers\atikmdag.sys 2011-01-26 23:22:18 22295040 ----a-w- C:\Windows\System32\atio6axx.dll 2011-01-26 23:00:44 143360 ----a-w- C:\Windows\System32\atiapfxx.exe 2011-01-26 23:00:30 596480 ----a-w- C:\Windows\SysWow64\aticfx32.dll 2011-01-26 22:59:46 17204736 ----a-w- C:\Windows\SysWow64\atioglxx.dll 2011-01-26 22:59:10 708608 ----a-w- C:\Windows\System32\aticfx64.dll 2011-01-26 22:56:30 462848 ----a-w- C:\Windows\System32\ATIDEMGX.dll 2011-01-26 22:56:14 479232 ----a-w- C:\Windows\System32\atieclxx.exe 2011-01-26 22:55:36 203776 ----a-w- C:\Windows\System32\atiesrxx.exe 2011-01-26 22:54:20 120320 ----a-w- C:\Windows\System32\atitmm64.dll 2011-01-26 22:54:00 423424 ----a-w- C:\Windows\System32\atipdl64.dll 2011-01-26 22:53:54 356352 ----a-w- C:\Windows\SysWow64\atipdlxx.dll 2011-01-26 22:53:42 278528 ----a-w- C:\Windows\SysWow64\Oemdspif.dll 2011-01-26 22:53:36 16384 ----a-w- C:\Windows\System32\atimuixx.dll 2011-01-26 22:53:32 59392 ----a-w- C:\Windows\System32\atiedu64.dll 2011-01-26 22:53:26 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll 2011-01-26 22:49:44 4105728 ----a-w- C:\Windows\SysWow64\atidxx32.dll 2011-01-26 22:40:02 4847616 ----a-w- C:\Windows\System32\atidxx64.dll 2011-01-26 22:32:46 1208320 ----a-w- C:\Windows\System32\atiumd6v.dll 2011-01-26 22:32:12 1912832 ----a-w- C:\Windows\SysWow64\atiumdmv.dll 2011-01-26 22:32:00 3222016 ----a-w- C:\Windows\System32\atiumd6a.dll 2011-01-26 22:28:52 4170752 ----a-w- C:\Windows\SysWow64\atiumdag.dll 2011-01-26 22:27:52 51200 ----a-w- C:\Windows\System32\aticalrt64.dll 2011-01-26 22:27:50 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll 2011-01-26 22:27:42 44544 ----a-w- C:\Windows\System32\aticalcl64.dll 2011-01-26 22:27:40 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll 2011-01-26 22:27:30 6982144 ----a-w- C:\Windows\System32\aticaldd64.dll 2011-01-26 22:25:50 5580800 ----a-w- C:\Windows\SysWow64\aticaldd.dll 2011-01-26 22:24:18 3463680 ----a-w- C:\Windows\SysWow64\atiumdva.dll 2011-01-26 22:21:58 5316096 ----a-w- C:\Windows\System32\atiumd64.dll 2011-01-26 22:20:46 58880 ----a-w- C:\Windows\System32\coinst.dll 2011-01-26 22:14:14 354304 ----a-w- C:\Windows\System32\atiadlxx.dll 2011-01-26 22:14:08 249856 ----a-w- C:\Windows\SysWow64\atiadlxy.dll 2011-01-26 22:13:56 14848 ----a-w- C:\Windows\System32\atig6pxx.dll 2011-01-26 22:13:52 12800 ----a-w- C:\Windows\SysWow64\atiglpxx.dll 2011-01-26 22:13:52 12800 ----a-w- C:\Windows\System32\atiglpxx.dll 2011-01-26 22:13:50 39936 ----a-w- C:\Windows\System32\atig6txx.dll 2011-01-26 22:13:42 32768 ----a-w- C:\Windows\SysWow64\atigktxx.dll 2011-01-26 22:13:32 299520 ----a-w- C:\Windows\System32\drivers\atikmpag.sys 2011-01-26 22:12:46 39936 ----a-w- C:\Windows\System32\atiuxp64.dll 2011-01-26 22:12:40 30720 ----a-w- C:\Windows\SysWow64\atiuxpag.dll 2011-01-26 22:12:32 38400 ----a-w- C:\Windows\System32\atiu9p64.dll 2011-01-26 22:12:24 28672 ----a-w- C:\Windows\SysWow64\atiu9pag.dll 2011-01-26 22:11:46 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll 2011-01-26 22:08:46 53760 ----a-w- C:\Windows\System32\atimpc64.dll 2011-01-26 22:08:46 53760 ----a-w- C:\Windows\System32\amdpcom64.dll 2011-01-26 22:08:40 52736 ----a-w- C:\Windows\SysWow64\atimpc32.dll 2011-01-26 22:08:40 52736 ----a-w- C:\Windows\SysWow64\amdpcom32.dll 2011-01-07 12:14:11 46080 ----a-w- C:\Windows\System32\atmlib.dll 2011-01-07 09:51:01 1638912 ----a-w- C:\Windows\System32\mshtml.tlb 2011-01-07 09:20:44 366592 ----a-w- C:\Windows\System32\atmfd.dll 2011-01-07 07:45:57 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll 2011-01-07 06:01:22 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2011-01-07 05:43:36 294400 ----a-w- C:\Windows\SysWow64\atmfd.dll 2011-01-05 10:34:00 612864 ----a-w- C:\Windows\System32\vbscript.dll 2011-01-05 06:56:24 3129344 ----a-w- C:\Windows\System32\win32k.sys 2011-01-05 05:55:55 428032 ----a-w- C:\Windows\SysWow64\vbscript.dll . ============= FINISH: 9:26:54,88 =============== I cant post a GMER log because of the application freezing up on me (have made a seperate thread for that in the right section, waiting for answer on how to fix it).
-
Hello MB. Im currently going trough the thread "Im infected - What do i do?". Ive come to the part where im going to use gmer... But when i start the program it starts up then "loads" for abit, then windows tells me it has stopped working and gives me 2 options (find solution online and close the program) or (Close the program). Error log from windows: Problem signature: Problem Event Name: APPCRASH Application Name: i41sblmd.exe Application Version: 1.0.15.15565 Application Timestamp: 4d83d260 Fault Module Name: i41sblmd.exe Fault Module Version: 1.0.15.15565 Fault Module Timestamp: 4d83d260 Exception Code: c0000005 Exception Offset: 00001d3d OS Version: 6.1.7601.2.1.0.256.1 Locale ID: 1044 Additional Information 1: 0a9e Additional Information 2: 0a9e372d3b4ad19135b953a78882e789 Additional Information 3: 0a9e Additional Information 4: 0a9e372d3b4ad19135b953a78882e789 Read our privacy statement online: http://go.microsoft.com/fwlink/?linkid=104288&clcid=0x0409 If the online privacy statement is not available, please read our privacy statement offline: C:\Windows\system32\en-US\erofflps.txt