Jump to content

I think i got virus,help please.


Recommended Posts

Hello dimatsymbal! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.

Please follow the instructions here and post your log files:

http://forums.malwarebytes.org/index.php?showtopic=9573

Link to post
Share on other sites

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 10.0.9200.16537 BrowserJavaVersion: 10.15.2

Run by dima at 22:42:45 on 2013-05-22

Microsoft Windows 8 6.2.9200.0.1252.1.1033.18.7636.4027 [GMT -4:00]

.

AV: AVG Internet Security 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: AVG Internet Security 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}

FW: AVG update module *Disabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}

.

============== Running Processes ===============

.

C:\PROGRA~2\AVG\AVG2013\avgrsa.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\system32\dwm.exe

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\atieclxx.exe

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe

C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe

C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\system32\dashost.exe

C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe

C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe

C:\Program Files (x86)\AVG\AVG2013\avgemca.exe

C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe

C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe

C:\Program Files\ASUS\P4G\BatteryLife.exe

C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe

C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe

C:\Windows\system32\taskhostex.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe

C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe

C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe

C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4396.1016_x64__8wekyb3d8bbwe\LiveComm.exe

C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe

C:\Windows\System32\RuntimeBroker.exe

C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Program Files (x86)\ASUS\Splendid\ACMON.exe

C:\Windows\SysWOW64\ACEngSvr.exe

C:\Program Files\Logitech Gaming Software\LCore.exe

C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe

C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe

C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe

C:\Program Files (x86)\AVG Secure Search\vprot.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\PowerISO\PWRISOVM.EXE

C:\Program Files (x86)\Malwarebytes Secure Backup\SMessaging.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe

C:\Windows\System32\Taskmgr.exe

C:\Program Files (x86)\AVG\AVG2013\avgui.exe

C:\PROGRA~2\AVG\AVG2013\Tuneup\TUMICR~1.EXE

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe

C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe

C:\Program Files (x86)\AVG\AVG PC TuneUp\Integrator.exe

C:\Program Files\Ventrilo\Ventrilo.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Windows\syswow64\wwahost.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\msiexec.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://isearch.avg.com/?cid={A2FBD060-AE86-4A48-8C45-CB02B0D62053}&mid=cdaf8df37a4047d09dce810f1b03c355-8d45cb3e0b2f810b34d0fc3d6bc1a7ad5312e955〈=en&ds=AVG&pr=fr&d=2013-01-22 15:07:05&v=14.2.0.1&pid=avg&sg=&sap=hp

uDefault_Page_URL = hxxp://asus13.msn.com

mStart Page = hxxp://www.google.com

uURLSearchHooks: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - <orphaned>

mWinlogon: Userinit = userinit.exe,

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.2.0.5\AVG Secure Search_toolbar.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.2.0.5\AVG Secure Search_toolbar.dll

uRun: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent

uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

uRun: [uTorrent] "C:\Users\dima\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED

uRun: [Facebook Update] "C:\Users\dima\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

uRun: [FreeAC] C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe -autorun

uRun: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"

mRun: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe /S

mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY

mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [sOSUAUI] "C:\Program Files (x86)\Malwarebytes Secure Backup\sosuploadagent.exe" -showui

mRun: [sMessaging] C:\Program Files (x86)\Malwarebytes Secure Backup\SMessaging.exe

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\ASUSVI~1.LNK - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

TCP: NameServer = 142.155.3.1 142.155.3.2

TCP: Interfaces\{15749715-DD22-4D32-9074-E73F1FBF934E} : DHCPNameServer = 142.155.3.1 142.155.3.2

TCP: Interfaces\{8BA3D3BA-6486-49DA-B14C-337DBE7D3CA8} : DHCPNameServer = 142.155.3.1 142.155.3.2

TCP: Interfaces\{8BA3D3BA-6486-49DA-B14C-337DBE7D3CA8}\659414F534F6E6E6563647F575966496 : DHCPNameServer = 10.9.0.1

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.2.0\ViProtocol.dll

SSODL: WebCheck - <orphaned>

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.93\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL

x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

x64-Run: [ACMON] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe

x64-Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized

x64-Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>

x64-SSODL: WebCheck - <orphaned>

.

============= SERVICES / DRIVERS ===============

.

R0 amd_sata;amd_sata;C:\Windows\System32\Drivers\amd_sata.sys [2012-10-21 79528]

R0 amd_xata;amd_xata;C:\Windows\System32\Drivers\amd_xata.sys [2012-10-21 26280]

R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\Drivers\avgidsha.sys [2013-2-8 71480]

R0 Avgloga;AVG Logging Driver;C:\Windows\System32\Drivers\avgloga.sys [2013-2-8 311096]

R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\Drivers\avgmfx64.sys [2013-2-8 116536]

R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\Drivers\avgrkx64.sys [2013-2-8 45880]

R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-9-7 17536]

R1 Avgfwfd;AVG network filter service;C:\Windows\System32\Drivers\avgfwd6a.sys [2012-9-4 50296]

R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\Drivers\avgidsdrivera.sys [2013-3-29 246072]

R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\Drivers\avgldx64.sys [2013-2-8 206136]

R1 Avgwfpa;AVG Firewall Driver;C:\Windows\System32\Drivers\avgwfpa.sys [2013-3-21 248120]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-10-21 239616]

R2 APXACC;AppEx Networks Accelerator LWF;C:\Windows\System32\Drivers\appexDrv.sys [2012-10-21 199008]

R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]

R2 ASUS InstantOn;ASUS InstantOn Service;C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [2012-4-13 277120]

R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-5-14 4937264]

R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-4-18 283136]

R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2012-8-23 2148216]

R2 vToolbarUpdater15.2.0;vToolbarUpdater15.2.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe [2013-5-21 1015984]

R3 AiCharger;ASUS Charger Driver;C:\Windows\System32\Drivers\AiCharger.sys [2012-7-24 17152]

R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\Drivers\AtihdW86.sys [2012-10-21 98472]

R3 ATP;ASUS PS/2 Port Input Device;C:\Windows\System32\Drivers\AsusTP.sys [2012-10-31 61824]

R3 HIDSwitch;ASUS Wireless Radio Control;C:\Windows\System32\Drivers\AsHIDSwitch64.sys [2012-8-30 21152]

R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\System32\Drivers\LGBusEnum.sys [2009-11-23 22408]

R3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;C:\Windows\System32\Drivers\LGSHidFilt.Sys [2012-10-2 66360]

R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\System32\Drivers\LGVirHid.sys [2009-11-23 16008]

R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2012-10-21 690832]

R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [2012-7-4 11880]

R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\Drivers\usbfilter.sys [2012-10-21 57000]

S0 Avgboota;AVG Early Launch Anti-Malware Driver;C:\Windows\System32\Drivers\avgboota.sys [2012-10-26 20912]

S2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG2013\avgfws.exe [2013-4-10 1428472]

S2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-12 418376]

S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-12 701512]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384]

S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\Drivers\ssudbus.sys [2013-2-6 102936]

S3 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2012-7-5 645952]

S3 MBAMProtector;MBAMProtector;C:\Windows\System32\Drivers\mbam.sys [2012-12-12 25928]

S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE [2010-1-9 174440]

S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\Drivers\ssudmdm.sys [2013-2-6 203544]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]

S3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-25 198656]

S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-7-22 61976]

S4 RsFx0103;RsFx0103 Driver;C:\Windows\System32\Drivers\RsFx0103.sys [2009-3-30 311656]

S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-3-30 427880]

.

=============== File Associations ===============

.

FileExt: .txt: Applications\iexplore.exe="C:\Program Files\Internet Explorer\iexplore.exe" %1 [userChoice]

.

=============== Created Last 30 ================

.

2013-05-22 18:27:31 35192 ----a-w- C:\Windows\System32\TURegOpt.exe

2013-05-22 18:27:31 26488 ----a-w- C:\Windows\System32\authuitu.dll

2013-05-22 18:27:30 21880 ----a-w- C:\Windows\SysWow64\authuitu.dll

2013-05-22 18:27:14 -------- d-----w- C:\Users\dima\AppData\Roaming\AVG

2013-05-22 18:26:28 -------- d-----w- C:\ProgramData\AVG

2013-05-22 18:26:24 -------- d-sh--w- C:\ProgramData\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}

2013-05-21 18:33:47 -------- d-----w- C:\Program Files\iPod

2013-05-21 18:33:46 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2013-05-21 18:33:46 -------- d-----w- C:\Program Files\iTunes

2013-05-21 18:33:46 -------- d-----w- C:\Program Files (x86)\iTunes

2013-05-21 07:17:30 198320 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10204.bin

2013-05-21 07:01:13 -------- d-----w- C:\Users\dima\AppData\Local\cache

2013-05-21 06:59:50 -------- d-----w- C:\Users\dima\AppData\Local\FullTiltPoker

2013-05-21 06:59:15 -------- d-----w- C:\Program Files (x86)\Full Tilt Poker

2013-05-15 16:51:55 1455368 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys

2013-05-15 16:51:53 6987528 ----a-w- C:\Windows\System32\ntoskrnl.exe

2013-05-15 11:09:25 -------- d-----w- C:\ProgramData\Samsung

2013-05-15 04:25:08 70144 ----a-w- C:\Windows\System32\appinfo.dll

2013-05-15 04:25:08 112872 ----a-w- C:\Windows\System32\consent.exe

2013-05-15 04:24:43 861184 ----a-w- C:\Windows\System32\drivers\http.sys

2013-05-15 03:47:36 2382336 ----a-w- C:\Windows\SysWow64\esent.dll

2013-05-15 03:47:35 2851840 ----a-w- C:\Windows\System32\esent.dll

2013-05-09 13:12:53 -------- d-----w- C:\Users\dima\AppData\Roaming\LolClient

2013-05-09 04:47:20 467984 ----a-w- C:\Windows\SysWow64\d3dx10_39.dll

2013-05-09 04:47:20 1493528 ----a-w- C:\Windows\SysWow64\D3DCompiler_39.dll

2013-05-09 04:47:19 3851784 ----a-w- C:\Windows\SysWow64\D3DX9_39.dll

2013-05-09 04:38:57 -------- d-----w- C:\Riot Games

2013-05-09 02:48:44 -------- d-----w- C:\Users\dima\AppData\Local\PMB Files

2013-05-09 02:48:41 -------- d-----w- C:\ProgramData\PMB Files

2013-05-09 02:48:28 -------- d-----w- C:\Program Files (x86)\Pando Networks

2013-05-09 02:48:22 -------- d-----w- C:\Users\dima\.swt

2013-05-01 15:09:16 78872 ----a-w- C:\Windows\System32\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll

2013-05-01 15:09:16 50200 ----a-w- C:\Windows\SysWow64\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll

2013-05-01 15:09:06 79896 ----a-w- C:\Windows\SysWow64\perf-MSSQL$SQLEXPRESS-sqlctr10.1.2531.0.dll

2013-05-01 15:09:06 111640 ----a-w- C:\Windows\System32\perf-MSSQL$SQLEXPRESS-sqlctr10.1.2531.0.dll

2013-05-01 15:08:27 -------- d-----w- C:\Windows\System32\RsFx

2013-05-01 14:50:14 -------- d-----w- C:\Program Files (x86)\Microsoft Synchronization Services

2013-05-01 14:42:31 2377696 ----a-w- C:\ProgramData\Microsoft\VisualStudio\10.0\1033\ResourceCache.dll

2013-05-01 14:37:12 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 10.0

2013-05-01 14:37:12 -------- d-----w- C:\Program Files (x86)\Microsoft F#

2013-05-01 14:34:01 -------- d-----w- C:\Program Files\Microsoft Help Viewer

2013-04-28 22:03:48 -------- d-----w- C:\Poker

2013-04-28 21:55:39 -------- d-----w- C:\Users\dima\AppData\Local\PokerStars

2013-04-28 21:55:22 -------- d-----w- C:\Program Files (x86)\PokerStars

2013-04-28 01:44:11 -------- d-----w- C:\Users\dima\AppData\Roaming\cef-cache

2013-04-28 01:43:50 -------- d-----w- C:\Users\dima\AppData\Roaming\Party

2013-04-28 01:41:24 -------- d-----w- C:\Programs

2013-04-28 01:30:06 -------- d-----w- C:\Users\dima\AppData\Roaming\PacificPoker

2013-04-28 01:29:59 -------- d-----w- C:\Program Files (x86)\PacificPoker

.

==================== Find3M ====================

.

2013-05-22 17:59:53 401 ----a-w- C:\Users\dima\AppData\Roaming\sp_data.sys

2013-05-21 08:52:43 45856 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys

2013-05-07 20:07:50 78200 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-05-07 20:07:50 693112 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-04-17 02:49:32 720896 ----a-w- C:\Users\dima\AppData\Roaming\GameV2.exe

2013-04-13 05:56:35 444416 ----a-w- C:\Windows\apppatch\AcSpecfc.dll

2013-04-09 23:17:44 2242048 ----a-w- C:\Windows\System32\wininet.dll

2013-04-09 23:17:36 915968 ----a-w- C:\Windows\System32\uxtheme.dll

2013-04-09 23:16:58 3958784 ----a-w- C:\Windows\System32\jscript9.dll

2013-04-09 22:30:26 1767424 ----a-w- C:\Windows\SysWow64\wininet.dll

2013-04-09 22:29:44 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll

2013-04-09 05:33:02 489576 ----a-w- C:\Windows\System32\AudioEng.dll

2013-04-09 05:33:02 446792 ----a-w- C:\Windows\System32\AudioSes.dll

2013-04-09 05:33:02 253544 ----a-w- C:\Windows\System32\audiodg.exe

2013-04-09 05:27:43 284424 ----a-w- C:\Windows\System32\drivers\spaceport.sys

2013-04-09 05:20:02 86280 ----a-w- C:\Windows\System32\kdnet.dll

2013-04-09 05:20:02 306952 ----a-w- C:\Windows\System32\kd_02_10ec.dll

2013-04-09 05:18:05 77960 ----a-w- C:\Windows\System32\kdvm.dll

2013-04-09 05:17:57 1829408 ----a-w- C:\Windows\System32\ntdll.dll

2013-04-09 04:52:07 816128 ----a-w- C:\Windows\System32\SearchIndexer.exe

2013-04-09 04:52:07 373760 ----a-w- C:\Windows\System32\SearchProtocolHost.exe

2013-04-09 04:52:07 197120 ----a-w- C:\Windows\System32\SearchFilterHost.exe

2013-04-09 04:52:07 126464 ----a-w- C:\Windows\System32\Robocopy.exe

2013-04-09 04:52:06 804352 ----a-w- C:\Windows\System32\RecoveryDrive.exe

2013-04-09 04:51:51 367616 ----a-w- C:\Windows\System32\conhost.exe

2013-04-09 04:51:45 523264 ----a-w- C:\Windows\System32\XpsGdiConverter.dll

2013-04-09 04:51:41 99840 ----a-w- C:\Windows\System32\wscsvc.dll

2013-04-09 04:51:41 456704 ----a-w- C:\Windows\System32\wpncore.dll

2013-04-09 04:51:20 13648384 ----a-w- C:\Windows\System32\Windows.UI.Xaml.dll

2013-04-09 04:51:17 595456 ----a-w- C:\Windows\System32\Windows.Networking.dll

2013-04-09 04:51:17 391168 ----a-w- C:\Windows\System32\Windows.Networking.BackgroundTransfer.dll

2013-04-09 04:51:05 10116096 ----a-w- C:\Windows\System32\twinui.dll

2013-04-09 04:51:03 3552768 ----a-w- C:\Windows\System32\tquery.dll

2013-04-09 04:50:53 414720 ----a-w- C:\Windows\System32\GenuineCenter.dll

2013-04-09 04:50:39 422400 ----a-w- C:\Windows\System32\schannel.dll

2013-04-09 04:50:39 1285632 ----a-w- C:\Windows\System32\schedsvc.dll

2013-04-09 04:50:03 96256 ----a-w- C:\Windows\System32\mssprxy.dll

2013-04-09 04:50:03 745984 ----a-w- C:\Windows\System32\mssvp.dll

2013-04-09 04:50:03 2107904 ----a-w- C:\Windows\System32\mssrch.dll

2013-04-09 04:50:02 65024 ----a-w- C:\Windows\System32\msscntrs.dll

2013-04-09 04:50:02 435200 ----a-w- C:\Windows\System32\mssph.dll

2013-04-09 04:50:02 13824 ----a-w- C:\Windows\System32\msshooks.dll

2013-04-09 04:49:54 1444864 ----a-w- C:\Windows\System32\MSAudDecMFT.dll

2013-04-09 04:49:45 468992 ----a-w- C:\Windows\System32\MFMediaEngine.dll

2013-04-09 04:49:45 281088 ----a-w- C:\Windows\System32\mfreadwrite.dll

2013-04-09 04:49:36 817152 ----a-w- C:\Windows\System32\kerberos.dll

2013-04-09 04:49:33 210432 ----a-w- C:\Windows\System32\iuilp.dll

2013-04-09 04:49:16 50176 ----a-w- C:\Windows\System32\fmifs.dll

2013-04-09 04:49:16 231936 ----a-w- C:\Windows\System32\fhengine.dll

2013-04-09 04:49:09 172544 ----a-w- C:\Windows\System32\dwmredir.dll

2013-04-09 04:49:06 196096 ----a-w- C:\Windows\System32\dmvdsitf.dll

2013-04-09 04:48:43 2303488 ----a-w- C:\Windows\System32\authui.dll

2013-04-09 04:48:42 785408 ----a-w- C:\Windows\System32\audiosrv.dll

2013-04-09 04:48:42 169472 ----a-w- C:\Windows\System32\AudioEndpointBuilder.dll

2013-04-09 04:48:34 419840 ----a-w- C:\Windows\System32\intl.cpl

2013-04-09 02:35:13 4038144 ----a-w- C:\Windows\System32\win32k.sys

2013-04-09 02:34:49 83968 ----a-w- C:\Windows\System32\drivers\hidclass.sys

2013-04-09 02:34:42 27648 ----a-w- C:\Windows\System32\drivers\hidusb.sys

2013-04-09 02:34:30 95744 ----a-w- C:\Windows\System32\drivers\hidbth.sys

2013-04-09 02:33:41 60416 ----a-w- C:\Windows\System32\drivers\ndproxy.sys

2013-04-09 02:33:05 623104 ----a-w- C:\Windows\System32\drivers\srv2.sys

2013-04-09 02:32:02 805376 ----a-w- C:\Windows\System32\drivers\PEAuth.sys

2013-04-09 02:31:14 247808 ----a-w- C:\Windows\System32\drivers\srvnet.sys

2013-04-09 02:31:01 83456 ----a-w- C:\Windows\System32\drivers\wanarp.sys

2013-04-08 23:44:25 123880 ----a-w- C:\Windows\SysWow64\wscapi.dll

2013-04-08 23:39:14 1408896 ----a-w- C:\Windows\SysWow64\ntdll.dll

2013-04-08 23:37:29 426024 ----a-w- C:\Windows\SysWow64\AudioEng.dll

2013-04-08 23:37:29 324368 ----a-w- C:\Windows\SysWow64\AudioSes.dll

2013-04-08 21:52:16 670208 ----a-w- C:\Windows\SysWow64\SearchIndexer.exe

2013-04-08 21:52:16 302592 ----a-w- C:\Windows\SysWow64\SearchProtocolHost.exe

2013-04-08 21:52:16 171008 ----a-w- C:\Windows\SysWow64\SearchFilterHost.exe

2013-04-08 21:52:16 106496 ----a-w- C:\Windows\SysWow64\Robocopy.exe

2013-04-08 21:52:06 364544 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll

2013-04-04 23:30:17 503080 ----a-w- C:\Windows\System32\ci.dll

2013-04-04 18:50:32 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2013-03-30 18:16:05 1403784 ----a-w- C:\Windows\System32\winload.efi

2013-03-30 18:16:05 1267424 ----a-w- C:\Windows\System32\winload.exe

2013-03-29 06:53:48 246072 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys

2013-03-28 22:09:09 1093880 ----a-w- C:\Windows\System32\winresume.exe

2013-03-28 22:09:04 1217328 ----a-w- C:\Windows\System32\winresume.efi

2013-03-21 07:08:26 248120 ----a-w- C:\Windows\System32\drivers\avgwfpa.sys

2013-03-15 22:05:34 298456 ----a-w- C:\Windows\System32\rsaenh.dll

2013-03-15 22:05:16 252928 ----a-w- C:\Windows\SysWow64\rsaenh.dll

2013-03-02 10:57:48 337128 ----a-w- C:\Windows\System32\drivers\USBXHCI.SYS

2013-03-02 10:57:46 77544 ----a-w- C:\Windows\System32\drivers\storahci.sys

2013-03-02 10:57:46 332520 ----a-w- C:\Windows\System32\drivers\storport.sys

2013-03-02 10:45:20 148712 ----a-w- C:\Windows\System32\drivers\tpm.sys

2013-03-02 10:45:19 194792 ----a-w- C:\Windows\System32\drivers\sdbus.sys

2013-03-02 10:45:10 125160 ----a-w- C:\Windows\System32\drivers\dumpsd.sys

2013-03-02 10:39:39 495336 ----a-w- C:\Windows\System32\drivers\vhdmp.sys

2013-03-02 10:39:38 69864 ----a-w- C:\Windows\System32\drivers\pdc.sys

2013-03-02 10:39:32 327912 ----a-w- C:\Windows\System32\drivers\Classpnp.sys

2013-03-02 09:59:37 2231528 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2013-03-02 09:59:36 411880 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS

2013-03-02 08:24:08 34304 ----a-w- C:\Windows\SysWow64\wuapp.exe

2013-03-02 08:23:43 83968 ----a-w- C:\Windows\SysWow64\wudriver.dll

2013-03-02 08:23:43 125952 ----a-w- C:\Windows\SysWow64\wuwebv.dll

2013-03-02 08:23:30 893952 ----a-w- C:\Windows\SysWow64\winmde.dll

2013-03-02 08:23:30 1338880 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll

2013-03-02 08:23:28 601088 ----a-w- C:\Windows\SysWow64\Windows.Globalization.dll

.

============= FINISH: 22:43:12.88 ===============

Link to post
Share on other sites

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 8

Boot Device: \Device\HarddiskVolume1

Install Date: 12/13/2012 5:49:35 AM

System Uptime: 5/22/2013 1:56:07 PM (9 hours ago)

.

Motherboard: ASUSTeK COMPUTER INC. | | K55N

Processor: AMD A8-4500M APU with Radeon HD Graphics | P0 | 1900/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 279 GiB total, 165.791 GiB free.

D: is FIXED (NTFS) - 398 GiB total, 398.012 GiB free.

E: is CDROM (CDFS)

F: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP31: 5/7/2013 6:54:37 AM - Scheduled Checkpoint

RP32: 5/8/2013 12:11:11 PM - Removed Visual Studio 2010 Prerequisites - English

RP33: 5/15/2013 12:21:52 AM - Windows Update

RP34: 5/19/2013 5:15:00 AM - Windows Update

RP35: 5/22/2013 2:26:34 PM - Installed AVG PC TuneUp

.

==== Installed Programs ======================

.

µTorrent

Adobe Reader X MUI

AMD Accelerated Video Transcoding

AMD APP SDK Runtime

AMD Catalyst Install Manager

AMD Quick Stream

AMD VISION Engine Control Center

Apple Application Support

Apple Mobile Device Support

Apple Software Update

ASUS Instant Connect

ASUS InstantOn

ASUS LifeFrame3

ASUS Live Update

ASUS Power4Gear Hybrid

ASUS Smart Gesture

ASUS Splendid Video Enhancement Technology

ASUS Tutor

ASUS USB Charger Plus

ASUS WebStorage Sync Agent

ASUSDVD

AsusVibe2.0

ATK Package

AutoHotkey 1.1.09.02

AVG 2013

AVG PC TuneUp

AVG PC TuneUp Language Pack (en-US)

AVG Security Toolbar

Bonjour

Catalyst Control Center Graphics Previews Common

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

ccc-utility64

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

Crystal Reports for Visual Studio

Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition

Dota 2

Dotfuscator Software Services - Community Edition

Entity Framework Designer for Visual Studio 2012 - enu

Facebook Video Calling 1.2.0.287

Free Alarm Clock 2.7.1

Full Tilt Poker

Google Chrome

Google Update Helper

Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2542054)

IIS 8.0 Express

IIS Express Application Compatibility Database for x64

IIS Express Application Compatibility Database for x86

iTunes

Java 7 Update 15

Java Auto Updater

League of Legends

Logitech Gaming Software

Logitech Gaming Software 8.40

Malwarebytes Anti-Malware version 1.75.0.1300

Malwarebytes Secure Backup

Microsoft .NET Framework 4 Multi-Targeting Pack

Microsoft .NET Framework 4.5 Multi-Targeting Pack

Microsoft .NET Framework 4.5 SDK

Microsoft Application Error Reporting

Microsoft ASP.NET MVC 2

Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools

Microsoft ASP.NET MVC 3

Microsoft ASP.NET Web Pages

Microsoft Help Viewer 1.0

Microsoft Help Viewer 2.0

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Office 32-bit Components 2010

Microsoft Office Office 64-bit Components 2007

Microsoft Office PowerPoint 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Proof (English) 2007

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2007

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing (English) 2010

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Shared 32-bit MUI (English) 2010

Microsoft Office Shared 64-bit MUI (English) 2007

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Word 2007

Microsoft Office Word MUI (English) 2007

Microsoft PowerPoint 2010

Microsoft Silverlight

Microsoft Silverlight 3 SDK

Microsoft Silverlight 4 SDK

Microsoft Silverlight 5 SDK

Microsoft SQL Server 2008 (64-bit)

Microsoft SQL Server 2008 Browser

Microsoft SQL Server 2008 Common Files

Microsoft SQL Server 2008 Database Engine Services

Microsoft SQL Server 2008 Database Engine Shared

Microsoft SQL Server 2008 Native Client

Microsoft SQL Server 2008 R2 Data-Tier Application Framework

Microsoft SQL Server 2008 R2 Data-Tier Application Project

Microsoft SQL Server 2008 R2 Management Objects

Microsoft SQL Server 2008 R2 Transact-SQL Language Service

Microsoft SQL Server 2008 RsFx Driver

Microsoft SQL Server 2008 Setup Support Files

Microsoft SQL Server 2012 Command Line Utilities

Microsoft SQL Server 2012 Data-Tier App Framework

Microsoft SQL Server 2012 Express LocalDB

Microsoft SQL Server 2012 Management Objects

Microsoft SQL Server 2012 Management Objects (x64)

Microsoft SQL Server 2012 Native Client

Microsoft SQL Server 2012 T-SQL Language Service

Microsoft SQL Server 2012 Transact-SQL Compiler Service

Microsoft SQL Server 2012 Transact-SQL ScriptDom

Microsoft SQL Server Compact 3.5 SP2 ENU

Microsoft SQL Server Compact 3.5 SP2 x64 ENU

Microsoft SQL Server Compact 4.0 SP1 x64 ENU

Microsoft SQL Server Data Tools - enu (11.1.20627.00)

Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20627.00)

Microsoft SQL Server Database Publishing Wizard 1.4

Microsoft SQL Server System CLR Types

Microsoft SQL Server System CLR Types (x64)

Microsoft SQL Server VSS Writer

Microsoft Sync Framework Runtime v1.0 SP1 (x64)

Microsoft Sync Framework SDK v1.0 SP1

Microsoft Sync Framework Services v1.0 SP1 (x64)

Microsoft Sync Services for ADO.NET v2.0 SP1 (x64)

Microsoft System CLR Types for SQL Server 2012

Microsoft System CLR Types for SQL Server 2012 (x64)

Microsoft Team Foundation Server 2010 Object Model - ENU

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319

Microsoft Visual F# 2.0 Runtime

Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools

Microsoft Visual Studio 2010 Office Developer Tools (x64)

Microsoft Visual Studio 2010 Professional - ENU

Microsoft Visual Studio 2010 SharePoint Developer Tools

Microsoft Visual Studio 2010 Tools for Office Runtime (x64)

Microsoft Visual Studio Macro Tools

Microsoft Web Deploy 3.0

Microsoft Web Deploy dbSqlPackage Provider - enu

Microsoft Web Platform Installer 4.0

mIRC

Notepad++

Pando Media Booster

PowerISO

Prerequisites for SSDT

Qualcomm Atheros Client Installation Program

Realtek Ethernet Controller Driver

Realtek High Definition Audio Driver

Secure Download Manager

Security Update for Microsoft Excel 2010 (KB2597126) 64-Bit Edition

Security Update for Microsoft Filter Pack 2.0 (KB2553501) 64-Bit Edition

Security Update for Microsoft InfoPath 2010 (KB2760406) 64-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft Office 2010 (KB2553371) 64-Bit Edition

Security Update for Microsoft Office 2010 (KB2553447) 64-Bit Edition

Security Update for Microsoft Office 2010 (KB2589320) 64-Bit Edition

Security Update for Microsoft Office 2010 (KB2598243) 64-Bit Edition

Security Update for Microsoft Office 2010 (KB2687501) 64-Bit Edition

Security Update for Microsoft Office 2010 (KB2687510) 64-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition

Security Update for Microsoft OneNote 2010 (KB2760600) 64-Bit Edition

Security Update for Microsoft Visual Studio 2010 Professional - ENU (KB2644980)

Security Update for Microsoft Visual Studio Macro Tools (KB2669970)

Security Update for Microsoft Word 2010 (KB2760410) 64-Bit Edition

Service Pack 1 for SQL Server 2008 (KB968369) (64-bit)

Shared C Run-time for x64

Skype™ 6.3

Sql Server Customer Experience Improvement Program

Steam

Update for (KB2504637)

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition

Update for Microsoft Office 2010 (KB2553378) 64-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition

Update for Microsoft Office 2010 (KB2687509) 64-Bit Edition

Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition

Update for Microsoft Office 2010 (KB2767886) 64-Bit Edition

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

Update for Microsoft PowerPoint 2010 (KB2598240) 64-Bit Edition

Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition

Ventrilo Client for Windows x64

Warcraft III

WCF RIA Services V1.0 SP2

Web Deployment Tool

Windows Driver Package - ASUS (ATP) Mouse (10/29/2012 1.0.0.148)

WinFlash

WinZip 17.0

ZoomEx

.

==== Event Viewer Messages From Past Week ========

.

5/22/2013 1:57:12 PM, Error: Service Control Manager [7024] -

5/22/2013 1:55:27 PM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.

5/20/2013 4:03:04 AM, Error: Microsoft-Windows-Kernel-Power [137] - The system firmware has changed the processor's memory type range registers (MTRRs) across a sleep state transition (S5). This can result in reduced resume performance.

.

==== End Of File ===========================

Link to post
Share on other sites

Step 1

Please uninstall the following applications:

µTorrent

AVG PC TuneUp

AVG PC TuneUp Language Pack (en-US)

AVG Security Toolbar

Step 2

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Step 3

  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

Step 4

Please download AdwCleaner from here and save it on your Desktop.

  1. Right-click on adwcleaner.exe and select Run As Administrator to launch the application.
  2. Now click on the Search tab.
  3. Please post the contents of the log-file created in your next post.

Note: The log can also be located at C:\ >> AdwCleaner[XX].txt >> XX <-- Denotes the number of times the application has been ran, so in this should be something like R1.

Step 5

  • Download on the desktop RogueKiller
  • Quit all programs
  • Start RogueKiller.exe
  • Wait until Prescan has finished ...
  • Click on Scan. Click on Report and copy/paste the content of the notepad in your next reply.

In your next reply, post the following log files:

  • Junkware Removal Tool log
  • Malwarebytes' Anti-Malware log
  • AdwCleaner log
  • RogueKiller log

Link to post
Share on other sites

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 4.9.4 (05.06.2013:1)

OS: Windows 8 x64

Ran by dima on Thu 05/23/2013 at 20:59:34.83

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\smessaging

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\startsearch

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\conduit

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\smartbar

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\Toolbar.CT3220468

Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"

Successfully deleted: [Registry Key] "hkey_local_machine\software\pip"

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\installmate"

Successfully deleted: [Folder] "C:\ProgramData\premium"

Successfully deleted: [Folder] "C:\Users\dima\appdata\local\conduit"

Successfully deleted: [Folder] "C:\Users\dima\appdata\locallow\conduit"

Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"

~~~ Chrome

Successfully deleted: [Folder] C:\Users\dima\appdata\local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Thu 05/23/2013 at 21:04:53.44

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

alwarebytes Anti-Malware (PRO) 1.75.0.1300

www.malwarebytes.org

Database version: v2013.05.23.12

Windows 8 x64 NTFS

Internet Explorer 10.0.9200.16580

dima :: DIMA-PC [administrator]

Protection: Disabled

5/23/2013 9:10:12 PM

mbam-log-2013-05-23 (21-10-12).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 218246

Time elapsed: 6 minute(s), 41 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

AdwCleaner v2.301 - Logfile created 05/23/2013 at 21:18:03

# Updated 16/05/2013 by Xplode

# Operating system : Windows 8 (64 bits)

# User : dima - DIMA-PC

# Boot Mode : Normal

# Running from : C:\Users\dima\Downloads\adwcleaner.exe

# Option [search]

***** [services] *****

***** [Files / Folders] *****

File Found : C:\Users\dima\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage

File Found : C:\Users\dima\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal

File Found : C:\Users\dima\AppData\Local\Temp\Uninstall.exe

Folder Found : C:\ProgramData\AVG Security Toolbar

***** [Registry] *****

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Found : HKCU\Software\PrivitizeVPNInstallDates

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

***** [internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16537

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://searchab.com/?aff=7&uid=65cf9794-4f7c-11e2-be7a-50465de72aa6

-\\ Google Chrome v27.0.1453.93

File : C:\Users\dima\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [2123 octets] - [23/05/2013 21:18:03]

########## EOF - C:\AdwCleaner[R1].txt - [2183 octets] ##########

ogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/

Website : http://tigzy.geekstogo.com/roguekiller.php

Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 8 (6.2.9200 ) 64 bits version

Started in : Normal mode

User : dima [Admin rights]

Mode : Scan -- Date : 05/23/2013 21:23:10

| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 4 ¤¤¤

[HJPOL] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND

[HJPOL] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\Windows\system32\drivers\etc\hosts

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS547575A9E384 +++++

--- User ---

[MBR] 5121ed68627e23ab97862d4b9d9f4d5e

[bSP] 4816b00b2e7efa2cda2c0a65fdf3e385 : Empty MBR Code

Partition table:

0 - [XXXXXX] UNKNOWN (0xee) [VISIBLE] Offset (sectors): 1 | Size: 2097152 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1]_S_05232013_02d2123.txt >>

RKreport[1]_S_05232013_02d2123.txt

Link to post
Share on other sites

No one.

http://forums.malwarebytes.org/index.php?showtopic=97700

  1. Please re-run AdwCleaner
  2. Click on Delete button.
  3. Confirm each time with OK.
  4. Your computer will be rebooted automatically. A text file will open after the restart. Please post the content of that logfile in your reply.

Note: You can find the logfile at C:\AdwCleaner[sn].txt as well - n is the order number.

Link to post
Share on other sites

# AdwCleaner v2.301 - Logfile created 05/24/2013 at 11:15:48

# Updated 16/05/2013 by Xplode

# Operating system : Windows 8 (64 bits)

# User : dima - DIMA-PC

# Boot Mode : Normal

# Running from : C:\Users\dima\Downloads\adwcleaner.exe

# Option [Delete]

***** [services] *****

***** [Files / Folders] *****

File Deleted : C:\Users\dima\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage

File Deleted : C:\Users\dima\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal

File Deleted : C:\Users\dima\AppData\Local\Temp\Uninstall.exe

Folder Deleted : C:\ProgramData\AVG Security Toolbar

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKCU\Software\PrivitizeVPNInstallDates

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

***** [internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16537

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://searchab.com/?aff=7&uid=65cf9794-4f7c-11e2-be7a-50465de72aa6 --> hxxp://www.google.com

-\\ Google Chrome v27.0.1453.94

File : C:\Users\dima\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [2248 octets] - [23/05/2013 21:18:03]

AdwCleaner[R2].txt - [2087 octets] - [24/05/2013 11:15:28]

AdwCleaner[s1].txt - [2085 octets] - [24/05/2013 11:15:48]

########## EOF - C:\AdwCleaner[s1].txt - [2145 octets] ##########

Link to post
Share on other sites

Glad I could help! :)

Step 1

  • Download OTC to your desktop and run it
  • Click Yes to beginning the Cleanup process and remove these components, including this application.
  • You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.

Step 2

  • Double click on AdwCleaner.exe to run the tool.
  • Click on Uninstall
  • Confirm with Yes

Step 3

Some malware prevention tips:

users.telenet.be/bluepatchy/miekiemoes/prevention.html

Safe surfing! :)

Link to post
Share on other sites

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.