Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
Help me removing viruses
Message
<blockquote data-quote="joku upi" data-source="post: 142713" data-attributes="member: 14483"><p>DDS (Ver_2012-11-20.01) - NTFS_AMD64 </p><p>Internet Explorer: 10.0.9200.16720 BrowserJavaVersion: 10.45.2</p><p>Run by mitteeeh at 22:36:23 on 2013-11-02</p><p>Microsoft Windows 7 Home Premium 6.1.7601.1.1252.358.1035.18.8157.6005 [GMT 2:00]</p><p>.</p><p>AV: Computer Security *Enabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17}</p><p>SP: Computer Security *Enabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA}</p><p>SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}</p><p>.</p><p>============== Running Processes ===============</p><p>.</p><p>C:\Windows\system32\lsm.exe</p><p>C:\Windows\system32\svchost.exe -k DcomLaunch</p><p>C:\Windows\system32\nvvsvc.exe</p><p>C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe</p><p>C:\Windows\system32\svchost.exe -k RPCSS</p><p>C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted</p><p>C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted</p><p>C:\Windows\system32\svchost.exe -k LocalService</p><p>C:\Windows\system32\svchost.exe -k netsvcs</p><p>C:\Windows\system32\svchost.exe -k NetworkService</p><p>C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe</p><p>C:\Windows\system32\nvvsvc.exe</p><p>C:\Windows\System32\spoolsv.exe</p><p>C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork</p><p>C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE</p><p>C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe</p><p>C:\Windows\system32\taskhost.exe</p><p>C:\Windows\system32\taskeng.exe</p><p>C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe</p><p>C:\Windows\system32\Dwm.exe</p><p>C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe</p><p>C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe</p><p>C:\Windows\SysWOW64\AsHookDevice.exe</p><p>C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe</p><p>C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation</p><p>C:\Program Files (x86)\F-Secure\fshoster32.exe</p><p>C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe</p><p>C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe</p><p>C:\Windows\System32\svchost.exe -k HPZ12</p><p>C:\Windows\System32\svchost.exe -k HPZ12</p><p>C:\Windows\SysWOW64\PnkBstrA.exe</p><p>C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\FSGK32.EXE</p><p>C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE</p><p>C:\Program Files (x86)\ASUS\AI Manager\AsShellApplication.exe</p><p>C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe</p><p>C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe</p><p>C:\Program Files (x86)\F-Secure\fshoster32.exe</p><p>C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe</p><p>C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe</p><p>C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe</p><p>C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE</p><p>C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe</p><p>C:\Windows\system32\SearchIndexer.exe</p><p>C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE</p><p>C:\Windows\System32\WUDFHost.exe</p><p>C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fssm32.exe</p><p>C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe</p><p>C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe</p><p>C:\Windows\system32\svchost.exe -k SDRSVC</p><p>C:\Windows\explorer.exe</p><p>C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE</p><p>C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSHDLL64.EXE</p><p>C:\Program Files\Internet Explorer\iexplore.exe</p><p>C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE</p><p>C:\Windows\system32\SearchProtocolHost.exe</p><p>C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE</p><p>C:\Windows\system32\msiexec.exe</p><p>C:\Windows\system32\wbem\wmiprvse.exe</p><p>C:\Windows\system32\SearchFilterHost.exe</p><p>C:\Windows\system32\SearchProtocolHost.exe</p><p>C:\Windows\System32\cscript.exe</p><p>.</p><p>============== Pseudo HJT Report ===============</p><p>.</p><p>uStart Page = hxxp://www.google.com</p><p>BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll</p><p>BHO: F-Secure Online Safety: {45BBE08D-81C5-4A67-AF20-B2A077C67747} - C:\Program Files (x86)\F-Secure\apps\OnlineSafety\browser\install\fs_ie_https\fs_ie_https.dll</p><p>BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll</p><p>BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll</p><p>BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - </p><p>BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll</p><p>TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - </p><p>uRun: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent</p><p>mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"</p><p>mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"</p><p>mRun: [RunAIShell] C:\Program Files (x86)\ASUS\AI Manager\AsShellApplication.exe</p><p>mRun: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe</p><p>mRun: [ASUS Easy Update] C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe</p><p>mRun: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.104.216\AsusWSPanel.exe /S</p><p>mRun: [F-Secure Hoster (666)] "C:\Program Files (x86)\F-Secure\fshoster32.exe" -app -hosterid:1</p><p>mRun: [F-Secure Manager] "C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE" /splash</p><p>mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"</p><p>StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ASUSVI~1.LNK - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe</p><p>uPolicies-Explorer: NoDrives = dword:0</p><p>mPolicies-Explorer: NoDrives = dword:0</p><p>mPolicies-System: ConsentPromptBehaviorAdmin = dword:5</p><p>mPolicies-System: ConsentPromptBehaviorUser = dword:3</p><p>mPolicies-System: EnableUIADesktopToggle = dword:0</p><p>IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll</p><p>DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} - hxxps://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.96.0.cab</p><p>TCP: NameServer = 77.223.60.102 77.223.61.2</p><p>TCP: Interfaces\{7EF52448-E336-4BF4-964C-02E1D170C640} : DHCPNameServer = 77.223.60.102 77.223.61.2</p><p>Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll</p><p>SSODL: WebCheck - <orphaned></p><p>x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll</p><p>x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s</p><p>x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned></p><p>x64-SSODL: WebCheck - <orphaned></p><p>.</p><p>============= SERVICES / DRIVERS ===============</p><p>.</p><p>R0 AiChargerPlus;ASUS Charger Plus Driver;C:\Windows\System32\drivers\AiChargerPlus.sys [2011-11-9 14464]</p><p>R0 asahci64;asahci64;C:\Windows\System32\drivers\asahci64.sys [2011-3-24 36448]</p><p>R0 fsbts;fsbts;C:\Windows\System32\drivers\fsbts.sys [2013-11-1 56016]</p><p>R1 F-Secure HIPS;F-Secure HIPS Driver;C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys [2013-11-1 69296]</p><p>R1 fsvista;F-Secure Vista Support Driver;C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [2013-11-1 13248]</p><p>R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]</p><p>R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]</p><p>R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2013-10-11 144152]</p><p>R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe [2011-11-9 922240]</p><p>R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [2011-11-9 915584]</p><p>R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [2011-11-9 586880]</p><p>R2 Device Handle Service;Device Handle Service;C:\Windows\SysWOW64\AsHookDevice.exe [2011-11-9 203392]</p><p>R2 fshoster;F-Secure Dll Hoster;C:\Program Files (x86)\F-Secure\fshoster32.exe [2013-9-11 191424]</p><p>R2 FSORSPClient;F-Secure ORSP Client;C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe [2013-6-10 60352]</p><p>R2 RtNdPt60;Realtek NDIS Protocol Driver;C:\Windows\System32\drivers\RtNdPt60.sys [2011-11-9 32544]</p><p>R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-8-17 379496]</p><p>R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-11-9 2656280]</p><p>R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2011-10-19 129000]</p><p>R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2011-10-19 394216]</p><p>R3 F-Secure Gatekeeper;F-Secure Gatekeeper;C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [2013-11-1 203120]</p><p>R3 fsni;fsni;C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\fsni64.sys [2013-6-20 81344]</p><p>R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]</p><p>S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]</p><p>S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]</p><p>S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-2 183560]</p><p>S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2011-11-9 48488]</p><p>S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-14 1492840]</p><p>S3 mv91xx;mv91xx;C:\Windows\System32\drivers\mv91xx.sys [2011-10-19 293416]</p><p>S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-10-19 80384]</p><p>S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-10-19 181248]</p><p>S3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.2);C:\Windows\System32\drivers\RtTeam60.sys [2011-11-9 48416]</p><p>S3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);C:\Windows\System32\drivers\RtVlan60.sys [2011-11-9 29472]</p><p>S3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.2);C:\Windows\System32\drivers\RtTeam60.sys [2011-11-9 48416]</p><p>S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]</p><p>S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]</p><p>S3 WatAdminSvc;Windowsin aktivointitekniikoiden palvelu;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-11-1 1255736]</p><p>S3 VLAN;Realtek Virtual Miniport Driver for VLAN (NDIS 6.2);C:\Windows\System32\drivers\RtVlan60.sys [2011-11-9 29472]</p><p>S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]</p><p>.</p><p>=============== Created Last 30 ================</p><p>.</p><p>2013-11-02 20:35:00 388096 ----a-r- C:\Users\mitteeeh\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe</p><p>2013-11-02 20:35:00 -------- d-----w- C:\Program Files (x86)\Trend Micro</p><p>2013-11-02 20:28:15 -------- d-----w- C:\Program Files (x86)\Driver Fusion</p><p>2013-11-02 20:18:50 -------- d-----w- C:\Windows\ERUNT</p><p>2013-11-02 18:34:47 -------- d-sh--w- C:\$RECYCLE.BIN</p><p>2013-11-02 18:30:44 98816 ----a-w- C:\Windows\sed.exe</p><p>2013-11-02 18:30:44 256000 ----a-w- C:\Windows\PEV.exe</p><p>2013-11-02 18:30:44 208896 ----a-w- C:\Windows\MBR.exe</p><p>2013-11-02 16:46:03 -------- d-----w- C:\Users\mitteeeh\AppData\Roaming\NVIDIA</p><p>2013-11-02 16:45:25 -------- d-----w- C:\Users\mitteeeh\jagexcache</p><p>2013-11-02 16:10:16 282104 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr</p><p>2013-11-02 16:09:29 -------- d-----w- C:\Users\mitteeeh\AppData\Local\PunkBuster</p><p>2013-11-02 16:06:45 282104 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe</p><p>2013-11-02 16:06:44 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe</p><p>2013-11-02 15:53:17 -------- d-----w- C:\Program Files (x86)\EA Games</p><p>2013-11-02 15:46:12 -------- d-----w- C:\Program Files (x86)\GameforgeLive</p><p>2013-11-02 15:46:04 -------- d-----w- C:\Users\mitteeeh\AppData\Local\Programs</p><p>2013-11-02 15:30:39 -------- d-----w- C:\Windows\CheckSur</p><p>2013-11-02 12:41:49 -------- d-----w- C:\Users\mitteeeh\AppData\Local\Adobe</p><p>2013-11-02 12:02:36 -------- d-----w- C:\_OTL</p><p>2013-11-02 11:54:37 -------- d-----w- C:\Users\mitteeeh\AppData\Local\Diagnostics</p><p>2013-11-02 11:38:11 -------- d-----w- C:\Users\mitteeeh\Doctor Web</p><p>2013-11-02 09:50:46 -------- d-----w- C:\Users\mitteeeh\AppData\Roaming\Curiolab</p><p>2013-11-02 09:25:16 -------- d-----w- C:\Program Files (x86)\Exterminate It!</p><p>2013-11-02 09:09:52 -------- d-----w- C:\Windows\Patches</p><p>2013-11-02 08:57:11 -------- d-----w- C:\Windows\SysWow64\System32</p><p>2013-11-02 08:57:11 -------- d-----w- C:\ProgramData\GFI</p><p>2013-11-02 08:57:11 -------- d-----w- C:\Program Files (x86)\GFI</p><p>2013-11-02 08:19:09 -------- d-----w- C:\Program Files\Angry IP Scanner</p><p>2013-11-02 07:57:09 -------- d-----w- C:\AdwCleaner</p><p>2013-11-02 07:39:26 -------- d-----w- C:\Users\mitteeeh\AppData\Local\NPE</p><p>2013-11-02 07:39:26 -------- d-----w- C:\ProgramData\Norton</p><p>2013-11-02 02:13:11 12872 ----a-w- C:\Windows\System32\bootdelete.exe</p><p>2013-11-02 02:10:55 -------- d-----w- C:\Program Files\HitmanPro</p><p>2013-11-02 02:10:53 -------- d-----w- C:\ProgramData\HitmanPro</p><p>2013-11-02 02:05:03 -------- d-----w- C:\ProgramData\Malwarebytes</p><p>2013-11-02 02:05:01 116440 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys</p><p>2013-11-02 02:05:01 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable)</p><p>2013-11-02 02:04:41 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys</p><p>2013-11-02 02:00:37 -------- d-----w- C:\Users\mitteeeh\AppData\Roaming\SUPERAntiSpyware.com</p><p>2013-11-02 02:00:23 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com</p><p>2013-11-02 02:00:23 -------- d-----w- C:\Program Files\SUPERAntiSpyware</p><p>2013-11-02 00:39:55 -------- d-----w- C:\Users\mitteeeh\.pk</p><p>2013-11-02 00:39:27 -------- d-----w- C:\ProgramData\Oracle</p><p>2013-11-02 00:39:08 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll</p><p>2013-11-02 00:15:20 -------- d-----w- C:\ProgramData\RegRun</p><p>2013-11-02 00:15:18 2 --shatr- C:\Windows\winstart.bat</p><p>2013-11-02 00:15:16 12800 ----a-w- C:\Windows\SysWow64\drivers\UnHackMeDrv.sys</p><p>2013-11-02 00:15:11 -------- d-----w- C:\Program Files (x86)\UnHackMe</p><p>2013-11-01 21:49:46 -------- d-----w- C:\Rooter$</p><p>2013-11-01 20:34:32 56016 ----a-w- C:\Windows\System32\drivers\fsbts.sys</p><p>2013-11-01 20:32:21 -------- d-----w- C:\Users\mitteeeh\AppData\Local\F-Secure</p><p>2013-11-01 20:30:31 -------- d-----w- C:\Program Files (x86)\F-Secure</p><p>2013-11-01 20:27:50 -------- d-----w- C:\ProgramData\F-Secure</p><p>2013-11-01 19:57:16 985120 ----a-w- C:\Windows\PE_Rom.dll</p><p>2013-11-01 19:20:19 -------- d-----w- C:\Program Files (x86)\Common Files\Steam</p><p>2013-11-01 19:20:17 -------- d-----w- C:\Program Files (x86)\Steam</p><p>2013-11-01 18:59:29 -------- d-----w- C:\Users\mitteeeh\AppData\Local\WindowsUpdate</p><p>2013-11-01 18:57:00 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys</p><p>2013-11-01 18:57:00 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys</p><p>2013-11-01 18:57:00 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys</p><p>2013-11-01 18:57:00 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys</p><p>2013-11-01 18:57:00 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys</p><p>2013-11-01 18:57:00 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys</p><p>2013-11-01 18:57:00 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys</p><p>2013-11-01 18:35:45 -------- d-----w- C:\Users\mitteeeh\AppData\Local\Microsoft Games</p><p>2013-11-01 18:31:37 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll</p><p>2013-11-01 18:31:37 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll</p><p>2013-11-01 18:22:29 -------- d-----w- C:\Windows\SysWow64\Wat</p><p>2013-11-01 18:22:28 -------- d-----w- C:\Windows\System32\Wat</p><p>2013-11-01 17:58:18 2560 ----a-w- C:\Windows\System32\drivers\nb-NO\wdf01000.sys.mui</p><p>2013-11-01 17:58:17 2560 ----a-w- C:\Windows\System32\drivers\sv-SE\wdf01000.sys.mui</p><p>2013-11-01 17:58:17 2560 ----a-w- C:\Windows\System32\drivers\fi-FI\wdf01000.sys.mui</p><p>2013-11-01 17:58:17 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui</p><p>2013-11-01 17:58:17 2560 ----a-w- C:\Windows\System32\drivers\da-DK\wdf01000.sys.mui</p><p>2013-11-01 17:43:50 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll</p><p>2013-11-01 17:39:17 294912 ----a-w- C:\Windows\System32\browserchoice.exe</p><p>2013-11-01 17:33:40 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys</p><p>2013-11-01 17:33:40 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll</p><p>2013-11-01 17:33:40 744448 ----a-w- C:\Windows\System32\WUDFx.dll</p><p>2013-11-01 17:33:40 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll</p><p>2013-11-01 17:33:40 229888 ----a-w- C:\Windows\System32\WUDFHost.exe</p><p>2013-11-01 17:33:40 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys</p><p>2013-11-01 17:33:40 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll</p><p>2013-11-01 17:31:27 -------- d-----w- C:\Windows\System32\MRT</p><p>2013-11-01 17:30:56 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys</p><p>2013-11-01 17:30:55 81408 ----a-w- C:\Windows\System32\imagehlp.dll</p><p>2013-11-01 17:30:55 5120 ----a-w- C:\Windows\SysWow64\wmi.dll</p><p>2013-11-01 17:30:55 5120 ----a-w- C:\Windows\System32\wmi.dll</p><p>2013-11-01 17:30:55 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll</p><p>2013-11-01 17:28:03 8199504 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll</p><p>2013-11-01 17:28:01 10280728 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2826FFE3-9F54-424F-BF25-9DA60A3DD9C7}\mpengine.dll</p><p>2013-11-01 17:26:49 362496 ----a-w- C:\Windows\System32\wow64win.dll</p><p>2013-11-01 17:25:57 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll</p><p>2013-11-01 17:17:22 376688 ----a-w- C:\Windows\System32\drivers\netio.sys</p><p>2013-11-01 17:16:59 68608 ----a-w- C:\Windows\System32\taskhost.exe</p><p>2013-11-01 17:16:57 983488 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys</p><p>2013-11-01 17:16:57 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys</p><p>2013-11-01 17:16:57 144384 ----a-w- C:\Windows\System32\cdd.dll</p><p>2013-11-01 17:16:55 67072 ----a-w- C:\Windows\splwow64.exe</p><p>2013-11-01 17:16:55 559104 ----a-w- C:\Windows\System32\spoolsv.exe</p><p>2013-11-01 17:16:54 956928 ----a-w- C:\Windows\System32\localspl.dll</p><p>2013-11-01 17:16:53 723456 ----a-w- C:\Windows\System32\EncDec.dll</p><p>2013-11-01 17:16:53 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll</p><p>2013-11-01 17:16:52 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll</p><p>2013-11-01 17:16:52 634880 ----a-w- C:\Windows\System32\msvcrt.dll</p><p>2013-11-01 17:16:50 77312 ----a-w- C:\Windows\System32\packager.dll</p><p>2013-11-01 17:16:50 67072 ----a-w- C:\Windows\SysWow64\packager.dll</p><p>2013-11-01 16:52:55 -------- d-----w- C:\Users\mitteeeh\AppData\Roaming\ASUS WebStorage</p><p>2013-11-01 16:50:19 2622464 ----a-w- C:\Windows\System32\wucltux.dll</p><p>2013-11-01 16:50:08 99840 ----a-w- C:\Windows\System32\wudriver.dll</p><p>2013-11-01 16:49:57 36864 ----a-w- C:\Windows\System32\wuapp.exe</p><p>2013-11-01 16:49:57 186752 ----a-w- C:\Windows\System32\wuwebv.dll</p><p>2013-11-01 16:49:08 -------- d-----w- C:\Users\mitteeeh\AppData\Local\VirtualStore</p><p>2013-11-01 16:46:59 7254632 ----a-w- C:\Windows\System32\nvcuda.dll</p><p>.</p><p>==================== Find3M ====================</p><p>.</p><p>2013-11-01 17:43:50 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll</p><p>2013-09-14 01:10:19 497152 ----a-w- C:\Windows\System32\drivers\afd.sys</p><p>2013-09-08 02:30:37 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys</p><p>2013-09-08 02:27:14 327168 ----a-w- C:\Windows\System32\mswsock.dll</p><p>2013-09-08 02:03:58 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll</p><p>2013-09-03 12:35:10 278800 ------w- C:\Windows\System32\MpSigStub.exe</p><p>2013-08-29 02:17:48 5549504 ----a-w- C:\Windows\System32\ntoskrnl.exe</p><p>2013-08-29 02:16:35 1732032 ----a-w- C:\Windows\System32\ntdll.dll</p><p>2013-08-29 02:16:28 243712 ----a-w- C:\Windows\System32\wow64.dll</p><p>2013-08-29 02:16:14 859648 ----a-w- C:\Windows\System32\tdh.dll</p><p>2013-08-29 02:13:28 878080 ----a-w- C:\Windows\System32\advapi32.dll</p><p>2013-08-29 01:51:45 3969472 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe</p><p>2013-08-29 01:51:45 3914176 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe</p><p>2013-08-29 01:50:31 5120 ----a-w- C:\Windows\SysWow64\wow32.dll</p><p>2013-08-29 01:50:30 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll</p><p>2013-08-29 01:50:16 619520 ----a-w- C:\Windows\SysWow64\tdh.dll</p><p>2013-08-29 01:48:17 640512 ----a-w- C:\Windows\SysWow64\advapi32.dll</p><p>2013-08-29 01:48:15 44032 ----a-w- C:\Windows\apppatch\acwow64.dll</p><p>2013-08-29 00:49:53 25600 ----a-w- C:\Windows\SysWow64\setup16.exe</p><p>2013-08-29 00:49:52 7680 ----a-w- C:\Windows\SysWow64\instnm.exe</p><p>2013-08-29 00:49:52 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll</p><p>2013-08-29 00:49:49 2048 ----a-w- C:\Windows\SysWow64\user.exe</p><p>2013-08-28 01:21:06 3155968 ----a-w- C:\Windows\System32\win32k.sys</p><p>2013-08-28 01:12:33 461312 ----a-w- C:\Windows\System32\scavengeui.dll</p><p>2013-08-05 02:25:45 155584 ----a-w- C:\Windows\System32\drivers\ataport.sys</p><p>.</p><p>============= FINISH: 22:36:41.76 ===============</p></blockquote><p></p>
[QUOTE="joku upi, post: 142713, member: 14483"] DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16720 BrowserJavaVersion: 10.45.2 Run by mitteeeh at 22:36:23 on 2013-11-02 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.358.1035.18.8157.6005 [GMT 2:00] . AV: Computer Security *Enabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17} SP: Computer Security *Enabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\taskeng.exe C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe C:\Windows\system32\Dwm.exe C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe C:\Windows\SysWOW64\AsHookDevice.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\F-Secure\fshoster32.exe C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\SysWOW64\PnkBstrA.exe C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\FSGK32.EXE C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE C:\Program Files (x86)\ASUS\AI Manager\AsShellApplication.exe C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe C:\Program Files (x86)\F-Secure\fshoster32.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE C:\Windows\System32\WUDFHost.exe C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fssm32.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Windows\system32\svchost.exe -k SDRSVC C:\Windows\explorer.exe C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSHDLL64.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Windows\system32\SearchProtocolHost.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Windows\system32\msiexec.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: F-Secure Online Safety: {45BBE08D-81C5-4A67-AF20-B2A077C67747} - C:\Program Files (x86)\F-Secure\apps\OnlineSafety\browser\install\fs_ie_https\fs_ie_https.dll BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - uRun: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [RunAIShell] C:\Program Files (x86)\ASUS\AI Manager\AsShellApplication.exe mRun: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe mRun: [ASUS Easy Update] C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe mRun: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.104.216\AsusWSPanel.exe /S mRun: [F-Secure Hoster (666)] "C:\Program Files (x86)\F-Secure\fshoster32.exe" -app -hosterid:1 mRun: [F-Secure Manager] "C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE" /splash mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ASUSVI~1.LNK - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe uPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: NoDrives = dword:0 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} - hxxps://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.96.0.cab TCP: NameServer = 77.223.60.102 77.223.61.2 TCP: Interfaces\{7EF52448-E336-4BF4-964C-02E1D170C640} : DHCPNameServer = 77.223.60.102 77.223.61.2 Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-SSODL: WebCheck - <orphaned> . ============= SERVICES / DRIVERS =============== . R0 AiChargerPlus;ASUS Charger Plus Driver;C:\Windows\System32\drivers\AiChargerPlus.sys [2011-11-9 14464] R0 asahci64;asahci64;C:\Windows\System32\drivers\asahci64.sys [2011-3-24 36448] R0 fsbts;fsbts;C:\Windows\System32\drivers\fsbts.sys [2013-11-1 56016] R1 F-Secure HIPS;F-Secure HIPS Driver;C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys [2013-11-1 69296] R1 fsvista;F-Secure Vista Support Driver;C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [2013-11-1 13248] R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928] R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368] R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2013-10-11 144152] R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe [2011-11-9 922240] R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [2011-11-9 915584] R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [2011-11-9 586880] R2 Device Handle Service;Device Handle Service;C:\Windows\SysWOW64\AsHookDevice.exe [2011-11-9 203392] R2 fshoster;F-Secure Dll Hoster;C:\Program Files (x86)\F-Secure\fshoster32.exe [2013-9-11 191424] R2 FSORSPClient;F-Secure ORSP Client;C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe [2013-6-10 60352] R2 RtNdPt60;Realtek NDIS Protocol Driver;C:\Windows\System32\drivers\RtNdPt60.sys [2011-11-9 32544] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-8-17 379496] R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-11-9 2656280] R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2011-10-19 129000] R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2011-10-19 394216] R3 F-Secure Gatekeeper;F-Secure Gatekeeper;C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [2013-11-1 203120] R3 fsni;fsni;C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\fsni64.sys [2013-6-20 81344] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-2 183560] S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2011-11-9 48488] S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-14 1492840] S3 mv91xx;mv91xx;C:\Windows\System32\drivers\mv91xx.sys [2011-10-19 293416] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-10-19 80384] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-10-19 181248] S3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.2);C:\Windows\System32\drivers\RtTeam60.sys [2011-11-9 48416] S3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);C:\Windows\System32\drivers\RtVlan60.sys [2011-11-9 29472] S3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.2);C:\Windows\System32\drivers\RtTeam60.sys [2011-11-9 48416] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232] S3 WatAdminSvc;Windowsin aktivointitekniikoiden palvelu;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-11-1 1255736] S3 VLAN;Realtek Virtual Miniport Driver for VLAN (NDIS 6.2);C:\Windows\System32\drivers\RtVlan60.sys [2011-11-9 29472] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184] . =============== Created Last 30 ================ . 2013-11-02 20:35:00 388096 ----a-r- C:\Users\mitteeeh\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2013-11-02 20:35:00 -------- d-----w- C:\Program Files (x86)\Trend Micro 2013-11-02 20:28:15 -------- d-----w- C:\Program Files (x86)\Driver Fusion 2013-11-02 20:18:50 -------- d-----w- C:\Windows\ERUNT 2013-11-02 18:34:47 -------- d-sh--w- C:\$RECYCLE.BIN 2013-11-02 18:30:44 98816 ----a-w- C:\Windows\sed.exe 2013-11-02 18:30:44 256000 ----a-w- C:\Windows\PEV.exe 2013-11-02 18:30:44 208896 ----a-w- C:\Windows\MBR.exe 2013-11-02 16:46:03 -------- d-----w- C:\Users\mitteeeh\AppData\Roaming\NVIDIA 2013-11-02 16:45:25 -------- d-----w- C:\Users\mitteeeh\jagexcache 2013-11-02 16:10:16 282104 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr 2013-11-02 16:09:29 -------- d-----w- C:\Users\mitteeeh\AppData\Local\PunkBuster 2013-11-02 16:06:45 282104 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe 2013-11-02 16:06:44 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe 2013-11-02 15:53:17 -------- d-----w- C:\Program Files (x86)\EA Games 2013-11-02 15:46:12 -------- d-----w- C:\Program Files (x86)\GameforgeLive 2013-11-02 15:46:04 -------- d-----w- C:\Users\mitteeeh\AppData\Local\Programs 2013-11-02 15:30:39 -------- d-----w- C:\Windows\CheckSur 2013-11-02 12:41:49 -------- d-----w- C:\Users\mitteeeh\AppData\Local\Adobe 2013-11-02 12:02:36 -------- d-----w- C:\_OTL 2013-11-02 11:54:37 -------- d-----w- C:\Users\mitteeeh\AppData\Local\Diagnostics 2013-11-02 11:38:11 -------- d-----w- C:\Users\mitteeeh\Doctor Web 2013-11-02 09:50:46 -------- d-----w- C:\Users\mitteeeh\AppData\Roaming\Curiolab 2013-11-02 09:25:16 -------- d-----w- C:\Program Files (x86)\Exterminate It! 2013-11-02 09:09:52 -------- d-----w- C:\Windows\Patches 2013-11-02 08:57:11 -------- d-----w- C:\Windows\SysWow64\System32 2013-11-02 08:57:11 -------- d-----w- C:\ProgramData\GFI 2013-11-02 08:57:11 -------- d-----w- C:\Program Files (x86)\GFI 2013-11-02 08:19:09 -------- d-----w- C:\Program Files\Angry IP Scanner 2013-11-02 07:57:09 -------- d-----w- C:\AdwCleaner 2013-11-02 07:39:26 -------- d-----w- C:\Users\mitteeeh\AppData\Local\NPE 2013-11-02 07:39:26 -------- d-----w- C:\ProgramData\Norton 2013-11-02 02:13:11 12872 ----a-w- C:\Windows\System32\bootdelete.exe 2013-11-02 02:10:55 -------- d-----w- C:\Program Files\HitmanPro 2013-11-02 02:10:53 -------- d-----w- C:\ProgramData\HitmanPro 2013-11-02 02:05:03 -------- d-----w- C:\ProgramData\Malwarebytes 2013-11-02 02:05:01 116440 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2013-11-02 02:05:01 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2013-11-02 02:04:41 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys 2013-11-02 02:00:37 -------- d-----w- C:\Users\mitteeeh\AppData\Roaming\SUPERAntiSpyware.com 2013-11-02 02:00:23 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com 2013-11-02 02:00:23 -------- d-----w- C:\Program Files\SUPERAntiSpyware 2013-11-02 00:39:55 -------- d-----w- C:\Users\mitteeeh\.pk 2013-11-02 00:39:27 -------- d-----w- C:\ProgramData\Oracle 2013-11-02 00:39:08 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2013-11-02 00:15:20 -------- d-----w- C:\ProgramData\RegRun 2013-11-02 00:15:18 2 --shatr- C:\Windows\winstart.bat 2013-11-02 00:15:16 12800 ----a-w- C:\Windows\SysWow64\drivers\UnHackMeDrv.sys 2013-11-02 00:15:11 -------- d-----w- C:\Program Files (x86)\UnHackMe 2013-11-01 21:49:46 -------- d-----w- C:\Rooter$ 2013-11-01 20:34:32 56016 ----a-w- C:\Windows\System32\drivers\fsbts.sys 2013-11-01 20:32:21 -------- d-----w- C:\Users\mitteeeh\AppData\Local\F-Secure 2013-11-01 20:30:31 -------- d-----w- C:\Program Files (x86)\F-Secure 2013-11-01 20:27:50 -------- d-----w- C:\ProgramData\F-Secure 2013-11-01 19:57:16 985120 ----a-w- C:\Windows\PE_Rom.dll 2013-11-01 19:20:19 -------- d-----w- C:\Program Files (x86)\Common Files\Steam 2013-11-01 19:20:17 -------- d-----w- C:\Program Files (x86)\Steam 2013-11-01 18:59:29 -------- d-----w- C:\Users\mitteeeh\AppData\Local\WindowsUpdate 2013-11-01 18:57:00 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys 2013-11-01 18:57:00 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys 2013-11-01 18:57:00 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys 2013-11-01 18:57:00 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys 2013-11-01 18:57:00 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys 2013-11-01 18:57:00 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys 2013-11-01 18:57:00 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys 2013-11-01 18:35:45 -------- d-----w- C:\Users\mitteeeh\AppData\Local\Microsoft Games 2013-11-01 18:31:37 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll 2013-11-01 18:31:37 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll 2013-11-01 18:22:29 -------- d-----w- C:\Windows\SysWow64\Wat 2013-11-01 18:22:28 -------- d-----w- C:\Windows\System32\Wat 2013-11-01 17:58:18 2560 ----a-w- C:\Windows\System32\drivers\nb-NO\wdf01000.sys.mui 2013-11-01 17:58:17 2560 ----a-w- C:\Windows\System32\drivers\sv-SE\wdf01000.sys.mui 2013-11-01 17:58:17 2560 ----a-w- C:\Windows\System32\drivers\fi-FI\wdf01000.sys.mui 2013-11-01 17:58:17 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui 2013-11-01 17:58:17 2560 ----a-w- C:\Windows\System32\drivers\da-DK\wdf01000.sys.mui 2013-11-01 17:43:50 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-11-01 17:39:17 294912 ----a-w- C:\Windows\System32\browserchoice.exe 2013-11-01 17:33:40 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys 2013-11-01 17:33:40 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll 2013-11-01 17:33:40 744448 ----a-w- C:\Windows\System32\WUDFx.dll 2013-11-01 17:33:40 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll 2013-11-01 17:33:40 229888 ----a-w- C:\Windows\System32\WUDFHost.exe 2013-11-01 17:33:40 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys 2013-11-01 17:33:40 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll 2013-11-01 17:31:27 -------- d-----w- C:\Windows\System32\MRT 2013-11-01 17:30:56 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys 2013-11-01 17:30:55 81408 ----a-w- C:\Windows\System32\imagehlp.dll 2013-11-01 17:30:55 5120 ----a-w- C:\Windows\SysWow64\wmi.dll 2013-11-01 17:30:55 5120 ----a-w- C:\Windows\System32\wmi.dll 2013-11-01 17:30:55 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll 2013-11-01 17:28:03 8199504 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll 2013-11-01 17:28:01 10280728 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2826FFE3-9F54-424F-BF25-9DA60A3DD9C7}\mpengine.dll 2013-11-01 17:26:49 362496 ----a-w- C:\Windows\System32\wow64win.dll 2013-11-01 17:25:57 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll 2013-11-01 17:17:22 376688 ----a-w- C:\Windows\System32\drivers\netio.sys 2013-11-01 17:16:59 68608 ----a-w- C:\Windows\System32\taskhost.exe 2013-11-01 17:16:57 983488 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2013-11-01 17:16:57 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys 2013-11-01 17:16:57 144384 ----a-w- C:\Windows\System32\cdd.dll 2013-11-01 17:16:55 67072 ----a-w- C:\Windows\splwow64.exe 2013-11-01 17:16:55 559104 ----a-w- C:\Windows\System32\spoolsv.exe 2013-11-01 17:16:54 956928 ----a-w- C:\Windows\System32\localspl.dll 2013-11-01 17:16:53 723456 ----a-w- C:\Windows\System32\EncDec.dll 2013-11-01 17:16:53 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll 2013-11-01 17:16:52 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll 2013-11-01 17:16:52 634880 ----a-w- C:\Windows\System32\msvcrt.dll 2013-11-01 17:16:50 77312 ----a-w- C:\Windows\System32\packager.dll 2013-11-01 17:16:50 67072 ----a-w- C:\Windows\SysWow64\packager.dll 2013-11-01 16:52:55 -------- d-----w- C:\Users\mitteeeh\AppData\Roaming\ASUS WebStorage 2013-11-01 16:50:19 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2013-11-01 16:50:08 99840 ----a-w- C:\Windows\System32\wudriver.dll 2013-11-01 16:49:57 36864 ----a-w- C:\Windows\System32\wuapp.exe 2013-11-01 16:49:57 186752 ----a-w- C:\Windows\System32\wuwebv.dll 2013-11-01 16:49:08 -------- d-----w- C:\Users\mitteeeh\AppData\Local\VirtualStore 2013-11-01 16:46:59 7254632 ----a-w- C:\Windows\System32\nvcuda.dll . ==================== Find3M ==================== . 2013-11-01 17:43:50 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-09-14 01:10:19 497152 ----a-w- C:\Windows\System32\drivers\afd.sys 2013-09-08 02:30:37 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-09-08 02:27:14 327168 ----a-w- C:\Windows\System32\mswsock.dll 2013-09-08 02:03:58 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll 2013-09-03 12:35:10 278800 ------w- C:\Windows\System32\MpSigStub.exe 2013-08-29 02:17:48 5549504 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-08-29 02:16:35 1732032 ----a-w- C:\Windows\System32\ntdll.dll 2013-08-29 02:16:28 243712 ----a-w- C:\Windows\System32\wow64.dll 2013-08-29 02:16:14 859648 ----a-w- C:\Windows\System32\tdh.dll 2013-08-29 02:13:28 878080 ----a-w- C:\Windows\System32\advapi32.dll 2013-08-29 01:51:45 3969472 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2013-08-29 01:51:45 3914176 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2013-08-29 01:50:31 5120 ----a-w- C:\Windows\SysWow64\wow32.dll 2013-08-29 01:50:30 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll 2013-08-29 01:50:16 619520 ----a-w- C:\Windows\SysWow64\tdh.dll 2013-08-29 01:48:17 640512 ----a-w- C:\Windows\SysWow64\advapi32.dll 2013-08-29 01:48:15 44032 ----a-w- C:\Windows\apppatch\acwow64.dll 2013-08-29 00:49:53 25600 ----a-w- C:\Windows\SysWow64\setup16.exe 2013-08-29 00:49:52 7680 ----a-w- C:\Windows\SysWow64\instnm.exe 2013-08-29 00:49:52 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll 2013-08-29 00:49:49 2048 ----a-w- C:\Windows\SysWow64\user.exe 2013-08-28 01:21:06 3155968 ----a-w- C:\Windows\System32\win32k.sys 2013-08-28 01:12:33 461312 ----a-w- C:\Windows\System32\scavengeui.dll 2013-08-05 02:25:45 155584 ----a-w- C:\Windows\System32\drivers\ataport.sys . ============= FINISH: 22:36:41.76 =============== [/QUOTE]
Insert quotes…
Verification
Post reply
Top
