Hi!
I have Win 7 Home Premium and I think i've got a trojan or virus. After I logged in after startup it takes about 5 to 10 minutes before I can do anything.
My antivirus AVG doesn't work anymore, it's inactive and so is windows defender.
I find tracking cookies when I search for viruses using free online scans like panda, norton etc.
My google chrome browser doesn't work anymore, only iexplorer.
Please help me!
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Micke at 0:20:50 on 2012-09-10
.
============== Running Processes ===============
.
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://asus.msn.com
mStart Page = hxxp://asus.msn.com
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO: CIESpeechBHO Class: {8d10f6c4-0e01-4bd4-8601-11ac1fdf8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
mRun: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\FANCYS~1.LNK - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\3.0.271\SSScheduler.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
Trusted Zone: samsungsetup.com\www
DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} - hxxp://support.asus.com/select/asusTek_sys_ctrl3.cab
DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} - hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{290BC608-EDCF-4597-B187-8E331E7A731F} : DhcpNameServer = 80.251.201.177 80.251.201.178
TCP: Interfaces\{63042B4F-CDAD-4E50-8361-A79FAC450DC4} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{63042B4F-CDAD-4E50-8361-A79FAC450DC4}\84F64756C6449616C6F67623 : DhcpNameServer = 192.168.1.109
TCP: Interfaces\{63042B4F-CDAD-4E50-8361-A79FAC450DC4}\84F64756C6449616C6F67633 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{63042B4F-CDAD-4E50-8361-A79FAC450DC4}\D496473686 : DhcpNameServer = 80.251.201.177 80.251.201.178
TCP: Interfaces\{F12E96C4-04D8-4F9B-AA82-B94235CF54DE} : DhcpNameServer = 80.251.201.177 80.251.201.178
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
{31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}
{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
{53707962-6F74-2D53-2644-206D7942484F}
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{AA58ED58-01DD-4d91-8333-CF10577473F7}
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}
{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
{2318C2B1-4965-11d4-9B18-009027A5CD4F}
mRun-x64: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
mRun-x64: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
mRun-x64: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
mRun-x64: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun-x64: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
AppInit_DLLs-X64: C:\Windows\SysWOW64\nvinit.dll
.
============= SERVICES / DRIVERS ===============
.
.
=============== Created Last 30 ================
.
2012-09-09 22:09:05 110080 ----a-r- C:\Users\Micke\AppData\Roaming\Microsoft\Installer\{8C5C34C7-BC6B-4831-8B2C-6535FE63E502}\IconF7A21AF7.exe
2012-09-09 22:09:05 110080 ----a-r- C:\Users\Micke\AppData\Roaming\Microsoft\Installer\{8C5C34C7-BC6B-4831-8B2C-6535FE63E502}\IconD7F16134.exe
2012-09-09 22:09:05 110080 ----a-r- C:\Users\Micke\AppData\Roaming\Microsoft\Installer\{8C5C34C7-BC6B-4831-8B2C-6535FE63E502}\Icon1226A4C5.exe
2012-09-09 22:09:04 -------- d-----w- C:\sh4ldr
2012-09-09 22:09:04 -------- d-----w- C:\Program Files\Enigma Software Group
2012-09-09 22:05:52 -------- d-----w- C:\Windows\8C5C34C7BC6B48318B2C6535FE63E502.TMP
2012-09-09 22:05:51 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2012-09-09 21:48:53 -------- d-sh--w- C:\$RECYCLE.BIN
2012-09-09 20:50:15 98816 ----a-w- C:\Windows\sed.exe
2012-09-09 20:50:15 518144 ----a-w- C:\Windows\SWREG.exe
2012-09-09 20:50:15 256000 ----a-w- C:\Windows\PEV.exe
2012-09-09 20:50:15 208896 ----a-w- C:\Windows\MBR.exe
2012-09-09 20:48:16 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2012-09-09 20:48:16 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2012-09-09 17:55:14 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{46A88446-F421-4FE8-A068-1B6FD34513C7}\offreg.dll
2012-09-09 17:44:56 33800 ----a-w- C:\Windows\System32\drivers\pavboot64.sys
2012-09-09 17:44:54 -------- d-----w- C:\Program Files (x86)\Panda Security
2012-09-09 17:37:48 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared
2012-09-09 17:36:30 -------- d-----w- C:\ProgramData\Symantec
2012-09-09 17:36:28 -------- d-----w- C:\Windows\System32\drivers\NSSx64\0307020.005
2012-09-09 17:36:28 -------- d-----w- C:\Windows\System32\drivers\NSSx64
2012-09-09 17:36:28 -------- d-----w- C:\Program Files (x86)\Norton Security Scan
2012-09-09 17:36:27 -------- d-----w- C:\ProgramData\Norton
2012-09-09 17:36:26 -------- d-----w- C:\ProgramData\NortonInstaller
2012-09-09 17:36:26 -------- d-----w- C:\Program Files (x86)\NortonInstaller
2012-09-09 17:28:42 56016 ----a-w- C:\Windows\System32\drivers\fsbts.sys
2012-09-09 17:24:23 -------- d-----w- C:\ProgramData\McAfee Security Scan
2012-09-09 17:24:16 -------- d-----w- C:\Program Files (x86)\McAfee Security Scan
2012-09-09 17:21:24 -------- d-----w- C:\Users\Micke\AppData\Local\MFAData
2012-09-09 17:21:24 -------- d-----w- C:\Users\Micke\AppData\Local\Avg2013
2012-09-09 16:36:29 8602168 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2012-09-09 16:36:23 9310152 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{46A88446-F421-4FE8-A068-1B6FD34513C7}\mpengine.dll
2012-09-09 16:09:34 295936 ----a-w- C:\Windows\SysWow64\appmgr.dll
2012-09-09 16:09:34 -------- d-----w- C:\Windows\SysWow64\GPBAK
2012-09-09 16:09:33 707354 ----a-w- C:\Windows\unins000.exe
2012-09-01 08:09:49 -------- d-----w- C:\Users\Micke\AppData\Roaming\Canneverbe Limited
2012-09-01 08:09:49 -------- d-----w- C:\ProgramData\Canneverbe Limited
2012-08-31 10:24:52 43520 ----a-w- C:\Windows\SysWow64\CmdLineExt03.dll
2012-08-29 06:30:25 -------- d-----w- C:\Program Files (x86)\playstation emu
2012-08-28 19:24:43 -------- d-----w- C:\Program Files\iPod
2012-08-28 19:24:42 -------- d-----w- C:\Program Files\iTunes
2012-08-28 19:24:42 -------- d-----w- C:\Program Files (x86)\iTunes
2012-08-28 19:22:05 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2012-08-28 19:22:05 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2012-08-28 19:22:05 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2012-08-28 19:22:05 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2012-08-28 19:22:05 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2012-08-28 19:22:05 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2012-08-28 19:22:05 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2012-08-16 12:48:17 552960 ----a-w- C:\Windows\System32\drivers\bthport.sys
2012-08-16 02:32:34 751104 ----a-w- C:\Windows\System32\win32spl.dll
2012-08-16 02:32:34 67072 ----a-w- C:\Windows\splwow64.exe
2012-08-16 02:32:34 559104 ----a-w- C:\Windows\System32\spoolsv.exe
2012-08-16 02:32:34 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll
2012-08-16 02:32:21 59392 ----a-w- C:\Windows\System32\browcli.dll
2012-08-16 02:32:21 41984 ----a-w- C:\Windows\SysWow64\browcli.dll
2012-08-16 02:32:21 136704 ----a-w- C:\Windows\System32\browser.dll
2012-08-16 02:32:19 3148800 ----a-w- C:\Windows\System32\win32k.sys
2012-08-16 02:32:18 956928 ----a-w- C:\Windows\System32\localspl.dll
2012-08-16 02:32:17 503808 ----a-w- C:\Windows\System32\srcore.dll
2012-08-16 02:32:17 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
.
==================== Find3M ====================
.
2012-08-31 09:50:40 73416 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-31 09:50:40 696520 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-07-05 20:06:30 772544 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2012-07-05 20:06:20 687544 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-07-03 10:11:59 45056 ----a-w- C:\Windows\System32\acovcnt.exe
2012-06-29 03:56:34 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-06-29 03:49:11 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-06-29 03:48:07 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-06-29 03:43:49 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-06-29 03:39:48 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-06-29 00:16:58 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-06-29 00:09:01 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-06-29 00:08:59 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-06-29 00:04:43 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-06-29 00:00:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
.
============= FINISH: 0:22:44,24 ===============
I have Win 7 Home Premium and I think i've got a trojan or virus. After I logged in after startup it takes about 5 to 10 minutes before I can do anything.
My antivirus AVG doesn't work anymore, it's inactive and so is windows defender.
I find tracking cookies when I search for viruses using free online scans like panda, norton etc.
My google chrome browser doesn't work anymore, only iexplorer.
Please help me!
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Micke at 0:20:50 on 2012-09-10
.
============== Running Processes ===============
.
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://asus.msn.com
mStart Page = hxxp://asus.msn.com
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO: CIESpeechBHO Class: {8d10f6c4-0e01-4bd4-8601-11ac1fdf8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
mRun: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\FANCYS~1.LNK - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\3.0.271\SSScheduler.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
Trusted Zone: samsungsetup.com\www
DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} - hxxp://support.asus.com/select/asusTek_sys_ctrl3.cab
DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} - hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{290BC608-EDCF-4597-B187-8E331E7A731F} : DhcpNameServer = 80.251.201.177 80.251.201.178
TCP: Interfaces\{63042B4F-CDAD-4E50-8361-A79FAC450DC4} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{63042B4F-CDAD-4E50-8361-A79FAC450DC4}\84F64756C6449616C6F67623 : DhcpNameServer = 192.168.1.109
TCP: Interfaces\{63042B4F-CDAD-4E50-8361-A79FAC450DC4}\84F64756C6449616C6F67633 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{63042B4F-CDAD-4E50-8361-A79FAC450DC4}\D496473686 : DhcpNameServer = 80.251.201.177 80.251.201.178
TCP: Interfaces\{F12E96C4-04D8-4F9B-AA82-B94235CF54DE} : DhcpNameServer = 80.251.201.177 80.251.201.178
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
{31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}
{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
{53707962-6F74-2D53-2644-206D7942484F}
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{AA58ED58-01DD-4d91-8333-CF10577473F7}
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}
{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
{2318C2B1-4965-11d4-9B18-009027A5CD4F}
mRun-x64: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
mRun-x64: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
mRun-x64: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
mRun-x64: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun-x64: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
AppInit_DLLs-X64: C:\Windows\SysWOW64\nvinit.dll
.
============= SERVICES / DRIVERS ===============
.
.
=============== Created Last 30 ================
.
2012-09-09 22:09:05 110080 ----a-r- C:\Users\Micke\AppData\Roaming\Microsoft\Installer\{8C5C34C7-BC6B-4831-8B2C-6535FE63E502}\IconF7A21AF7.exe
2012-09-09 22:09:05 110080 ----a-r- C:\Users\Micke\AppData\Roaming\Microsoft\Installer\{8C5C34C7-BC6B-4831-8B2C-6535FE63E502}\IconD7F16134.exe
2012-09-09 22:09:05 110080 ----a-r- C:\Users\Micke\AppData\Roaming\Microsoft\Installer\{8C5C34C7-BC6B-4831-8B2C-6535FE63E502}\Icon1226A4C5.exe
2012-09-09 22:09:04 -------- d-----w- C:\sh4ldr
2012-09-09 22:09:04 -------- d-----w- C:\Program Files\Enigma Software Group
2012-09-09 22:05:52 -------- d-----w- C:\Windows\8C5C34C7BC6B48318B2C6535FE63E502.TMP
2012-09-09 22:05:51 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2012-09-09 21:48:53 -------- d-sh--w- C:\$RECYCLE.BIN
2012-09-09 20:50:15 98816 ----a-w- C:\Windows\sed.exe
2012-09-09 20:50:15 518144 ----a-w- C:\Windows\SWREG.exe
2012-09-09 20:50:15 256000 ----a-w- C:\Windows\PEV.exe
2012-09-09 20:50:15 208896 ----a-w- C:\Windows\MBR.exe
2012-09-09 20:48:16 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2012-09-09 20:48:16 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2012-09-09 17:55:14 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{46A88446-F421-4FE8-A068-1B6FD34513C7}\offreg.dll
2012-09-09 17:44:56 33800 ----a-w- C:\Windows\System32\drivers\pavboot64.sys
2012-09-09 17:44:54 -------- d-----w- C:\Program Files (x86)\Panda Security
2012-09-09 17:37:48 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared
2012-09-09 17:36:30 -------- d-----w- C:\ProgramData\Symantec
2012-09-09 17:36:28 -------- d-----w- C:\Windows\System32\drivers\NSSx64\0307020.005
2012-09-09 17:36:28 -------- d-----w- C:\Windows\System32\drivers\NSSx64
2012-09-09 17:36:28 -------- d-----w- C:\Program Files (x86)\Norton Security Scan
2012-09-09 17:36:27 -------- d-----w- C:\ProgramData\Norton
2012-09-09 17:36:26 -------- d-----w- C:\ProgramData\NortonInstaller
2012-09-09 17:36:26 -------- d-----w- C:\Program Files (x86)\NortonInstaller
2012-09-09 17:28:42 56016 ----a-w- C:\Windows\System32\drivers\fsbts.sys
2012-09-09 17:24:23 -------- d-----w- C:\ProgramData\McAfee Security Scan
2012-09-09 17:24:16 -------- d-----w- C:\Program Files (x86)\McAfee Security Scan
2012-09-09 17:21:24 -------- d-----w- C:\Users\Micke\AppData\Local\MFAData
2012-09-09 17:21:24 -------- d-----w- C:\Users\Micke\AppData\Local\Avg2013
2012-09-09 16:36:29 8602168 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2012-09-09 16:36:23 9310152 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{46A88446-F421-4FE8-A068-1B6FD34513C7}\mpengine.dll
2012-09-09 16:09:34 295936 ----a-w- C:\Windows\SysWow64\appmgr.dll
2012-09-09 16:09:34 -------- d-----w- C:\Windows\SysWow64\GPBAK
2012-09-09 16:09:33 707354 ----a-w- C:\Windows\unins000.exe
2012-09-01 08:09:49 -------- d-----w- C:\Users\Micke\AppData\Roaming\Canneverbe Limited
2012-09-01 08:09:49 -------- d-----w- C:\ProgramData\Canneverbe Limited
2012-08-31 10:24:52 43520 ----a-w- C:\Windows\SysWow64\CmdLineExt03.dll
2012-08-29 06:30:25 -------- d-----w- C:\Program Files (x86)\playstation emu
2012-08-28 19:24:43 -------- d-----w- C:\Program Files\iPod
2012-08-28 19:24:42 -------- d-----w- C:\Program Files\iTunes
2012-08-28 19:24:42 -------- d-----w- C:\Program Files (x86)\iTunes
2012-08-28 19:22:05 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2012-08-28 19:22:05 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2012-08-28 19:22:05 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2012-08-28 19:22:05 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2012-08-28 19:22:05 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2012-08-28 19:22:05 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2012-08-28 19:22:05 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2012-08-16 12:48:17 552960 ----a-w- C:\Windows\System32\drivers\bthport.sys
2012-08-16 02:32:34 751104 ----a-w- C:\Windows\System32\win32spl.dll
2012-08-16 02:32:34 67072 ----a-w- C:\Windows\splwow64.exe
2012-08-16 02:32:34 559104 ----a-w- C:\Windows\System32\spoolsv.exe
2012-08-16 02:32:34 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll
2012-08-16 02:32:21 59392 ----a-w- C:\Windows\System32\browcli.dll
2012-08-16 02:32:21 41984 ----a-w- C:\Windows\SysWow64\browcli.dll
2012-08-16 02:32:21 136704 ----a-w- C:\Windows\System32\browser.dll
2012-08-16 02:32:19 3148800 ----a-w- C:\Windows\System32\win32k.sys
2012-08-16 02:32:18 956928 ----a-w- C:\Windows\System32\localspl.dll
2012-08-16 02:32:17 503808 ----a-w- C:\Windows\System32\srcore.dll
2012-08-16 02:32:17 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
.
==================== Find3M ====================
.
2012-08-31 09:50:40 73416 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-31 09:50:40 696520 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-07-05 20:06:30 772544 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2012-07-05 20:06:20 687544 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-07-03 10:11:59 45056 ----a-w- C:\Windows\System32\acovcnt.exe
2012-06-29 03:56:34 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-06-29 03:49:11 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-06-29 03:48:07 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-06-29 03:43:49 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-06-29 03:39:48 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-06-29 00:16:58 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-06-29 00:09:01 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-06-29 00:08:59 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-06-29 00:04:43 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-06-29 00:00:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
.
============= FINISH: 0:22:44,24 ===============
