Quote:
|
Originally Posted by Veke
(Post 4069584)
When I open a blank new tab in Firefox, after 10 seconds or so, if I don't go to any site, it redirects to: http://websearch.helpmefindyour.info/
I cleared cookies (it was there), scanned with SUPERAntiSpyware(which also found it) but it keeps coming back every time I open a new tab. |
Here are the logs.
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 10.17.2
Run by Yleinen at 12:11:27 on 2013-03-23
Microsoft Windows XP Home Edition 5.1.2600.3.1252.358.1035.18.3263.2025 [GMT 2:00]
.
AV: AVG Internet Security 2013 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Internet Security 2013 *Enabled*
FW: AVG Firewall *Disabled*
.
============== Running Processes ================
.
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\cFosSpeed\spd.exe
C:\Program Files\Hamachi\hamachi-2.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\CAPPSWK.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\3\CAPPSWK.EXE
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\WINDOWS\Twain_32\Samsung\CLX3170\Scan2pc.exe
C:\Program Files\Windows Live\Device Manager\msgrdvmn.exe
C:\Program Files\Hamachi\hamachi-2-ui.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\dwwin.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Java\jre7\bin\javaw.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\System32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
mStart Page = hxxp://websearch.helpmefindyour.info/?pid=798&r=2013/03/21&hid=3317967932&lg=EN&cc=FI
uURLSearchHooks: Winamp Search Class: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} -
mURLSearchHooks: Winamp Search Class: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} -
dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Winamp Toolbar Loader: {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} -
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll
BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - <orphaned>
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\14.2.0.1\AVG Secure Search_toolbar.dll
BHO: Search-NewTaab: {BFCB0C79-E662-9EC1-4F9C-E53BAA875968} - c:\documents and settings\all users\application data\search-newtaab\514b4a9c85ffc.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Winamp Toolbar: {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} -
TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
TB: Winamp Toolbar: {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} -
TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\14.2.0.1\AVG Secure Search_toolbar.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - <orphaned>
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [AlcoholAutomount] "c:\program files\alcohol soft\alcohol 52\axcmd.exe" /automount
uRun: [WindowsLivePhone] "c:\program files\windows live\device manager\msgrdvmn.exe" /AutoRun
uRun: [Pando Media Booster] c:\program files\pando networks\media booster\PMB.exe
uRun: [Steam] "i:\steami\steam.exe" -silent
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [CAPON] c:\windows\system32\spool\drivers\w32x86\3\CAPONN.EXE
mRun: [OCDLMgr] RunDll32.exe c:\progra~1\flstud~1\openca~1\OCSETU~1.DLL,_MgrCheck@16
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [NokiaMServer] c:\program files\common files\nokia\mplatform\NokiaMServer /watchfiles startup
mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [Samsung PanelMgr] c:\windows\samsung\panelmgr\SSMMgr.exe /autorun
mRun: [3170 Scan2PC] "c:\windows\twain_32\samsung\clx3170\Scan2pc.exe"
mRun: [WindowsLivePhone] c:\program files\windows live\device manager\msgrdvmn.exe /AutoRun
mRun: [amd_dc_opt] c:\program files\amd\dual-core optimizer\amd_dc_opt.exe
mRun: [KernelFaultCheck] c:\windows\system32\dumprep 0 -k
mRun: [Launch LCore] c:\program files\logitech gaming software\LCore.exe /minimized
mRun: [LogMeIn Hamachi Ui] "c:\program files\hamachi\hamachi-2-ui.exe" --auto-start
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
mRun: [vProt] "c:\program files\avg secure search\vprot.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
dRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: &Winamp Search - c:\documents and settings\all users\application data\winamp toolbar\ietoolbar\resources\en-us\local\search.html
IE: SmarThru4 Capture Selection - c:\program files\smarthru 4\WebCapture.dll2.htm
IE: SmarThru4 Save as HTML - c:\program files\smarthru 4\WebCapture.dll1.htm
IE: SmarThru4 Save Selected Text - c:\program files\smarthru 4\WebCapture.dll.htm
IE: SmarThru4 Web Capture - c:\program files\smarthru 4\WebCapture.dll
IE: Vie Microsoft E&xceliin - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/DE-DE/a-UNO1/GAME_UNO1.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1239653083687
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 62.240.64.97 62.240.64.135
TCP: Interfaces\{C335B51A-9338-4D1F-B699-8927161802C6} : DHCPNameServer = 62.240.64.97 62.240.64.135
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\14.2.0\ViProtocol.dll
Notify: avgrsstarter - avgrsstx.dll
Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
AppInit_DLLs= c:\progra~1\websea~1\sprote~1.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\yleinen\application data\mozilla\firefox\profiles\1w3a7a95.default\
FF - prefs.js: browser.search.defaulturl - hxxp://websearch.helpmefindyour.info/?pid=798&r=2013/03/21&hid=3317967932&lg=EN&cc=FI&l=1&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - about:blank
FF - prefs.js: keyword.URL - hxxp://websearch.helpmefindyour.info/?pid=798&r=2013/03/21&hid=3317967932&lg=EN&cc=FI&l=1&q=
FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll
FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\xpavgtbapi.dll
FF - component: c:\program files\google\google gears\firefox\lib\ff36\gears.dll
FF - component: c:\program files\nokia\nokia ovi suite\connectors\bookmarks connector\firefoxextension\components\FirefoxExtension.dll
FF - plugin: c:\documents and settings\all users\application data\id software\quakelive\npquakezero.dll
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\14.2.0\npsitesafety.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_146.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_6_602_180.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
FF - ExtSQL: 2013-03-21 19:59; bautpfp@wwa-cxgq.com; c:\documents and settings\yleinen\application data\mozilla\firefox\profiles\1w3a7a95.default\extensions\bautpfp@wwa-cxgq.com
FF - ExtSQL: 2013-03-21 19:59; axjxauiu@uoofaau-.org; c:\documents and settings\yleinen\application data\mozilla\firefox\profiles\1w3a7a95.default\extensions\axjxauiu@uoofaau-.org
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-10-15 55776]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2012-9-21 177376]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2012-10-5 94048]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-9-14 35552]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2012-10-22 179936]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2012-9-21 19936]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-10-2 159712]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-9-21 164832]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2013-1-19 33112]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\SASDIFSV.SYS [2009-3-23 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-3-23 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCORE.EXE [2010-7-2 116608]
R2 avgfws;AVG Firewall;c:\program files\avg\avg2013\avgfws.exe [2012-12-10 1342024]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2012-11-15 5814904]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2012-10-22 196664]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\hamachi\hamachi-2.exe [2012-12-10 1435568]
R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [2010-7-1 10384]
R2 RapidPort;RapidPort;c:\windows\system32\drivers\CAPLPTN.SYS [2009-5-11 22912]
R2 vToolbarUpdater14.2.0;vToolbarUpdater14.2.0;c:\program files\common files\avg secure search\vtoolbarupdater\14.2.0\ToolbarUpdater.exe [2013-3-18 968880]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [2012-1-12 30944]
R3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);c:\windows\system32\drivers\vrtaucbl.sys [2011-6-21 61096]
R3 fdrawcmd;Low-level Floppy Driver;c:\windows\system32\drivers\fdrawcmd.sys [2008-11-3 27544]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\drivers\LEqdUsb.sys [2009-6-17 40720]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [2012-10-9 19720]
R3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\drivers\LGSHidFilt.Sys [2012-10-9 42008]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\drivers\LHidEqd.sys [2009-6-17 10384]
R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.12.1;c:\windows\system32\drivers\libusb0.sys [2009-12-31 28672]
R4 d344bus;d344bus;c:\windows\system32\drivers\d344bus.sys --> c:\windows\system32\drivers\d344bus.sys [?]
R4 d344prt;d344prt;c:\windows\system32\drivers\d344prt.sys --> c:\windows\system32\drivers\d344prt.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-1-8 161536]
S2 SSPORT;SSPORT;\??\c:\windows\system32\drivers\ssport.sys --> c:\windows\system32\drivers\SSPORT.sys [?]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [2012-1-12 30944]
S3 bDMusicb;bDMusicb;c:\docume~1\yleinen\locals~1\temp\bDMusicb.sys [2003-6-1 31744]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [2012-10-9 14856]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-3-23 12872]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== File Associations ===============
.
FileExt: .reg: regfile="regedit.exe" "%1"
.
=============== Created Last 30 ================
.
2013-03-22 09:08:55 -------- d-----w- c:\documents and settings\yleinen\application data\NCdownloader
2013-03-21 17:26:40 -------- d-----w- c:\documents and settings\all users\application data\Search-NewTaab
2013-03-21 17:26:29 -------- d-----w- c:\program files\WebSearch
2013-03-21 17:26:10 -------- d-----w- c:\program files\BrowseToSave
2013-03-21 17:26:07 -------- d-----w- c:\documents and settings\all users\application data\BRowse2save
2013-03-21 17:25:49 -------- d-----w- c:\windows\system32\X86
2013-03-21 17:25:49 -------- d-----w- c:\windows\system32\AMD64
2013-03-21 17:24:19 -------- d-----w- c:\documents and settings\all users\application data\SoftSafe
2013-03-21 17:23:20 -------- d-----w- c:\documents and settings\all users\application data\InstallMate
2013-03-19 18:26:40 -------- d-----w- C:\Fraps
2013-03-19 16:56:00 -------- d-----w- c:\documents and settings\all users\Kynnist-valikko
2013-03-19 16:55:51 -------- d-----w- c:\program files\common files\Steam
2013-03-15 16:00:04 156960 ----a-w- c:\windows\system32\nvsvc32.exe
2013-03-15 16:00:04 144160 ----a-w- c:\windows\system32\nvcolor.exe
2013-03-15 16:00:00 223008 ----a-w- c:\windows\system32\nvmctray.dll
2013-03-15 16:00:00 15664416 ----a-w- c:\windows\system32\nvcpl.dll
2013-03-15 15:59:57 54272 ----a-w- c:\windows\system32\nvwddi.dll
2013-03-15 15:58:56 65536 ----a-w- c:\windows\system32\OpenCL.dll
2013-03-15 15:48:07 10707360 -c--a-w- c:\windows\system32\dllcache\nv4_mini.sys
2013-03-15 15:48:07 10707360 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2013-03-15 15:44:23 19685376 ----a-w- c:\windows\system32\nvoglnt.dll
2013-03-15 15:44:22 892704 ----a-w- c:\windows\system32\nvdispgenco3220162.dll
2013-03-15 15:44:21 7749632 ----a-w- c:\windows\system32\nvcuda.dll
2013-03-15 15:44:21 2731296 ----a-w- c:\windows\system32\nvcuvid.dll
2013-03-15 15:44:21 1990944 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-03-15 15:44:21 1012512 ----a-w- c:\windows\system32\nvdispco3220294.dll
2013-03-15 15:44:15 2481664 ----a-w- c:\windows\system32\nvapi.dll
2013-03-15 15:44:15 17551360 ----a-w- c:\windows\system32\nvcompiler.dll
2013-03-14 13:13:30 -------- d-----w- c:\program files\common files\PCSuite
2013-03-14 13:11:37 19072 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2013-03-14 13:11:25 -------- d-----w- c:\program files\PC Connectivity Solution
2013-03-14 13:10:18 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys
2013-03-14 13:10:17 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2013-03-14 13:10:16 23168 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
2013-03-14 13:10:15 18176 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
2013-03-14 13:10:14 605696 ----a-w- c:\windows\system32\nmwcdcocls.dll
2013-03-14 13:10:12 1461992 ----a-w- c:\windows\system32\wdfcoinstaller01009.dll
2013-03-14 13:10:10 123904 ----a-w- c:\windows\system32\ccdcmbwu.dll
2013-03-14 13:05:17 -------- d-sh--w- c:\documents and settings\yleinen\Phone Browser
2013-03-13 17:27:14 263186 ----a-w- c:\documents and settings\yleinen\application data\microsoft\internet explorer\quick launch\Minecraft.exe
2013-03-08 20:44:34 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-03-08 10:41:59 3540480 ----a-w- c:\program files\mozilla firefox\dolphin\plugins\Plugin_VideoOGL.dll
2013-03-07 14:05:24 -------- d-----w- c:\program files\MyDefrag v4.3.1
2013-02-28 13:25:58 -------- d-----w- c:\documents and settings\yleinen\application data\AVG
2013-02-28 13:25:03 -------- d-----w- c:\documents and settings\all users\application data\AVG
2013-02-28 13:23:25 -------- d-sh--w- c:\documents and settings\all users\application data\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
.
==================== Find3M ====================
.
2013-03-18 18:05:42 33112 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2013-03-18 14:13:28 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-03-18 14:13:28 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-03-15 15:58:54 1079188 ----a-w- c:\windows\system32\nvdrsdb0.bin
2013-03-15 15:58:54 1 ----a-w- c:\windows\system32\nvdrssel.bin
2013-03-15 15:58:37 1079188 ----a-w- c:\windows\system32\nvdrsdb1.bin
2013-03-08 20:43:57 143872 ----a-w- c:\windows\system32\javacpl.cpl
2013-03-08 20:43:56 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-03-08 20:43:55 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-03-03 10:00:22 1734 --sha-w- c:\documents and settings\all users\application data\KGyGaAvL.sys
2013-03-02 13:39:00 98304 ----a-w- c:\windows\DUMPb8c0.tmp
2013-02-28 14:46:14 0 ----a-w- c:\documents and settings\yleinen\ntuser.tmp
2013-02-20 14:56:23 98304 ----a-w- c:\windows\DUMPd0ec.tmp
2013-02-10 03:20:28 6070272 ----a-w- c:\windows\system32\nvopencl.dll
2013-02-10 03:20:28 4078976 ----a-w- c:\windows\system32\nv4_disp.dll
2013-01-31 21:41:34 98304 ----a-w- c:\windows\DUMPb72a.tmp
2009-04-10 19:49:26 272176 ----a-w- c:\program files\utorrent.exe
.
============= FINISH: 12:19:53,15 ===============
ARK.txt and attach.txt attached.
Thank you in advance.