Possible virus blocking internet connection

Inactive
By Lolitsbrittxp
Apr 14, 2013
  1. Hello all. I've been reading multiple threads to find out what my problem could be but I just can't seem to correct it no matter how many times I have tried! A couple days ago I downloaded a harmful file, and after trying to remove it, my computer only got worse. It started off as white smoke, but spiraled into many different things after that. Before I downloaded it, my computer connection was perfect, no random DC's, fast computer, everything. After that, my computer is obviously slower as well as my internet. My router is brand new, and loads instantly on other computers however takes a while to load on mine compared to what it was before. I've wiped my computer, as well as installed Bitdefender, comodo firewall, Malyware bites, CC cleaner, Spybot search and destroy and none of them can find the problem at all! It's very protected, and since installing these programs, my computer runs a bit faster but not as fast as it used to. Can anyone please help me find the root of this problem so I can hopefully return it back to how it was. Thanks much!
  2. Broni

    Broni Malware Annihilator Posts: 46,148   +251

    Welcome aboard [​IMG]

    Please, complete all steps listed here: http://www.techspot.com/vb/topic58138.html
    Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
    Attached logs won't be reviewed.

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.
  3. Lolitsbrittxp

    Lolitsbrittxp Newcomer, in training Topic Starter

    Hello, thank you for replying so fast, I really appreciate it! Here is my info~

    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 10.0.9200.16537 BrowserJavaVersion: 10.17.2
    Run by Brittney Boo Boo at 13:11:58 on 2013-04-14
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8169.4810 [GMT -7:00]
    .
    AV: Trend Micro Titanium Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
    AV: Bitdefender Antivirus Free Edition *Enabled/Updated* {9B5F5313-CAF9-DD97-C460-E778420237B4}
    SP: Trend Micro Titanium Internet Security *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
    SP: COMODO Antivirus *Disabled/Outdated* {FEEA52D5-051E-08DD-07EF-2F009097607D}
    SP: Bitdefender Antivirus Free Edition *Enabled/Updated* {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
    FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
    C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Program Files\HitmanPro\hmpsched.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
    C:\Windows\system32\WLANExt.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Asus\Rotation Desktop for G Series\AsusUacSvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
    C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
    C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
    C:\ExpressGateUtil\VAWinService.exe
    C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe
    C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.0.0\ToolbarUpdater.exe
    C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskhost.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
    C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
    C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
    C:\Program Files\ASUS\P4G\BatteryLife.exe
    C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
    C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\AsScrPro.exe
    C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe
    C:\ExpressGateUtil\VAWinAgent.exe
    C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
    C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
    C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe
    C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
    C:\Windows\SysWOW64\ACEngSvr.exe
    C:\Program Files (x86)\ASUS\Wireless Console 3\WimaxConsole.exe
    C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
    C:\Program Files\COMODO\COMODO Internet Security\cis.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files (x86)\Comodo\Dragon\dragon.exe
    C:\Program Files (x86)\Comodo\Dragon\dragon.exe
    C:\Program Files (x86)\Comodo\Dragon\dragon.exe
    C:\Program Files (x86)\Comodo\Dragon\dragon.exe
    C:\Program Files (x86)\Comodo\Dragon\dragon.exe
    C:\Program Files (x86)\Comodo\Dragon\dragon.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    C:\Program Files (x86)\Comodo\Dragon\dragon.exe
    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Program Files (x86)\Comodo\Dragon\dragon.exe
    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    C:\Windows\system32\sppsvc.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Program Files (x86)\Comodo\Dragon\dragon.exe
    C:\Windows\servicing\TrustedInstaller.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://asus.msn.com
    uDefault_Page_URL = hxxp://asus.msn.com
    uURLSearchHooks: {00000000-6E41-4FD3-8538-502F5495E5FC} - <orphaned>
    mWinlogon: Userinit = userinit.exe
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
    BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: {95B7759C-8C7F-4BF1-B163-73684A933233} - <orphaned>
    BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
    BHO: {D4027C7F-154A-4066-A1AD-4243D8127440} - <orphaned>
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    uRunOnce: [Uninstall C:\Users\Brittney Boo Boo\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] C:\Windows\System32\cmd.exe /q /c rmdir /s /q "C:\Users\Brittney Boo Boo\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
    uRunOnce: [Uninstall C:\Users\Brittney Boo Boo\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910] C:\Windows\System32\cmd.exe /q /c rmdir /s /q "C:\Users\Brittney Boo Boo\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910"
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
    mRun: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe
    mRun: [THX TruStudio NB Settings] "C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe" /r
    mRun: [UpdReg] C:\Windows\UpdReg.EXE
    mRun: [CPMonitor] "C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe"
    mRun: [VAWinAgent] C:\ExpressGateUtil\VAWinAgent.exe
    mRun: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
    mRun: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
    mRun: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
    mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
    mRun: [ACMON] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
    mRun: [FLxHCIm64] "C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe"
    mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
    StartupFolder: C:\Users\BRITTN~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ASUSVI~1.LNK - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
    .
    INFO: HKCU has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    .
    INFO: HKLM has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    TCP: NameServer = 68.105.28.11 68.105.29.11 68.105.28.12
    TCP: Interfaces\{50E13D92-A992-4E23-A222-D9CC85354342} : NameServer = 8.26.56.26,156.154.70.22
    TCP: Interfaces\{57B98A03-46F1-4E8C-BE51-964FD2B8A4C0} : NameServer = 8.26.56.26,156.154.70.22
    TCP: Interfaces\{57B98A03-46F1-4E8C-BE51-964FD2B8A4C0} : DHCPNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
    Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
    Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
    Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.0.0\ViProtocol.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    Notify: SDWinLogon - SDWinLogon.dll
    SSODL: WebCheck - <orphaned>
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    x64-BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll
    x64-Run: [VizorHtmlDialog.exe] "C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe" "DEF" "EULA" "C:\Program Files\Trend Micro\Titanium\UI\Installer.cmpt\resources\preinstall_01_welcome_trial.html" "DEF" "DEF" "DEF"
    x64-Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
    x64-Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe -ReFlush "none" "none"
    x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
    x64-Run: [IntelPAN] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray
    x64-Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
    x64-Run: [THXCfg64] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\THXCfg64.dll,RunDLLEntry THXCfg64
    x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
    x64-Run: [SynAsusAcpi] C:\Program Files (x86)\Synaptics\SynTP\SynAsusAcpi.exe
    x64-Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
    .
    INFO: x64-HKLM has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    x64-Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll
    x64-Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll
    x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
    x64-SSODL: WebCheck - <orphaned>
    Hosts: 127.0.0.1www.spywareinfo.com
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 avc3;avc3;C:\Windows\System32\drivers\avc3.sys [2013-4-14 705552]
    R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2013-4-7 55856]
    R1 ATKWMIACPIIO_;ATKWMIACPI Driver_;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-9-7 17536]
    R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2013-4-7 39768]
    R1 bdfwfpf;bdfwfpf;C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [2013-4-14 107080]
    R1 cmderd;COMODO Internet Security Eradication Driver;C:\Windows\System32\drivers\cmderd.sys [2013-1-16 23176]
    R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\Windows\System32\drivers\cmdguard.sys [2013-1-16 699880]
    R1 cmdHlp;COMODO Internet Security Helper Driver;C:\Windows\System32\drivers\cmdhlp.sys [2013-1-16 48360]
    R1 gzflt;gzflt;C:\Windows\System32\drivers\gzflt.sys [2013-4-14 147232]
    R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
    R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
    R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672]
    R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]
    R2 AsusUacSvc;Asus process privilege adjust service;C:\Program Files\Asus\Rotation Desktop for G Series\AsusUacSvc.exe [2013-4-7 113840]
    R2 CLPSLauncher;COMODO LPS Launcher;C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [2013-3-29 70352]
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    R2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [2011-6-14 498688]
    R2 DragonUpdater;COMODO Dragon Update Service;C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2013-3-28 2074768]
    R2 GeekBuddyRSP;GeekBuddyRSP Service;C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2013-3-13 1851088]
    R2 gzserv;Bitdefender Antivirus Free Edition;C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [2013-4-14 30240]
    R2 HitmanProScheduler;HitmanPro Scheduler;C:\Program Files\HitmanPro\hmpsched.exe [2013-4-12 109352]
    R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-4-12 418376]
    R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-4-12 701512]
    R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-4-7 1103392]
    R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-4-7 1369624]
    R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-4-7 168384]
    R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-3-14 383264]
    R2 TiMiniService;TiMiniService;C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [2011-4-28 241488]
    R2 tmevtmgr;tmevtmgr;C:\Windows\System32\drivers\tmevtmgr.sys [2011-9-23 67664]
    R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-11-29 16120]
    R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2013-4-7 2655768]
    R2 VideAceWindowsService;VideAceWindowsService;C:\ExpressGateUtil\VAWinService.exe [2011-3-25 91464]
    R2 vToolbarUpdater15.0.0;vToolbarUpdater15.0.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.0.0\ToolbarUpdater.exe [2013-4-7 990896]
    R2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [2011-6-14 986112]
    R3 AiCharger;ASUS Charger Driver;C:\Windows\System32\drivers\AiCharger.sys [2013-4-7 17152]
    R3 avckf;avckf;C:\Windows\System32\drivers\avckf.sys [2013-4-14 545064]
    R3 bpenum;Intel(R) Centrino(R) WiMAX Enumerator;C:\Windows\System32\drivers\bpenum.sys [2011-5-19 84480]
    R3 bpmp;Intel(R) Centrino(R) WiMAX 6050 Series;C:\Windows\System32\drivers\bpmp.sys [2011-5-19 182272]
    R3 bpusb;Intel(R) Centrino(R) WiMAX 6050 Series Function Driver;C:\Windows\System32\drivers\bpusb.sys [2011-5-19 83968]
    R3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;C:\Windows\System32\drivers\FLxHCIc.sys [2012-7-18 246568]
    R3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;C:\Windows\System32\drivers\FLxHCIh.sys [2012-7-18 76584]
    R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-4-12 25928]
    R3 MBfilt;MBfilt;C:\Windows\System32\drivers\MBfilt64.sys [2013-4-7 32344]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-4-7 471144]
    R3 SmbDrv;SmbDrv;C:\Windows\System32\drivers\Smb_driver.sys [2012-1-26 22800]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384]
    S3 Amsp;Trend Micro Solution Platform;C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2011-9-23 267480]
    S3 cmdvirth;COMODO Virtual Service Manager;C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2013-1-24 158928]
    S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2013-4-7 79360]
    S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2013-4-7 79360]
    S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2013-4-11 57856]
    S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-9-12 1512448]
    S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);C:\Windows\System32\drivers\L1C62x64.sys [2009-6-10 57344]
    S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-5-2 340240]
    S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\rtsuvstor.sys [2013-4-7 290920]
    S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\System32\drivers\SiSG664.sys [2009-6-10 56832]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-2-18 59392]
    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2011-2-18 31232]
    S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-4-8 1255736]
    .
    =============== Created Last 30 ================
    .
    2013-04-14 14:47:35--------d-----w-C:\Windows\pss
    2013-04-14 14:46:06--------d-----w-C:\Program Files (x86)\Common Files\COMODO
    2013-04-14 13:56:27--------d-----w-C:\Users\Brittney Boo Boo\Doctor Web
    2013-04-14 13:24:4747368----a-w-C:\Windows\SysWow64\certsentry.dll
    2013-04-14 12:55:24--------d--h--w-C:\VTRoot
    2013-04-14 12:48:5971048----a-w-C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2013-04-14 12:48:59691592----a-w-C:\Windows\SysWow64\FlashPlayerApp.exe
    2013-04-14 12:39:28260544----a-w-C:\Windows\System32\drivers\avchv.sys
    2013-04-14 12:35:2324512----a-w-C:\ProgramData\1365942909.bdinstall.bin
    2013-04-14 12:35:0523627----a-w-C:\ProgramData\1365942897.bdinstall.bin
    2013-04-14 12:34:37--------d-s---w-C:\ProgramData\Shared Space
    2013-04-14 12:32:30159395----a-w-C:\ProgramData\1365942277.bdinstall.bin
    2013-04-14 12:31:14--------d-----w-C:\Program Files\COMODO
    2013-04-14 12:30:49--------d-----w-C:\ProgramData\COMODO
    2013-04-14 12:30:47705552----a-w-C:\Windows\System32\drivers\avc3.sys
    2013-04-14 12:30:47545064----a-w-C:\Windows\System32\drivers\avckf.sys
    2013-04-14 12:30:27--------d-----w-C:\Users\Brittney Boo Boo\AppData\Local\Comodo
    2013-04-14 12:30:2256072----a-w-C:\Windows\System32\certsentry.dll
    2013-04-14 12:30:11--------d-----w-C:\Program Files (x86)\Comodo
    2013-04-14 12:30:06348160----a-w-C:\Windows\SysWow64\msvcr71.dll
    2013-04-14 12:30:061700352----a-w-C:\Windows\SysWow64\gdiplus.dll
    2013-04-14 12:30:061060864----a-w-C:\Windows\SysWow64\mfc71.dll
    2013-04-14 12:29:58--------d-----w-C:\ProgramData\Comodo Downloader
    2013-04-14 12:25:05--------d-----w-C:\Users\Brittney Boo Boo\AppData\Roaming\QuickScan
    2013-04-14 12:24:55--------d-----w-C:\Program Files\Bitdefender
    2013-04-14 12:24:50350160----a-w-C:\Windows\System32\drivers\trufos.sys
    2013-04-14 12:24:49147232----a-w-C:\Windows\System32\drivers\gzflt.sys
    2013-04-14 12:15:37--------d-----w-C:\Users\Brittney Boo Boo\AppData\Roaming\SUPERAntiSpyware.com
    2013-04-14 12:15:28--------d-----w-C:\ProgramData\SUPERAntiSpyware.com
    2013-04-14 12:15:28--------d-----w-C:\Program Files\SUPERAntiSpyware
    2013-04-13 16:17:50--------d-----w-C:\Users\Brittney Boo Boo\AppData\Local\Adobe
    2013-04-13 16:11:14--------d-----w-C:\Program Files (x86)\Common Files\Adobe Systems Shared
    2013-04-13 16:08:55--------d-----w-C:\PhSp_CS2_UE_Ret
    2013-04-13 08:50:51--------d-----w-C:\Users\Brittney Boo Boo\.thumbnails
    2013-04-13 08:07:27--------d-----w-C:\Users\Brittney Boo Boo\AppData\Local\fontconfig
    2013-04-13 08:07:26--------d-----w-C:\Users\Brittney Boo Boo\AppData\Local\gegl-0.2
    2013-04-13 08:07:26--------d-----w-C:\Users\Brittney Boo Boo\.gimp-2.8
    2013-04-12 12:08:1812872----a-w-C:\Windows\System32\bootdelete.exe
    2013-04-12 12:00:48--------d-----w-C:\Users\Brittney Boo Boo\AppData\Roaming\Malwarebytes
    2013-04-12 12:00:39--------d-----w-C:\ProgramData\Malwarebytes
    2013-04-12 12:00:3825928----a-w-C:\Windows\System32\drivers\mbam.sys
    2013-04-12 12:00:38--------d-----w-C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2013-04-12 12:00:21--------d-----w-C:\Program Files\HitmanPro
    2013-04-12 12:00:14--------d-----w-C:\ProgramData\HitmanPro
    2013-04-12 11:53:139311288----a-w-C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{06E40604-D147-4514-8A7A-AE1200ACC7EC}\mpengine.dll
    2013-04-12 11:52:363217408----a-w-C:\Windows\SysWow64\mstscax.dll
    2013-04-12 11:52:36158720----a-w-C:\Windows\System32\aaclient.dll
    2013-04-12 11:52:36131584----a-w-C:\Windows\SysWow64\aaclient.dll
    2013-04-12 11:52:24223752----a-w-C:\Windows\System32\drivers\fvevol.sys
    2013-04-12 11:52:235550424----a-w-C:\Windows\System32\ntoskrnl.exe
    2013-04-12 11:52:233913560----a-w-C:\Windows\SysWow64\ntoskrnl.exe
    2013-04-12 11:52:226656----a-w-C:\Windows\SysWow64\apisetschema.dll
    2013-04-12 11:52:2243520----a-w-C:\Windows\System32\csrsrv.dll
    2013-04-12 11:52:223968856----a-w-C:\Windows\SysWow64\ntkrnlpa.exe
    2013-04-12 11:52:22112640----a-w-C:\Windows\System32\smss.exe
    2013-04-12 11:36:50--------d-----w-C:\ProgramData\Creative Labs
    2013-04-12 04:57:49--------d-----w-C:\Users\Brittney Boo Boo\AppData\Roaming\LolClient
    2013-04-11 14:48:02--------d-----w-C:\Windows\en
    2013-04-11 14:46:3457856----a-w-C:\Windows\System32\drivers\fssfltr.sys
    2013-04-11 14:45:5719696----a-w-C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
    2013-04-11 14:43:435659096----a-w-C:\Program Files (x86)\Common Files\Windows Live\.cache\b913f3a51ce36c206\skydrivesetup.exe
    2013-04-11 14:43:43--------d-----w-C:\Program Files (x86)\Microsoft SkyDrive
    2013-04-11 14:43:42--------d-----r-C:\Users\Brittney Boo Boo\SkyDrive
    2013-04-11 14:43:37--------d-----w-C:\ProgramData\Microsoft SkyDrive
    2013-04-11 14:41:5994040----a-w-C:\Program Files (x86)\Common Files\Windows Live\.cache\b7ce9da11ce36c205\DSETUP.dll
    2013-04-11 14:41:59525656----a-w-C:\Program Files (x86)\Common Files\Windows Live\.cache\b7ce9da11ce36c205\DXSETUP.exe
    2013-04-11 14:41:591691480----a-w-C:\Program Files (x86)\Common Files\Windows Live\.cache\b7ce9da11ce36c205\dsetup32.dll
    2013-04-11 14:41:5689944----a-w-C:\Program Files (x86)\Common Files\Windows Live\.cache\b5cc848a1ce36c203\DSETUP.dll
    2013-04-11 14:41:56537432----a-w-C:\Program Files (x86)\Common Files\Windows Live\.cache\b5cc848a1ce36c203\DXSETUP.exe
    2013-04-11 14:41:561801048----a-w-C:\Program Files (x86)\Common Files\Windows Live\.cache\b5cc848a1ce36c203\dsetup32.dll
    2013-04-11 14:41:5189944----a-w-C:\Program Files (x86)\Common Files\Windows Live\.cache\b4250fe71ce36c201\DSETUP.dll
    2013-04-11 14:41:51537432----a-w-C:\Program Files (x86)\Common Files\Windows Live\.cache\b4250fe71ce36c201\DXSETUP.exe
    2013-04-11 14:41:511801048----a-w-C:\Program Files (x86)\Common Files\Windows Live\.cache\b4250fe71ce36c201\dsetup32.dll
    2013-04-11 14:41:50--------d-----w-C:\Users\Brittney Boo Boo\AppData\Local\Windows Live
    2013-04-10 20:56:043717632----a-w-C:\Windows\System32\mstscax.dll
    2013-04-10 20:56:0244032----a-w-C:\Windows\System32\tsgqec.dll
    2013-04-10 20:56:0236864----a-w-C:\Windows\SysWow64\tsgqec.dll
    2013-04-10 20:55:383153408----a-w-C:\Windows\System32\win32k.sys
    2013-04-10 20:51:489311288----a-w-C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
    2013-04-10 14:39:53--------d-----w-C:\Users\Brittney Boo Boo\AppData\Roaming\uTorrent
    2013-04-09 07:21:12--------d-----w-C:\Users\Brittney Boo Boo\AppData\Local\Diagnostics
    2013-04-09 01:38:14154240----a-w-C:\Windows\AsPatch10430001.exe
    2013-04-09 01:36:52--------d-----w-C:\Program Files\Fresco Logic
    2013-04-09 01:35:40--------d-----w-C:\Program Files\Synaptics
    2013-04-09 01:33:16380----a-w-C:\Users\Brittney Boo Boo\AppData\Roaming\sp_data.sys
    2013-04-09 01:28:27196224----a-w-C:\Program Files\Windows Sidebar\Shared Gadgets\P4GUpdate.Gadget\P4GUpdate.dll
    2013-04-09 01:28:25--------d-----w-C:\ProgramData\P4G
    2013-04-09 01:27:022603864----a-w-C:\Windows\System32\WavesGUILib.dll
    2013-04-09 01:27:00823912----a-w-C:\Windows\System32\RtkApi64.dll
    2013-04-09 01:27:004740456----a-w-C:\Windows\System32\drivers\RTKVHD64.sys
    2013-04-09 01:27:003846248----a-w-C:\Windows\System32\RtkAPO64.dll
    2013-04-09 01:27:00331880----a-w-C:\Windows\System32\RtlCPAPI64.dll
    2013-04-09 01:27:002652264----a-w-C:\Windows\System32\RtPgEx64.dll
    2013-04-09 01:27:001560168----a-w-C:\Windows\System32\RTSnMg64.cpl
    2013-04-09 01:27:0014952----a-w-C:\Windows\System32\RtkCoLDR64.dll
    2013-04-09 01:26:591247848----a-w-C:\Windows\System32\RTCOM64.dll
    2013-04-09 01:26:59100968----a-w-C:\Windows\System32\RCoInstII64.dll
    2013-04-09 01:26:58958296----a-w-C:\Windows\System32\MaxxAudioAPOShell64.dll
    2013-04-09 01:26:58626264----a-w-C:\Windows\System32\MBTHX64.dll
    2013-04-09 01:26:58561752----a-w-C:\Windows\SysWow64\MBTHX32.dll
    2013-04-09 01:26:582131288----a-w-C:\Windows\System32\MaxxAudioEQ.dll
    2013-04-09 01:26:552528832----a-w-C:\Windows\System32\FMAPO64.dll
    2013-04-09 01:19:12--------d-----w-C:\Windows\SysWow64\Wat
    2013-04-09 01:19:12--------d-----w-C:\Windows\System32\Wat
    2013-04-08 16:43:369728----a-w-C:\Windows\System32\Wdfres.dll
    2013-04-08 16:43:36785512----a-w-C:\Windows\System32\drivers\Wdf01000.sys
    2013-04-08 16:43:3654376----a-w-C:\Windows\System32\drivers\WdfLdr.sys
    2013-04-08 16:43:362560----a-w-C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
    2013-04-08 16:37:539728---ha-w-C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
    2013-04-08 16:23:5746080----a-w-C:\Windows\System32\atmlib.dll
    2013-04-08 16:23:57367616----a-w-C:\Windows\System32\atmfd.dll
    2013-04-08 16:23:5734304----a-w-C:\Windows\SysWow64\atmlib.dll
    2013-04-08 16:23:57295424----a-w-C:\Windows\SysWow64\atmfd.dll
    2013-04-08 16:23:1787040----a-w-C:\Windows\System32\drivers\WUDFPf.sys
    2013-04-08 16:23:1784992----a-w-C:\Windows\System32\WUDFSvc.dll
    2013-04-08 16:23:17744448----a-w-C:\Windows\System32\WUDFx.dll
    2013-04-08 16:23:1745056----a-w-C:\Windows\System32\WUDFCoinstaller.dll
    2013-04-08 16:23:17229888----a-w-C:\Windows\System32\WUDFHost.exe
    2013-04-08 16:23:17198656----a-w-C:\Windows\System32\drivers\WUDFRd.sys
    2013-04-08 16:23:17194048----a-w-C:\Windows\System32\WUDFPlatform.dll
    2013-04-08 16:16:3381408----a-w-C:\Windows\System32\imagehlp.dll
    2013-04-08 16:16:335120----a-w-C:\Windows\SysWow64\wmi.dll
    2013-04-08 16:16:335120----a-w-C:\Windows\System32\wmi.dll
    2013-04-08 16:16:3323408----a-w-C:\Windows\System32\drivers\fs_rec.sys
    2013-04-08 16:16:33159232----a-w-C:\Windows\SysWow64\imagehlp.dll
    2013-04-08 11:44:46--------d-----w-C:\ProgramData\YTD Video Downloader
    2013-04-08 10:15:599216----a-w-C:\Windows\System32\rdrmemptylst.exe
    2013-04-08 10:14:47498688----a-w-C:\Windows\System32\drivers\afd.sys
    2013-04-08 10:13:59956928----a-w-C:\Windows\System32\localspl.dll
    2013-04-08 05:59:22--------d-----w-C:\Users\Brittney Boo Boo\AppData\Local\Apple Computer
    2013-04-08 05:59:03--------d-----w-C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
    2013-04-08 05:59:03--------d-----w-C:\Program Files\iTunes
    2013-04-08 05:59:03--------d-----w-C:\Program Files\iPod
    2013-04-08 05:59:03--------d-----w-C:\Program Files (x86)\iTunes
    2013-04-08 05:19:1633240----a-w-C:\Windows\System32\drivers\GEARAspiWDM.sys
    2013-04-08 04:30:44--------d-----w-C:\ProgramData\Nexon
    2013-04-08 04:07:49--------d-----w-C:\Users\Brittney Boo Boo\AppData\Local\Apple
    2013-04-08 04:07:13282744------w-C:\Windows\System32\MpSigStub.exe
    2013-04-08 04:07:10--------d-----w-C:\Program Files (x86)\GreenTree Applications
    2013-04-08 04:05:21--------d-----w-C:\Program Files\Bonjour
    2013-04-08 04:05:21--------d-----w-C:\Program Files (x86)\Bonjour
    2013-04-08 03:54:07--------d-----w-C:\Windows\SysWow64\directx
    2013-04-08 03:52:02--------d-----w-C:\Program Files (x86)\MPC-HC
    2013-04-08 03:47:50--------d-----r-C:\Program Files (x86)\Skype
    2013-04-08 03:46:46--------d-----w-C:\eSupport
    2013-04-08 03:45:24--------d-----w-C:\WIMAPPLY
    2013-04-08 03:44:57--------d-----w-C:\ProgramData\Spybot - Search & Destroy
    2013-04-08 03:44:5317272----a-w-C:\Windows\System32\sdnclean64.exe
    2013-04-08 03:44:50--------d-----w-C:\Program Files (x86)\Spybot - Search & Destroy 2
    2013-04-08 03:44:23--------d-----w-C:\Users\Brittney Boo Boo\AppData\Local\Programs
    2013-04-08 03:44:15--------d-----w-C:\Users\Brittney Boo Boo\AppData\Local\AVG SafeGuard toolbar
    2013-04-08 03:44:10--------d-----w-C:\ProgramData\AVG SafeGuard toolbar
    2013-04-08 03:44:05--------d-----w-C:\Program Files (x86)\Common Files\Steam
    2013-04-08 03:44:04--------d-----w-C:\Program Files (x86)\Steam
    2013-04-08 03:44:0039768----a-w-C:\Windows\System32\drivers\avgtpx64.sys
    2013-04-08 03:43:58--------d-----w-C:\Program Files (x86)\Common Files\AVG Secure Search
    2013-04-08 03:43:57--------d-----w-C:\Program Files (x86)\AVG SafeGuard toolbar
    2013-04-08 03:43:50--------d--h--w-C:\ProgramData\Common Files
    2013-04-08 03:43:05--------d-----w-C:\Users\Brittney Boo Boo\AppData\Local\APN
    2013-04-08 03:42:56--------d-----w-C:\ProgramData\Avira
    2013-04-08 03:42:15--------d-----w-C:\Users\Brittney Boo Boo\AppData\Local\Spotify
    2013-04-08 03:40:29--------d-----w-C:\Users\Brittney Boo Boo\AppData\Local\Google
    2013-04-08 03:38:45--------d-----w-C:\Program Files\CCleaner
    2013-04-08 03:38:26--------d-----w-C:\NVIDIA
    2013-04-08 03:33:05826880----a-w-C:\Windows\SysWow64\rdpcore.dll
    2013-04-08 03:33:0523552----a-w-C:\Windows\System32\drivers\tdtcp.sys
    2013-04-08 03:33:051031680----a-w-C:\Windows\System32\rdpcore.dll
    2013-04-08 03:31:14--------d-----w-C:\Users\Brittney Boo Boo\AppData\Local\Apps
    2013-04-08 03:31:13--------d-----w-C:\Users\Brittney Boo Boo\AppData\Local\Deployment
    2013-04-08 03:31:04--------d-----w-C:\Users\Brittney Boo Boo\AppData\Local\Power2Go
    2013-04-08 03:30:0245056----a-w-C:\Windows\SysWow64\acovcnt.exe
    2013-04-08 03:28:5536864----a-w-C:\Windows\System32\wuapp.exe
    2013-04-08 03:28:55186752----a-w-C:\Windows\System32\wuwebv.dll
    2013-04-08 03:13:05--------d--h--w-C:\ExpressGateUtil
    2013-04-08 03:12:17--------d-----w-C:\ProgramData\Uninstall
    2013-04-08 03:10:52--------d-----w-C:\ProgramData\USBChargerPlus
    2013-04-08 03:09:1217152----a-w-C:\Windows\System32\drivers\AiCharger.sys
    2013-04-08 03:09:0777824----a-w-C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
    2013-04-08 03:09:0732768----a-w-C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
    2013-04-08 03:09:07225280----a-w-C:\Program Files (x86)\Common Files\InstallShield\IScript\iscript.dll
    2013-04-08 03:09:07176128----a-w-C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
    2013-04-08 03:09:06614532----a-w-C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
    2013-04-08 03:09:05155648----a-w-C:\Windows\SysWow64\ACEngSvr.exe
    2013-04-08 03:08:33--------d-----w-C:\ProgramData\ASUS
    2013-04-08 03:08:32--------d-----w-C:\ProgramData\VirtualDesktop
    2013-04-08 03:08:31--------d-----w-C:\Program Files\Asus
    2013-04-08 03:04:34--------d-----w-C:\ProgramData\Roaming
    2013-04-08 03:04:01--------d-----w-C:\Program Files\Common Files\Intel
    2013-04-08 03:04:00--------d-----w-C:\Program Files (x86)\Cisco
    2013-04-08 03:02:27--------d-----w-C:\Program Files\Fresco Logic Inc
    2013-04-08 03:02:227367200----a-w-C:\Windows\SysWow64\RtsUVStoricon.dll
    2013-04-08 03:02:22290920----a-w-C:\Windows\System32\drivers\rtsuvstor.sys
    2013-04-08 03:02:2215464------w-C:\Windows\System32\drivers\diskperf64.sys
    2013-04-08 02:58:44--------d-----w-C:\ProgramData\NVIDIA Corporation
    2013-04-08 02:58:311359976----a-w-C:\Windows\System32\nvhdagenco642040.dll
    2013-04-08 02:58:3067176----a-w-C:\Windows\System32\OpenCL.dll
    2013-04-08 02:58:302864144----a-w-C:\Windows\System32\nvapi64.dll
    2013-04-08 02:58:301617512----a-w-C:\Windows\System32\nvdispco6420120.dll
    2013-04-08 02:58:3015508512----a-w-C:\Windows\System32\nvwgf2umx.dll
    2013-04-08 02:58:301359976----a-w-C:\Windows\System32\nvgenco642040.dll
    2013-04-08 02:58:3011240----a-w-C:\Windows\System32\drivers\nvBridge.kmd
    2013-04-08 02:58:2957960----a-w-C:\Windows\SysWow64\OpenCL.dll
    2013-04-08 02:58:25--------d-----w-C:\Program Files\NVIDIA Corporation
    2013-04-08 02:57:288192----a-w-C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
    2013-04-08 02:57:288192----a-w-C:\Windows\System32\drivers\IntelMEFWVer.dll
    2013-04-08 02:57:25--------d-----w-C:\Program Files (x86)\Common Files\postureAgent
    2013-04-08 02:56:3256344----a-w-C:\Windows\System32\drivers\HECIx64.sys
    2013-04-08 02:54:0153248----a-w-C:\Windows\SysWow64\CSVer.dll
    2013-04-08 02:53:58--------d-----w-C:\Intel
    2013-04-08 02:52:35180736----a-w-C:\Windows\System32\ifsutil.dll
    2013-04-08 02:52:35148992----a-w-C:\Windows\SysWow64\ifsutil.dll
    .
    ==================== Find3M ====================
    .
    2013-04-08 16:37:539728---ha-w-C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
    2013-04-08 03:41:0495648----a-w-C:\Windows\SysWow64\WindowsAccessBridge-32.dll
    2013-04-08 03:41:04861088----a-w-C:\Windows\SysWow64\npDeployJava1.dll
    2013-04-08 03:41:04782240----a-w-C:\Windows\SysWow64\deployJava1.dll
    2013-04-08 03:11:24466520----a-w-C:\Windows\System32\wrap_oal.dll
    2013-04-08 03:11:24445016----a-w-C:\Windows\SysWow64\wrap_oal.dll
    2013-04-08 03:11:24123480----a-w-C:\Windows\System32\OpenAL32.dll
    2013-04-08 03:11:24109144----a-w-C:\Windows\SysWow64\OpenAL32.dll
    2013-04-08 03:11:1380512----a-w-C:\Windows\AsusScr_G74 Series_ENG Uninstaller.exe
    2013-04-08 03:11:103058304----a-w-C:\Windows\AsScrPro.exe
    2013-03-15 05:07:52559904----a-w-C:\Windows\SysWow64\nvStreaming.exe
    2013-03-15 04:16:183477280----a-w-C:\Windows\System32\nvsvc64.dll
    2013-03-15 04:16:176398240----a-w-C:\Windows\System32\nvcpl.dll
    2013-03-15 04:16:10877856----a-w-C:\Windows\System32\nvvsvc.exe
    2013-03-15 04:16:1063776----a-w-C:\Windows\System32\nvshext.dll
    2013-03-15 04:16:102555680----a-w-C:\Windows\System32\nvsvcr.dll
    2013-03-15 04:16:10237856----a-w-C:\Windows\System32\nvmctray.dll
    2013-02-21 10:30:161766912----a-w-C:\Windows\SysWow64\wininet.dll
    2013-02-21 10:29:392877440----a-w-C:\Windows\SysWow64\jscript9.dll
    2013-02-21 10:29:3761440----a-w-C:\Windows\SysWow64\iesetup.dll
    2013-02-21 10:29:37109056----a-w-C:\Windows\SysWow64\iesysprep.dll
    2013-02-21 10:15:072240512----a-w-C:\Windows\System32\wininet.dll
    2013-02-21 10:14:093958784----a-w-C:\Windows\System32\jscript9.dll
    2013-02-21 10:14:0567072----a-w-C:\Windows\System32\iesetup.dll
    2013-02-21 10:14:05136704----a-w-C:\Windows\System32\iesysprep.dll
    2013-02-19 12:01:032706432----a-w-C:\Windows\SysWow64\mshtml.tlb
    2013-02-19 11:42:142706432----a-w-C:\Windows\System32\mshtml.tlb
    2013-02-19 11:10:5371680----a-w-C:\Windows\SysWow64\RegisterIEPKEYs.exe
    2013-02-19 10:51:1889600----a-w-C:\Windows\System32\RegisterIEPKEYs.exe
    2013-02-12 05:45:24135168----a-w-C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
    2013-02-12 05:45:22350208----a-w-C:\Windows\apppatch\AppPatch64\AcLayers.dll
    2013-02-12 05:45:22308736----a-w-C:\Windows\apppatch\AppPatch64\AcGenral.dll
    2013-02-12 05:45:22111104----a-w-C:\Windows\apppatch\AppPatch64\acspecfc.dll
    2013-02-12 04:48:31474112----a-w-C:\Windows\apppatch\AcSpecfc.dll
    2013-02-12 04:48:262176512----a-w-C:\Windows\apppatch\AcGenral.dll
    2013-02-12 04:12:0519968----a-w-C:\Windows\System32\drivers\usb8023.sys
    2013-01-25 05:43:0443216----a-w-C:\Windows\System32\cmdcsr.dll
    2013-01-25 05:43:02461384----a-w-C:\Windows\System32\guard64.dll
    2013-01-25 05:43:02354752----a-w-C:\Windows\SysWow64\guard32.dll
    2013-01-25 05:42:5445776----a-w-C:\Windows\System32\cmdkbd64.dll
    2013-01-25 05:42:54326352----a-w-C:\Windows\System32\cmdvrt64.dll
    2013-01-25 05:42:5040656----a-w-C:\Windows\SysWow64\cmdkbd32.dll
    2013-01-25 05:42:50263888----a-w-C:\Windows\SysWow64\cmdvrt32.dll
    2013-01-17 02:51:46699880----a-w-C:\Windows\System32\drivers\cmdguard.sys
    2013-01-17 02:51:4648360----a-w-C:\Windows\System32\drivers\cmdhlp.sys
    2013-01-17 02:51:4423176----a-w-C:\Windows\System32\drivers\cmderd.sys
    .
    ============= FINISH: 13:13:31.59 ===============

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume2
    Install Date: 4/7/2013 8:28:39 PM
    System Uptime: 4/14/2013 1:06:08 PM (0 hours ago)
    .
    Motherboard: ASUSTeK Computer Inc. | | G74Sx
    Processor: Intel(R) Core(TM) i7-2670QM CPU @ 2.20GHz | CPU 1 | 2201/100mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 195 GiB total, 112.754 GiB free.
    D: is FIXED (NTFS) - 233 GiB total, 141.324 GiB free.
    E: is FIXED (NTFS) - 233 GiB total, 181.358 GiB free.
    F: is FIXED (NTFS) - 245 GiB total, 197.383 GiB free.
    G: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    No restore point in system.
    .
    ==== Installed Programs ======================
    .
    µTorrent
    Adobe Bridge 1.0
    Adobe Common File Installer
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Help Center 1.0
    Adobe Photoshop CS2
    Adobe Reader X (10.1.0) MUI
    Adobe Stock Photos 1.0
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    Ask Toolbar
    ASUS AI Recovery
    ASUS FaceLogon
    ASUS Live Update
    ASUS Power4Gear Hybrid
    ASUS Splendid Video Enhancement Technology
    ASUS USB Charger Plus
    ASUS Virtual Camera
    AsusScr_G74 Series_ENG
    AsusVibe2.0
    ATK Package
    AVG SafeGuard toolbar
    Best Buy Connect
    Best Buy pc app
    Bitdefender Antivirus Free Edition
    Bonjour
    CCleaner
    Comodo Dragon
    COMODO Internet Security
    CyberLink LabelPrint
    CyberLink Power2Go
    D3DX10
    DirectX 9 Runtime
    DragonNest
    ExpressGateCloud
    Fresco Logic USB3.0 Host Controller
    GameFast.exe
    GeekBuddy
    Google Chrome
    Google Update Helper
    HitmanPro 3.7
    Intel PROSet Wireless
    Intel(R) Control Center
    Intel(R) Management Engine Components
    Intel(R) PROSet/Wireless WiFi Software
    Intel(R) Turbo Boost Technology Monitor 2.0
    Intel® PROSet/Wireless WiMAX Software
    iTunes
    Java 7 Update 17
    Java Auto Updater
    Junk Mail filter update
    Malwarebytes Anti-Malware version 1.75.0.1300
    Microsoft .NET Framework 4 Client Profile
    Microsoft .NET Framework 4 Extended
    Microsoft Application Error Reporting
    Microsoft Office 2010
    Microsoft Silverlight
    Microsoft SkyDrive
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2005 Redistributable (x64)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    Movie Maker
    MPC-HC 1.6.6.6957 (3975d54)
    MSVCRT
    MSVCRT_amd64
    MSVCRT110
    MSVCRT110_amd64
    Nexon Game Manager
    NVIDIA 3D Vision Driver 314.22
    NVIDIA Control Panel 314.22
    NVIDIA Graphics Driver 314.22
    NVIDIA HD Audio Driver 1.3.23.1
    NVIDIA Install Application
    NVIDIA PhysX
    NVIDIA PhysX System Software 9.12.1031
    NVIDIA Stereoscopic 3D Driver
    NVIDIA Update 1.12.12
    NVIDIA Update Components
    Photo Common
    Photo Gallery
    RaidCall
    Realtek Ethernet Controller Driver
    Realtek High Definition Audio Driver
    Realtek USB 2.0 Reader Driver
    Rotation Desktop for G Series.exe
    Roxio AACS Certificate
    Roxio CinePlayer
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
    Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
    Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
    Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
    Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
    Skype™ 6.3
    Spotify
    Spybot - Search & Destroy
    Steam
    SUPERAntiSpyware
    Synaptics Pointing Device Driver
    THX TruStudio
    Trend Micro Titanium Internet Security
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
    Update for Microsoft .NET Framework 4 Extended (KB2468871)
    Update for Microsoft .NET Framework 4 Extended (KB2533523)
    Update for Microsoft .NET Framework 4 Extended (KB2600217)
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Family Safety
    Windows Live ID Sign-in Assistant
    Windows Live Installer
    Windows Live Mail
    Windows Live Messenger
    Windows Live MIME IFilter
    Windows Live Photo Common
    Windows Live PIMT Platform
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer Resources
    WinFlash
    WinRAR 4.20 (64-bit)
    Wireless Console 3
    YTD Video Downloader 4.0
    .
    ==== Event Viewer Messages From Past Week ========
    .
    4/8/2013 6:25:45 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2797052).
    4/8/2013 6:25:45 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Cumulative Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2809289).
    4/8/2013 12:46:16 AM, Error: Service Control Manager [7000] - The ATKWMIACPI Driver_ service failed to start due to the following error: The system cannot find the file specified.
    4/7/2013 9:18:00 PM, Error: iaStor [9] - The device, \Device\Ide\iaStor0, did not respond within the timeout period.
    4/7/2013 8:46:27 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
    4/7/2013 8:46:27 PM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    4/7/2013 8:42:02 PM, Error: Schannel [36887] - The following fatal alert was received: 51.
    4/7/2013 10:59:32 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Apple Mobile Device service, but this action failed with the following error: An instance of the service is already running.
    4/7/2013 10:58:32 PM, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
    4/7/2013 10:54:29 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cdrom
    4/7/2013 10:19:49 PM, Error: Service Control Manager [7000] - The Apple Mobile Device service failed to start due to the following error: The application has failed to start because its side-by-side configuration is incorrect. Please see the application event log or use the command-line sxstrace.exe tool for more detail.
    4/14/2013 7:44:10 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: CFRMD
    4/14/2013 7:42:14 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Appinfo service.
    4/14/2013 5:31:31 AM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.
    4/14/2013 5:31:28 AM, Error: Service Control Manager [7000] - The bdfwfpf service failed to start due to the following error: The system cannot find the file specified.
    4/12/2013 5:40:19 AM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for Start with the following error: Access is denied.
    4/12/2013 5:09:50 AM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for Description with the following error: Access is denied.
    .
    ==== End Of File ===========================
  4. Broni

    Broni Malware Annihilator Posts: 46,148   +251

  5. Lolitsbrittxp

    Lolitsbrittxp Newcomer, in training Topic Starter

    Hello, thank you for responding so fast!
    Here is mbam:

    Malwarebytes Anti-Malware (Trial) 1.75.0.1300
    www.malwarebytes.org

    Database version: v2013.04.12.03

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 10.0.9200.16521
    Brittney Boo Boo :: BRITTNEYBOOBOO [administrator]

    Protection: Enabled

    4/12/2013 5:01:58 AM
    mbam-log-2013-04-12 (05-01-58).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 233565
    Time elapsed: 5 minute(s), 21 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    (end)
  6. Lolitsbrittxp

    Lolitsbrittxp Newcomer, in training Topic Starter

  7. Lolitsbrittxp

    Lolitsbrittxp Newcomer, in training Topic Starter

  8. Broni

    Broni Malware Annihilator Posts: 46,148   +251

    [​IMG] You're running two AV programs, TrendMicro and BitDefender.
    You must uninstall one of them.
    In addition...if you leave TrendMicro, it includes a firewall so you'll have to uninstall Comodo firewall.
    In general you must end up with one AV and one firewall running.

    [​IMG] Download RogueKiller on the desktop
    • Close all the running programs
    • Windows Vista/7 users: right click on RogueKiller.exe, click Run as Administrator
    • Otherwise just double-click on RogueKiller.exe
    • Pre-scan will start. Let it finish.
    • Click on SCAN button.
    • Wait until the Status box shows Scan Finished
    • Click on Delete.
    • Wait until the Status box shows Deleting Finished.
    • Click on Report and copy/paste the content of the Notepad into your next reply.
    • RKreport.txt could also be found on your desktop.
    • If more than one log is produced post all logs.
    • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

    [​IMG] Download Malwarebytes Anti-Rootkit (MBAR) from HERE
    • Unzip downloaded file.
    • Open the folder where the contents were unzipped and run mbar.exe
    • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
    • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
    • Wait while the system shuts down and the cleanup process is performed.
    • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
    • When done, please post the two logs produced they will be in the MBAR folder..... mbar-log-xxxxx.txt and system-log.txt
  9. Lolitsbrittxp

    Lolitsbrittxp Newcomer, in training Topic Starter

    The malwarebytes anti-malware from the website link you posted.
  10. Broni

    Broni Malware Annihilator Posts: 46,148   +251

    Read my previous reply.
  11. Lolitsbrittxp

    Lolitsbrittxp Newcomer, in training Topic Starter

    Rouge
    RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
    mail : tigzyRK<at>gmail<dot>com
    Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
    Website : http://tigzy.geekstogo.com/roguekiller.php
    Blog : http://tigzyrk.blogspot.com/

    Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
    Started in : Normal mode
    User : Brittney Boo Boo [Admin rights]
    Mode : Scan -- Date : 04/14/2013 13:34:57
    | ARK || FAK || MBR |

    ¤¤¤ Bad processes : 0 ¤¤¤

    ¤¤¤ Registry Entries : 10 ¤¤¤
    [TASK][SUSP PATH] ASUS Patch 10430001 : C:\Windows\AsPatch10430001.exe -e [7] -> FOUND
    [STARTUP][SUSP PATH] Best Buy pc app.lnk @Default : C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe [7] -> FOUND
    [STARTUP][SUSP PATH] Best Buy pc app.lnk @Default User : C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe [7] -> FOUND
    [STARTUP][SUSP PATH] Best Buy pc app.lnk @UpdatusUser : C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe [7] -> FOUND
    [DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{50E13D92-A992-4E23-A222-D9CC85354342} : NameServer (8.26.56.26,156.154.70.22) -> FOUND
    [DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{57B98A03-46F1-4E8C-BE51-964FD2B8A4C0} : NameServer (8.26.56.26,156.154.70.22) -> FOUND
    [DNS] HKLM\[...]\ControlSet002\Services\Tcpip\Interfaces\{50E13D92-A992-4E23-A222-D9CC85354342} : NameServer (8.26.56.26,156.154.70.22) -> FOUND
    [DNS] HKLM\[...]\ControlSet002\Services\Tcpip\Interfaces\{57B98A03-46F1-4E8C-BE51-964FD2B8A4C0} : NameServer (8.26.56.26,156.154.70.22) -> FOUND
    [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
    [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

    ¤¤¤ Particular Files / Folders: ¤¤¤

    ¤¤¤ Driver : [NOT LOADED] ¤¤¤

    ¤¤¤ HOSTS File: ¤¤¤
    --> C:\Windows\system32\drivers\etc\hosts

    127.0.0.1www.007guard.com
    127.0.0.1007guard.com
    127.0.0.1008i.com
    127.0.0.1www.008k.com
    127.0.0.1008k.com
    127.0.0.1www.00hq.com
    127.0.0.100hq.com
    127.0.0.1010402.com
    127.0.0.1www.032439.com
    127.0.0.1032439.com
    127.0.0.1www.0scan.com
    127.0.0.10scan.com
    127.0.0.1www.1000gratisproben.com
    127.0.0.11000gratisproben.com
    127.0.0.11001namen.com
    127.0.0.1www.1001namen.com
    127.0.0.1100888290cs.com
    127.0.0.1www.100888290cs.com
    127.0.0.1www.100sexlinks.com
    127.0.0.1100sexlinks.com
    [...]
     
  12. Lolitsbrittxp

    Lolitsbrittxp Newcomer, in training Topic Starter

    ---------------------------------------
    Malwarebytes Anti-Rootkit BETA 1.05.0.1001

    (c) Malwarebytes Corporation 2011-2012

    OS version: 6.1.7601 Windows 7 Service Pack 1 x64

    Account is Administrative

    Internet Explorer version: 10.0.9200.16540

    File system is: NTFS
    Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, E:\ DRIVE_FIXED, F:\ DRIVE_FIXED
    CPU speed: 2.195000 GHz
    Memory total: 8565989376, free: 5416095744

    ------------ Kernel report ------------
    04/14/2013 13:37:21
    ------------ Loaded modules -----------
    \SystemRoot\system32\ntoskrnl.exe
    \SystemRoot\system32\hal.dll
    \SystemRoot\system32\kdcom.dll
    \SystemRoot\system32\mcupdate_GenuineIntel.dll
    \SystemRoot\system32\PSHED.dll
    \SystemRoot\system32\CLFS.SYS
    \SystemRoot\system32\CI.dll
    \SystemRoot\system32\DRIVERS\trufos.sys
    \SystemRoot\system32\DRIVERS\FLTMGR.SYS
    \SystemRoot\system32\drivers\Wdf01000.sys
    \SystemRoot\system32\drivers\WDFLDR.SYS
    \SystemRoot\system32\drivers\ACPI.sys
    \SystemRoot\system32\drivers\WMILIB.SYS
    \SystemRoot\system32\drivers\msisadrv.sys
    \SystemRoot\system32\drivers\pci.sys
    \SystemRoot\system32\drivers\vdrvroot.sys
    \SystemRoot\System32\drivers\partmgr.sys
    \SystemRoot\system32\drivers\compbatt.sys
    \SystemRoot\system32\drivers\BATTC.SYS
    \SystemRoot\system32\drivers\volmgr.sys
    \SystemRoot\System32\drivers\volmgrx.sys
    \SystemRoot\system32\drivers\pciide.sys
    \SystemRoot\system32\drivers\PCIIDEX.SYS
    \SystemRoot\System32\drivers\mountmgr.sys
    \SystemRoot\system32\DRIVERS\iaStor.sys
    \SystemRoot\system32\drivers\atapi.sys
    \SystemRoot\system32\drivers\ataport.SYS
    \SystemRoot\system32\drivers\msahci.sys
    \SystemRoot\system32\drivers\amdxata.sys
    \SystemRoot\system32\drivers\fileinfo.sys
    \SystemRoot\system32\DRIVERS\avc3.sys
    \SystemRoot\System32\Drivers\PxHlpa64.sys
    \SystemRoot\System32\Drivers\Ntfs.sys
    \SystemRoot\System32\Drivers\msrpc.sys
    \SystemRoot\System32\Drivers\ksecdd.sys
    \SystemRoot\System32\Drivers\cng.sys
    \SystemRoot\System32\drivers\pcw.sys
    \SystemRoot\System32\Drivers\Fs_Rec.sys
    \SystemRoot\system32\drivers\ndis.sys
    \SystemRoot\system32\drivers\NETIO.SYS
    \SystemRoot\System32\Drivers\ksecpkg.sys
    \SystemRoot\System32\drivers\tcpip.sys
    \SystemRoot\System32\drivers\fwpkclnt.sys
    \SystemRoot\system32\drivers\volsnap.sys
    \SystemRoot\System32\Drivers\spldr.sys
    \SystemRoot\System32\drivers\rdyboost.sys
    \SystemRoot\System32\Drivers\mup.sys
    \SystemRoot\System32\drivers\hwpolicy.sys
    \SystemRoot\System32\DRIVERS\fvevol.sys
    \SystemRoot\system32\drivers\disk.sys
    \SystemRoot\system32\drivers\CLASSPNP.SYS
    \SystemRoot\System32\DRIVERS\cmderd.sys
    \SystemRoot\system32\DRIVERS\cdrom.sys
    \SystemRoot\system32\DRIVERS\cmdguard.sys
    \SystemRoot\system32\DRIVERS\gzflt.sys
    \SystemRoot\System32\Drivers\Null.SYS
    \SystemRoot\System32\Drivers\Beep.SYS
    \??\C:\Windows\system32\drivers\avgtpx64.sys
    \SystemRoot\System32\drivers\vga.sys
    \SystemRoot\System32\drivers\VIDEOPRT.SYS
    \SystemRoot\System32\drivers\watchdog.sys
    \SystemRoot\System32\DRIVERS\RDPCDD.sys
    \SystemRoot\system32\drivers\rdpencdd.sys
    \SystemRoot\system32\drivers\rdprefmp.sys
    \SystemRoot\System32\Drivers\Msfs.SYS
    \SystemRoot\System32\Drivers\Npfs.SYS
    \??\C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys
    \SystemRoot\system32\DRIVERS\tdx.sys
    \SystemRoot\system32\DRIVERS\TDI.SYS
    \SystemRoot\System32\DRIVERS\cmdhlp.sys
    \SystemRoot\system32\drivers\afd.sys
    \SystemRoot\System32\DRIVERS\netbt.sys
    \SystemRoot\system32\DRIVERS\wfplwf.sys
    \SystemRoot\system32\DRIVERS\pacer.sys
    \SystemRoot\system32\DRIVERS\vwififlt.sys
    \SystemRoot\system32\DRIVERS\inspect.sys
    \SystemRoot\system32\DRIVERS\netbios.sys
    \SystemRoot\system32\DRIVERS\wanarp.sys
    \SystemRoot\system32\DRIVERS\tmtdi.sys
    \SystemRoot\system32\DRIVERS\termdd.sys
    \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
    \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
    \SystemRoot\system32\DRIVERS\rdbss.sys
    \SystemRoot\system32\drivers\nsiproxy.sys
    \SystemRoot\system32\DRIVERS\mssmbios.sys
    \SystemRoot\System32\drivers\discache.sys
    \SystemRoot\System32\Drivers\dfsc.sys
    \SystemRoot\system32\DRIVERS\blbdrive.sys
    \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
    \SystemRoot\system32\DRIVERS\tunnel.sys
    \SystemRoot\system32\DRIVERS\nvlddmkm.sys
    \SystemRoot\System32\Drivers\nvBridge.kmd
    \SystemRoot\System32\drivers\dxgkrnl.sys
    \SystemRoot\System32\drivers\dxgmms1.sys
    \SystemRoot\system32\DRIVERS\HDAudBus.sys
    \SystemRoot\system32\DRIVERS\HECIx64.sys
    \SystemRoot\system32\DRIVERS\AiCharger.sys
    \SystemRoot\system32\DRIVERS\usbehci.sys
    \SystemRoot\system32\DRIVERS\USBPORT.SYS
    \SystemRoot\system32\DRIVERS\NETwNs64.sys
    \SystemRoot\system32\DRIVERS\vwifibus.sys
    \SystemRoot\system32\DRIVERS\FLxHCIc.sys
    \SystemRoot\system32\DRIVERS\USBD.SYS
    \SystemRoot\system32\DRIVERS\Rt64win7.sys
    \SystemRoot\system32\DRIVERS\i8042prt.sys
    \SystemRoot\system32\DRIVERS\SynTP.sys
    \SystemRoot\system32\DRIVERS\mouclass.sys
    \SystemRoot\system32\DRIVERS\kbfiltr.sys
    \SystemRoot\system32\DRIVERS\kbdclass.sys
    \SystemRoot\system32\DRIVERS\Smb_driver.sys
    \SystemRoot\system32\DRIVERS\CmBatt.sys
    \SystemRoot\system32\DRIVERS\intelppm.sys
    \SystemRoot\system32\DRIVERS\wmiacpi.sys
    \SystemRoot\system32\DRIVERS\CompositeBus.sys
    \SystemRoot\system32\DRIVERS\AgileVpn.sys
    \SystemRoot\system32\DRIVERS\rasl2tp.sys
    \SystemRoot\system32\DRIVERS\ndistapi.sys
    \SystemRoot\system32\DRIVERS\ndiswan.sys
    \SystemRoot\system32\DRIVERS\raspppoe.sys
    \SystemRoot\system32\DRIVERS\raspptp.sys
    \SystemRoot\system32\DRIVERS\rassstp.sys
    \SystemRoot\system32\DRIVERS\swenum.sys
    \SystemRoot\system32\DRIVERS\ks.sys
    \SystemRoot\system32\DRIVERS\umbus.sys
    \SystemRoot\system32\DRIVERS\bpenum.sys
    \SystemRoot\system32\DRIVERS\usbhub.sys
    \SystemRoot\System32\Drivers\NDProxy.SYS
    \SystemRoot\system32\drivers\nvhda64v.sys
    \SystemRoot\system32\drivers\portcls.sys
    \SystemRoot\system32\drivers\drmk.sys
    \SystemRoot\system32\drivers\ksthunk.sys
    \SystemRoot\system32\drivers\RTKVHD64.sys
    \SystemRoot\system32\drivers\MBfilt64.sys
    \SystemRoot\system32\DRIVERS\FLxHCIh.sys
    \SystemRoot\System32\Drivers\bpusb.sys
    \SystemRoot\system32\DRIVERS\usbccgp.sys
    \SystemRoot\System32\win32k.sys
    \SystemRoot\System32\drivers\Dxapi.sys
    \SystemRoot\system32\DRIVERS\hidusb.sys
    \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
    \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
    \SystemRoot\system32\DRIVERS\bpmp.sys
    \SystemRoot\System32\Drivers\usbvideo.sys
    \SystemRoot\system32\DRIVERS\mouhid.sys
    \SystemRoot\System32\Drivers\crashdmp.sys
    \SystemRoot\System32\Drivers\dump_iaStor.sys
    \SystemRoot\System32\Drivers\dump_dumpfve.sys
    \SystemRoot\system32\DRIVERS\monitor.sys
    \SystemRoot\System32\TSDDD.dll
    \SystemRoot\System32\cdd.dll
    \SystemRoot\system32\drivers\luafv.sys
    \??\C:\Windows\system32\drivers\mbam.sys
    \SystemRoot\system32\drivers\WudfPf.sys
    \SystemRoot\system32\DRIVERS\avckf.sys
    \SystemRoot\system32\DRIVERS\lltdio.sys
    \SystemRoot\system32\DRIVERS\nwifi.sys
    \SystemRoot\system32\DRIVERS\ndisuio.sys
    \SystemRoot\system32\DRIVERS\rspndr.sys
    \SystemRoot\system32\DRIVERS\TurboB.sys
    \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
    \SystemRoot\system32\drivers\HTTP.sys
    \SystemRoot\system32\DRIVERS\bowser.sys
    \SystemRoot\System32\drivers\mpsdrv.sys
    \SystemRoot\system32\DRIVERS\mrxsmb.sys
    \SystemRoot\system32\DRIVERS\mrxsmb10.sys
    \SystemRoot\system32\DRIVERS\mrxsmb20.sys
    \SystemRoot\system32\DRIVERS\tmcomm.sys
    \SystemRoot\system32\DRIVERS\tmevtmgr.sys
    \SystemRoot\system32\DRIVERS\tmactmon.sys
    \SystemRoot\system32\DRIVERS\vwifimp.sys
    \SystemRoot\system32\drivers\peauth.sys
    \SystemRoot\System32\Drivers\secdrv.SYS
    \SystemRoot\System32\DRIVERS\srvnet.sys
    \SystemRoot\System32\drivers\tcpipreg.sys
    \SystemRoot\System32\DRIVERS\srv2.sys
    \SystemRoot\System32\DRIVERS\srv.sys
    \SystemRoot\System32\Drivers\fastfat.SYS
    \??\C:\Windows\system32\drivers\mbamchameleon.sys
    \??\C:\Windows\system32\drivers\mbamswissarmy.sys
    \Windows\System32\ntdll.dll
    \Windows\System32\smss.exe
    \Windows\System32\apisetschema.dll
    \Windows\System32\autochk.exe
    \Windows\System32\iertutil.dll
    \Windows\System32\advapi32.dll
    ----------- End -----------
    <<<1>>>
    Upper Device Name: \Device\Harddisk1\DR1
    Upper Device Object: 0xfffffa80078d6060
    Upper Device Driver Name: \Driver\Disk\
    Lower Device Name: \Device\Ide\IAAStorageDevice-2\
    Lower Device Object: 0xfffffa8007209050
    Lower Device Driver Name: \Driver\iaStor\
    Driver name found: iaStor
    Initialization returned 0x0
    Load Function returned 0x0
    <<<1>>>
    Upper Device Name: \Device\Harddisk0\DR0
    Upper Device Object: 0xfffffa80077ff790
    Upper Device Driver Name: \Driver\Disk\
    Lower Device Name: \Device\Ide\IAAStorageDevice-1\
    Lower Device Object: 0xfffffa800720b050
    Lower Device Driver Name: \Driver\iaStor\
    Driver name found: iaStor
    Downloaded database version: v2013.04.14.06
    Downloaded database version: v2013.03.25.01
    Initializing...
    Done!
    <<<2>>>
    Device number: 0, partition: 2
    Physical Sector Size: 512
    Drive: 0, DevicePointer: 0xfffffa80077ff790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
    --------- Disk Stack ------
    DevicePointer: 0xfffffa80077ff250, DeviceName: Unknown, DriverName: \Driver\partmgr\
    DevicePointer: 0xfffffa80077ff790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
    DevicePointer: 0xfffffa8007203720, DeviceName: Unknown, DriverName: \Driver\ACPI\
    DevicePointer: 0xfffffa800720b050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
    ------------ End ----------
    Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
    Upper DeviceData: 0xfffff8a0048df600, 0xfffffa80077ff790, 0xfffffa80109ca790
    Lower DeviceData: 0xfffff8a003510700, 0xfffffa800720b050, 0xfffffa800ec62cf0
    <<<3>>>
    Volume: C:
    File system type: NTFS
    SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
    Scanning directory: C:\Windows\system32\drivers...
    <<<2>>>
    Device number: 0, partition: 2
    <<<3>>>
    Volume: C:
    File system type: NTFS
    SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
    Done!
    Drive 0
    Scanning MBR on drive 0...
    Inspecting partition table:
    MBR Signature: 55AA
    Disk Signature: E3102A4B

    Partition information:

    Partition 0 type is Other (0x1c)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 2048 Numsec = 52428800

    Partition 1 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 52430848 Numsec = 409686016
    Partition file system is NTFS
    Partition is bootable

    Partition 2 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 462116864 Numsec = 514654208

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0 Numsec = 0

    Disk Size: 500107862016 bytes
    Sector size: 512 bytes

    Scanning physical sectors of unpartitioned space on drive 0 (1-2047-976753168-976773168)...
    Physical Sector Size: 512
    Drive: 1, DevicePointer: 0xfffffa80078d6060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
    --------- Disk Stack ------
    DevicePointer: 0xfffffa80078d6b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
    DevicePointer: 0xfffffa80078d6060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
    DevicePointer: 0xfffffa8007207950, DeviceName: Unknown, DriverName: \Driver\ACPI\
    DevicePointer: 0xfffffa8007209050, DeviceName: \Device\Ide\IAAStorageDevice-2\, DriverName: \Driver\iaStor\
    ------------ End ----------
    Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
    Upper DeviceData: 0xfffff8a00fa1e930, 0xfffffa80078d6060, 0xfffffa800ebfc090
    Lower DeviceData: 0xfffff8a003a2c3e0, 0xfffffa8007209050, 0xfffffa800ec8c420
    Drive 1
    Scanning MBR on drive 1...
    Inspecting partition table:
    MBR Signature: 55AA
    Disk Signature: BBC58B91

    Partition information:

    Partition 0 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 2048 Numsec = 488366080

    Partition 1 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 488368128 Numsec = 488405040

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0 Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0 Numsec = 0

    Disk Size: 500107862016 bytes
    Sector size: 512 bytes

    Done!
    Performing system, memory and registry scan...
    Read File: File "c:\ProgramData\{8AE336A1-F82F-4ABF-A02A-B6ABA86CB4C5}\Best Buy pc app Setup.dat" is compressed (flags = 1)
    Read File: File "c:\ProgramData\{8AE336A1-F82F-4ABF-A02A-B6ABA86CB4C5}\instance.dat" is compressed (flags = 1)
    Read File: File "c:\ProgramData\{8AE336A1-F82F-4ABF-A02A-B6ABA86CB4C5}\Best Buy pc app Setup.dat" is compressed (flags = 1)
    Read File: File "c:\ProgramData\{8AE336A1-F82F-4ABF-A02A-B6ABA86CB4C5}\instance.dat" is compressed (flags = 1)
    Done!
    Scan finished
    =======================================
  13. Broni

    Broni Malware Annihilator Posts: 46,148   +251

    I don't see anything malicious there.

    In this forum, we make sure, your computer is free of malware and your computer is clean :)
    Because the access to malware forum is very limited, your best option is to create new topic about your current issue, at Windows section.
    You'll get more attention.
  14. Lolitsbrittxp

    Lolitsbrittxp Newcomer, in training Topic Starter

    OKay thank you.
  15. Broni

    Broni Malware Annihilator Posts: 46,148   +251



Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.