TechSpot

Unable to get rid of UnIIDealSe and The Adblocker [LOGS]

By Sicxie
Mar 4, 2015
  1. Malwarebytes log:

    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scan Date: 4.3.2015
    Scan Time: 15:06:16
    Logfile: LOG.txt
    Administrator: Yes

    Version: 2.00.4.1028
    Malware Database: v2015.03.04.04
    Rootkit Database: v2015.02.25.01
    License: Trial
    Malware Protection: Enabled
    Malicious Website Protection: Enabled
    Self-protection: Disabled

    OS: Windows 7 Service Pack 1
    CPU: x64
    File System: NTFS
    User: Lauri

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 382461
    Time Elapsed: 3 min, 44 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Enabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 0
    (No malicious items detected)

    Registry Values: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Folders: 0
    (No malicious items detected)

    Files: 0
    (No malicious items detected)

    Physical Sectors: 0
    (No malicious items detected)


    (end)

    Attach.txt

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows 7 Professional
    Boot Device: \Device\HarddiskVolume1
    Install Date: 1.9.2014 20:35:39
    System Uptime: 3.3.2015 19:18:10 (20 hours ago)
    .
    Motherboard: ASUSTeK COMPUTER INC. | | Z97-PRO(Wi-Fi ac)
    Processor: Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz | SOCKET 1150 | 4001/100mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 112 GiB total, 21,265 GiB free.
    D: is FIXED (NTFS) - 466 GiB total, 102,69 GiB free.
    E: is Removable
    F: is FIXED (FAT32) - 0 GiB total, 0 GiB free.
    G: is FIXED (NTFS) - 298 GiB total, 244,611 GiB free.
    I: is FIXED (NTFS) - 415 GiB total, 396,342 GiB free.
    L: is FIXED (NTFS) - 516 GiB total, 447,428 GiB free.
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Broadcom 802.11ac Network Adapter
    Device ID: PCI\VEN_14E4&DEV_43B1&SUBSYS_855C1043&REV_03\6&37155A88&0&000800E3
    Manufacturer: Broadcom
    Name: Broadcom 802.11ac Network Adapter
    PNP Device ID: PCI\VEN_14E4&DEV_43B1&SUBSYS_855C1043&REV_03\6&37155A88&0&000800E3
    Service: BCM43XX
    .
    ==== System Restore Points ===================
    .
    RP111: 23.2.2015 16:23:06 - Windows Update
    RP112: 27.2.2015 8:24:27 - Windows Update
    RP113: 2.3.2015 21:08:15 - Windows Update
    RP114: 3.3.2015 17:20:35 - avast! antivirus system restore point
    .
    ==== Installed Programs ======================
    .
    Ace Stream Media 3.0.0
    Adobe Reader XI (11.0.10) - Suomi
    Adobe Refresh Manager
    Apple Software Update
    Applen ohjelmatuki
    ArchiCAD 17 FIN
    Artlantis Render 5.1.2.4 (64 bit)
    Asmedia ASM104x USB 3.0 Host Controller Driver
    Asmedia ASM106x SATA Host Controller Driver
    Avast Free Antivirus
    Battle.net
    BitTorrent
    Borderlands: The Pre-Sequel
    Broadcom 802.11 Network Adapter
    CCleaner
    Cisco EAP-FAST Module
    Cisco LEAP Module
    Cisco PEAP Module
    CodeMeter Runtime Kit v5.00a
    Counter-Strike: Global Offensive
    Crysis®3
    EaseUS Data Recovery Wizard 8.6
    Futuremark SystemInfo
    GDR 4033 for SQL Server 2008 R2 (KB2977320)
    Google Chrome
    Google Update Helper
    Hearthstone
    Intel(R) Chipset Device Software
    Intel(R) Management Engine Components
    Intel(R) ME UninstallLegacy
    Intel(R) Network Connections 19.1.51.0
    Intel(R) USB 3.0 eXtensible Host Controller Driver
    Intel® Trusted Connect Service Client
    Java 8 Update 31
    Java Auto Updater
    KeyboardTest V3.0
    Malwarebytes Anti-Malware version 2.0.4.1028
    MATLAB R2014b
    Microsoft .NET Framework 4.5.3
    Microsoft Application Error Reporting
    Microsoft ASP.NET MVC 4 Runtime
    Microsoft Office 365 ProPlus - fi-fi
    Microsoft Security Client
    Microsoft Security Essentials
    Microsoft Silverlight
    Microsoft SQL Server 2008 R2
    Microsoft SQL Server 2008 R2 Native Client
    Microsoft SQL Server 2008 R2 RsFx Driver
    Microsoft SQL Server 2008 R2 Setup (English)
    Microsoft SQL Server 2008 Setup Support Files
    Microsoft SQL Server Browser
    Microsoft SQL Server VSS Writer
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2005 Redistributable (x64)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
    Mumble 1.2.8
    NVIDIA 3D Vision Controller Driver 347.09
    NVIDIA 3D Vision Driver 347.25
    NVIDIA Control Panel 347.25
    NVIDIA GeForce Experience 2.2.2
    NVIDIA GeForce Experience Service
    NVIDIA Graphics Driver 347.25
    NVIDIA HD Audio Driver 1.3.33.0
    NVIDIA Install Application
    NVIDIA LED Visualizer 1.0
    NVIDIA Network Service
    NVIDIA PhysX
    NVIDIA PhysX System Software 9.14.0702
    NVIDIA ShadowPlay 17.12.8
    NVIDIA Stereoscopic 3D Driver
    NVIDIA Update 17.12.8
    NVIDIA Update Core
    NVIDIA Virtual Audio 1.2.27
    Office 15 Click-to-Run Extensibility Component
    Office 15 Click-to-Run Licensing Component
    Office 15 Click-to-Run Localization Component
    Origin
    QuickTime 7
    Realtek High Definition Audio Driver
    Service Pack 2 for SQL Server 2008 R2 (KB2630458)
    SHIELD Streaming
    SHIELD Wireless Controller Driver
    Skype™ 7.0
    SopCast 3.9.3
    Spotify
    SQL Server 2008 R2 SP2 Common Files
    SQL Server 2008 R2 SP2 Database Engine Services
    SQL Server 2008 R2 SP2 Database Engine Shared
    Sql Server Customer Experience Improvement Program
    Steam
    TeamSpeak 3 Client
    WIDCOMM Bluetooth Software
    WinRAR 5.21 beta 1 (64-bit)
    .
    ==== Event Viewer Messages From Past Week ========
    .
    4.3.2015 14:18:14, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk3\DR3.
    4.3.2015 12:21:22, Error: atapi [11] - The driver detected a controller error on \Device\Ide\IdePort0.
    3.3.2015 8:30:56, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk3\DR52.
    3.3.2015 19:19:09, Error: Service Control Manager [7034] - The Skype Updater service terminated unexpectedly. It has done this 1 time(s).
    3.3.2015 19:18:19, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {22279AF5-03AE-4CAF-989D-2530918B2F1C} and APPID {0773CCD6-59A2-4D26-B235-19247767E645} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
    28.2.2015 3:21:08, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk3\DR7.
    28.2.2015 11:41:27, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk3\DR8.
    27.2.2015 15:17:03, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk4\DR4.
    2.3.2015 18:55:59, Error: bowser [8003] - The master browser has received a server announcement from the computer IINA-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{4E265F20-C3B3-4682-8128-41DC5D4BFE23}. The master browser is stopping or an election is being forced.
    1.3.2015 1:53:28, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the CodeMeter.exe service.
    .
    ==== End Of File ===========================

    DDS.txt

    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 11.0.9600.17631 BrowserJavaVersion: 11.31.2
    Run by Lauri at 15:14:02 on 2015-03-04
    Microsoft Windows 7 Professional 6.1.7601.1.1252.358.1033.18.16326.13706 [GMT 2:00]
    .
    AV: Microsoft Security Essentials *Enabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
    AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    SP: Microsoft Security Essentials *Enabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    c:\Program Files\Microsoft Security Client\MsMpEng.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
    C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
    C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
    C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.01\AsusFanControlService.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
    C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
    C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
    C:\Windows\system32\IProsetMonitor.exe
    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
    C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.ASUSHOMECLOUD\MSSQL\Binn\sqlservr.exe
    C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
    C:\Windows\Explorer.EXE
    C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
    C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    C:\Users\Lauri\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    C:\Program Files (x86)\Skype\Phone\Skype.exe
    C:\Users\Lauri\AppData\Roaming\BitTorrent\BitTorrent.exe
    c:\Program Files\Microsoft Security Client\NisSrv.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Windows\system32\svchost.exe -k bthsvcs
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\System32\WUDFHost.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Windows\System32\WUDFHost.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\CCleaner\CCleaner64.exe
    C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe
    C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotify_PCCtrl.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\SysWOW64\RunDll32.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Windows\SysWOW64\NOTEPAD.EXE
    C:\Windows\SysWOW64\NOTEPAD.EXE
    C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
    C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
    C:\Program Files (x86)\Steam\Steam.exe
    C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    mWinlogon: Userinit = userinit.exe,
    BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\ochelper.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
    BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\urlredir.dll
    BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\grooveex.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
    uRun: [Spotify Web Helper] "C:\Users\Lauri\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
    uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
    uRun: [BitTorrent] "C:\Users\Lauri\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
    uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
    mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
    mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CODEME~1.LNK - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    mPolicies-System: SoftwareSASGeneration = dword:1
    mPolicies-Windows\System: UseOEMBackground = dword:1
    IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
    IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll
    IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\ochelper.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
    TCP: NameServer = 192.168.11.1
    TCP: Interfaces\{4E265F20-C3B3-4682-8128-41DC5D4BFE23} : DHCPNameServer = 192.168.11.1
    TCP: Interfaces\{8DC3DD1D-6C34-4BBB-8A90-23DD194EC884} : DHCPNameServer = 192.168.11.1
    Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL
    SSODL: WebCheck - <orphaned>
    LSA: Notification Packages = scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.76\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll
    x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
    x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\urlredir.dll
    x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
    x64-Run: [ShadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
    x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
    x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
    x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
    x64-Run: [RtHDVBg_DTS] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /DTSU2P
    x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll
    x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll
    x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
    x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
    x64-SSODL: WebCheck - <orphaned>
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 asstor64;asstor64;C:\Windows\System32\drivers\asstor64.sys [2014-3-14 84816]
    R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2015-3-3 65736]
    R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2015-3-3 268640]
    R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2014-2-21 20464]
    R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2014-11-15 274696]
    R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2015-3-3 1047320]
    R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2015-3-3 441728]
    R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [2014-9-4 936728]
    R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [2014-9-4 954648]
    R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [2014-9-4 1360016]
    R2 AsusFanControlService;AsusFanControlService;C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.01\AsusFanControlService.exe [2014-9-4 382776]
    R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2015-3-3 29168]
    R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2015-3-3 88408]
    R2 aswStm;aswStm;C:\Windows\System32\drivers\aswStm.sys [2015-3-3 136752]
    R2 avast! Antivirus;Avast Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-3-3 343336]
    R2 ClickToRunSvc;Microsoft Officen pika-asennus;C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe [2014-9-1 2711736]
    R2 CodeMeter.exe;CodeMeter Runtime Server;C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [2013-4-3 2915704]
    R2 DTSAudioSvc;DTSAudioSvc;C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [2014-9-1 240576]
    R2 GfExperienceService;NVIDIA GeForce Experience Service;C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-9-19 1148744]
    R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2014-3-11 260360]
    R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-4-3 154584]
    R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-2-25 1871160]
    R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-2-25 969016]
    R2 MSSQL$ASUSHOMECLOUD;SQL Server (ASUSHOMECLOUD);C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.ASUSHOMECLOUD\MSSQL\Binn\sqlservr.exe [2014-7-10 43128496]
    R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2014-3-11 124560]
    R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-9-1 1706312]
    R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-1-22 410768]
    R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2014-1-9 138456]
    R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2014-1-9 423128]
    R3 bcbtums;Bluetooth RAM Firmware Download USB Filter;C:\Windows\System32\drivers\bcbtums.sys [2014-9-1 172760]
    R3 BcmVWL;Broadcom Virtual Wireless;C:\Windows\System32\drivers\bcmvwl64.sys [2014-9-1 22736]
    R3 btwampfl;btwampfl Bluetooth filter driver;C:\Windows\System32\drivers\btwampfl.sys [2014-9-1 598808]
    R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2014-9-1 39976]
    R3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D;C:\Windows\System32\drivers\e1d62x64.sys [2014-3-14 487704]
    R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2014-2-21 370672]
    R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2014-2-21 791024]
    R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2015-2-25 25816]
    R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2015-2-25 129752]
    R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2015-2-25 63704]
    R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2015-1-30 366512]
    R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2015-1-2 38032]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-6-6 103608]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-6-6 124088]
    S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168]
    S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [2014-9-2 614624]
    S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2014-9-4 171632]
    S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2015-2-11 114688]
    S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-1-31 887232]
    S3 Origin Client Service;Origin Client Service;C:\Program Files (x86)\Origin\OriginClientService.exe [2014-9-2 1903472]
    S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-8-2 19456]
    S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
    S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2014-8-2 29696]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-8-2 56832]
    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2014-8-2 29696]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-9-1 1255736]
    S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files (x86)\Microsoft SQL Server\100\Shared\sqladhlp.exe [2010-4-3 44896]
    S4 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-9-1 21833544]
    S4 SQLAgent$ASUSHOMECLOUD;SQL Server Agent (ASUSHOMECLOUD);C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.ASUSHOMECLOUD\MSSQL\Binn\SQLAGENT.EXE [2014-7-10 381104]
    .
    =============== Created Last 30 ================
    .
    2015-03-03 20:04:23 11910896 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4F7E3541-895D-438B-ACD6-034271ADFBDA}\mpengine.dll
    2015-03-03 15:21:36 -------- d-----w- C:\Users\Lauri\AppData\Roaming\AVAST Software
    2015-03-03 15:21:02 65736 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
    2015-03-03 15:21:02 268640 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
    2015-03-03 15:21:02 136752 ----a-w- C:\Windows\System32\drivers\aswStm.sys
    2015-03-03 15:21:01 93528 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
    2015-03-03 15:21:01 88408 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
    2015-03-03 15:21:01 29168 ----a-w- C:\Windows\System32\drivers\aswHwid.sys
    2015-03-03 15:21:01 1047320 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
    2015-03-03 15:20:59 43112 ----a-w- C:\Windows\avastSS.scr
    2015-03-03 15:20:38 -------- d-----w- C:\Program Files\AVAST Software
    2015-03-03 15:20:10 -------- d-----w- C:\ProgramData\AVAST Software
    2015-03-02 19:08:21 11910896 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
    2015-03-02 17:11:59 -------- d-----w- C:\Program Files (x86)\UnIIDeaLse
    2015-03-02 17:11:48 -------- d-----w- C:\ProgramData\aohhaehanocdigclhceifdhjomhnhoca
    2015-03-02 16:54:50 -------- d-----w- C:\Program Files\EaseUS
    2015-02-25 14:51:08 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
    2015-02-25 14:50:45 93400 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
    2015-02-25 14:50:44 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
    2015-02-25 14:50:44 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2015-02-25 14:50:44 -------- d-----w- C:\ProgramData\Malwarebytes
    2015-02-25 14:50:44 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
    2015-02-23 21:02:39 -------- d-----w- C:\ProgramData\df312d0800007665
    2015-02-21 15:39:39 1188440 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7C6A733C-8B1F-43BF-86D6-E490EFA6DAE2}\gapaengine.dll
    2015-02-21 11:41:42 -------- d-----w- C:\Users\Lauri\AppData\Local\Microsoft Help
    2015-02-19 14:28:33 -------- d-----w- C:\Users\Lauri\AppData\Local\Steam
    2015-02-19 06:45:58 -------- d-----w- C:\Program Files (x86)\DiscountExxtEnsia
    2015-02-19 06:45:38 -------- d-----w- C:\Program Files (x86)\DuiSCountExtensi
    2015-02-19 06:45:35 -------- d-----w- C:\Program Files (x86)\AllCCheaupPPrice
    2015-02-19 06:45:34 -------- d-----w- C:\Program Files (x86)\Ge tt
    2015-02-19 06:45:12 -------- d-----w- C:\Program Files (x86)\CooupExttenSion
    2015-02-19 06:45:09 -------- d-----w- C:\ProgramData\5970474713967551064
    2015-02-19 06:45:09 -------- d-----w- C:\Program Files (x86)\GrEatSSavEu4U
    2015-02-18 07:18:24 20 ----a-w- C:\Users\Lauri\AppData\Roaming\appdataFr3.bin
    2015-02-18 07:18:24 -------- d-----w- C:\ProgramData\The AdBlocker
    2015-02-12 07:21:34 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
    2015-02-12 07:21:34 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
    2015-02-12 07:21:34 6041600 ----a-w- C:\Windows\System32\jscript9.dll
    2015-02-12 07:21:34 4300800 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2015-02-08 19:35:26 -------- d-----w- C:\ProgramData\{815ec791-fcba-300e-815e-ec791fcb1e47}
    .
    ==================== Find3M ====================
    .
    2015-03-03 13:17:35 295552 ------w- C:\Windows\System32\MpSigStub.exe
    2015-01-24 18:58:40 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
    2015-01-16 06:41:34 1316184 ----a-w- C:\Windows\SysWow64\nvspbridge.dll
    2015-01-16 06:41:34 1278920 ----a-w- C:\Windows\SysWow64\nvspcap.dll
    2015-01-16 06:41:18 1756424 ----a-w- C:\Windows\System32\nvspbridge64.dll
    2015-01-16 06:41:18 1514528 ----a-w- C:\Windows\System32\nvspcap64.dll
    2015-01-15 08:14:17 155072 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
    2015-01-15 08:14:16 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
    2015-01-15 08:09:58 29184 ----a-w- C:\Windows\System32\sspisrv.dll
    2015-01-15 08:09:58 136192 ----a-w- C:\Windows\System32\sspicli.dll
    2015-01-15 08:09:57 28160 ----a-w- C:\Windows\System32\secur32.dll
    2015-01-15 08:09:51 1461760 ----a-w- C:\Windows\System32\lsasrv.dll
    2015-01-15 08:09:15 31232 ----a-w- C:\Windows\System32\lsass.exe
    2015-01-15 08:08:59 64000 ----a-w- C:\Windows\System32\auditpol.exe
    2015-01-15 08:06:22 60416 ----a-w- C:\Windows\System32\msobjs.dll
    2015-01-15 08:06:11 146432 ----a-w- C:\Windows\System32\msaudite.dll
    2015-01-15 08:04:23 686080 ----a-w- C:\Windows\System32\adtschema.dll
    2015-01-15 07:42:59 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
    2015-01-15 07:42:05 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
    2015-01-15 07:41:53 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
    2015-01-15 07:39:53 60416 ----a-w- C:\Windows\SysWow64\msobjs.dll
    2015-01-15 07:39:36 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
    2015-01-15 07:37:55 686080 ----a-w- C:\Windows\SysWow64\adtschema.dll
    2015-01-15 04:22:18 458824 ----a-w- C:\Windows\System32\drivers\cng.sys
    2015-01-14 06:09:27 5554112 ----a-w- C:\Windows\System32\ntoskrnl.exe
    2015-01-14 06:05:30 503808 ----a-w- C:\Windows\System32\srcore.dll
    2015-01-14 06:05:30 50176 ----a-w- C:\Windows\System32\srclient.dll
    2015-01-14 06:04:56 296960 ----a-w- C:\Windows\System32\rstrui.exe
    2015-01-14 05:44:59 3972544 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
    2015-01-14 05:44:58 3917760 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
    2015-01-14 05:41:09 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
    2015-01-13 04:15:56 1540240 ----a-w- C:\Windows\System32\nvhdagenco6420103.dll
    2015-01-13 03:10:22 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
    2015-01-13 02:49:19 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
    2015-01-12 03:05:32 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
    2015-01-12 03:05:19 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
    2015-01-12 02:49:42 66560 ----a-w- C:\Windows\System32\iesetup.dll
    2015-01-12 02:48:57 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
    2015-01-12 02:48:52 584192 ----a-w- C:\Windows\System32\vbscript.dll
    2015-01-12 02:47:25 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
    2015-01-12 02:34:42 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
    2015-01-12 02:34:30 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
    2015-01-12 02:25:28 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
    2015-01-12 02:21:19 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2015-01-12 02:13:27 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
    2015-01-12 02:08:09 503296 ----a-w- C:\Windows\SysWow64\vbscript.dll
    2015-01-12 02:07:51 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
    2015-01-12 02:07:06 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
    2015-01-12 02:05:36 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
    2015-01-12 01:55:47 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
    2015-01-12 01:46:29 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
    2015-01-12 01:46:00 2125824 ----a-w- C:\Windows\System32\inetcpl.cpl
    2015-01-12 01:40:43 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
    2015-01-12 01:27:32 2358272 ----a-w- C:\Windows\System32\wininet.dll
    2015-01-12 01:23:09 2052608 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2015-01-12 01:22:17 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
    2015-01-12 01:00:17 1888256 ----a-w- C:\Windows\SysWow64\wininet.dll
    2015-01-10 06:48:22 210944 ----a-w- C:\Windows\System32\wdigest.dll
    2015-01-10 06:48:19 86528 ----a-w- C:\Windows\System32\TSpkg.dll
    2015-01-10 06:48:17 341504 ----a-w- C:\Windows\System32\schannel.dll
    2015-01-10 06:48:13 309760 ----a-w- C:\Windows\System32\ncrypt.dll
    2015-01-10 06:48:12 314880 ----a-w- C:\Windows\System32\msv1_0.dll
    2015-01-10 06:48:10 728064 ----a-w- C:\Windows\System32\kerberos.dll
    2015-01-10 06:48:05 22016 ----a-w- C:\Windows\System32\credssp.dll
    2015-01-10 06:27:54 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
    2015-01-10 06:27:51 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
    2015-01-10 06:27:47 248832 ----a-w- C:\Windows\SysWow64\schannel.dll
    2015-01-10 06:27:44 221184 ----a-w- C:\Windows\SysWow64\ncrypt.dll
    2015-01-10 06:27:43 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
    2015-01-10 06:27:39 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
    2015-01-10 06:27:32 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
    2015-01-09 23:30:01 6860432 ----a-w- C:\Windows\System32\nvcpl.dll
    2015-01-09 23:30:01 3517256 ----a-w- C:\Windows\System32\nvsvc64.dll
    2015-01-09 23:29:53 935056 ----a-w- C:\Windows\System32\nvvsvc.exe
    2015-01-09 23:29:53 2558608 ----a-w- C:\Windows\System32\nvsvcr.dll
    2015-01-09 23:29:52 62608 ----a-w- C:\Windows\System32\nvshext.dll
    2015-01-09 23:29:52 385352 ----a-w- C:\Windows\System32\nvmctray.dll
    2015-01-09 22:27:57 621200 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
    2015-01-09 19:47:35 4173527 ----a-w- C:\Windows\System32\nvcoproc.bin
    2015-01-09 02:03:01 3201536 ----a-w- C:\Windows\System32\win32k.sys
    2014-12-19 03:06:55 210432 ----a-w- C:\Windows\System32\profsvc.dll
    2014-12-19 01:46:45 141312 ----a-w- C:\Windows\System32\drivers\mrxdav.sys
    2014-12-13 10:08:08 1895056 ----a-w- C:\Windows\System32\nvdispco6434709.dll
    2014-12-13 10:08:08 1556624 ----a-w- C:\Windows\System32\nvdispgenco6434709.dll
    2014-12-11 17:47:17 87040 ----a-w- C:\Windows\System32\TSWbPrxy.exe
    2014-12-08 03:09:05 406528 ----a-w- C:\Windows\System32\scesrv.dll
    2014-12-08 02:46:05 308224 ----a-w- C:\Windows\SysWow64\scesrv.dll
    2014-12-06 04:17:27 303616 ----a-w- C:\Windows\System32\nlasvc.dll
    2014-12-06 03:50:19 52224 ----a-w- C:\Windows\SysWow64\nlaapi.dll
    2014-12-06 03:50:18 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll
    .
    ============= FINISH: 15:14:14,97 ===============
     
  2. Broni

    Broni Malware Annihilator Posts: 52,890   +344

    Welcome aboard [​IMG]

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

    ================================

    [​IMG] You're running two AV programs, MSE and Avast.
    You must uninstall one of them.

    [​IMG] Download RogueKiller from one of the following links and save it to your Desktop:

    Link 1
    Link 2

    • Close all the running programs
    • Windows Vista/7/8 users: right click on RogueKiller.exe, click Run as Administrator
    • Otherwise just double-click on RogueKiller.exe
    • Pre-scan will start. Let it finish.
    • Click on SCAN button.
    • Wait until the Status box shows Scan Finished
    • Click on Delete.
    • Wait until the Status box shows Deleting Finished.
    • Click on Report and copy/paste the content of the Notepad into your next reply.
    • RKreport.txt could also be found on your desktop.
    • If more than one log is produced post all logs.
    • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

    [​IMG] Create new restore point before proceeding with the next step....
    How to: http://www.smartestcomputing.us.com/topic/63983-how-to-create-new-restore-point-all-windows/

    Download [​IMG] Malwarebytes Anti-Rootkit (MBAR) to your desktop.
    • Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
    • Double click on downloaded file. OK self extracting prompt.
    • MBAR will start. Click "Next" to continue.
    • Click in the following screen "Update" to obtain the latest malware definitions.
    • Once the update is complete select "Next" and click "Scan".
    • When the scan is finished and no malware has been found select "Exit".
    • If malware was detected, make sure to check all the items and click "Cleanup". Reboot your computer.
    • Open the MBAR folder located on your Desktop and paste the content of the following files in your next reply:
      • "mbar-log-{date} (xx-xx-xx).txt"
      • "system-log.txt"
    NOTE. If you see This version requires you to completely exit the Anti Malware application message right click on the Malwarebytes Anti-Malware icon in the system tray and click on Exit.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...